Legality of snooping on a logged in account?

Surely the company proxy servers will only capture what is being requested off the internet from the end-point.

If the senior used a browser to access gmail then no data is downloaded until he clicks a email to view it.

I would say they only have cached web pages.
 
Can I assume this "senior" is also in deep trouble.

As far as I can see they have logged on to a "company" laptop and used a personal account (worse someone else's) on it against regulations. Then that senior seems to have read your cousins emails without permission and decided to shop him.

The fact a junior member of staff asked him to is hardly a defence.

As for what was in those emails we can only guess as to how illegal or innocent they are.
 
**EDIT** Made this reply before reading page 2, so of course we know more now, but...

thenewoc said:
That appears to be stating fact, 'illegal websites' (plural and were they illegal?), 'accessing' (asserting something did happen). If you weren't sure of this being the case and needed to investigate further I'm not sure you'd state it as though it were fact. If he was suspended on full pay for suspected breach of contract pending further investigation wouldn't he have his disciplinary hearing post investigation? It sounded as though he's had a disciplinary that he took a colleague in with him for but maybe this was just for his suspension? Whether it constitutes 'Gross Misconduct' is also somewhat of a gray area as I think the employer would need to demonstrate how said action caused a tangible loss to the business.
Click to expand...

All we know is -

TheLegendOfMart said:
The letter they gave him said "Gross Misconduct - Accessing illegal websites during working hours".
Click to expand...

They have to state why they're suspending him. The wording is actually likely possible or suspected or will clearly state he's being suspended while this is being investigated. His only meeting so far was the one where he's been suspended. All fairly normal process where he's not been found guilty of anything yet.

TheLegendOfMart said:
He's going to a meeting tomorrow and HR wont talk to him saying its "out of their hands now". So I'm guessing he's about to be dismissed and I will probably find out the details. He's got a meeting with solicitor earlier in the day too.
Click to expand...

Again, not necessarily. I think they would say this no matter what the result. It's also very possible HR don't even know the result at this point. (Obviously, they shouldn't really have a decision until the actual disciplinary meeting)
 
Last edited:
This is a really badly told story, you haven't been clear at all. Without knowing exactly what happened, who the involved parties were and all that material facts, it's pretty futile to try and give advice.
 
I know its a badly told story. I told it how I was being told at the time. I only got to see the notes of the meeting yesterday when I updated the post.

All I wanted to know is, are they allowed to snoop on his personal information. Thats it.
 
Sacked for surfing prawns on work time on the interwebs. Contravening company IT policy. Would be interesting to get the full story.
 
azibux1 said:
Just because he logged into gmail, how did it magically send all of his emails and history to the company?
Click to expand...

If they logged into his Gmail via Chrome, there's a chance that the browser is now linked to the cousin's account, and emails/bookmarks/history are all synchronized. I expect the 'senior' member of staff, just happily clicked through prompts, and now their Chrome has the two accounts linked to it.
 
TheLegendOfMart said:
All I wanted to know is, are they allowed to snoop on his personal information. Thats it.
Click to expand...

That all depends on the company IT policy I expect - a lot say you can do personal stuff during your lunch break, but at all other times, the CORPORATE device is to be used for business purposes. I don't know the legality of it, and I see several posts mention that the company are guilty of "misuse of data" for looking - but the waters may be muddied, as they were using a business device - not a personal one.

From what I have read, the conclusions I make are:

Senior person is likely guilty of misuse of company equipment, if the IT policy is stringent, and has willingly helped your cousin to breach said policies. They really ought to be given a ticking off, as well as your cousin - but verbal warnings at best imo.

Assuming your cousin is being truthful, then I suspect the lovely 'Google sync' has pulled over not only the emails into Chrome (with I bet they use), but also his dodgy history to boot. Though, the timestamps of when they were accessed, if correct - imply he may have been accessing things he shouldn't at work! In that case, he's been found out through a slip up; his senior clicking blindly through prompts and syncing his data to their browser. The only other explanation for the timestamps, would likely be someone using his synced browser at home - assuming he has wife/kids?

I've said it twice before, but ACAS are going to be your best bet - if you/he are serious on not just rolling over and accepting dismissal that is.

Unfortunately though, I cannot help but feel that his HR/bosses will all be pretty clueless towards IT, and will brush off any arguments made to the contrary of what they currently believe. You'll be fighting the finite points on how Google sync works etc, and I would expect, you would have to present all of that at an employment tribunal.
 
TheLegendOfMart said:
All I wanted to know is, are they allowed to snoop on his personal information. Thats it.
Click to expand...

It probably depends on his contract, we seem to be living in a time where private companies can do anything they want towards people so long as they're docile enough to sign a contract allowing them and the government are too busy trying to stop Brexit to do anything about it. We seem to be ripe as a country for a corporate takeover if it hasn't happened already. The police certainly don't serve the people anymore, they're too busy enforcing Facebook T&C's on people in the real world.
 
TheLegendOfMart said:
All I wanted to know is, are they allowed to snoop on his personal information. Thats it.
Click to expand...

As a general principle - no. It is against the law to use a computer to access somebody else's data (including emails) unless they have given you explicit permission to do so.

However a couple of things muddy the water here.
1) We don't really know what has happened. Have they been snooping his personal information? What have they seen? How did they see it?
2) It is also pretty murky if the person (or someone acting on their behalf) did something that caused their personal information to be sent to the other party. If that happened, is it really snooping? There is an obvious difference between deliberately accessing somebody else's email account/other information, and just sitting down to use a works computer then finding the browser open on another persons gmail account.
 
Last edited:
I am confused as to what exactly is happening here...

But I will convey that under the computer misuse act it would be a criminal offence to access someones personal logged in account under normal circumstances.
 
How would logging into gmail, even in chrome, sync history?

I thought you had to actually go into settings within chrome, turn on sync and the login to the account that way.
 
Energize said:
I am confused as to what exactly is happening here...

But I will convey that under the computer misuse act it would be a criminal offence to access someones personal logged in account under normal circumstances.
Click to expand...

Sounds like the ops cousin gave his password to the senior colleague to log into his account to reset a Facebook email link.
 
You must log in or register to reply here.
Back
Top Bottom