Hi,
I am not stating illegality. There is no mention of contracting criminal acts
as criminal acts cannot be contracted.
As an example, in NSW you can state the level of monitoring. NSW does not stop
an employer from monitoring an employee; rather it limits what may be done
without consent. Consent may be included as a term in the contract. Thus, the
contract can allow the employer to monitor all emails of the employees.
To take the NSW "Workplace Surveillance Bill 2005", Part 2 Notification of
workplace surveillance of
Employees; covers this. It states;
"Surveillance of an employee must not commence without prior notice in writing
to the employee." It also includes that "Notice by email constitutes notice in
writing for the purposes of this section."
Now it is true that there is never to be camera monitoring of rest rooms - but
this is hardly an issue with email for instance.
As for the contractual agreement, part 2-14 states;
"Exemption for certain surveillance by agreement
Surveillance of an employee is taken to comply with the requirements of this
Part if the employee (or a body representing a substantial number of employees
at the workplace) has agreed to the carrying out of surveillance at the
premises or place where the surveillance is taking place for a purpose other
than surveillance of employees and the surveillance is carried out in
accordance with that agreement."
This means that it is expressly accepted that an employer may contract for
surveillance. The terms are thus valid if they state that the employer may
monitor any and all Internet traffic as defined in the companies policy.
Section 17 states that the employer has to provide a policy and ensure that the
employee has been made aware of it. This may be completed in a contract. The
Parole evidence rule means that if the employee agrees to the contract that
they cannot adduce additional evidence from non-written sources - e.g. verbal -
to dispute the written contract.
So the issue is not one of covert surveillance, as anything in the contract is
thus by definition not covert.
As for the EU, The European privacy Directive states that legitimate processing
may include any and all monitoring when:
"It is necessary for the performance of a contract with the data subject, or
for steps requested by the data subject prior to a contract"
Thus the rights of the employee may be contracted. This needs to be explicitly
included and this means that the monitoring is not covert but covered in a
formal and open company policy, but it does allow the inclusion of terms that
allow the monitoring of employee internet traffic and emails.
Regards,
Craig
________________________________________
From: Andrew van der Stock [mailto:vanderaj@greebo.net]
Sent: Wednesday, 2 August 2006 3:55 PM
To: Craig Wright
Cc: Webappsec Mail List
Subject: Re: SF new column announcement: E-mail privacy in the workplace
Actually, you cannot contract illegal terms. In some countries, and some
states, it's illegal to abridge privacy laws. NSW is one of those places. In
the same way you cannot contract murder, you cannot contract away such items.
Lawyers will try, but this is the usual reason they include a "if any clause is
struck down, the rest still apply" in every contract I've read so far.
This has saved many illegal contracts which ask unreasonable terms. For
example, in Australia, it's illegal to ask people to work unreasonable hours,
but this is exactly what most "management" contracts require in no uncertain
terms - and you're expected to have basically no personal life.
So a judge has now ruled on what "reasonable" means. It's illegal to include
non-competes in Australia, as it's illegal under the Trade Practices Act as a
restraint of trade. I've seen so many contracts stating that you may not work
for anyone else for a period of time with no recompense other than the pleasure
of working for this company. I'd be happy with that term if I was paid to sit
on my backside for that period, but that is usually not the case. As this is so
unequal, this has been ruled on several times already, usually in contract law
terms with particular reference to the fact that most of us are not in a
position to extensively negotiate with the 800 lb gorilla who may be our next
employer.
In many jurisdictions (EU and NSW), there is an absolute right to privacy for
employees. In others, often there is no case law and no laws. In these
jurisdictions, I'd do what I did a while back - I have an absolute separation
between my work and my work life. My work laptop has no personal e-mail on it,
and has nothing on it which is not work related. It's a shame I have to do that
- it certainly makes less use of me than I am capable of giving in both
spheres, but I can't trust to the lack of laws today to protect me.
thanks,
Andrew
On 01/08/2006, at 5:24 PM, Craig Wright wrote:
Terms may be expressly agreed into a contract. ANY contract. The of a
GOOD contract will include terms state the choice of terms , choice of
venue and the subject matter jurisdiction etc.
The contract can state the place and time of any action.
Liability limited by a scheme approved under Professional Standards Legislation
in respect of matters arising within those States and Territories of Australia
where such legislation exists.
DISCLAIMER
The information contained in this email and any attachments is confidential. If
you are not the intended recipient, you must not use or disclose the
information. If you have received this email in error, please inform us
promptly by reply email or by telephoning +61 2 9286 5555. Please delete the
email and destroy any printed copy.
Any views expressed in this message are those of the individual sender. You may
not rely on this message as advice unless it has been electronically signed by
a Partner of BDO or it is subsequently confirmed by letter or fax signed by a
Partner of BDO.
BDO accepts no liability for any damage caused by this email or its attachments
due to viruses, interference, interception, corruption or unauthorised access.
-------------------------------------------------------------------------
Sponsored by: Watchfire
Watchfire was recently named the worldwide market leader in Web
application security assessment tools by both Gartner and IDC.
Download a free trial of AppScan today and see why more customers choose
AppScan then any other solution. Try it today!
https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008VnB
--------------------------------------------------------------------------
