Privacy - just thought I'd share this
Friday, September 13th, 2002 11:16 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
robinturnerHere's a mail I sent to a Mandrake list as part of a debate on supervisors reading you mail:
This issue has been debated for years, and will probably continue to be debated. On the one hand we have the advocates of privacy; on the other, the argument that if e-mail is provided by a company/institution for work purposes, anything sent is essentially no different from an inter-office memo. I could be happy with the last position if the policy were applied across the board; i.e., any employee could read any mail sent by anyone, including the CEO (should be easy to set up - just pipe anything going through SMTP into a searchable archive). Of course, the most vocal advocates of the latter policy would throw a fit if they were faced with this possibility.
Practical solutions in descending order of sensibleness:
1. Lobby those in influential positions in your organisation. Explain that many sensible, openly-stated suggestions are only arrived at after a lot of private discussion.
2. PGP.
3. If you have control over your own workstation (unlikely but possible), use sendmail rather than the organisation's SMTP host. Of course any mail sendmail sends will pass through the organisation's e-space, but I seriously doubt if anyone would be prepared to intercept it.
4. Make your technical skills indispensable and you can do what you like. For example, although I'm not employed in a technical capacity, I'm semi-officially responsible for our department's computers and website. When someone high up decided that I shouldn't have Linux on one of our office computers, I said that I was quite happy to take it off, but someone else would have to maintain the website, back up files, etc. etc.. Linux stayed, thanks to my line-manager's confidence in me (and support from the computer centre, who tend to be penguinistas).
5. Intimidate. Generally speaking, those who would invade your privacy have less technical expertise than you do. Drop hints about how easy it is for _anyone_ to read _anybody's_ mail. Tell a story about how someone you once knew kept hamster porn on his computer until a colleague gave anyone in the company access to his hard disk (actually in a company using Win98 and Network Neighborhood, this would be laughably easy).
When it comes to governments rather than nosy supervisors there is less that you can do. Encrypt anything important and write a script to shred all sensitive directories on your box (I rather like the idea of a dead-man switch, but apart from having nothing serious to hide, I'm sure I'd be too dozy to remember to de-activate it every time I logged on).
This issue has been debated for years, and will probably continue to be debated. On the one hand we have the advocates of privacy; on the other, the argument that if e-mail is provided by a company/institution for work purposes, anything sent is essentially no different from an inter-office memo. I could be happy with the last position if the policy were applied across the board; i.e., any employee could read any mail sent by anyone, including the CEO (should be easy to set up - just pipe anything going through SMTP into a searchable archive). Of course, the most vocal advocates of the latter policy would throw a fit if they were faced with this possibility.
Practical solutions in descending order of sensibleness:
1. Lobby those in influential positions in your organisation. Explain that many sensible, openly-stated suggestions are only arrived at after a lot of private discussion.
2. PGP.
3. If you have control over your own workstation (unlikely but possible), use sendmail rather than the organisation's SMTP host. Of course any mail sendmail sends will pass through the organisation's e-space, but I seriously doubt if anyone would be prepared to intercept it.
4. Make your technical skills indispensable and you can do what you like. For example, although I'm not employed in a technical capacity, I'm semi-officially responsible for our department's computers and website. When someone high up decided that I shouldn't have Linux on one of our office computers, I said that I was quite happy to take it off, but someone else would have to maintain the website, back up files, etc. etc.. Linux stayed, thanks to my line-manager's confidence in me (and support from the computer centre, who tend to be penguinistas).
5. Intimidate. Generally speaking, those who would invade your privacy have less technical expertise than you do. Drop hints about how easy it is for _anyone_ to read _anybody's_ mail. Tell a story about how someone you once knew kept hamster porn on his computer until a colleague gave anyone in the company access to his hard disk (actually in a company using Win98 and Network Neighborhood, this would be laughably easy).
When it comes to governments rather than nosy supervisors there is less that you can do. Encrypt anything important and write a script to shred all sensitive directories on your box (I rather like the idea of a dead-man switch, but apart from having nothing serious to hide, I'm sure I'd be too dozy to remember to de-activate it every time I logged on).
