Can My Employer See What I Do Online?
If you're like most people, you do a bit of personal web browsing at work. Maybe you check your email, pop into Facebook, or do a little online shopping at lunch time. But have you ever wondered... can your employer see what websites you visit? Here's what you need to know about employee internet monitoring...
Is Your Employer Monitoring Your Online Activities?
Would you like to know if your boss is aware that you're shopping, playing games or chatting online instead of writing that sales report or handling the pile of paperwork in your inbox? That depends on your boss. Chances are the answer is YES. There are several ways The Man can look over your digital shoulder, and some things that you can do to safeguard yourself.
A CNET study done way back in 2006 claimed that workers spent 20 percent of their time online for personal use or entertainment. Even more surprising, 13 percent were said to use the Internet for dating, gambling or 'adult' sites while at work. I would guess the numbers have only gone up in the past few years, with the exploding popularity of Facebook and other social media.
That translates into a lot of unproductive hours in the work day, and is a powerful motivator for your employer to crack down on Internet use that's not work-related. I'm sure you know people who seem to fritter away the entire day on the Web. That's not what they're being paid to do, and most people agree that employers have a right to stop it.
My suggestion is to assume that your employer can see EVERYTHING you do online while at work -- because they probably can. But that doesn't mean your privacy is being violated. Most employers require staff to agree to an Acceptable Use Policy (AUP), which spells out how/when you will be allowed to use the Internet and other computing resources that are owned by the company.
Employees may feel indignant or betrayed if they find out their Internet usage is being monitored without their knowledge. So it's important for employers to create and distribute to all employees an AUP disclosing any monitoring and control of their use of company assets such as the computers on their desks and Internet access.
Any business with a decent IT staff can easily monitor the activity on the company network. There are even special software packages that your employer can use to keep track of all Internet activity, even if employees are traveling or working at home. This software can send a report on all visited web sites as well as outbound and inbound communication, such as email and instant messaging.
This level of detail is necessary to document employee misconduct, but most likely nobody will ever look at it unless a problem arises. And of course, this assumes you're using a company-issued computer, or your employer's Internet connection. If you're using your own computer, with your own Internet service, you needn't worry.
Likewise, if you're frittering (or Twittering) away your work hours on your smartphone, your employer won't be able to "see" what you're doing. There is an exception, though. If your smartphone is connected to a company wifi signal, everything you do is exposed. Turn off wifi and use your mobile provider's data plan to maintain the privacy of your smartphone activity.
Don't assume your office email is safe from prying eyes, either. It's trivial for your employer to scan all emails for certain keywords to make sure that company secrets are not being shared with outsides. A casual email to a friend containing "insider information" can violate SEC regulations, resulting in a fine for the company. Opening a virus-laden email while at work could expose your company to serious security breaches. So there are good business reasons for your employer to monitor or restrict workplace email activity.
What About VPNs and Encryption?
Savvy readers may be thinking that using encrypted web browsing or a VPN (virtual private network) service or would provide a way to hide their online activity while at work. That's true to a degree. Using "https" to connect to your favorite websites will encrypt the traffic between your computer and the Web, but it won't hide the fact that you accessed those sites. To use a postal metaphor, bosses could see the "envelopes" that are coming and going, but not the contents. They'd know, for example, that you visited Facebook.com, Amazon.com, and TimeWastingGames.com but they would not be able to see what you did there.
Using a VPN at work to access the web would provide additional cover. Bosses would see only that you accessed ONE website, the VPN server. But of course, that would be a big red flag that you're trying to hide your tracks.
How Much is Too Much?
Most bosses understand that life is hectic, and won't mind if you check your email once in a while, or do a little online shopping on your lunch break. But if you spend your entire work day on Facebook, eventually your lack or productivity will be obvious.
If your boss can figure out your Twitter username, it would be trivial for him or her to "follow" you and see what's on your mind, besides work. And for the same reasons, if you're hanging out on Facebook instead of doing data entry, you'd better make sure the boss is not your "friend" on Facebook. Even if you're socializing via your home computer, remember that social media can be very public. I remember reading about an employee who decided to play hooky from work by claiming he was sick after a fun night out. He posted that on Facebook and was caught. Idea: Make sure your privacy settings only allow friends to view your profile and postings. Better idea: Don't skip work and brag about it on Facebook.
Of course it's tempting to do certain types of online activity at work, because typically you have a very fast connection to the Internet. Someone asked me if his boss could detect the fact that he was using a Bitorrent server to download hundreds of gigabytes of pirated videos at work. The answer is YES. The presence of the program on his hard drive, as well as the dowhnloaded files, would be a giveaway. But this would also create a noticeable drag on the company network, which could impact the ability of co-workers to do real work. Downloading from "file sharing" sites at work can also expose your employer to copyright infringements, as well as viruses and spyware that are able to spread on the company network and wreak untold havoc.
Surfing at Work
If you just cannot resist the urge to surf the web while at work, here are some simple precautions:
- Be familiar with the company's Internet usage policy.
- Moderate your usage accordingly.
- Never venture into "adult territory" or access illegal/unlicensed materials online.
- Use your personal email account for personal stuff, and your work email for all business related matters.
- Use your smartphone with cellular data plan (not wifi) for personal or private web access
None of these things is foolproof, since every keystroke can potentially be monitored. Even clearing out your web browser's history and temporary files may give you a false sense of security. If your employer is really sneaky, they can use video cameras to monitor you. As I mentioned before, it's not likely that anyone will ever poke into your workday web history, unless you give them a reason to suspect something isn't right.
From the employer's perspective, it just might be that Internet access at work is "baked in" to their assumptions, and they care more about productivity than policing your bitstream.A comment I found on on Workforce.com makes that point:
- We ask so much of our employees. The 9-to-5 is no longer relevant. If my employee, who is giving up night and weekends for me, wants to spends a few minutes during the workday posting to Facebook, or checking the score of last night’s game, or buying something on Amazon, I just don’t care... unless and until it reaches the level of distraction and impacts performance. Then, however, we are treating the performance problem, not the technology problem, which is the appropriate and practical solution.
Your thoughts on this topic are welcome. Post your comment or question below...
This article was posted by Bob Rankin on 6 Jan 2020
|For Fun: Buy Bob a Snickers.|
Software Piracy: Is it Really a Crime?
The Top Twenty
The Worst Place to Buy a Smartphone?
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005 - Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- Can My Employer See What I Do Online? (Posted: 6 Jan 2020)
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "Can My Employer See What I Do Online?"
06 Jan 2020
Saw alot of this during my work time (retired now) where if the people were using company computers for much more than work (like playing music and radio stations).
But after it was found out that management was watching, many just brought in their own tablets or laptops to do the same (using companies wireless internet access).
06 Jan 2020
Where I worked as a network admin, among other positions being a small company, we monitored the network activity not only for excessive use, but also for site visits that were not appropriate for the workplace.
In the end there were a number of employees who ended up being terminated. They had agreed to, even signed the agreement, when they were hired that said their internet usage would be monitored and they could be terminated.
These people did everything mentioned in the article.
To monitor the website usage, we used a program called Surf Control, which is no longer available and has since been merged into a larger package. This activity, by the way, took place between 2000 and 2007 and right in the date range of the data mentioned.
It's interesting to see what people think they can get away with, and as the network admin I had the honors of cleaning up their user PCs and archiving their emails. So yeah I saw that data too, and it was amazing what kind of "stuff" that was in there as well as on their hard drives in their local documents folder.
So yeah... Be very careful what you do online at work. Treat the work network as being in public where all your dirt can be aired and showed around easily so don't even consider doing stuff that should only be done in private.
To this day there are certain people I can't look at straight in the eye knowing that some of their browser habits are, well, quite gross.
06 Jan 2020
"We ask so much of our employees. The 9-to-5 is no longer relevant."
Oh Gawd! Puhleeeze!
Maybe times have changed so much that I am totally out of the loop.
In the 21 Century, this "9-to-5" (contractual) agreement is no different than it was in the 20th Century.
Here is my historical perspective: By accepting any employment/profession (including prostitution); we agree to do productive "work" (involving both our bodies AND minds), in return for an agreed upon payment for our services.
IMHO - This ‘9-to-5’ work is nothing but "means" to an "end". It is much preferable to keep an individual's personal-life isolated from (and NOT be identified with) these 'means'.
06 Jan 2020
Absolutely. I'm retired now but in my last year we had a huge issue that resulted in the termination of 25 people. Everyone signed, annually, an acceptable use policy statement, each line had to be individually checked. There was also a training package we were required to complete, failing to do so got one's sign in credentials suspended.
Further, since we worked with sensitive data, we had to take data privacy, including HIPPA, training annually as well.
We had over 11,000 employees, a T1 access line and no one cared if people checked their email or did a bit of online shopping on break or lunch. In fact, though EVERY keystroke was required, no investigations were undertaken (forensic investigations are expensive) unless there were a specific complaint or reason. In the case I mentioned, lack of productivity was the reason. Forensics wasn't even needed, just a few simple management reports from the systems our staff used all day, every day, showed many were putting less than a full day. There were instances so egregious that reports showed NO work activity (working from home) at all on some days.
So, absolutely yes, it is not a violation of privacy for an employer to ensure employees are working. I would NEVER assume that anyone has carte blanche to do whatever they like on company time. The other suggestions Bob mentioned are good too. But when using a company owned access, be aware that you are likely being monitored and if you violate that trust, there will be consequences. As Randi said, we sell our time to our employer in exchange for work performed. If you don't honor that contract, your employer will notice.
06 Jan 2020
Friend of mine concurs completely with your assessment. He was the system administrator for a large bank chain, PhD in computing, code, IT Admin, whole shebang.
He said essentially there is nothing your employer can't see on their own computer and system, and he even easily catches the guys he hires with degrees in IT who work in his dept, who think they can outsmart him with their own computing skills and tricks. They are walked out the day after caught. You are talking a bank chain here. $$$$$$$$$
06 Jan 2020
Bob, I'm somewhat surprised that in this post you seem to be condoning this behaviour and giving some "simple tips" to avoid being caught seems to confirm this.
Just as your recent article on software piracy pointed out, that piracy was theft, then so is stealing the boss's online facilities for private use. This theft involves taking and using something that does not belong to you. You have stolen not only bandwidth, but also the wages that you haven't earned while goofing off, and not performing the duties for which you are paid.
EDITOR'S NOTE: I'm not condoning, and not offering tips to promote this activity. On the contrary, I said "Be familiar with the company's Internet usage policy" and "Moderate your usage accordingly." I also advised to "Use your smartphone with cellular data plan (not wifi)" so as NOT to use the company's bandwidth.
08 Jan 2020
I retired from a public agency several years ago. We had an acceptable use policy with a little bit of leeway for "incidental" personal use. I was a union steward who had to remind my coworkers to be very very careful about "incidental" use, as since the agency owned the hardware and the software they had the right to set conditions on use and that case law upheld this right. I told my coworkers that their individual right to privacy stopped at the entrance to the workplace and they shouldn't press the SEND button in e-email unless they felt comfortable seeing the content in a court deposition. Probably saved some jobs for those who paid attention to me.
08 Jan 2020
Remember not long ago when the dawning of the "computer age" predicted greatly increased productivity? Maybe that's true for industrial computers/robots/etc. But for the people force, if you subtract all the billions of wasted man and woman hours, a study I recently completed shows a net loss in output. Smartphones and "social media" have become the digital heroin of society.