by Mike Masnick

Filed Under:
employees, finland, spying

nokia, rim

Finland Agrees To Let Companies Spy On Workers

from the who-needs-trust-when-you-have-technology? dept

Last month, we noted the controversy in Finland, as a new law was up for debate concerning whether or not companies there could spy on employee email. Beyond the general controversy, there were rumors that Nokia, who had been caught breaking the existing law by spying on employee emails before, had supposedly threatened to leave Finland if the law wasn't changed to allow such activities. Nokia has vehemently denied this, but hasn't denied that it supported the law. So... it's probably not a huge surprise that the Finnish Parliament has approved the law.

To be honest, the details of the law aren't that extreme. It doesn't let the company even read the emails -- just record who is emailing whom. For company email, that seems perfectly reasonable. Hell, the day this law passed, RIM admitted not only does it track and record all company email, but it does the same thing for all phone calls as well. Perhaps a more important question is whether or not that's a useful way to spend company resources? The companies obviously talk about the importance of "protecting" their IP, but I once worked for a company that recorded all phone calls as well, and all it really did was make all of the employees angry, disgruntled and less interested in working hard. Having your bosses distrust you can do that...

Reader Comments

Subscribe: RSS

View by: Time | Thread

  • identicon
    Yosi, 5 Mar 2009 @ 10:49pm

    What does it have to do with IP?!

    I guess companies have the right to monitor THEIR OWN EQUIPMENT?! Like phone or computers? Don't like it - buy your own phone, it's not that expansive.

    reply to this | link to this | view in chronology ]

  • identicon
    Finn, 5 Mar 2009 @ 11:37pm

    Utterly useless

    In Finland, this law was protested mainly because it was unconstitutional and denied free speech in the form of message confidentiality. Many law professors noted this point to the lawmakers but they were consistently ignorant to these issues. This new law applies to any community, not just companies. Now libraries, schools, universities, the parliament and anyone who provides internet for their community, can tap in the email flow and all they need to do is have reasonable suspicion, (what ever that means in practice) and pay a small fee to the officials. Now, however, that this possibility is opened, and there is no official supervision, the system is ripe for abuse.

    I think it's worthwhile to note that for the police to do any of this, they still need a warrant from court. This law gives private citizens broader investigatory freedoms than the police.

    As was noted, this only applies to the company/community provided email accounts. If one was really going to smuggle business secrets (the key argument this law was justified with), would they do so with a company email account? It would be so much easier to use your own email they cannot track, or hell, take a usb stick with you!

    I'd love to hear other Finns comments about this case.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 6 Mar 2009 @ 12:34am

      Re: Utterly useless

      Does free speech apply when you are a representative of a company? Everything you do with company emails and calls can be traced back to the company, could even make them liable in certain situations.
      I'm not from Finland, but this law makes sense. Phones have pretty much always been monitored, it is normally the company that receives an itemized bill so they can scrutinize any unusual calls, that's been happening as long as there have been company phones I believe.

      reply to this | link to this | view in chronology ]

      • identicon
        Finn, 6 Mar 2009 @ 1:55am

        Re: Re: Utterly useless

        Of course, even in the past it has been possible to track down people who misuse company email. Liability is a key-issue here. However this new law allows for pre-emptive screening of the messages, producing and retaining data which can then be accessed, basically on a whim. I don't understand why one should give up ANY human rights when going to job every morning.

        While the actual effects of this law may be mild, this kind of lawmaking with the overly-arbitrary wording and the practical impossibility of any government official to keep an eye on the misusing of this law, sets a dangerous base to build future laws upon. As the system for censoring DNS-addresses related to child porn was built in Finland, it was promised that this system would not be used to block anything else, but now there's talk about blocking foreign poker sites and whatnot. (It has already been used to block a whole range of non-childporn sites, but that's another story.) Once you have the basic system in place, it's easy to go the slippery slope down to The Great Firewall of China.

        I do understand the notion about the company owning their equipment and their right to monitor what their employees are doing. However, as noted, this kind of surveillance can be easily circumvented, and only generates mistrust between the employer and employee. And let's not forget that this law applies to not only corporate sector, but anyone who runs an email server for their community.

        reply to this | link to this | view in chronology ]

  • identicon
    Guy One, 6 Mar 2009 @ 12:31am


    all companies do this... right? as an IT guy you can listen to voicmails, see call records, record calls, read emails, all on the fly pretty easily. Then theres the firewall, logging every url, tracking instant messages, tracking smtp.ect

    i did not know that being able to do all that is illegal?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Mar 2009 @ 4:42am

    If a company has an Acceptable Use Policy that all employees are required to read and comply with that states that any communication they make over company-owned equipment is considered company property then they have the right to read the material because the employee has no expectation of privacy. In that case it is not free speech that is being infringed upon.

    The biggest threat to corporate networks is insider threats. Remember the guy in San Fransisco that refused to give up the passwords to the city network? Bet they wish they'd monitored that guy's email.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 6 Mar 2009 @ 5:48am

    One place I worked made a hidden peep hole in one wall to the break room. They wanted to make sure we did not take to long of breaks... I guess.
    Strange every break time a big wade of gum would appeared on the peep hole. I guess the peep hole was not that hidden and company did not want to blatantly tell the worker they where spying on them during coffee breaks so all they did was clean the gum off every day (and said nothing).

    reply to this | link to this | view in chronology ]

  • identicon
    Jesse, 6 Mar 2009 @ 9:28am

    As Mike points out, if your boss treats you like crap, you are more inclined to do a shit ass job. So now you have shitty employees, an expensive system in place that wastes man hours to track, and a whole bunch of pissed off and probably less productive workers. At the end of the day, was it worth it?

    reply to this | link to this | view in chronology ]

  • icon
    chris (profile), 6 Mar 2009 @ 10:56am

    it's not hard to circumvent

    even the cheapest privately owned mobile phone is difficult to tap without the help of the government. the same is true of most mobile broadband.

    if you can ssh out of the network, then you can encrypt all of your traffic via a tunnel or use one of the many vpn services that are available.

    tunneling has the added benefit of knowing if you are being watched when big brother approaches you about your large volume of SSH/IPSEC traffic.

    reply to this | link to this | view in chronology ]

  • identicon
    Gene Cavanaugh, 6 Mar 2009 @ 3:58pm

    Eavesdropping on employees

    Being in the middle is difficult.
    I feel companies own their equipment, and it is just as reasonable to know what employees are doing with the phone system and email as with a company car.
    However, I would draw the line with non-company equipment. I was once in a company that "inadvertently" made it difficult for an employee to use their personal cell phone; that, to me, is a no-no; and from what I understand of Constitutional law, could be actionable.
    So, use your cell phone, and if that is monitored or blocked, "Houston, we have a problem!".

    reply to this | link to this | view in chronology ]

  • identicon
    hvirtanen, 8 Mar 2009 @ 12:45pm

    lex-nokia is crazy

    This law is against the spirit of the constitution of Finland and completely useless against spying companies by their employees.

    If somebody wants to get out of the company or the organization some secrets of the company or the organization , she/he can carry a gigabyte data in a small memory chip out of the door so that nobody can detect that.

    On the other hand this law gives to virtually anyone a free and lawful access to spy emails and telephone calls of other people. It is of course even nowadays easy for any administrator of the network to spy other people's emails, who are using the network. But until now it wass anyway illegal.

    The whole law is plainly a step toward 'an orwellian society', where it is legal to spy all private doings of the citizens.

    I'm ashamed to live in the country, where the parliament approved such a law.

    It is quite clear that Nokia supported this law.

    On the other hand I haven't used any crap Nokia phones for years. Nokia is already well-known for their bad manners to treat their employees. I wouldn't be unhappy, if the whole crap company would go in bankrupt.

    reply to this | link to this | view in chronology ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Insider Shop - Show Your Support!

Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories


Email This

This feature is only available to registered users. Register or sign in to use it.