As Tim makes very clear, there are legal and para-legal reasons-a-plenty for
removing your activities from the open-office environment.
There are also many reasons outside of DP and Privacy laws.
Our work includes the scanning of corporate networks for 'illicit image
abuse' as part of corporate governance and corporate social responsibility.
The scanning activity MUST always be carried out in a secure environment
because of the nature of the findings regularly uncovered.
In all cases, when images are found on a particular machine, the
confidentiality of the report MUST not be compromised. Scans often reveal
very senior members of staff need reminding of the Acceptable Use Policy!
An open office environment will surely compromise your ability to keep data
confidential.
It's also true that a great deal can be done to manage these situations
without resulting in messy dismissals, tribunals etc. IF HR can deal with
the offenders activities in confidence. Open-office gossip could certainly
compromise this, and prove very costly in the long run.
More critically, if/when the images discovered are illegal (not just
illicit), then you have to think carefully about criminal evidence
requirements.
The ACPO good practice guide for computer based electronic evidence states;
"it is essential that evidence is preserved, retrieved and stored in a
correct and systematic manner to ensure continuity, integrity and security
of the evidence".
Hope this helps.
Regards,
Duncan Smith
Director
iCompli Limited Northampton UK
t: 08707 70 48 66 f: 08707 70 48 69 m: 07775 56 81 80
Mailto:[log in to unmask] Web: www.icompli.co.uk
"Compliance in your language"
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Henley, Lee
Sent: Thursday, February 16, 2006 8:35 AM
To: [log in to unmask]
Subject: [data-protection] Web monitoring and confidentiality
My team are responsible for monitoring internet usage within our
organisation (our policies allow us to do this and all staff sign up to this
as part of our ICT policies).
Currently my team are based in a secure office, allowing us to freely
discuss concerns and issues regarding internet usage with the relevant team
members. The problem I have is that we are about to move offices, and my
team are being told that we need to be located in a larger office along with
other staff members (who are not part of my team).
Obviously my concerns are that the office move will impact upon our internet
monitoring work, as from a DP aspect we do not want to be discussing staff
internet usage issues in a general work environment. I'm therefore trying
to build a business case enabling us to continue to work in a more secure
work environment because of the sensitivity of the work we do.
Any advice on how to strengthen my business case would be most appreciated.
Lee Henley
Information Manager
Corporate Development
Telephone : (01375) 652500
The information in this e-Mail and any attachment(s) are intended to be
confidential and may be legally privileged. Access to and use of its
content by anyone else other than the addressee(s) may be unlawful and
will not be recognised by Thurrock Council for business purposes. Thurrock
Council cannot accept any responsibility for the accuracy or completeness
of this message as it has been transmitted over a public network.
Any opinions expressed in this document are those of the author and do
not necessarily reflect the opinions of Thurrock Council.
Any attachment(s) to this message has been checked for viruses, but please
rely on your own virus checker and procedures.
If you contact us by e-mail, we will store your name and address to
facilitate communications.
Senders and recipients of email should be aware that under the UK Data
Protection and Freedom of Information legislation these contents may have to
be disclosed in response to a request.
Under the Regulation of Investigatory Powers Act 2000, any email sent to or
from this address may be accessed by someone other than the recipient for
system management and security purposes.
____________________________________________________________________
This message has been checked for all known viruses by the MessageLabs Virus
Control Centre. For further information visit
http://www.messagelabs.com/stats.asp
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
__________ NOD32 1.1410 (20060215) Information __________
This message was checked by NOD32 antivirus system.
http://www.eset.com
__________ NOD32 1.1410 (20060215) Information __________
This message was checked by NOD32 antivirus system.
http://www.eset.com
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|