Office Snooping and Gossip
Future’s Ramblings – Issue 19 – April 18, 2006
When I was less than two weeks old I developed a life threatening ear infection, to relieve the pressure in my tiny head doctors punctured one of my eardrums, the other ruptured on its own. Other than having to endure listening to my mother tell every date I ever had what an awful crying infant I was, the fact that I have damaged eardrums has had little impact on my life with the exception of not being able to hear very well when there is background noise.
It is for this reason that I am not a very good at office snooping, it is difficult for me to hear the detail of hushed conversations and telephone calls that could provide useful fodder for gossip. Even with the recent office move, which has located me directly next to Peter McCamley, I know less gossip about our company than the guy that works at the Manhattan Cafe on the corner. Not knowing the office gossip is affecting my self esteem. This is a common side effect of not being in the know, confirmed in a recent article in the Sydney Morning Herald, which explained that our access to gossip within the workplace is a “useful barometer of our overall importance within a group”. The article goes on to say that gossip plays an important role in the workplace as a means to alleviate stress and anxiety as well as for entertainment.
Gossip can be good fun, at my previous place of employment the office gossip put bestselling books and television to shame for entertainment value. This continues, it was recently reported to me by a former colleague there, that the whole of the 23rd floor believes he is the father of another friend’s unborn child. This is what happens when you are seen one too many times at the many Starbucks in the building sipping a latte together. The best part of this is that the woman is happily married, and the man is happily gay. He said “I know I don’t skip down the halls in rainbow tights but I thought everyone here knew, I’ve never kept it secret”
There is of course a downside to office gossip, 50% of Australian employees have been victims of false gossip at work; and don’t think it is just the girls gossiping, according to Dr Grant Michelson from the University of Sydney school of business “men are just as adept”. Gossip tends to happen more in companies where there is a high level of uncertainty, such as during a take over or restructure and is prevalent when people don’t have all of the information they need or crave. When you don’t know what is going on, what choice do you have but to make it up?
Finding accurate information to be a good gossiper is tough these days, how do you get it; especially when there are pesky passwords and firewalls, or you are like me and can’t hear too well? Toby Miller a certified Intrusion Analyst and employee of a ‘major internet security firm’ – so secret they can’t name it – claims this is relatively easy in the workplace; despite the security measures many workplaces have in place. He reasons that as human beings, we rarely question actions that we consider normal and those actions are the very ones that make us vulnerable. “Social Engineering” is the term he uses to describe “an attack method used to take advantage of complacency at work”. His examples of Social Engineering listed below make you wonder how any thing stays secret, as it just about describes what most of us spend our day doing.
- Friendships – where trust can be exploited
- E-mail – exploits trust as well with the added ability to easily spread to others
- Dumpster Diving- going through the trash bin to get information
- Office snooping – looking and listening when you should be working
- Trust – Social engineering exploits human trust
- Time – obviously some people have too much of it.
By having no friends and not trusting anyone, shredding all documents, and religiously cleaning our desk we can sleep at night knowing the office snoop will have nothing on us. But you know as well as I, that there are far more sophisticated methods for snooping now a days than digging through your bosses garbage can. Most workplaces now have security cameras; they are so common today that we consider them benign. Do you really care if the security guard in the building watches you pick spinach out of your teeth after lunch or adjust your underwear in the lift? We are so used to this level of snooping, or voyeurism, that we don’t pay it much attention. We also pay little attention to the forms we sign when we start a job giving consent for the company to read our e mails and review computer files whenever they want.
The fact is that this type of monitoring is very common in today’s workplace and we should expect some level of snooping to occur at work. That being said office snooping must be handled with the upmost sensitivity. Not only are there ethics and employee moral at stake, there is the need to be fair and consistent. The mistake many companies make is that they don’t take snooping seriously and this puts them at risk. Often employees assigned to be the snoops are those that understand the computer systems and have the necessary access to hardware and software. This can lead to inconsistency if surveillance is low on that employee’s priority list. Don’t fear being snooped on at Geyer. Our information technology specialists are far too preoccupied teaching me the ins and outs of my blackberry to have any time left over to snoop on you.
In some companies spying on employees is taken quite seriously, mostly to protect theft of proprietary data and software but also to patrol loss of productivity and sexual harassment. An American Management Association survey on electronic monitoring states that nearly three – quarters of the large American companies that responded said that they routinely record and review employees phone calls, e mails, internet connections and computer files. Since one in four companies will fire an employee over what the surveillance turns up you would have an expectation that who ever is doing the snooping would take their job seriously .
This is one reason snooping is taken so seriously in America. Employers there cannot knowingly let an employee do something that is illegal, and this gives them an excuse to snoop. By example, not only could one employee’s surfing a porn site impact productivity; it could also be used to prove the company allowed sexual harassment in the workplace. It is not just what a person does, it is the impact they have on those around them that is considered when establishing whether a workplace is ‘a hostile work environment’. Corporate executives can now be held responsible for misconduct of their subordinates and this is why the courts are no longer buying (unless you have excellent legal counsel or are reporting to the Cole enquire) the line “I don’t recall, or I can’t remember” or “I had no idea that we were selling wheat to Iraq”.
All of this has led to an increase in new applications for snooping like Security Call Analysis, Monitoring Platforms and Scamp. These database technologies allow access to about nine weeks of calling information. It was through technologies like these that AT&T helped crack the Moldovan porn scam – a group in the former Soviet republic tricked users of internet sites into downloading software that disconnected them from their local telephone company and redialled a 900 number in Moldova. You would see the benefits of this if you were a shareholder of AT&T. Similarly if you are running a business and your employees are making phone calls to Moldova when they should be working you would be pleased. In a survey by Elron Software one tenth of the respondents said they had seen co-workers viewing porn sites at work even though company policy explicitly prohibited it.
As I write new tools are being developed to help mine data and this will enable the application of software analysis tools, now used by law enforcement agencies, to identify activities that would be missed by human eavesdroppers. Data mining is used now by credit card companies to stop fraud and insurance companies to predict risk but in the future it will be used to draw connections between unrelated pieces of information by using mathematical or statistical techniques to scan for hidden relationships in streams of digital data.
This technology has attracted the interest of the US government who recently dispatched a group of National Security Agency officials to the Silicon Valley to go shopping to find the best snooping software money could buy. They were scouting out this cutting edge technology to support the Bush administration’s anti-terrorist eavesdropping program. As a US citizen, I am subject to having my e mails and computer files searched by the US government, as well as by my employer! The new data mining software could track how many times seemingly unrelated bits of information might occur together, such as the presence of the words president and incompetent in the same sentence in one of my emails. This could well earn me a little vacation to Guantanamo Bay. Given this information we had better ramp up our secession planning sooner rather than later.
The reality is that we can’t complain about the lack of anonymity or privacy we have at work or in our lives. Most of us willingly embraced the convenience of mobile phones, GPS devices, EZ passes, and BPay. We like knowing that our security pass keeps vagrants out of our workplaces. We cannot then be enraged when RFID tags or “spy chips” are placed in the products we buy, from shoes to milk to give retailers the ability to amass and analise our buying patterns. Nor should we be surprised when our employers want to use similar applications to track our movements. Particularly as mobility and distributed work environments become more predominant. That day is already here, two years ago Allan and I visited Paddy from Cisco systems, he demonstrated for us how he could find an employee, an acquaintance of mine in Santa Clara. In less than one minute he knew which building she sat it, which seat she sat in, where she was – travelling or at home, and he pulled up a picture of her to boot. This was a few years ago, I bet now he could tell us what she is having for lunch.
It does make you wonder about the great concern so many of our clients have about being overheard in an open office environments. With the technology that exists today the concern should not be for the guy sitting next to you snooping in on your phone calls, but for your employer digging through your computer files and finding out that you have over extended yourself on your mortgage, visit a Barbie Doll collectors web site with frequency, or have been viewing porn from Moldova. There are some things you just don’t want everyone knowing about.
By the way, did you hear that Andrew Isaacson has resigned
Extent of UK snooping revealed
The Latest on Office Gossip
By Owen Thompson
The Sydney Morning Herald March 25-26, 2006
Office Handbook – Chapter 63 Busybodies
Issue 78 January 2004
By Ryan Underwood
Taking Snooping Further; Government Looks at Ways To Mine Databases
By John Markoff; Scott Shane contributer
The New York Times February 25, 2006
The Right Thing; As Office Snooping Grows, Who Watches the Watchers?
by Jeffrey L Seglin
The New York Times June 18, 2000
Executive Life; New Kind of Snooping Arrives at the Office
By Marci Alboher Nusbaum
The New York Times July 13, 2003
A Growing Web of Watchers Builds a Surveillance Society
The New York Times January 25, 2006
By Toby Miller
Security Focus Web site June 19, 2000
Just How Fair is the Workplace?
News Release – SauderSchool of Business August 30, 2001