Nokia threat to quit Finland

[Upphew]

when you use your mobile, when you watch youtube, browse facebook, chat with your friends, call your friends and relatives etc. during office hour, you are misusing the office time and office utilities. companies lose 1000's of man hours though some might argue it boosts the productivity. if you put yourself in employers shoes, only you will realize the situation.

Block youtube and myface and all the sites that bother? Why there must be law regarding those when simple firewall rule would suffice?
Dunno about others but I have a "nasty" habit of pressing red button or "silence" when friends or relatives call me during business hours...

[Tiwaz]

the monitoring part from employers has to do with two things- firstly sensitive data transfer, secondly, misuse of office property. what is information leak and how it is being carried out should determine how to stop them. obviously, the laws seem to have prevented companies doing any monitorings. that's why, apparently issue of amendment is under consideration. though I am not clear as to what and how information are leaked as there can be several ways, one thing i am clear and Tiwaz you seem to overlook is that when you use your mobile, when you watch youtube, browse facebook, chat with your friends, call your friends and relatives etc. during office hour, you are misusing the office time and office utilities. companies lose 1000's of man hours though some might argue it boosts the productivity. if you put yourself in employers shoes, only you will realize the situation.

perhaps, since the current law doesn't allow companies to do anything on this regard, this law is being considered to be repealed. at the same time, what is being proposed ain't 'big brother' atmosphere either! you cannot enjoy the same freedom as a freelancer when you work in an office.

(btw, use of US prez reference is just to show things work the other way also )

Perhaps you should grasp that information leak does not take place through mobile phones or job emails. Even companies know it. Sensitive information leaves in small USB sticks out of the door. No amount of phone or internet surveillance will ever stop that.

So why would employer need to monitor those?

Have you ever thought that people are unable to work 8hours straight with not drop of productivity? Actually studies show that few minutes here and there tend to INCREASE productivity. Only imbecile thinks that slave works harder on long term. It is proven by studies.

Starting to attack rights of workers for benefit of corporations is not sound policy in long term.

(and US prez reference is very stupid, because "land of the free" is one of the most close minded and restricted ones in western world)

[kimster46]

Perhaps you should grasp that information leak does not take place through mobile phones or job emails

but the point here is there are lot of guys out in this world who does leak confidential information through mails.

[Rabs]

Perhaps you should grasp that information leak does not take place through mobile phones or job emails. Even companies know it. Sensitive information leaves in small USB sticks out of the door. No amount of phone or internet surveillance will ever stop that.

So why would employer need to monitor those?

Have you ever thought that people are unable to work 8hours straight with not drop of productivity? Actually studies show that few minutes here and there tend to INCREASE productivity. Only imbecile thinks that slave works harder on long term. It is proven by studies.

Starting to attack rights of workers for benefit of corporations is not sound policy in long term.

(and US prez reference is very stupid, because "land of the free" is one of the most close minded and restricted ones in western world)

what is under consideration (as per HS article) is just monitoring that takes place only after a leak or misuse is suspected.

however, such monitoring can provide enormous authority to employers which certainly ain't the intention here as they have to justify the monitoring. it's not like ok people you are monitored and then put all those sneaky stuffs everwhere! and use those recordings to fire an employee who doesn't see eye to eye with a manager! certainly, this does not go with the spirit of 'protection of privacy'.

by the way, it seems it all started when Nokia suspected one of its employees of trasnfering the data via email to a chinese company (mentioned at one of the links at Jukka's post). And obviously, emails being the most convenient and less time consuming, it does not take much to understand how it can happen via emails/internet.

well well... at the end of the day, no protest being held against the said proposal.

p.s. higher productivity can be ensured in free environment via controlled measures!!

[Mook]

Perhaps you should grasp that information leak does not take place through mobile phones or job emails. Even companies know it. Sensitive information leaves in small USB sticks out of the door. No amount of phone or internet surveillance will ever stop that.

So why would employer need to monitor those?

You can adjust the windoze domain security settings so that USB sticks can't be used and CDs can't be burned.

I s'pose that you can also be banned from taking them into work as well - security searches at the door are legal...

[Jukka Aho]

You can adjust the windoze domain security settings so that USB sticks can't be used and CDs can't be burned.

Disabling USB mass storage probably doesn’t prevent using your cellphone as a modem, or sneakily transferring data by means of some calendar/contacts sync feature.

Or perhaps you’d bring in a box (say, a router running OpenWRT) that acts as a transparent network bridge that you can connect in-between the wall jack and the Ethernet port on the back of the computer, and that allows access to a local file server running on that box (from the port that faces your computer, never being visible in the local network.)

Then again, you could connect to some innocent-looking website (which has been prepared for that purpose) with a regular browser, over https, and transfer files without anyone being able to tell what data that was.

Or maybe you would write a simple program (or a script, if you’re not allowed to run arbitrary executables) that will blink data streams over the keyboard leds, which in turn makes it possible to record and decode those blinks using another device, such as your cell phone. Or a similar thing but over audio streams and the headphone jack.

I don’t believe in securing computers (especially ordinary office PCs used by ordinary office drones) or data from the very people that have direct access to them. When there’s a will, there’s a way...

[Tiwaz]

what is under consideration (as per HS article) is just monitoring that takes place only after a leak or misuse is suspected.

however, such monitoring can provide enormous authority to employers which certainly ain't the intention here as they have to justify the monitoring. it's not like ok people you are monitored and then put all those sneaky stuffs everwhere! and use those recordings to fire an employee who doesn't see eye to eye with a manager! certainly, this does not go with the spirit of 'protection of privacy'.

by the way, it seems it all started when Nokia suspected one of its employees of trasnfering the data via email to a chinese company (mentioned at one of the links at Jukka's post). And obviously, emails being the most convenient and less time consuming, it does not take much to understand how it can happen via emails/internet.

well well... at the end of the day, no protest being held against the said proposal.

p.s. higher productivity can be ensured in free environment via controlled measures!!

Have you actually bothered to READ what that law is about?

It is so vague that company can use anything as excuse to spy on their workers.

Authorities, PROPER authorities, have to get COURT ORDER and PROVE THAT THERE IS CLEAR REASON for monitoring. Corporations would just have to say that they had some hunch.

There is essentially no oversight on what corporations would do. How much they would start peeking into private things of their employees.


Controlled measures. Right. As if ever giving corporations more tools to control their workers has been anything which would contribute to "free enviroment".


"by the way, it seems it all started when Nokia suspected one of its employees of trasnfering the data via email to a chinese company (mentioned at one of the links at Jukka's post). And obviously, emails being the most convenient and less time consuming, it does not take much to understand how it can happen via emails/internet."

Has there been proof of this action? Hmm?

Everyone who has access to so sensitive data also has full knowledge on how not to leave traces. As I said, studies show that company emails etc are the least likely leaks.

Everyone with 2 braincells to rub together knows how to plug in USB. Or set up free email account. Or how to buy SIM card from kiosk.
POOF! There goes usefulness of this law.

All this law enables is corporations intruding in privacy of honest workers.

[Rabs]

For me, excerpt from HS article should potently subdue your doubts as to what monsters are gonna get.

The so-called ”Lex Nokia” - also known as the ”snooping law” - would allow employers to investigate the log data of employees’ e-mails, if the company has reason to suspect that corporate secrets are leaking out of the company or that the employer’s communication networks are being misused.
However, the employer would not be allowed to look into the content of the messages themselves, but only to examine the e-mail log including the information on the senders, the recipients, and the size of employee messages as well as the volume of traffic and other matters relating to the company’s e-mail usage.
Hence the new law would not be in violation of the Act on Protection of Privacy in working life, which stipulates that the employer must not endanger the secrecy of private and confidential messages, said the Constitutional Law Committee, chaired by Kimmo Sasi (National Coalition Party).

However, the Committee stressed firmly that a company can be allowed to investigate the e-mail log only after it has taken all other legal measures to prevent potential wrongdoing.
This requirement is stipulated by the law, but the Committee nevertheless wanted to emphasise that such measures take priority over any other course of action.
The Committee noted further that log data on e-mail messages can be monitored only after it has become evident that there is no other way to investigate a suspected leak of corporate secrets.

The Constitutional Law Committee also wants to add some details to the new act in order to specify what exactly is regarded as a corporate secret and what "unauthorized use" means.
Moreover, the rules of surveillance will have to be agreed upon with employees, and the Data Protection Ombudsman has to be informed of such security operations in order that he can monitor the the legality of the activities.

-It does not allow companies to snoop whenever they want unless and until they have strong evidence for it.
-It clearly does not state putting employees under 24/7 surveilience like you fear. Mind you, proper authority can!

And,
my free environment with some measures:


your version of free environment:


take your pick....oh blind me, you already have

[FraserinFinland]

Lets get down to brass tacks here, how much for the ape?

[Mook]

You can adjust the windoze domain security settings so that USB sticks can't be used and CDs can't be burned.

Disabling USB mass storage probably doesn’t prevent using your cellphone as a modem, or sneakily transferring data by means of some calendar/contacts sync feature.

Or perhaps you’d bring in a box (say, a router running OpenWRT) that acts as a transparent network bridge that you can connect in-between the wall jack and the Ethernet port on the back of the computer, and that allows access to a local file server running on that box (from the port that faces your computer, never being visible in the local network.)

Then again, you could connect to some innocent-looking website (which has been prepared for that purpose) with a regular browser, over https, and transfer files without anyone being able to tell what data that was.

Or maybe you would write a simple program (or a script, if you’re not allowed to run arbitrary executables) that will blink data streams over the keyboard leds, which in turn makes it possible to record and decode those blinks using another device, such as your cell phone. Or a similar thing but over audio streams and the headphone jack.

I don’t believe in securing computers (especially ordinary office PCs used by ordinary office drones) or data from the very people that have direct access to them. When there’s a will, there’s a way...

Yes, of course. But activities like disabling USB sticks and (the threat of) monitoring email and internet access help to "keep the honest guy honest". This helps a lot...