Path: utzoo!attcan!uunet!cs.utexas.edu!halley!kidd
From: kidd@halley.UUCP (Dave Kidd)
Newsgroups: comp.org.eff.talk
Subject: Re: Reading employees' mail
Message-ID: <1058@halley.UUCP>
Date: 16 Oct 90 16:24:42 GMT
References: <4761@bone25.UUCP> <69148@lll-winken.LLNL.GOV> <1990Oct4.031131.2296@murdoch.acc.Virginia.EDU> <12853@hoptoad.uucp>
Reply-To: kidd@halley.UUCP (Dave Kidd)
Organization: Tandem Computers, Austin, TX
Lines: 35

In article <12853@hoptoad.uucp> gnu@hoptoad.uucp (John Gilmore) writes:
>brnstnd@kramden.acf.nyu.edu (Dan Bernstein) writes:
>> What's wrong with recording what goes on under your own roof?
>
>gl8f@astsun7.astro.Virginia.EDU (Greg Lindahl) wrote:
>> I believe Epson America is going to find out in court, real soon now.
>> They had a manager who read all of his employee's email, including
>> mail with rude comments about the manager that the employees thought
>> was confidential.
>
>Sun Microsystems has a policy against anyone reading anyone else's
>email.  It is a firing offense.  Many years ago, I was involved in such
>a situation there, in which some employee read the saved mail of a high
>level manager.  Some managers were 'setting up' employees to be fired.

About a year ago, Data Communications (I believe) published a comment that
said, if effect: if a company doesn't tell its employees their e-mail is
insecure, they're entitled to view it as secure. Since then, I've noticed
more companies telling people the mail is insecure.

Which, in fact, it is -- like it or not. Unless you're encrypting with
controlled-key decrypt, there's always SOME way to see another person's
mail; given the expertise of the crew around any major computer site
they method of viewing will be found. Given the normal range of human
variation, SOMEONE might be reading your mail.

So the real response is: don't assume your e-mail is secure. If you want
to keep it private, take prudent precautions -- which includes not using
a networked file or e-mail, and not leaving files on a publicly accessible
machine (even a password-protected one). If it must be machine readable,
keep the file on a disk and the disk in your pocket (or safe deposit box).
 
-- 
David N. Kidd, Tandem Computers, Austin TX
halley!kidd@cs.utexas.edu   (512) 244-8820