Admit it -- you've used your computer at work to view non-work-related Web sites. Heck, if you are reading this article at work, you might already be guilty as charged. More than 70 percent of the adult online population has accessed the Internet at work for personal use at least once, according to a September 2000 eMarketer study. Employees are sending personal e-mails, playing games, viewing pornography, shopping, checking stock prices and gambling online during working hours.


Cameras in the workplace keep an eye on employee activities.

Don't think these cyberslacking activities are going unnoticed. More than one-third of the 40 million American workers with Internet access have their e-mail and Internet usage under constant surveillance, according to a study from the Privacy Foundation. With a simple software application, your boss can be tapping into your computer and see what you're doing in real-time. Whether you are guilty of wasting company time or not, your computer might be under surveillance. You can be monitored without your knowledge -- employers are not required to notify you that you're being observed.

At the center of the debate surrounding workplace surveillance is the question of employee privacy rights. In this edition of HowStuffWorks, you'll learn about the various kinds of software that enable employers to monitor your computer activities. We will also discuss the legalities of this practice.

A Growing Trend
The growing number of employers who are monitoring their employees' activities is a result of the low cost of the monitoring technology, a growing percentage of employees using their computers for personal use and an increase in employees leaking sensitive company information. Employers are also watching their workers to avoid sexual harassment and discrimination lawsuits that stem from inappropriate and offensive e-mails circulating within a company.

Instead of monitoring those employees who exhibit suspicious behavior, many employers are instituting "continuous, systematic surveillance" in the workplace, according to a Privacy Foundation study written by Andrew Schulman. Reports of companies firing workers for misusing workplace computers are becoming more common as an increasing number of employers implement electronic monitoring software.

Computers leave behind a trail of bread crumbs that can provide employers with all the information they could possibly need about an employee's computer-related activities. For employers, computers are the ultimate spy. There's little that can stop an employer from using these surveillance techniques.

There are basically five methods that employers can use to track employee activities:

  • Packet sniffers
  • Log files
  • Desktop monitoring programs
  • Phones
  • Closed-circuit cameras

Computer-monitoring programs carry such names as Shadow, SpyAgent, Web Sleuth and Silent Watch. The prices of these programs range from as little as $30 to thousands of dollars. The number of employers who believe that they need these programs and the relatively low cost has resulted in an emerging multi-million dollar industry called Employee Internet Management.

Let's examine some of the Internet surveillance technology and how it's used.

Packet Sniffers
Computer-network administrators have used packet sniffers for years to monitor their networks and perform diagnostic tests or troubleshoot problems. Essentially, a packet sniffer is a program that can see all of the information passing over the network it is connected to. As data streams back and forth on the network, the program looks at, or "sniffs," each packet. A packet is a part of a message that has been broken up.

Normally, a computer only looks at packets addressed to it and ignores the rest of the traffic on the network. But when a packet sniffer is set up on a computer, the sniffer's network interface is set to promiscuous mode. This means that it is looking at everything that comes through. The amount of traffic largely depends on the location of the computer in the network. A client system out on an isolated branch of the network sees only a small segment of the network traffic, while the main domain server sees almost all of it.

A packet sniffer can usually be set up in one of two ways:

  • Unfiltered - captures all of the packets
  • Filtered - captures only those packets containing specific data elements

Packets that contain targeted data are copied onto the hard disk as they pass through. These copies can then be analyzed carefully for specific information or patterns.

When you connect to the Internet, you are joining a network maintained by your Internet service provider (ISP). The ISP's network communicates with networks maintained by other ISPs to form the foundation of the Internet. A packet sniffer located at one of the servers of your ISP would potentially be able to monitor all of your online activities, such as:

  • Which Web sites you visit
  • What you look at on the site
  • Whom you send e-mail to
  • What's in the e-mail you send
  • What you download from a site
  • What streaming events you use, such as audio, video and Internet telephony

From this information, employers can determine how much time a worker is spending online and if that worker is viewing inappropriate material.


It Could Mean Your Job

More than one-quarter of American companies have fired employees for misuse of office e-mail or Internet connections, and 65 percent report taking disciplinary actions for similar offenses, according to the American Management Association (AMA). Here are some of the high-profile cases where employees were fired or reprimanded for computer misuse:


  • October 1999 - Xerox dismisses 40 workers for inappropriate use of the Internet related to the viewing of pornographic Web sites.
  • December 1999 - The New York Times fires 23 employees for distributing pornographic images via e-mail.
  • July 2000 - Dow Chemical fires 50 workers and disciplines 200 others for distributing sexually explicit and violent material.
  • September 2000 - Dow fires another 24 and reprimands 235 more for e-mailing sexually explicit or violent material.
  • September 2000 - Orange, a British mobile-phone company, fires 40 employees for downloading pornography.
  • November 2000 - The Central Intelligence Agency fires four employees and reprimands 18 for participating in a secret chat room created in a classified computer system for exchanging jokes.
  • June 2001 - A junior-high principal in Seattle is fired for allegedly viewing inappropriate material on school-district-owned computers.
  • July 2001 - Northwestern University fires an employee for allegedly storing thousands of MP3 files on her work computer.
  • January 2002 - Enron fires several employees for posting information about financial abuses in online message boards.

Desktop monitoring programs work differently than packet sniffers. They can actually monitor every single action you take with your computer.

Desktop Monitoring
Every time you provide some form of input for your computer, whether it's typing on the keyboard or opening a new application, a signal is transmitted. These signals can be intercepted by a desktop monitoring program, which can be installed on a computer at the operating system level or the assembly level. The person receiving the intercepted signals can see each character being typed and can replicate what the user is seeing on his or her screen.

Desktop monitoring programs can be installed in two ways:

  • Physically - Someone sits at the computer and installs the software.
  • Remotely - A computer user opens an e-mail attachment. The attachment, which contains a program the user wants to install, may also contain desktop monitoring software. This is described as a Trojan horse -- a desired program that contains an undesired program.

Desktop monitoring programs have the ability to record every keystroke. When you are typing, a signal is sent from the keyboard to the application you are working in. This signal can be intercepted and either streamed back to the person who installed the monitoring program or recorded and sent back in a text file. The person it's sent back to is usually a system administrator. However, keystroke intercept programs are also popular among "hackers."

Hackers often use desktop monitoring programs to obtain user passwords. Intercept programs, because they record keystrokes, also make users susceptible to having their credit card numbers and other sensitive personal data stolen.

Employers can use the desktop monitoring program to read e-mail and see any program that is open on your screen. Desktop replicating software captures the image on the computer screen by intercepting signals that are being transmitted to the computer's video card. These images are then streamed across the network to the system administrator. Some prepackaged programs include an alert system -- when a user visits an objectionable Web site or transmits inappropriate text, the system administrator is alerted to these actions.

But employers don't need to install software to track your computer use. There are actually systems built into every computer that make finding out what you've been doing pretty easy.

Log Files
Your computer is full of log files that provide evidence of what you've been doing. Through these log files, a system administrator can determine what Web sites you've accessed, whom you are sending e-mails to and receiving e-mails from and what applications are being used. So, if you are downloading MP3 files, there's more than likely a log file that holds data about that activity.

In many cases, this information can be located even after you've deleted what you thought was all the evidence -- but deleting an e-mail, or a file, doesn't erase the trail. Here are a few places where log files can be found:


  • Operating systems
  • Web browsers (in the form of a cache)
  • Applications (in the form of backups)
  • E-mail

If the hard drives of an employee's computer and a system administrator's computer are connected, a system administrator can view the log files remotely. The administrator has to have access to the drive to check files remotely. Otherwise, a system administrator can check the computer before an employee comes in or after the employee leaves for the day.

You might be surprised at how many companies are monitoring employee activities. In the next section, you'll find out just how widespread this practice is.

Traditional Eavesdropping
Computer surveillance is by far the primary method of monitoring employee activity. However, employers are still using traditional methods such as eavesdropping on phone calls, storing and reviewing voice mail and video-recording employees on the job, according to the American Management Association (AMA).

"The lines between one's personal and professional life can blur with expectations of a 24-seven work week, but employees ought to engage in some discretion about personal activities carried out during the official hours of work," Ellen Bayer, AMA's human resources practice leader, said.

Currently, 78 percent of all companies use some type of surveillance system. Here is a breakdown of the methods they use:


  • Storing and reviewing computer files: 36 percent
  • Video-recording employees: 15 percent
  • Recording and reviewing phone calls: 12 percent
  • Storing and reviewing voice mail: 8 percent

The ACLU estimates that employers eavesdrop on about 400 million telephone calls annually. Federal wiretap laws forbid eavesdropping on conversations unless one of the parties to the conversation consents, but the Electronic Communication Privacy Act of 1986 allows employers to listen to "job-related" conversations. The ECPA gives employers almost total freedom to listen to any phone conversation, since it can be argued that it takes a few minutes to decide if a call is personal or job-related.


Cameras can monitor actions that computer programs can't.

In addition to monitoring phone conversations, employers often place video cameras in the work area to monitor employee activity. Small cameras are sometimes implanted and directed to view the computer, so that the employee's computer activity can be monitored that way.

"Privacy in today's workplace is largely illusory," Bayer said. "In this era of open-space cubicles, shared desk space, networked computers and teleworkers, it is hard to realistically hold onto a belief of private space. Work is carried out on equipment belonging to employers who have a legal right to the work product of the employees using it."

In the next section, we will further explore the legalities of workplace monitoring and answer the question of just how much privacy you can expect at work.

Privacy Laws
Simply stated, courts in the United States tend to favor the employer in workplace-surveillance cases. For that reason, employees should always use good judgment when logging onto the Internet and sending e-mails. Choose your words carefully; you never know who might read your correspondence.

Under the Electronic Communications Privacy Act (ECPA), electronic communications are divided into two groups:

  • Stored communication
  • Communication in transit

Under the law, electronic communication in transit has almost the same level of protection as voice communication, meaning that intercepting it is prohibited. Accessing stored electronic communication, such as e-mail sitting on a server waiting to be sent, is not illegal. The courts have ruled that since the e-mail is not physically traveling anywhere -- is not "in transit" -- it does not have the same level of protection.

This directly contradicts many laws regarding traditional mailing systems. If the U.S. Postal Service worked this way, no one would be allowed to open your mail as long as it were being carried to your mailbox; but the second it is placed in the mailbox and stops moving, your neighbors would be free to come over, open and read your mail. This, of course, is not how laws regarding the postal system work. It is illegal to tamper with someone else's mail.

The U.S. Constitution contains no express right to privacy, but the U.S. Supreme Court has historically upheld an implied right to privacy. However, this right does not apply to employees. Courts seem to be upholding the idea that since the company owns the equipment and the office space, it has a right to monitor its employees to prevent misuse of that equipment and space.

With more companies installing monitoring devices and technology, you should be careful the next time you send that e-mail to mom or check out the latest sale at your favorite online store while at work. Your employer could be watching, listening and recording.