Sure. Depending on which SSL encryption is used, he could grab the
encrypted response, brute-force it, and have a decryption of enough
of the traffic to be a problem in minutes, hours, or days. Also,
this could be seen as "intentionally bypassing IT security", which
is probably fireable anywhere. Certainly wouldn't look good on your
review to be caught at something like this. Also, some of the anonymizers
pass the URL info in the clear in the URL line, there it's simply a matter
of them re-asking for the same thing to see where you were going. Further,
if there is a proxy server at your school (as there most likely is),
content of the proxy server can be cached for everyone, or for just people
they chose to watch. All these things _can_ be done, but obviously I
have no idea of _if_ they're being done where you are.
Nope, I didn't mention PGP. I said that if you're using a webmail
that's https:// they will see you're going to a webmail server, but not
be able to read the traffic without getting creative. If you're using
a webmail that connects with https://, you might as well print everything
and leave it laying on your desk, because it's that trivial to read.
Both of my parents being teachers, I'm aware of that.
You should find out what your school's acceptable internet usage policy
is. Then, you can decide if and how you choose to violate it. Maybe
they really don't care as long as you don't, as another admin put it,
make more work for them. Over the years, I've run into a few "problem
users", the ones who noise up my network, or are continually trying to
find ways around the security I have built. For most of 'em, a "Hey,
stop doing (thing) please, because it makes my monitoring stuff go
nuts, OK?" was sufficient. But, I've also had the boss's boss call me
into his office for the "We need to know what (person) is doing, web,
email, everything" chat, and (person) was soon no longer working there.
For 10 bucks, you can bypass the whole thing by getting a home internet
account. Heck, you may be able to use it _from_ work by dialing out
on an outside line right from your classroom.
Check your employment agreeemnt, you may have done so.
Maybe dialup from the classroom is the answer.
From my perspective, it's not about "Big Brother", it's about keeping
crap from getting into the network. Obviously a Mac presents exactly
zero threat of virus, trojan, or other infestation, so that's not a
problem. However, I'm also responsible when the "network is slow"
so I have to keep an eye on it to make sure people aren't watching
streaming video from whatever sports site on bandwidth that isn't
cheap, and so on.
Ethically, if they're snooping and don't have a damn good, work-related
reason for it, they can and should be fired. You don't read a user's
email just because you can, you don't snoop their traffic just because
you want to get dirt on 'em. But, if it's "Wow, that port is taking
a whole shitload of traffic, what kind of traffic is it", then it's
certainly reasonable to expect that if it attracts attention, it
might get investigated.
This is where I'm going to excuse myself from the conversation,
because (a) I really don't care, and (b) can't be bothered. The
situation is what it is, and that's what you need to either
decide to live with, or circumvent, the conditions that exist.
Well, any admin who abuses their access should, and will, get fired.
Employers, right now, have the right to order them to do so, and
I don't see that changing any time soon.
Dave, I have especially enjoyed your comments, which are obviously the
product not merely of relevant experience, but a good analyticaly mind
(and good sense of humor).
Should one of those (the latter?) read http:// ?
<snip> > You should find out what your school's acceptable internet usage policy
I don't really want to subvert any well-intended security that our
network has built for the purpose of protecting the network. I don't
think I've ever done anything that remotely threatened the security of
a network I've used. I just want to protect my own privacy.
Since I'm new at this school, I'm not really sure what the network
admin is like, but I'll be sure to try to get to know him--that won't
hurt regardless his snooping habits. In the meantime, I'd like to know
just what and how well I can protect myself. You have answered that to
my satisfaction, even though the answer was not optimistic.
I could do that, but I hate modem connections. I'll just wait until I
get home to do anything that even hints of unapproved activity. Even
Caesar's computer must be above suspicion nowadays, it seems.
I have not. I have in the past excised that clause from the terms of
Yes, there's always the other perspective, which has concerns just as
valid as mine. I want my school's network admin to be vigilant, just
as you must be. But I don't know how to protect myself should he be
just as vigilant about snooping into my private affairs. Seems there's
little I can do about it at this point in time.
You enjoin me to accept things as they are below, and I must return
the favor at this point. You're right, of course, in the first
sentence above. The problem is that very few administrators have the
ability or inclination to discover a networker's transgression.
Regarding the second sentence, you must have a bright outlook on human
nature if you believe that. Me, I'm a Federalist 10/Duc de
LaRochefoucault kind of guy.
Right, and it get tricky here, ethically and legally. A networker has
such wide-ranging power and the to abuse that power in virtual
privacy. Compare him to a police officer and search warrants, and
you'll get what I mean.
But as you observe, that's how it is.
<snip digression on ethical philosophy>
Ah, but you do care, you have been bothered, and thank you for the
Should? Yes. Will? Rarely. Fewer than 1 in 1000 abusers get nailed on
this one, I would venture to bet.
"so" being "to get fired"? (sorry, I'm not sure what you meant here)
Thanks again, I shall take your advice.
Thanks. Now get clear on the concept of who owns the network and how
they could fire you for misusing it, and you'll be fine.
But if they see you using an anonymizer, or ssh tunneling, or
whatever, they may _feel_ it is being used to bypass what they have
put in place, and that would be accurate. IF they wanted to, they
could present it any way they chose. These aren't the sort of things
that by themselves are likely to be a problem, but if someone gets
an attitude and wants to "find something" on you, it gives 'em an easy
Buy him food and/or drink. Never hurts.
Your respones here are not consistant with your responses to Nick.
There are plenty enough examples of people in my position being fired
and/or sued for violating the trust that our job entitles that even
those who aren't all that honest, are still very likely not to "go there".
OK, I'm sure that would mean alot to someone who knows who that is.
Me, I'm the "jaded and cynical" type.
Not at all. Once it starts impacting the hardware my boss pays me
to keep from falling over and catching fire, it becomes my business.
No fuzzy line, no gray areas, it's "What the hell is happening at IP
address xxx.xxx.xxx.xxx that's saturating my switch". At that point,
troubleshooting continues until the cause is identified. Like I said,
in the past I've done the "Er, hi, please stop doing (thing) because
it's making my monitoring stuff get all excited and paging me". Almost
always that's been a self-correcting problem, I tell the person it's
been noticed and that I know what he's doing (streaming media seems to
be a favorite), and that I'd like it to stop. If it did continue, I'd
get his streaming media player removed from his system or block the
traffic at the switchgear, if he went around that, _then_ we start
escalating it to managers. As per policy. No BigBrother about it,
it's a clear case of Joe User going around what has been put in
place to keep the network healthy.
If a cop breaks into your house without a warrant, they are also
doing something not only illegal, but possibly fatal. Not sure how
that relates to you putting traffic on my network that isn't supposed
to be there.
No, what I'm saying is I don't care to get into the whole philosophical
side of this, other than "tough, that's the situation, live with it or
work to get it changed, but don't go around it or my counterpart is
very likely to stop you".
I'm in the field, and you clearly are not. I have direct personal
knowledge of two admins who were found doing this, and both of them were
fired. Yes, limited sample size and all that, but it's _just_ _not_ _done_.
When it's done, it's not tolerated.
"to do so" being "to monitor everything you do online". Again, caselaw
has established this.
I'll try, but you have not yourself addressed who owns the network of
a school or public organization, so your response is a bit
If someone accuses me of misuse and fires me, but is dishonest in
establishing standards of use, then there's a good chance he will be
the one who ends up getting fired. That's how public law works.
Private companies have more leeway to be Orwellian.
See, here I feel like you are "telling it like it is." Elsewhere you
paint a distinctly rosier scene about networkers. It's the "like it
is" part that has me concerned. I appreciate your candor, when it
comes to the fore.
Nor are your responses consisten with Nick's. So why should my
differing responses be a surprise?
Read your last two responses. They don't add up. If you're cynical
(BTW, that is Fed 10 and Duc de LR to a "T"), then you must find it
hard to believe, as I do, that most networkers can resist checking
out so-and-so's activities.
It's just human curiosity. I don't fault networkers for trying it
either, I doubt I could resist. It's like giving a teenage boy some
mythical sunglasses that will allow him to see under the girls'
clothing, then telling him not to look. It's just happenstance that at
this point in history our technology has exceeded our ability to
enforce our ideals (of privacy). Networkers have a tremendous amount
of ability to snoop. Sure, some have been caught, but how easy is that
(to catch a networker snooping)? No doubt you can do it with enough
money to hire the expert (and who's going to watch *him*?), but is it
reasonable to expect of a school?
The scenario you describe is perfectly reasonable, and I sympathize
with the difficulties a networker faces such as these. But you
yourself admit the potentiality of BigBrother networker abusing his
position: "[not] the sort of things that by themselves are likely to
be a problem, but if someone [networker] gets an attitude and wants to
"find something" on you, it gives 'em an easy target."
I applaud you if you are everything you say a networker does and
doesn't do. I'm apparently more cynical than you about your peers.
It relates not to me as user but to you as networker--you are the cop.
Yet it seems that you can invade what I consider private without a
warrant, usually without anyone even being able to detect what you've
done: twice the entry power of the cop and none of the constraint.
It concerns me. And this thread leads me to admire Orwell and
Jefferson more and more.
Your point is taken. The counterpoint is that you can't really avoid
the philosophical side, try though you may.
My only response is quite simple: I just don't believe this.
My understanding of the law is that I have some defenses against what
you envision as a right of employers.
But, to cut to the chase, this whole thread has convinced me of your
essential point ("the way things are"), that it's really not in my
best interests to try to outsneak my networker. I'm pretty good at
what I do. I'm not really interested in trying to become better at
what he does.
banished to his home cable connection.
This would be a more accurate analogy if you were storing your personal
information down at the police station.
You considering it private doesn't make it private. An exhaustive search of
all cases that I could find in the 30 seconds I looked brought up the
following from eff.org, which is a summary of US v. Councilman, released on
June 29, 2004.
'The First Circuit Court of Appeals dealt a grave blow to the privacy of
Internet communications with its decision today in the case of U.S. v.
Councilman. The court held that it was not a violation of criminal wiretap
laws for the provider of an email service to monitor the content of users'
incoming messages without their consent. The defendant in the case is a
seller of rare and used books who offered email service to customers. The
defendant had configured the mail processing software so that all incoming
email sent from Amazon.com, the defendant's competitor, was copied and sent
to the defendant's mailbox as well as to the intended recipient's. As the
court itself admitted, "it may well be that the protections of the Wiretap
Act have been eviscerated as technology advances." '
Riiiiiiiight, so now you're going to go into "it's the taxpayer's network
and I'm a taxpayer, so blah blah" rant I bet. Nice try.
You're exactly the sort of person who is going to piss off the wrong
person at some point, and call attention to yourself so they _will_
find an excuse to tell the network admins to snoop on you. I
bet you're a feaking _blast_ to work with (note heavy sarcsm).
I have not contradicted myself in any way. If I'm ordered to snoop your
port by my boss, I'll do it, and I'll do it well. I'm not gonna do it
on my own, because my job is more important than your petty little
headhunter-sent email exchanges.
My message is consistant throughout, it's your perception that is tainted.
Because I am not Nick, but you are you, and you change from time to time.
Absence of response, and significance of same, noted.
They most certainly do.
I don't care.
You overestimate how interesting you are. Really, you do. I've got
1000 users on my network at any given time. Not only don't I care, but
I _aggressively_ don't care what the hell they're using email for, as long
as it doesn't make my pager go off. But, if they're spewing out virus-
infested email, _then_ I'm gonna find out why. Likewise, I don't care
what they're using their browser to go see, _until_ they do something
that causes my pager to go off or a manager to ask my manager to find out
why they aren't getting any work done or whatever.
You users just aren't that interesting, and you need to get over yourself.
Nobody cares about your job offers, unless they want to for some other
That's why you're not a network admin. People like you are better
teaching poli-sci or whatever the hell you teach, because you're not the
right kind of person for IT (to put it mildly). It's clear you can't
be trusted, as your entire rant here points out.
You are projecting your own personal failings and weaknesses onto others.
I find that quite telling.
News flash: exactly the same way I'd catch you bypassing my filters by using
a rogue proxy server.
Trivial, second year of experience network or sysadmin stuff.
That would be a network admin doing it because he's ordered to do it,
you keep missing that point.
You don't know my peers. We don't care about your traffic, you're just more
load on our network.
Ah, there's that "I don't care that it's their stuff, I'm calling it
mine anyway" attitude.
That's your choice. Your email isn't worth me getting fired for reading
it, altruism aside, how can that not be blisteringly obviously true?
Why don't you go make yourself a test case then, sparky, and tell us
how it goes (from your next employer's internet connection...)
Good. Because that's clearly not gonna happen.
Gosh, poor you, having to do your non-work network stuff on your own
An anonymizer prevents your personal information from going to a remote
web-server. It does -nothing- as far as concealing what you are doing
from someone with the ability to watch the local network traffic.
Well, maybe you _better_ hesitate. <grin>
All email to a work account is the property of the *employer*. They
can read it, filter it, store it (permanently!), etc. *without* so
much as a 'by your leave'. This has been litigated, more than once,
And the law _is_ clear.
If the school in question is a public school, _any_ of your emails are
subject to a FOIA demand.
If it's a private institution, they can still be compelled to produce
any/all such mail, as part of 'discovery' in a legal action.
The "generally accepted standard" for email is:
'don't put in email anything you wouldn't put on a postcard.'
Encryption for email works. Unfortunately, it works *only* between those
parties -- *both*ends* -- who have made advance arrangements to use it.
It's *USELESS* if one party doesn't have the appropriate tools/facilities.
NOT TRUE! I've been in discussions on that *very* point in an actual legal
discussion group -- where I held the opinion that the employee _did_ have
to give consent, and had the contrary facts (complete with case cites)
rammed down my throat.
In the U.S., phone calls _at_work_, on work phones, are *NOT* protected to
any significant extent against listening in _by_the_employer_, or a 'agent'
of the employer. A pay phone, that happens to be located at the place of
employment, is a different matter.
You are spouting bullsh*t.
The network, the equipment used to connect to the outside world, etc.
are *their* property. THEY pay for it.
They have the absolute right to dictate how, and for what purposes
their employees may use _their_ resources.
Your 'intellectual property' gives you *NOTHING* with regard to the use
of _their_ facilities.
You have *no* "rights" to their equipment/property. In fact, there are
*no* "rights" on the Internet, _none_whatsoever_. The only thing that
exists is 'privileges'. Either extended as a courtesy, or as part of
a contractual agreement.
Doing that is *really* simple. *DON'T*DO*ANYTHING* you don't want them
to see, _from_their_network_. End of story.
The law says "their property, their rules." Trust me, you _don't_ want
to see that changed.
[[.. munch ..]]
Then *don't* use the network. That _will_ ENSURE* that there is no
potential for mis-use.
Who owns the in-building network wiring?
Who owns the in-building networking equipment?
Who pays for the connection to the outside world?
Yes, it *IS* 'their' network. They being the company/school/etc.
And the admins are the 'delegated agent' of the owners..
If the owners trust those admins to do the job the way the owners want
it done, then _your_ opinion simply doesn't count/matter.
If you don't like it. don't use _their_ network.
'Who guards the guardians?' is not *your* concern. It matters only to
those who are the employers of the guardians, and the owners of that
which they are employed to guard.
Don't like it? Tough. Welcome to the 'real world'.
I agree with the response above. If you think about it, there isn't any
significant difference between a data network and a voice network. They are
both just pipes for information. It's just that one is usually digital data
and the other is analog data. OK, before any flaming responses I am just
trying to make a point. I am aware of digital PBX's and VOIP, etc. I am
just pointing out that it doesn't really matter if the data originates in
your pc or in your mouth.
I was involved in one such case where my employer wanted to record all of an
employees telephone calls and wanted to capture all data traffic to/from his
pc. It was all legal and the network and telephone policy statements said
so. We did not have the facility to record all voice conversations, but we
did monitor his pc traffic and had all of his email and other files going
back for a number of years.
If you are using company (school?) resources, they can do practically
Change that first "and" to a "because", and make the statement
inclusive of an agreement and you're right, of course.
...which is why I exised that part out of a recent employee contract
No, they can't not without your permission.
...beginning to wonder if anyone here doesn't talk groupspeak.
You have delivered quite the indignant tirade, which I hope indicates
that this topic has touched some nerve in you originating outside this
thread. Otherwise, all the puffery seems out of place....
firstname.lastname@example.org (Robert Bonomi) wrote in message
The fact that such litigation continues at an increasing pace should
be evidence to you that the law has not settled on this score. Your
blanket statements here amount to little, and they ignore contract
law. My contract, about which you know nothing, does not allow my
employers to circumvent my privacy or the integrity of my intellectual
property, including phone and digital communications.
A good point.
They can be ordered to do so, they cannot be compelled, not really, or
at least not easily.
Wow, a legal discussion group, eh?--and an actual one at that. Not
sure I'd brag about that as an authority, but you go girl.
And despite my inner rational person warning me not to, I'll bite:
cite the cases, we'll see if I can trump them (BTW, that's how it's
done in the real [legal] world).
That phrase "significant extent" is rather leading. Just what is the
"extent" as you and your group understand it? And I hate to intrude on
the authority of a legal discussion group, but do you think contract
law might affect such rights?
Ah, yes. Please tell me that you have a law degree, and that your
practice specializes in communications or privacy law. Otherwise,
well, I guess we'll know who's spouting what....
I will disclose that I am not a lawyer. My legal experience, however,
is probably enough in a few areas to know if someone else knows what
he's talking about.
The alarms are ringing.
You noted above a distinction between public and private, I'll return
the favor: who exactly owns a public school?
A) School administrators
C) Some NGer spouting BS on the web
If you gave the correct answer, D, then you are now free to understand
that public school policy on such matters is susceptible to the
pressures of the owners. That's me. And you. And many others. Not
THEY. WE. Welcome.
For someone with the experience of a legal discussion group, you bandy
the term "absolute" cavalierly. I would say, on the contrary, that you
are absolutely wrong about their absolute rights. Ownership in very
few things grants absolute rights over usufruct or other competing
Ah, back to the spouting.... And your source for this belief about
intellectual property rights? (No doubt you, or better yet your
discussion group, specialize in intellectual property rights, and this
area of the law is to you also "clear".)
OK, I have a short quiz for you: I have a copyrighted document--or
even, say, a copyrighted song--that is, illegally I say, disseminated
on their network. Do they have the right to ignore my complaint? Do I
have NO legal recourse with regard to the use of their facilities?
Assuming, as I know you must be, that said property is not public and
I am not a citizen. Right?
??????? Is this a riddle?
Hmm...perhaps not, but I'd have to know more about who the "they" is
Sort of makes for a more interesting connundrum when you realize that
we, not they, own all that stuff in a public school, doesn't it?
...also makes for an interesting reconsideration of the word
Let's just say I'm glad you don't get to decide this.
Then let's also say I'm glad that you are not representative of the
"real world", only one small insignificant legal discussion group.
BTW, what was that, 1L, Parumph community college, what?
Public ownershiply yours,
For one who doesn't care to engage in philosophy, you're free and easy
with talking about things like the truth.
And Robert is simply wrong, legally.
If you should take all my posts in this thread out of the context of
each sub-thread, as you have apparently done, and evaluate them, you
would indeed find a wide range of tones or even personae, which you
Would you have me believe that you talk to different people in
different situations with the same tone and persona? I've never met
such a person.
What I didn't like about Robert's message, which has nothing to do
with you, were things like: name calling ("Ignoramus"), aggrandizement
(pretending to be some big legal expert on the basis, apparently, of
participation in a discussion group), and general insults ("you're
spouting bullshit!). I had been civil, I had not deserved the first
and third, so I dished some back. But again, that has nothing to do
Me too. Why bother getting involved in this sub-thread?
I'm not shy about telling people when they're full of crap.
You went from "Thanks for all the input, I'll play it safe until I
can figure out how to do it in a way I can't be detected", right back
to "you are wrong that it's their network and they set the rules".
That's known as "inconsistent". Perhaps "waffling" might be more
along your lines?
Rarely do you find one who contradicts themself from one post to the
next. Apparently you don't see yourself doing this. Maybe you just
aren't getting your points down well, but going from "Thanks, I'll not
do it" to "yabut, I can" aren't two ideas that are particularly similar.
Pardon, but you _are_ spouting bullshit. Just because you don't like
how he's telling you doesn't make it any less true. You obviously
don't know much about IT, several people here do and tried to explain
to you where you were wrong. Robert's extremely well written
responses (which, in my opinion, are more time consuming than someone
like you deserves) may not make you happy, but fact remains that he
_does_ know what he's talking about and is eloquent enough to
communicate effectively to anyone not intentionally misunderstanding
what he writes (that would, apparently, be you).
So take it to email if you don't want others discussing it in a
Because I'm not content to let your blatantly incorrect statements
_That_ wasn't a tirade. You've never seen one of my tirades. <grin>
It is, however, an exposition of the _facts_ of the law, as they apply
to network administration, and network usage.
I haven't seen _any_ litigation in years on the 'basic' issue. It's all
been about 'what is allowed / not allowed *BY*THE*AGREEMENT* in place
between the parties', with regard to monitoring/tracking/etc of activities.
The 'ownership' of such materials _is_ well-established.
Case-law includes a municipality where the mayor had _every_ incoming e-mail
to every city employee copied to his mailbox. Without any notification to
the employees. When the matter came to light, the city got sued over the
practice. The city won. It _was_ their property.
Bzzzt. My statements are about what an employer _can_ do. which is
separate and distinct from 'what they have agreed not to do'.
You sir, "don't know what you don't know".
"Your" contract terms not withstanding.
Proof: Echelon and Carnivore
The law is such that they _can't_ tell you "if" there is an Echelon or
Carnivore tap on their systems, or upstream, let alone whether or not it
is tracking _your_ actions. You can't even get that information with a
'Telephone and digital communications' do _not_ fall under the legal
description of 'intellectual property', by the way. If the contract
you drew up links them as you have indicated, it is materially defective.
As for 'blanket statements', YOU started off making blanket statements
about what _could_not_ be done. Those statements, even if applicable
to the -contract- environment *you* are in, were invalid on two grounds.
First the things _are_ technically possible. Second, employers *not*
bound by a contractual agreement proscribing such actions *are* legally
free to engage in them.
You *do* live in the 'ivory tower' world, don't you?
There is *nothing* that is more 'enforceable' than a judge's order.
'Compulsion' is -easy-. When the court says 'jump', you *jump*, or the
court sends the Marshalls over to confiscate *everything* that _might_
contain any records related to what was demanded.
You think your emails aren't _already_ being copied? How much do you want
to bet that routine system backups on the mail-server cover the mailbox
directory? Do you think they would refuse to produce those backups, if
subpoenaed? Oh, that's right 'ivory tower', nevermind.
There is _nothing_, at a technical level, that prevents the recording of
_every_byte_ of data that passes over the network. There is nothing in
the law that prevents it, either. On large, or heavily used, networks
it is often *impractical* because of the volume of information involved.
But monitoring everything to/from a specific machine, or a specific user,
is relatively trivial.
And is -routinely- done, when users report certain kinds of problems.
On average, a much higher quality of -legal- expertise than one finds in
a woodworking group. When _practicing_lawyers_ tell me I'm wrong on the
matter, _I_ listen to what they say. You can choose to 'learn from the
experience of others' -- or not. I really don't care.
With regard to a company-supplied 'work' phone (this is neither a complete
nor comprehensive list) --
They can take away your phone completely, without notice.
They can change your phone number, without warning.
They can prevent you from calling any number(s) they choose.
They can record what numbers you call, without telling you.
They can track how long you spend on each call, without telling you.
They can record incoming calls without telling you.
They can record outgoing calls without telling you.
They can listen to your voice-mail messages, without telling you.
They can delete (selectively, or en masse) your voice-mail messages, without
They can 'listen in', in real-time, to any of your calls, incoming or
outgoing, without telling you.
They can _use_ anything gained from 'listening in' or recording AGAINST YOU,
in an internal administrative proceeding.
They can release any recordings to a government or judicial agency on demand
(including a subpoena from the opposite party in a civil lawsuit), or
voluntarily to support a law-enforcement investigation.
With those disclaimers out of the way, for someone who records/monitors the
call, disclosing the content of the call to anyone other than 'in the normal
course of business operations', *is* forbidden. In other words, if you're
monitoring/recording a call, and you have a reason, _related_to_the_work_
_you're_doing_, for telling someone else in the company about the content of
the call, that is allowed; OTOH, if you gossip about it, to friends, in the
cafeteria, THAT is a crime. If you're engaged in the normal duties of your
job (say you're a telecom person, checking the line for proper functioning)
and you happen to pick up on a conversation where something illegal is being
plotted, it _is_ legal to notify management and/or appropriate law-
On a phone 'designated for personal use', such as a lunchroom pay phone,
The first three items still apply, as does the part of last paragraph in
regard to someone who's work causes them to happen to listen in on a call.
If you had any real understanding of how the law works and what the fundamental
terms mean, you wouldn't ask such a question. The answer to the question,
AS ASKED, is 'No, contract law does *not* affect the employer's _rights_ in
such matters. Not in any way, nor under any circumstances."
'Contract law' is concerned solely with the enforceability of private
agreements between the contracting parties. And has absolutely nothing
to do with property ownership rights.
A 'right' describes "what you _could_ do, if you wanted to, given that you
have not agreed _not_ to do so."
A given contract _may_ inhibit the EXERCISE of certain rights under specified
circumstances, but the 'rights' exist nonetheless. Proof: anyone not bound
by that contract, -or- anyone so bound, but engaged in actions outside of
the scope of said contract, remains free to exercise those rights.
At law, possession of a right does not necessarily mean that one has the
freedom to exercise it in an unrestricted way.
In general, it takes an action of law (congress, the legislature, the courts,
etc.) to modify a 'right'.
Contracts can include _agreement_ NOT TO EXERCISE a right one already
possesses. but they remain a private agreement, and do not affect
anybody other than the contracting parties.
Nope. Merely a number of years experience as _publisher_, and before
that, as an editor. Who dealt with IP and copyright issues literally on
a _daily_ basis. I expect that, over the years, there was at least
half-a-million dollars of legal services involved, beyond the services
of in-house counsel,
More recently, I've been doing network administration/management. With an
emphasis on the security/privacy issues in 'sensitive' corporate environments.
You worry about your mail being snooped -- consider what the financial
value of being able to see messages in the trading room of a large brokerage
firm is. Where _one_ desktop machine may be involved in $100 *million*
dollars worth of transactions in a single day. Want to guess the value
of -that- kind of intelligence to a competitor? That is an business where
the question is not 'am I being paranoid?' but "am I being paranoid *ENOUGH*?"
And when the answer comes up 'no', it costs *BIG* bucks.
In that environment, everybody _is_ told, *regularly*, that 'you have *NO*
privacy here'. Of course, it's the norm for the entire industry, and nobody
expects any different. They all understand that the continued existence of
the company they work for rests on that lack of privacy. :)
Available evidence is to the contrary.
BZZZZZT! Game over. Thank you for playing.
The _legally_accurate_ answer to the question you asked, _as_asked_ is "none of
Title, and thus ownership, rests with the government agency that operates
the schools. It is a legal 'person' in and of itself.
That 'person' owns the property. and the assets in it.
That 'agency' is (indirectly) 'owned' by the taxpayers, true. But, legally,
it is a separate and distinct 'legal person'.
The situation is no different than owning shares in a corporation. You, the
shareholder (and part-owner) of the corporation do *not* have an ownership
interest in any assets owned by the corporation "in it's own name."
You (individually), nor you (collectively) do -not- own the property owned
by the school district.
In the computers trade, this is called GIGO -- "garbage in, garbage out".
You started from a faulty premise, so it's no surprise you've arrived at
a faulty conclusion.
Second, If you don't grasp the difference between what someone has the 'legal
right' to do, and what they *choose* to do or not do, there's no point in
bothering to discuss 'what the law allows'.
Tell me, while you're at it, why it is illegal for an owner of the public
school to enter the school at night, and remove some of 'their' property
from the piece of real-estate that they 'own'.
Why are the charges in such a case *exactly* the same as the ones that
are filed if the person broke into _your_ dwelling, and took _your_
Do you suppose, maybe, _just_maybe_, that it just might be that they DON'T
really 'own' the property, etc. in the school?
Not cavalierly. I meant _exactly_ what I said.
An employer is under no legal requirement to provide _any_ resources for
it's employees to use. Any resources that are provided are provided
has two choices: (1) 'live with it', (2) seek employment elsewhere.
An employer may _choose_ to commit, in a binding manner (e.g. contract),
to certain practices, with regard to the use of certain resources, but they
do *not* have to do so. (There _are_, in many cases, advantages =to=the=employer= TO doing so, as well as advantages to the employee.)
The employer, from a legal standpoint, _has_ absolute control. They
can 'shut down' the resources. they can eliminate the resources.
"Those who have the power to destroy a thing, control it absolutely."
If they've entered into contracts to the contrary they may have to
wait for those contracts to expire, or re-negotiate them. Note well
that by simply waiting for the currently-in-effect contracts to expire
they *can* implement the 'shut-down'/'elimination' unilaterally, and
without any further discussion.
*snicker*. "Usufruct" exists _only_ if one has been granted that right,
in one way or another, by the property owner in the first place.
If you lease a piece of land, usufruct entitles you to the 'fruits' of
what you grow on it. If you trespass onto somebody else's property to
plant things, there is no 'usufruct' right to the fruits of your labor.
If you do attempt to 'harvest' your crops, you can be arrested for theft
as well as trespassing. This *HAS* happened, in the case of certain
Concrete example: 'usufruct'ing an automobile, absent the permission of the
owner thereof, _is_ a criminal offense in every jurisdiction in the United
States. In a number of locales it is the crime of 'joyriding'; in others, it
is not distinguished from 'grand theft auto'.
'Competing' property rights, in the case of absolute ownership (i.e., in 'fee
simple') exist due to grants, or 'division', of the rights held, in _undivided_
_form_, by prior owners.
I do have some small knowledge of 'intellectual property rights', primarily
copyright, having worked professionally as a reporter, editor, and magazine
publisher; having been involved in three copyright infringement actions that
went all the way to trial. (With, incidentally, a 100% record for being on the
Note: this gives me more experience with actual _litigation_ than a *lot* of
practicing IP attorneys. All things considered, it's experience I'd prefer
*not* to be able to claim. <wry grin>
My knowledge of trademark law is that of a 'well informed' layman. I used
to to regular Internet sweeps for trademarks of my then employer, and would
make initial calls to find out if they were 'aware' they were using a name
trademarked by somebody else. The ones who got argumentative were forwarded
to the external legal counsel for 'action'. In several years, there were
a grand total of two disagreements between myself and the 'professionals'
as to whether a use was infringing or not. both ones I'd classified as
'definitely borderline, but probably worth pursuing', and they classified
as 'winnable, but not worth the cost/effort'. the 'business' aspect
prevailed in both cases.
Patent law -- I've gone through the prelims of an actual patent filing
personally. Twice. Both died rather quickly when 'prior art', that had
never been commercialized, turned up.
Intellectual property rights give you the right to control the use of
_your_ intellectual property. Period. See Title 17 USC, and Title 35 USC.
They do not give you _any_ rights to the USE of anyone else's property.
intellectual or otherwise.
One would think that that is 'obvious', but apparently not.
IF your intellectual property is on, or transits over "somebody else's"
resources, then the 'lowest common denominator' of "what they allow"
and "what you allow" determines what can be done. If 'they' "don't allow"
something that _you_ "want" to allow, well, that's just too bad. it doesn't
What's to think about?
Quiz for _you_:
What does your hypothetical scenario have to to with your intellectual
property rights giving =you= some right to _USE_ someone else's facilities?
You hypotheticate 'some 3rd party' using the providers facilities to
infringe your intellectual property rights -- a totally different issue
from your original assertation.
Now, on to the answer to your 'strawman' argument --
Depending on the circumstances, *YES* they have right to ignore your
complaint, and *NO* you do not have any legal recourse against them for
how their facilities were used.
The DMCA statutes state that they must promptly _investigate_ a complaint
Upon such investigation, which starts with attempting to contact the party
who produced the item that is on their network, and , If that party, for
what you claim is the infringing materials, provides credible evidence (not
necessarily 'proof') that they do have the legal right to do what they are
doing, then the answer to the question, as asked, is:
"Yes, the network operator *is* free to ignore your complaint."
WITH impunity. And any further complaints about the same material from the
same source can be treated the same way, without further investigation.
And, no, you do not have legal recourse against the network *operator* for what
'somebody else' does through their network. see 47 USC 230 (c) 1
*IF* they _fail_to_investigate_ a DMCA takedown notice, they have 'secondary
liability', _after_ you prove in a court of law that the originator did, in
fact, violate your copyright.
On the other hand, if they do investigate, and decide that the matter
'is open to question', you, in fact, have _no_recourse_ against them
in the matter. (*AFTER* the court upholds your lawsuit against the
'author' of the infringing copies, =then= they will take the 'proven
to be infringing' material down, promptly.)
An -uncontested- 'takedown' notice is 'sufficient grounds' for removing
the allegedly infringing materials. A *contested* one is not.
FAILING TO ACT on an uncontested takedown notice leaves one open to
liability with respect to the putative copyright owner.
ACTING on a contested complaint leaves one open to liability from the other
The fact that your 'intellectual property rights' are involved does not
give you any 'rights' (or even privileges) to *USE* any part of their
network -- whether for tracking the perpetrator, or for any other purpose.
Wrong, again. Not unsurprisingly. What you 'know' is totally contrary to
reality. Such 'assumptions', which I do -not- make, are immaterial, in-
consequential, and irrelevant to the matter. 'Why' that is so has already
been covered, I shouldn't need to repeat it here.
Your ignorance of the real world continues to show.
Government-agency owned property is not necessarily 'public', and
_even_if_it_is_classified_"public"_, your rights are *extremely*
Whether or not you are a citizen is similarly irrelevant. Just because
you are a citizen (taxpayer) does _not_ give you a legal 'ownership interest'
in property owned by the government.
If you don't agree, prove me wrong by usufructing "Air Force One" for
your next vacation trip. Be sure to bring it back in 'undamaged' condition.
Try and stay in a City Hall office, past closing time.
So much for your 'rights' in property you 'own' as taxpayer.
Nope. just a statement of fact.
You have no 'rights' with regard to _anything_ on the Internet.
Not even 'Freedom of Speech'.
Example: If your ISP doesn't like what you say on your web-site, they _can_
force you to 'take it down'; by the simple expedient of "If you don't, we'll
terminate your account". And there's not a *damn*thing* you can do about it.
If you don't do as they 'request', and they do terminate you, and you try to
sue for damages on 1st Amend. grounds, you'll get laughed out of court, *if*
you manage to make it that far.
The Bill of Rights, etc. constrain what the _government_ can do. Things that
are forbidden to the government are *not* forbidden to private property
owners in regard to their own private property.
All you have on the Internet:
The services you contracted for, from anyone that you have _paid_ to provide
such services. In general this extends no further than services your
pro vier offers internally, and transit across your provider's network.
The _privilege_ of having your packets (web requests, email, etc.) carried
by intermediaries to whom you have *not* paid anything, 'as a courtesy'.
The _privilege_ of of having 'remote' networks accept, process, and
respond to your packets, 'as a courtesy'.
If the school blocks, limits, or in any other way 'restricts' your access to
the external Internet, they are *not* impinging/infringing on your "rights".
You don't have any. At most, they might be in violation of a contractual
If _anybody_else_ does it, well, "too bad". You aren't party to a contract
with -those- people, it's only 'out of the goodness of their hearts' that
they handle _any_ traffic for you at all. They do have the right to
change their mind about doing so, at any time. For any reason. Or for
'They' is 'whomever-it-is that owns the property.'
'Their' refers to the same entity.
This is one of the _fundamental_ precepts of *all* private property ownership.
Change that and the entire concept of private property -- be it house, car,
o Internet connection, get affected.
Since that 'realization' is contrary to legal *fact*, as debunked above,
there is no connundrum(sic).
Yup. You just reinforced the applicability of the word.
You know, being ignorant isn't so bad. An ignorant person _can_ be educated.
Stupidity, on the other hand, is incurable.
Bad news -- that 'attitude', in toto, is common to almost all of the
network owners/operators in North America.
Ouch, I'm not sure pointing him to that is a good idea. He seems
the type that will take it as gospel rather than recognizing it as
a parody of what we'd be like if (a) we could get away with it,
and (b) our actions doing such didn't have real world implications.
Fun to read, don't get me wrong, but he seems the type to take it
Oh, I get it, the ability to snoop around in your network at people's
private stuff is not enough for you, so now you're going to scold
someone for suggesting reading material?
You were right not to want to get into the philosophical angles, you
have some bad (mis-)reading habits. Consider exercising the same
aversion to pop-psych, would you?
Are you accusing me? On what basis do you make such a statement?
Scold? Bah. Wasn't intended as such, and I doubt that he took it
as such. Your response validates my concerns, however, that you're
the type to take every possible thing the wrong way. You go out of
your way to act put out upon, it seems. I've seen your type before.
pop-psych? WTF are you coming from? I cautioned someone that pointing
someone like you to the BOFH library would give you the wrong ideas.
Clearly, that's an accurate estimation.
Employers have been doing it, in one form or another, since there -were-
employers and employees. It's a de facto part of every job description
from 'supervisor' up.
No argument, on -that-.
You've been told before, "No."
Repeating what was said above: There _have_ been court determinations.
Courts have ruled that employees have no right to privacy with regard to
a work-supplied machine.
Courts have rules that employees have no right to privacy with regard to
a work-supplied Internet connection. It is a business resource, just
like any other resource the business provides. "Their property, Their
This is -not- 'new law', by any means. The first cases went to court
simply to establish that the _existing_rules_ *did* apply to the 'new
In a business environment, the company owns *everything*.
In an ISP environment, things _are_ a little different in practice,
because there is an explicit contract, whereby the ISP grants certain
privileges to the customer, and agrees *not* to exercise certain legal
rights that they (the ISP), as the equipment owner, have. A funny thing
happens, though, if the customer breaches _their_ contractual commitments.
then the ISP -will- exercise some of the legal rights that they had
contractually agreed not to employ.
Contracts are not about 'rights'. If there was a 'right' to a thing,
you wouldn't need a contract to provide for your getting it.
If a thing is 'conditional' on "good behavior" (whatever that may be),
then the thing is a 'privilege', not a 'right'.
Things granted by contract are 'privileges'; which you 'pay for', in one
form or another. Fail to hold up your end of the bargain, and the 'privileges'
As stated in another article, there are *no* 'rights' on the Internet.
The entire Internet is "somebody else's" private property. You use any
part of it _only_ at their sufferance. Which can be withdrawn at *any*
There is a consensus as to what courtesies are commonly extended, "out of
the goodness of their heart", by local network operators to users originating
outside the local network, but that is _all_ it is. There is -nothing-
that legally requires any network operator to provide _any_ of those
Several have been to appellate level, and *affirmed*, so they are now
_binding_ on all lower courts in those circuits.
There's nothing new, different, or earth-shattering in the decisions.
They have just affirmed that traditional property-rights of the owner
of the property *do* apply in cyberspace.
But, go ahead, feel free to believe whatever you want.
"Who knows? Maybe the horse will learn to sing hymns."
HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.