FinanceTechNews.com » Users misbehave, IT gets punished

Users misbehave, IT gets punished

November 4, 2009 by Sam Narisi
Posted in: Communication, Compliance, Search engines, Special Report, User behavior, Web sites, cybercrime, subscribers

courtroom-detail

Another reason to take employee computer monitoring seriously: Lawyers say IT pros could be on the hook for employees’ online behavior.

Based on several state laws and court decisions, employers could have a duty to monitor Web use and tell police about employees who access child pornography, according to employment attorney Gina M. Smith.

So far, seven states have laws on the books requiring companies to report those crimes: Arkansas, Illinois, Missouri, North Carolina, Oklahoma, South Carolina and South Dakota. Failure to do so can result in jail time for IT pros.

Also, in 2005, a company was sued for negligence by the mother of a child pornography victim.

The plaintiff’s husband was arrested after posting inappropriate pictures of his step-daughter online. Apparently, the company monitored his Internet access and saw child pornography sites listed, but never did anything about it. The woman claimed the conduct would have stopped much earlier if the company had stepped in.

A New Jersey court decided in her favor, ruling that a company on notice that a law is being broken with its equipment has a duty to investigate and inform police (Cite: Doe v. XYC Corp.).

To avoid liability, Smith recommends companies:

  1. Designate one person to be a point of contact with police if necessary
  2. Tell all IT staffers about the legal risks and outline a formal report procedure, and
  3. Let all employees know what they should do if they find someone committing a crime on compant-owned devices.
  • Share/Bookmark

FinanceTechNews.com delivers the latest Finance news once a week to the inboxes of over 150,000 Finance professionals.

Click here to sign up and start your FREE subscription to FinanceTechNews!



5 Responses to “Users misbehave, IT gets punished”

  1. IT Beware | Blinkinblogs Says:
    November 10th, 2009 at 9:55 am

    [...] this. It concerns me that we are becoming more and more of a police state. “If you don’t [...]

  2. Craig Says:
    November 10th, 2009 at 10:20 am

    Is the duty only to when a company sees the activity in the course of their monitoring? I think the impact will be for many companies to just stop monitoring. I know of many companies that do not monitor exactly because they do not want to deal with what they see.

  3. John Says:
    November 10th, 2009 at 10:44 am

    Can you give the full cite so I can lookup on WestLaw?

  4. Richard Getz Says:
    November 11th, 2009 at 12:18 pm

    I fully understand if IT saw something and did not report it as that could be construed as aiding and abetting. But to state, if that is what is being stated, that we have to monitor web traffic as we will be held accountable, is way off base.

    One does wonder how someone has access to the internet within a company and the ability to upload to their own account. It seems as if the IT person(s) would have blocked that access regardless of content. This person should have been fired for posting porn while using company assets. Let alone, the police being called for child porn! I believe the IT person(s) should have been brought to accountability.

  5. Patrick Says:
    November 17th, 2009 at 12:23 pm

    Most IT departments I have consulted and worked for seem to only go through the logs when someone reports a problem. That is, we really only look as a whole for major problems or targetted users, but very rarely scrutinize individual logs unless requested. It would be interested in learning about what IT Pro’s are obligated to do, as I suppose ignorance of the problem ain’t much of a defense.

Leave a Reply


advertisement

More from this week's e-newsletter



Whitepapers



advertisement