Finland Agrees To Let Companies Spy On Workers

from the who-needs-trust-when-you-have-technology? dept

Thu, Mar 5th 2009 9:31pm — Mike Masnick

Last month, we noted the controversy in Finland, as a new law was up for debate concerning whether or not companies there could spy on employee email. Beyond the general controversy, there were rumors that Nokia, who had been caught breaking the existing law by spying on employee emails before, had supposedly threatened to leave Finland if the law wasn't changed to allow such activities. Nokia has vehemently denied this, but hasn't denied that it supported the law. So... it's probably not a huge surprise that the Finnish Parliament has approved the law.

To be honest, the details of the law aren't that extreme. It doesn't let the company even read the emails -- just record who is emailing whom. For company email, that seems perfectly reasonable. Hell, the day this law passed, RIM admitted not only does it track and record all company email, but it does the same thing for all phone calls as well. Perhaps a more important question is whether or not that's a useful way to spend company resources? The companies obviously talk about the importance of "protecting" their IP, but I once worked for a company that recorded all phone calls as well, and all it really did was make all of the employees angry, disgruntled and less interested in working hard. Having your bosses distrust you can do that...

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: employees, finland, spying
Companies: nokia, rim

12 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Yosi, 5 Mar 2009 @ 10:49pm

What does it have to do with IP?!
I guess companies have the right to monitor THEIR OWN EQUIPMENT?! Like phone or computers? Don't like it - buy your own phone, it's not that expansive.
[ link to this | view in chronology ]
Finn, 5 Mar 2009 @ 11:37pm

Utterly useless
In Finland, this law was protested mainly because it was unconstitutional and denied free speech in the form of message confidentiality. Many law professors noted this point to the lawmakers but they were consistently ignorant to these issues. This new law applies to any community, not just companies. Now libraries, schools, universities, the parliament and anyone who provides internet for their community, can tap in the email flow and all they need to do is have reasonable suspicion, (what ever that means in practice) and pay a small fee to the officials. Now, however, that this possibility is opened, and there is no official supervision, the system is ripe for abuse.

I think it's worthwhile to note that for the police to do any of this, they still need a warrant from court. This law gives private citizens broader investigatory freedoms than the police.

As was noted, this only applies to the company/community provided email accounts. If one was really going to smuggle business secrets (the key argument this law was justified with), would they do so with a company email account? It would be so much easier to use your own email they cannot track, or hell, take a usb stick with you!

I'd love to hear other Finns comments about this case.
[ link to this | view in chronology ]
- Anonymous Coward, 6 Mar 2009 @ 12:34am
  
  Re: Utterly useless
  Does free speech apply when you are a representative of a company? Everything you do with company emails and calls can be traced back to the company, could even make them liable in certain situations.
  I'm not from Finland, but this law makes sense. Phones have pretty much always been monitored, it is normally the company that receives an itemized bill so they can scrutinize any unusual calls, that's been happening as long as there have been company phones I believe.
  [ link to this | view in chronology ]
  - Finn, 6 Mar 2009 @ 1:55am
    
    Re: Re: Utterly useless
    Of course, even in the past it has been possible to track down people who misuse company email. Liability is a key-issue here. However this new law allows for pre-emptive screening of the messages, producing and retaining data which can then be accessed, basically on a whim. I don't understand why one should give up ANY human rights when going to job every morning.
    
    While the actual effects of this law may be mild, this kind of lawmaking with the overly-arbitrary wording and the practical impossibility of any government official to keep an eye on the misusing of this law, sets a dangerous base to build future laws upon. As the system for censoring DNS-addresses related to child porn was built in Finland, it was promised that this system would not be used to block anything else, but now there's talk about blocking foreign poker sites and whatnot. (It has already been used to block a whole range of non-childporn sites, but that's another story.) Once you have the basic system in place, it's easy to go the slippery slope down to The Great Firewall of China.
    
    I do understand the notion about the company owning their equipment and their right to monitor what their employees are doing. However, as noted, this kind of surveillance can be easily circumvented, and only generates mistrust between the employer and employee. And let's not forget that this law applies to not only corporate sector, but anyone who runs an email server for their community.
    [ link to this | view in chronology ]
Guy One, 6 Mar 2009 @ 12:31am

hm
all companies do this... right? as an IT guy you can listen to voicmails, see call records, record calls, read emails, all on the fly pretty easily. Then theres the firewall, logging every url, tracking instant messages, tracking smtp.ect

i did not know that being able to do all that is illegal?
[ link to this | view in chronology ]
Anonymous Coward, 6 Mar 2009 @ 4:42am

If a company has an Acceptable Use Policy that all employees are required to read and comply with that states that any communication they make over company-owned equipment is considered company property then they have the right to read the material because the employee has no expectation of privacy. In that case it is not free speech that is being infringed upon.

The biggest threat to corporate networks is insider threats. Remember the guy in San Fransisco that refused to give up the passwords to the city network? Bet they wish they'd monitored that guy's email.
[ link to this | view in chronology ]
Anonymous Coward, 6 Mar 2009 @ 5:48am

One place I worked made a hidden peep hole in one wall to the break room. They wanted to make sure we did not take to long of breaks... I guess.
Strange every break time a big wade of gum would appeared on the peep hole. I guess the peep hole was not that hidden and company did not want to blatantly tell the worker they where spying on them during coffee breaks so all they did was clean the gum off every day (and said nothing).
[ link to this | view in chronology ]
Jesse, 6 Mar 2009 @ 9:28am

As Mike points out, if your boss treats you like crap, you are more inclined to do a shit ass job. So now you have shitty employees, an expensive system in place that wastes man hours to track, and a whole bunch of pissed off and probably less productive workers. At the end of the day, was it worth it?
[ link to this | view in chronology ]
chris (profile), 6 Mar 2009 @ 10:56am

it's not hard to circumvent
even the cheapest privately owned mobile phone is difficult to tap without the help of the government. the same is true of most mobile broadband.

if you can ssh out of the network, then you can encrypt all of your traffic via a tunnel or use one of the many vpn services that are available.

tunneling has the added benefit of knowing if you are being watched when big brother approaches you about your large volume of SSH/IPSEC traffic.
[ link to this | view in chronology ]
Gene Cavanaugh, 6 Mar 2009 @ 3:58pm

Eavesdropping on employees
Being in the middle is difficult.
I feel companies own their equipment, and it is just as reasonable to know what employees are doing with the phone system and email as with a company car.
However, I would draw the line with non-company equipment. I was once in a company that "inadvertently" made it difficult for an employee to use their personal cell phone; that, to me, is a no-no; and from what I understand of Constitutional law, could be actionable.
So, use your cell phone, and if that is monitored or blocked, "Houston, we have a problem!".
[ link to this | view in chronology ]
hvirtanen, 8 Mar 2009 @ 12:45pm

lex-nokia is crazy
This law is against the spirit of the constitution of Finland and completely useless against spying companies by their employees.

a)
If somebody wants to get out of the company or the organization some secrets of the company or the organization , she/he can carry a gigabyte data in a small memory chip out of the door so that nobody can detect that.

b)
On the other hand this law gives to virtually anyone a free and lawful access to spy emails and telephone calls of other people. It is of course even nowadays easy for any administrator of the network to spy other people's emails, who are using the network. But until now it wass anyway illegal.

The whole law is plainly a step toward 'an orwellian society', where it is legal to spy all private doings of the citizens.

I'm ashamed to live in the country, where the parliament approved such a law.

It is quite clear that Nokia supported this law.

On the other hand I haven't used any crap Nokia phones for years. Nokia is already well-known for their bad manners to treat their employees. I wouldn't be unhappy, if the whole crap company would go in bankrupt.
[ link to this | view in chronology ]
enr, 30 Mar 2009 @ 4:23pm

Income for life at http//:www.BossesFactory.ws
Work online for us! More Info here www.BossesFactory.ws Muy buena la www.BossesFactory.ws
[ link to this | view in chronology ]