 |
 |
At 13:20 17/07/00 +0000, [log in to unmask] wrote: >as well as the Principles, I would add the considerations arising from the >draft (Preliminary) Codes of Practice issued under the RIP Bill about >directed surveillance(accessible from >http://www.homeoffice.gov.uk/oicd/ripbill.htm My interpretation is that if you are the network operator and monitoring to protect the operation of the network, the RIP Codes of Practice don't apply. The only relevant sections of the Bill appear to be 1(6) which defines some people who can lawfully intercept a private network: 1(6) (a) he is a person with a right to control the operation or the use of the system; or (b) he has the express or implied consent of such a person to make the interception. and 3(3) which says what that person can lawfully do (3) Conduct consisting in the interception of a communication is authorised by this section if- (a) it is conduct by or on behalf of a person who provides a postal service or a telecommunications service; and (b) it takes place for purposes connected with the provision or operation of that service or with the enforcement, in relation to that service, of any enactment relating to the use of postal services or telecommunications services. I've been looking at the problem from the point of view of someone debugging a network service. I'd welcome comments on whether my interpretation of that situation looks right and whether monitoring to ensure compliance with an acceptable use policy would come under the "... enforcement ... of any enactment relating to the use of ..." in 3(b) ? Andrew >C > >-----Original Message----- >From: MIME :[log in to unmask] >Sent: 17 July 2000 12:57 >To: [log in to unmask] >Subject: Email Monitoring > > >I am looking for guidance on policies for monitoring staff email >correspondence. > >1. Does organisation monitor staff email? > >If so: > >a. What do you class as email misuse by staff and how do you investigate? > >b. What procedures do you have in place to perform the monitoring? > >c. How do you communicate your policies to staff? > >2. Has the Data Protection Commissioner published any guidance on this? > >3. Anybody know of any good websites I could look at for guidance on this >subject? > >Any help would be much appreciated, >Graeme Shanks >Senior Business Analyst >The Moray Council >Tel : 01343 563214 Fax : 01343 563221 >E-mail: [log in to unmask] > > > > >******************** E-mail confidentiality notice ******************** > >This message is intended for the addressee only. It is private, >confidential and may be covered by legal professional privilege or >other legal or attorney/client privilege. If you have received this >message in error, please notify us and remove it from your system. > >If you require assistance, please contact our London PC Support >department (telephone +44 (0) 20 7490 6949). > >Masons is an international law firm with offices in London, Bristol, >Edinburgh, Glasgow, Leeds, Manchester, Brussels, Dublin, Hong Kong, >Guangzhou and Singapore. > >Further information about the firm and a list of partners is >available for inspection at 30 Aylesbury Street, London EC1R OER >or from our Web site at www.masons.com > >*********************************************************************** > > -------------------------------------------------------------- Andrew Cormack Head of CERT UKERNA, Atlas Centre, Chilton, Didcot, Oxon. OX11 0QS Phone: 01235 822 302 E-mail: [log in to unmask] Fax: 01235 822 398 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%