In order for a company to be allowed to monitor, they would need to pass some kind of audit, they would need to prove that they don’t store, for example, sensitive personal data, etc.
> Why should an employee have the right to store sensitive personal data on my computer.
Because your employees are human beings and not machines. They have a life, they have needs, etc.
> Are you suggesting a framework where I could be prosecuted for running "cat /var/log/mail" on my own computer?
Yes. That's exactly it. The court ruled that employees have an expectation of privacy, even that can be limited by the company when there are reasons to do so. When you give an employee a computer, it is the company property but it's the employee's computer.
People have rights, even while working for an employer. They are employees, they are not slaves.
> > Why should an employee have the right to store sensitive personal data on my computer.
> Because your employees are human beings and not machines. They have a life, they have needs, etc.
They are free to satisfy those needs when not at work. We already have things like lunch breaks and rest break; surely we could have communications breaks were it that important.
> When you give an employee a computer, it is the company property but it's the employee's computer.
Which is nonsense. I cannot comprehend the sort of mindset which believes that an employee must (not may: must) be permitted to use his employer's equipment for personal ends. Must a machinist be permitted to make gears for his car at the factory? Must a soldier be permitted to take his mortar home? Must a racecar driver be permitted to borrow his car for groceries?
I think it's eminently fine from a business perspective to permit incidental use of equipment (although even incidental use of IT resources does expose the firm to malware vectors it would otherwise not encounter). I can even understand others who choose to take advantage of their employers' personal-use permissions. But I personally would never be comfortable doing anything personal on a system I myself don't control.
Among other things, that's why I don't want a laptop running Windows 10 or macOS.
The corporation has no inherent right to protection. It has no inherent right to exist as a legal entity.
For most of human history they have not been a thing. They were created by society by law as a means to an end, and in doing so we gave corporations a bunch of rights that restrict our rights, by allowing corporations to e.g. continue to hold on to legal rights pasts the death of the person running it for example, and giving them special tax treatment.
As such, these corporations exists at our leisure. It's up to us to set the terms, as If you don't like those terms you're free to not set up a corporation, and instead rely on e.g. doing business as a sole trader and see how much fun that is.
The entitlement when people think that a corporation should be free to treat people however they like is astounding - society made them possible and created them, and we can shut them down if we deem they don't benefit society sufficiently.
So when society says there is an expectation of privacy of communication at work: Tough. It's our right to determine the rules for what a corporation must accept in order to be allowed to exist.
(and yes, we can go to far an mess up our economies in the process, so that we can do it does not mean that we always should do it, but in this case I fully agree with the court)
are corporations the only entities which employ people in europe, besides the governments? can pierre not just rent a building and start employing some people himself? do these rules not effect pierre, in his capacity as an employer?
While it is true that is possible to directly employ people most places, it is extremely uncommon as it creates personal liabilities that a company would shield you from. So while it theoretically could affect your hypothetical pierre, in practice that's an extreme outlier.
Of course not, and it's a bit disingenuous to suggest that's what the parent believes.
It's pretty far fetched to suggest that an employer has a legitimate business purpose in collecting cookies for their employees' personal accounts that they happen to access on their work computer.
However, I think it's pretty easy to make the case that there's a legit business purpose in monitoring employee email (that is, email sent or received through an employer-issued email address), or at least in having access to it.
I can assure you that you won't have access to Gmail, or any other messaging service, when you work for a financial institutions.
The reason being that all official bank communications need to be stored and there are strict regulatory requirements that mandate that.
That does not mean that they have the right to read your email (at least in most European countries). Exceptions apply if dodgy dealings are suspected, but that's quite restricted and limited.
In any case and even with a relatively lenient internet policy any service, which can be used to exchange messages will be blocked by a bank.
> Are you suggesting a framework where I could be prosecuted for running "cat /var/log/mail" on my own computer?
That is already now illegal in some (most?) European countries. For example, in Finland employer can never read the contents of employee emails, and even reading email metadata such as recipient requires prior notifications both to users and the data protection ombudsman.
Some societies did not let the digitalization to erode the basic rights.
> in Finland employer can never read the contents of employee emails, and even reading email metadata such as recipient requires prior notifications both to users and the data protection ombudsman
That seems.... insane. (thought about changing that, but really, the above seems so disconnected from reality that perhaps it is an appropriate term)
(at 9AM)
"Hey Bob, my email's not going through. Can you check the logs for errors?"
"Sure George, just let me send a notification to all employees and the data protection ombudsman that I'll be accessing the mail logs at 2PM so there's enough time for any objections first."
"....Never mind, I'll just print it out and fax it."
edit: Thinking about it, these days it's just as likely to end up with "I'll share it via cloud storage and just text a link."
more edit: Also, do those restrictions apply to entities subject to audit and investigation? I'm thinking financial industry, etc. where records and audit logs may have to be kept for years but I'm sure there are all sorts of regulated industries I'm not factoring in.
I was referring to the company (the employer), not the employee. From the article: ”The company had presented him with printouts of his private messages to his brother and fiancée on Yahoo Messenger as evidence of his breach of a company ban on such personal use.“
In order for a company to be allowed to monitor, they would need to pass some kind of audit, they would need to prove that they don’t store, for example, sensitive personal data, etc.