Deleted member 651465
D
Deleted member 651465
Wash your hands of him. Block his number and pray for his kids.
Legality of snooping on a logged in account?
- Thread starter TheLegendOfMart
- Start date
Permabanned
If you read it you'd have got the context was in relation to personal communication. your quote is just the opening line.
Soldato
- Joined
- 22 Feb 2014
- Posts
- 2,673
Yeh, no
no one can access your personal mails without your consent.
Permabanned
No, it's personal communication via work devices, totally different to accounts. You read your personal comms on a work device you takes your chances.
No where on that website does it mention Work devices.
Permabanned
It doesn't, that's a different link...what they heck?
I'll try and get the first one I copied, I clicked a link within that and must have copied that instead.
Permabanned
Found it.
https://www.telegraph.co.uk/educati...our-personal-emails-heres-what-you-need-to-k/
It's section 2, it won't copy pasta over.
https://www.telegraph.co.uk/educati...our-personal-emails-heres-what-you-need-to-k/
It's section 2, it won't copy pasta over.
Caporegime
I figured things like syncing for Chrome etc should be disabled on work devices for GDPR reasons now?
You would have thought so.
Unfortunately MANY companies IT departments are run by lazy people, who take offence at having to undertake work. Or they don't have any sort of IT support in place at all along with ZERO understanding of the law in regards to IT use.
It doesn't help that there are news outlets displaying that nonsense which will just in my views falsely empower employers to spy on their workforce any which way they can.
USB devices are supposed to be encrypted within education due to GDPR, yet every education establishment I've been to recently haven't carried out the steps required to do so. Simply because "Its not that easy", "We will get to it later".
The Op's case again in my personal view, is a breach of the Computer Misuse act. Gaining access to a persons personal account and going through personal IT usage history.
The issue is, the person didn't access the "dodgy" sites at work, on a work computer, but his history is still there. Possibly due to google sync? Do his employers even know what Google sync is? Most likely not thus it will hold no weight as an argument.
There is just too much missing from this story.
Permabanned
He accessed Facebook in work time seemingly from a client's computer, well he asked a colleague to.
Accessing Facebook in my place if work during contracted work hours is a big no no, it could lead to disciplinary action and ultimately termination of contract.
Accessing Facebook in my place if work during contracted work hours is a big no no, it could lead to disciplinary action and ultimately termination of contract.
Caporegime
If you can link me to more details on that I'd want to forward it to our Security guy where I work. Would be greatly appreciated
Soldato
Heyyyyy, we're not all lazy
Though I do often take offense with people making me work - as I would rather be looking at OcUK.From the SME I work in - we haven't been briefed in regards to any laws we have to enforce, in relation to IT/use of IT equipment and whatnot - it has either been deemed as unnecessary, or [more likely] not in the budget. When the whole GDPR mess came about, we employed a 'specialist' to come in and make us GDPR ready - he lasted three weeks before storming out, I assume that he butted heads with the wrong people.
I digress.
When it comes to 'IT Policy' here, employees all get a copy with their contract, and although they don't sign it - they are automatically bound to it when they accept the role; I don't think the 'policy' itself is overly comprehensive - just typical common sense stuff really. Sadly, someone committed what ought to have been treated as gross misconduct a year or so ago (circumventing security basically) - and despite me providing a wealth of evidence on what they had done - HR did nothing!
The IT team here try to stay on top of potential issues - we lock down devices as much as possible - the BIOS is locked off, there is no booting from external media, the drives are encrypted and no one has local admin rights. All software that gets requested, has the EULA checked, and will only be installed (by IT) when the correct license has been purchased. The deployed Windows 10 images also have most of the junk removed - so users don't go wild on the Store and install Facebook or whatever else time waster they can find.
Unfortunately, when it comes to third party apps - such as the aforementioned Chrome, we don't have anything in place that would prevent users from signing into the browser with their own Google account; we will deploy the Enterprise version of Chrome, and leave them to it. I suspect that with the amount of things we have in place, if Joe Bloggs were to sign in as themselves, and have a bunch of personal info synced - we may be "ok" in the eyes of the GDPR gods. Best endeavors and all that.
Sadly though, these days in employment, it seems that common sense really has taken a back seat. I remember when I first start in an IT job back in 2001 - I was let lose with all the necessary rights to cause a bit of havoc on ours, and customer's networks; but I knew what I should and should not be doing. Today, it seems that unless you have an official document that expressly states DO NOT DO x, y and z - people will cry foul when they are hauled over the coals for being a plonker. Blame claim mindset I suppose.
Is that the issue though? We really don't know what has happened.
Soldato
Yeah. I get OP not wanting to give all the details but without all the context it's hard to give any advice anyways as no-one really knows what happened.
Basically one time while out caring for a 'service user' (basically the disabled person). My 2nd cousin (the guy who is about to get sacked) couldn't reset his Facebook password on his phone so his 'senior' (more experienced carer) offered to reset it via the seniors work laptop. The senior logged into my 2nd cousins account to access the password reset link and in doing so it somehow sent all of the emails and web browsing history that my 2nd cousin accesses at home.
Some time later someone has made an allegation about his internet usage and the company he works for have found that all of his history was in their logs. HR went through the hundreds of pages hes ever been on going back years and found torrent sites and porn sites. They then suspended him pending an investigation into his internet usage. They are computer illiterate it seems and they think he is doing that at work on their laptop despite him not having access to a work laptop, only seniors have it.
The company have 'electronic communication and web usage' policies about accessing websites at work like social media,etc... let alone going on illegal websites and porn. So now they are gearing up to get rid of him because they think he is doing it while at work.
Some time later someone has made an allegation about his internet usage and the company he works for have found that all of his history was in their logs. HR went through the hundreds of pages hes ever been on going back years and found torrent sites and porn sites. They then suspended him pending an investigation into his internet usage. They are computer illiterate it seems and they think he is doing that at work on their laptop despite him not having access to a work laptop, only seniors have it.
The company have 'electronic communication and web usage' policies about accessing websites at work like social media,etc... let alone going on illegal websites and porn. So now they are gearing up to get rid of him because they think he is doing it while at work.
Caporegime
Umm, no.
Accessing Facebook won't do that, accessing Facebook then logging into Google on Chrome MIGHT sync stuff, but just resetting your Factbook password won't do that
Accessing Facebook won't do that, accessing Facebook then logging into Google on Chrome MIGHT sync stuff, but just resetting your Factbook password won't do that
Yes they logged into his Gmail to access the password reset link.
I don't know HOW they got it but they have. They wont share.
I don't know HOW they got it but they have. They wont share.
Soldato
If they do, then I would image he will have a very strong case against his dismissal.
I'll say it for the 4th time - get him to ring ACAS for advice, or do it on his behalf/with him present - it's free of charge and wees all over the help a union can give you; at least in my own personal experience (looking at you Unite!).