Without accessing their network/property, there is no reason or expectation that they could monitor your phone. A phone easily falls within what is called the “reasonable expectation of privacy.” Likewise, the courts have upheld that a desk drawer or locker is also private. The employee must give consent to have their stuff searched, and if they waive their right to privacy they may re-asset it at any time.
Now, you might get fired, but they still can’t look at your stuff.
If your employer is worried about phones (for example, if confidentiality is an issue) they would be better off ordering employees to check their phones at the door.
The phrase “reasonable expectation of privacy” refers to the Fourth Amendment and the exclusionary rule. It means information gained by the governing by violating that expectation may not be used against you in a criminal proceeding, not that your employer can’t snoop around your desk. The OP is presumably worried about getting fired, not prosecuted.
This is the more likely option. A co-worker of mine was known for spending way too much time on his iphone. Since there’s a policy against CC cameras, HR actually installed* a fictitious employee in a nearby cube (lots of churn in office placement, new faces are common). “New” guy’s job was to track and log the offender’s habits. Results were an average of 3+ hours playing on the iphone per day, and the employee was escorted out by security.
They also do random audits of employee’s computer/internet/IM use and occasionally compare time charges against gate and entrance camera timestamps. I was the subject of one of these two years ago and unaware of it. It was a random audit, but when finished I (and boss) got a congratulatory note informing me I’d been under surveillance for a week and passed with flying colors.
*Details as explained to us in a group meeting later. We had no idea there was a plant in the office. Still don’t know which person it was.
After an accident where a fork lift truck driver was distracted by his phone while working, my last employer (a haulage and storage company) banned the use of mobile phones during work times. After a protest, the ban was extended to office staff, except those with company phones. This ban was widely flouted, so they banned them from the site altogether. Anyone caught with one gets a warning, and then, if he does it again, his cards.
In the pre-IT era (anybody remember that?), I worked at a place where the receptionist was required to grab the morning paper first thing and remove the comics and crossword puzzle pages, so the employees would not spend company time amusing themselves with them.
Back in the pre-internet, pre mobile phone days, my then employer sent round a notice saying that all telephone calls were being monitored to prevent people making expensive personal calls at the company’s expense.
It was not actually true - they had looked at such a system but rejected it as too costly; however the belief that they were, had the desired effect.
A few weeks later, it was noticed, from the existing system, that some expensive foreign calls were being made every Friday evening, after work. Most phones were barred from making international calls, and it was no great problem to find a cleaner sitting in the Export Manager’s chair, chatting to her mother in Australia.
So it didn’t matter whether he was getting his work done or not, what mattered was that he didn’t “waste” time at work. If he’d have stared blankly at a spreadsheet not moving for 3 hours that would have been fine, because he wasn’t enjoying himself.
If he wasn’t getting his work done, it doesn’t matter if he was frantically working 10 hours straight. If he was getting his work done, then who cares how much time he spends on his phone?
“We’re paying you too much”/“You don’t have enough work” depends on how much it would cost to hire another guy who can do the same amount of work for less money, or do more work for the same amount of money.
If you’re paying the guy $50,000 a year, and he completes the same amount of work that his colleagues making $50,000 a year do, it doesn’t matter how many hours a week it takes him to do that work. If he does more, despite goofing off, you’re getting a bargain. If he does less, even if he’s working like a trooper, you’re getting ripped off.
Anyway, this is just a longwinded digression. I’m just boggled that they’d assign a guy to watch him for a week to see if he’s goofing off or not. If he’s goofing off, why doesn’t his manager already know? And if he’s goofing off, why not just fire him? They don’t need a reason.
Actually, for any device which they control (e.g. your work desktop or a company-provided phone), they could add themselves to the list of certificate authorities which your browser trusts. They could then perform a man-in-the-middle attack on any of your “secure” communications.
And yes, some employers actually do this. Also, it’s not just nosy employers doing this; for example, Nokia has also been caught intercepting their customers’ encrypted traffic, ostensibly for the purpose of doing on-the-fly data compression.
Basically, unless you control the device and know for certain that it doesn’t have anything installed on it without your consent, you can’t trust anything, no matter how many padlock icons it may show you.
I was under the impression that there are already laws preventing your employer from snooping in on your regular telephone calls and you have a right to use a “reasonable” amount of your time on personal phone calls, so long as it is not interfering with your job.
But there are no such laws protecting your internet use. That’s up to your employer’s policy decisions.
That’s my understanding. I have no specific knowledge in this area.
If Your wifi at work Blocks NSFW Material, and you didn’t hack into it Can they still see your attempt on your smartphone? I’m thinking no harm no foul. Can you still be fired? Can they still monitor the attempt? I was on my smart phone a forgot I was still on the company network.:smack:
Yes, if you are on their network, they can see the attempt and you can be fired. Do you really need to be accessing your spank material when you’re on the clock?
I guess I live in a dreamworld aka Los Angeles, but I can’t imagine ever being called to account for “NSFW” browsing with an employer’s WiFi. 1. Most places I work aren’t big enough for an IT department of their own 2. Everyone knows people spend part of their day messing around on the internet 3. Most of the people I work with are in a bullpen and couldn’t get away with anything egregious (fantasy sports websites don’t count, but sexy/porn stuff would be easily noticed and quashed without reference to non-existent IT group) 4. The people whose doors close I (or someone in my position) can barge in on at any time. I try to knock, but there’s never enough time to pull pants up–if they’re clicking away from the nakeds, so be it, but it’s more likely to be Facebook or email.
It’s called the “encryption hole”, and is a big concern to corporates.
Most malware now uses SSL encryption to communicate to Command and Control servers, and to exfiltrate stolen data out of a firewalled network. If you can’t look into the encrypted data-stream, you will never know until it is too late.
So SSL decryption equipment feeding data to logging and detection equipment is going to be big business over the next few years. And it gets worse - you have no actual idea how good the far side of the SSL intercept device is - many use older ciphers and protocols, downgrading the encryption on the exposed internet to your bank or email provider.
If you think Nokia was bad, Symantec (who run a Certificate Authority) now own Bluecoat (who make network proxies and SSL equipment). The combination allows for an SSL intercepting proxy that could have a trusted certificate for a large proportion of the internet without requiring a trusted certificate install on the device.
Service Providers (ISPs, mobile phone networks) also want this technology to intercept, monitor, compress and shape encrypted datastreams for efficiency and profit (you need to decrypt SSL data before you can insert ads or optimise content).