Corporate Surveillance/Meeting Notes 2018-02-12

From SOBAC Wiki
< Corporate Surveillance
Revision as of 19:43, 12 February 2018 by BobJonkman (talk | contribs) (Meeting notes)
Jump to navigation Jump to search

Corporate Surveillance

Date
Monday, 12 February 2018 from 7:00pm to 9:00pm
Meetup Event
https://www.meetup.com/NetSquared-Kitchener-Waterloo/events/245128116
Location
First United Church, 16 William St West, Waterloo, ON Map

How do we keep our workplaces secure? Does your organization use cameras? Does it filter web content? Check for document exfiltration? Inspect e-mail? Monitor keystrokes? Is this sneaky, underhanded spying, or merely good business practice? What are the ethics of corporate surveillance for System Administrators?

Join Kitchener-Waterloo Non-Profit System Administrators at our monthly round table meeting for a technical, philosophical and moral discussion.

--Bob Jonkman & Marc Paré


Resources

Office Audit and Control Management Server | TechSoup Canada

Meeting Notes

Notes taken by Bob Jonkman

  • Most corporate management is meant to ensure computers aren't altered, no viruses are introduced
  • Bob has worked in place that check all outbound e-mail for keywords, looking for data exfiltration.
    • Some exfiltration data is monitored for employees' protection, also video camera footage, so if theft occurs employees are not falsely accused
    • But would you still want to work in a place like that?
      • Very stressful to work in a place like that.
        • Washroom breaks being logged!!
      • Creepy for those being surveilled
    • Maybe employees need a guaranteed that the data will not be retained, and is secure from data theft
    • Need a union to protect the employees
      • Even when it's obvious that data on the computer is being logged and monitored
      • Is that common sense?
    • Some SysAdmins do not want to do forensics against their co-workers
      • Or even SysAdmins doing forensics against managers
      • Sometimes the stuff unearthed is disturbing (pornography?
  • Google is providing a service that predicts your "needs and wants" based on analysis of big data
    • Selling it advertisers, insurance agencies, potential employers
      • "Minority Report", "Thoughtcrime"
  • We can all make reasonable arguments in favour of surveillance
    • But big companies have shown time and time again that they can't be trusted with the data
    • And we can't opt out
    • Data correlation can identify individuals in millions of records based on only three data points


  • Definitely unethical to sell my data collected through browsing
    • But it's OK if one company shows their products based on data they've collected previously
  • The "free services" are monetized by the sale of personal data
    • Most people don't know how much, how detailed it is
  • You're constantly being given things you want to see, you want to hear
    • But it's nothing that grates you, nothing that you *don't* want to see
    • So the experienced is shaped in a pleasant way,
    • For someone who wants something different is not in that model
    • It's more insidious -- you're being tempted to have greater desires

Your desires are being shaped, not reflected by the collection of big data

-- Steve Izma




Software
Ethics
  • Is this legal? Yes, employees sign contracts allowing this to take place, and that all data belongs to them
    • Including "shower ideas", that are developed outside of company time
    • Some places allow "reasonable use" of telephone, internet.
  • Do employees even know they're being monitored?
    • There may be pop-up messages indicating that USB-drives are inserted, &c.
    • Sometimes you see evidence of SysAdmins taking remote control
  • Some places archive e-mail for several months

Back to: Corporate Surveillance

Retrieved from "https://sobac.com/mediawiki/index.php?title=Corporate_Surveillance/Meeting_Notes_2018-02-12&oldid=1858"