privacy expectations Was: SSL and Malicious Hardware/Software

Alexander Klimov alserkli at inbox.ru
Wed Apr 30 05:49:12 EDT 2008 

On Tue, 29 Apr 2008, Jack Lloyd wrote:
> > Expectations of privacy at work vary by jurisdiction and industry. In
> > the US, and say in the financial services industry, any such expectations
> > are groundless (IANAL).
>
> Most places I have worked (all in the US) explicitly required consent
> to more or less arbitrary amounts of monitoring as a condition of
> employment.

Even if you sign a contract that you do not have any expectations
of privacy, it does not mean that you do not have them: honestly,
you do expect that your coworkers are not going to read you
personal emails, right?

<http://www.securityfocus.com/columnists/421/2>:

  Lance Corporal Jennifer Long was issued a government computer
  to use on a government military network. When she was
  suspected of violations of the military drug use policies (and
  of criminal laws related to drug use), Marine Corps criminal
  investigators reviewed the contents of email messages she sent
  to another military employee who was likewise using
  a government issued computer over the same government network.
  The messages were retrieved from the government mail server
  and later used against Long. On September 27, 2006, the United
  States Court of Appeals for the Armed forces had to decide
  whether Long had any expectation of privacy in these e-mails.

  The starting point for any analysis is, of course, the DoD
  policy expressed on its warning banner, which stated quite
  explicitly:

    [...] All information, including personal information,
    placed on or sent over this system may be monitored. Use of
    this DoD computer system, authorized or unauthorized,
    constitutes consent to monitoring of this system. [...]

  However, the military court, [...] found that Long did, in
  fact have some privacy interests in the contents of her
  communications. It noted that while the government said it
  could monitor, it rarely did.

-- 
Regards,
ASK

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list