Don't use work laptops for personal stuff

Halp, everybody roll for Cromulence, this thread has critical Puritanism. Next we’ll all be okay adding fundraising codes for each 10 minute period of the day and confirming that they’re visible in 10 top privacy browsers.

WIth cheaper computers available, WHY would anyone use work laptop for personal business other than laziness?

No, it doesn’t; at least in Citrix you can tell the client not to share local resources, though.

Nowadays I use a vanilla VM for that kind of thing if I can.

I checked my local laws. In Germany this kind of surveillance is illegal. “Go to jail if you do this”-illegal.
written from my work laptop

As you’ve checked it out, you’re obviously aware of this but just for anyone else reading from Germany:

As with everything, things are a bit more complicated.

Use of most of this kind of surveillance software is generally illegal by an employer in Germany in most circumstances.

Those words in italics are doing a lot of work there though.

German employers can legally surveille the crap out employees - but compared to the US, they have to jump through a heck of a lot of hoops first.

And certainly the sort of stuff a US or UK firm might do as a matter of routine would only fly in Germany in individual instances with very specific grounds for suspecting foul play, the approval of the Betriebsrat and possibly prior notification of the employee in question.

But just in case anyone in Germany is thinking they can safely run their startup business from their employer’s machine during work hours, they can almost certainly still find out what you’re doing and sack you.

Also of course, as always there is the difference between what is legally permitted and what an employer does anyway.

The fact that your boss fired you after using illegal surveillance software may not help you much.

You’ve still been fired and until an Arbeitsgericht rules otherwise, you stay fired.

And having your boss potentially sent to jail for illegally using surveillance software to fire you, doesn’t exactly increase your immediate job prospects.

So the general advice remains valid:

If possible don’t do private stuff on your work devices and vice versa.

Yeah. I oversimplified the matter.
I would not want to work at an employer who’d spy on me and fire me for this anyway.

The fact that a possible consequence of doing this illegally is “go to jail” makes me rather comfortable that my employer will not try this. From a German perspective, US (and UK?) labo(u)r laws always look so aggressive and glum. I hope that most employers would not even care if I use my laptop privately as long as I deliver.

A friend of mine is employed in an IT company doing system administration and I asked him if my employer could spy on me that way. He said they could pin down high use of traffic to sites like youtube to individual departments and he once had a case where the company issued a general warning that they might start looking deeper into the matter if the high traffic to YT and others in this department would not stop.
It stopped.

The UK Labour laws do have remnants of a better time, but I doubt they will last long. How are those Lexit voters doing now?

While the linked article offers some good advice, it’s done quite firmly from a place of privilege and seemingly blind to those workers for whom the work-provided equipment is either the only computer they have regular access to, or is a significant step up from what they can afford for themselves.

For example, it’s well and good to say something like “Don’t use your work machine to collate or edit your personal photo collection” but for the custodians and maintenance staff I support at work, it’s a lot easier to use the work computers for that task than to try to make it work on a 6-year-old Android or iPhone.

So, yeah, try not to use your work computer for personal stuff - but also maybe try to tone down the condescension a bit when giving that advice.

The bigger concern for an activity like this is not risk of being fired, but rather that (in the US) your employment contract probably says if your startup business touches company equipment, is done on company time, or in company buildings, the company owns it. This is a mistake people make a lot, I think. Mostly people get away with it because the side business isn’t successful enough for the company to bother with. However, especially in cases where the side business becomes a competitor to your current employer, expect them to come after ownership of it.

I’m curious to know if this happens in Germany (or other places), and what the laws are around what can be in an employment contract. In my experience, every tech job I’ve taken, I’ve had to go through and cross out a bunch of stuff in the contract and send it back to them before signing. They always try to put in things about how you can’t work for a competitor for X years after leaving, or they own all work you do while employed, and other nonsense like that. Most people just sign this stuff. Again, it doesn’t usually matter because the company doesn’t bother with what an employee does… until they do.

A lot of that stuff, like no-compete clauses, don’t tend to hold up in court anyway and it’s mostly scare tactics. But most people can’t afford to go to court, so they get away with this sort of stuff. As with all things in the US, the court system only serves the wealthy.

I have no idea what jurisdiction you are under; and in your country, this may well be true.

However, I can validate that in the USA, it is completely and utterly legal, and sometimes required under our laws. They can and do see what you are doing at a web site.

Most of the time, no one cares (other than that you are not doing your job). Most people are really, really boring. Most of your personal business is just absolutely tedious. But honestly, just don’t do it.

I don’t know enough about the German situation to comment without far more research than I’m currently prepared to put in - in the UK, employers can certainly put pretty much anything they like in an employment contract and it wouldn’t surprise me if some didn’t require employees to agree that any work they do is property of the employer.

I know it’s something that academics for example have to be careful of - some university employment contracts are worded in ways that assert ownership over everything a professor or lecturer writes/produces - whereas most academics think there is a distinction between work done “for” the university and their “personal” research.

It’s another one of those wonderful fields where the employer expects the employee to do all sorts of personal profile building, while also seeking to accrue to themselves every scrap of benefit.

Non-compete agreements are an odd fish in that in some cases they are easier to enforce in the UK than they might be in the US. As I understand it some US jurisdictions have fairly clear rules against them, others have clear rules on how much compensation the employer has to pay if they want to impose them. The UK as usual falls back on the traditional “it depends” approach.

Sometimes they’re enforceable, sometimes they aren’t.

But yes, as always your theoretical legal rights only go as far as you can enforce them. And the UK has for decades systematically defunded the court system and reduced the ability of employees to access it or to enforce judgments if they do manage to obtain them.

That’s the thing. People assume that work machines are only supplied to certain roles (that they may subconsciously break down by class), whereas they have infiltrated all over at various workplaces. Not everyone who works with a computer can afford a “cheap” computer. We can’t make assumptions about people’s circumstances based on a common device they interact with professionally.

Thanks a million for fleshing out my point.

Surveillance accepted by the Datenschutz-Beauftragter, the Betriebsrat and, just in case, the IT-Sicherheitsbeauftragter would be a thing to behold.

And besides the Arbeitsgericht, there would be criminal courts involved very quickly, I guess, in cases of overreach.

Yep. Aggregated data. Something to behold for our US friends: my IPs are, in Germany, covered by privacy law, as they are an individual identifier.

If my employer wants to pin certain activities to an IP, they would have to go through above mentioned Datenschutz-Beauftragte and the Betriebsrat.

Of course IT can. But if they are caught in an audit - and yes, there are audited - this goes all the way to the head of the whole institution, because he or she is responsible for this.

However: I can’t remember (without googling) a single case where an employer got officially and publicly roasted for something like this. And I am positive surveillance is conducted. I bet my conscience on it.

At a US Department of Energy laboratory - it was made clear, even on day one in 1996, that you have no privacy and that you really shouldn’t do anything on a lab asset that you don’t want shared with (1) your boss, (2) your wife, (3) your mother, (4) the “man” and (5) the kgb/illuminati/whatever.

With that pounded into you from a young age, it’s pretty simple. Facebook (I’m boring)? My lab charge card that I use only for official travel? OK I’ll do that. YouPorn, nope… Gmail, nope…

I’ve seen two colleagues get sacked for somehow setting up their own firewalls on lab computers. They’re all “Arrgh - somebody’s probing me on this government-national-security-related-network!”. If you have to question that, in the spirit of Mr Foxworthy? - There’s your sign…

Hell, I get the skeevies just letting my wife (a fellow employee/cleared to the wazoo) use my laptop to log in during WFH (with her own ID so please settle down my local guard dogs). Sure, it’s just doing time-and-effort or other administrative things but I’m compelled to shoulder-surf until she’s done. For many of us it’s so pervasive that it becomes natural and yet here’s people letting their kids touch the machinery?

I’ll grant you that might take a bit but the reality is that many (most?) people don’t work in that kind of environment.

Here is an example of a chap being sacked for private use of office IT and the sacking being upheld by a court.

This is simply the first one I found on a quick search:

https://openjur.de/u/2200548.html

Setup was the boss and one employee. No Betriebsrat and in so far as there was a Datenschutzbeauftragter I’d guess that was the boss.

Employee spends a few lunch breaks looking fo a new car online and emailing his dad about it.

That was held to be enough to justify a dismissal and the employer’s use of internet browser logs and email records was held to be evidence the employer could rely on and was legimately entitled to collect. And note that wasn’t based on the term in the employment contract stating that the employee agreed to it - that was held to be ineffective as being too vague.

This of course was just one decision and other courts might well decide completely differently but I’d say it’s a fairly standard example.

And again, I know it’s not your point but it’s worth repeating that there are many other good, purely practical, reasons not to use work equipment for private purposes if one can avoid it. Getting into legal trouble with ones employer is only part of it.

This. It often applies to anything you do on or with company property - and it’s super leaky.

My employer has a hacker space as a perk that we can use for personal projects, and it’s really cool - don’t get me wrong. I’ve availed myself of it many times for all kinds of things. But anything that’s done there needs very careful consideration as the company can claim ownership of anything created there since it’s their resources and facilities.

This reminded me of the latest stunt in tech company employment contracts- they often require “binding arbitration” for all disputes. Arbitration started life as a reasonable good-faith way for people to resolve small disputes without the trouble of going into the full court system. However, arbitration is rapidly becoming a private court system for the rich, and judgements generally fall in favor of the richer entity in them. It’s another example of the US forgetting the history of its own institutions, and throws the baby out with the bath water in an attempt to improve them*. Public access to courts and the leveling of the playing field represented by that idea is arguably the entire basis of modern democracy, but people are quick to forget that because of how difficult the reality of using courts currently is.

*To clarify, it’s of course the wealthy deliberately creating these parallel systems to benefit themselves, but common Americans don’t object because they don’t understand the implications of them or the foundational ideas behind their own institutions

Or they are in the unfortunate position of either accept it or be unemployed.

This topic was automatically closed after 5 days. New replies are no longer allowed.