Hewlett Packard's snooping reveals workplace truth: there are no secrets

Members of Congress sharply criticized top bosses at Hewlett Packard last week for spying tactics designed to find the person who leaked information about company strategy to reporters.

Investigators hired by HP pretended to be board members and journalists to get their calling records from phone companies. They even tried to plant a software tracking device on the computer of a reporter.

In opening remarks before the hearing on the HP spying scandal, Massachusetts Democrat Ed Markey summed up the Congressional outrage.

"What has happened to our corporate culture? You used to ask a corporate chieftain, 'Who does your PR? Who does your advertising?' Now, do we have to add the question, 'So, who does your spying?'" Markey said.

HP's spying brings attention to a growing trend in corporate America: electronically monitoring employee communications, whereabouts, and Internet habits.

Corporations are snooping on employees, but it's usually on routine matters, like how much time they spend on surfing the Web. A survey by the American Management Association finds more than three quarters of companies track employees' Web surfing, and read e-mail and computer files. The survey found more than half of companies also track what numbers employees call and how much time they spend on the phone.

We used to be protected primarily by the fact that it was hard to do this stuff. Now it's easy.

IST is a St. Paul consulting company that sells and manages security and monitoring software with titles like "Webwasher" and "Smart Filter." Company official Peter Venuta says his clients need to keep tabs on how employees use company computers for several reasons, including cutting down on time-wasting personal surfing.

"These programs tend to have reporting that says, 'for 45 hours this week, these were the top sites that were visited.' And they can be anything from PokerStars.com to CNN to Sports Illustrated," according to Venuta.

Venuta says companies also monitor to prevent the introduction of viruses; to block employees from watching expensive, bandwidth-hogging Internet video; to avoid liability associated with workers who look at Internet pornography; and to prevent trade secrets from from escaping.

Why has employee monitoring become common? Some argue that post 9/11, there's a more permissive attitude about surveillance. It could be that the mere existence of snooping technologies makes us more prone to snooping.

"Whether it's video surveillance or computer surveillance or telephone surveillance, you can do these things with a few keystrokes," says Bruce Schneier, a Twin Cities-based computer security expert, and a critic of excessive workplace spying. "We used to be protected primarily by the fact that it was hard to do this stuff. Now it's easy."

Most privacy advocates concede that employers have a legal right to monitor what employees do on company equipment, but they say it can go too far and drift into voyeurism.

Lewis Maltby, president of the National Worksrights Institute, advocates limited monitoring. Maltby says too many employers monitor every Web site workers visit, and technical staff read e-mail for kicks.

"What would you do if you were locked in a room with someone's diary and no one would ever know if you looked at it? If you lock 100 people in a room with other people's diaries, bad things are going to happen," says Maltby.

Most Internet monitoring software gives employers the option of detailed snooping, but Peter Venuta with security company IST says such behavior is very rare, and his company advises clients against it.

Privacy advocates have some advice for workers: don't say anything on the Internet that you wouldn't want your boss to read, and ask your employer about their monitoring practices so you're informed about the privacy risks. And they say companies should make it clear to their workers exactly what they're keeping tabs on and why.

Gallery

Fullscreen SlidePrevious Slide

1 of 1

Next Slide