What is the legality in Australia of a manager downloading key logger programs (which have the ability to monitor all emails/passwords) on a work computer. My understanding is that while the business can download what they like, they still fall under privacy controls and in terms of the Telecommunications Interception Act monitoring of communication requires permission from both parties? I find this intrusion highly unethical, and would be extremely disappointed if it is legal?
WA Manager Installed Keylogger Spyware?
- Thread starter Cliff
- Start date
Hi Cliff
Generally an employer has to notify you before any surveillance of an employee is carried out in the workplace (this includes surveillance via CCTV, email monitoring etc). However, this is not a requirement in all states when it comes to email surveillance alone.
What state are you based in? Currently only NSW and the ACT have laws specifically dealing with monitoring of employee's emails by the employer. NSW, for example, would require that the employer give you 14 days' written notice that the surveillance is to occur and would also require that that surveillance be carried out in accordance with a workplace policy on surveillance. The only exception to this, would be where your employer has applied to a magistrate's court seeking an order to give authority for it to monitor employees without its knowledge. Practically, this can only occur where your employer is able to support suspicions that an unlawful activity is taking place.
If you aren't in the ACT or NSW then, arguably, your employer may not required to legally notify you of their surveillance of your emails.
Whether your employer's activities could come within the Telecommunications (Interception and Access) Act 1979 (which is federal legislation and applies to all states), would depend on whether your emails/passwords are being monitored at the time they're "Passing over a telecommunications system" (as opposed to being monitored after they have been sent or received). As you can imagine, this could be quite a technical question to be able to determine. For your reference, the Act defines a communication as passing over a system when it is:
Do you have enough information about your employer's monitoring activities to determine the timing or point at which they might be accessing your emails?
Generally an employer has to notify you before any surveillance of an employee is carried out in the workplace (this includes surveillance via CCTV, email monitoring etc). However, this is not a requirement in all states when it comes to email surveillance alone.
What state are you based in? Currently only NSW and the ACT have laws specifically dealing with monitoring of employee's emails by the employer. NSW, for example, would require that the employer give you 14 days' written notice that the surveillance is to occur and would also require that that surveillance be carried out in accordance with a workplace policy on surveillance. The only exception to this, would be where your employer has applied to a magistrate's court seeking an order to give authority for it to monitor employees without its knowledge. Practically, this can only occur where your employer is able to support suspicions that an unlawful activity is taking place.
If you aren't in the ACT or NSW then, arguably, your employer may not required to legally notify you of their surveillance of your emails.
Whether your employer's activities could come within the Telecommunications (Interception and Access) Act 1979 (which is federal legislation and applies to all states), would depend on whether your emails/passwords are being monitored at the time they're "Passing over a telecommunications system" (as opposed to being monitored after they have been sent or received). As you can imagine, this could be quite a technical question to be able to determine. For your reference, the Act defines a communication as passing over a system when it is:
• sent or transmitted by the person sending the communication; and
• taken to continue to pass over the system until it becomes accessible to the intended recipient of the communication.
• taken to continue to pass over the system until it becomes accessible to the intended recipient of the communication.
Do you have enough information about your employer's monitoring activities to determine the timing or point at which they might be accessing your emails?
Thank You for your prompt response. Im in WA. The issue of "Passing over a telecommunications system" when monitoring may have applied in an analog environment, but in a digital era, the data is stored and not as time dependant. As such there sems to me to be no difference between phone tapping and reading of other peoples emails and passwords without permission? It seems to be an infringement of privacy which even in the police and security forces, is tightly governed, yet business get away with it legally?
You have a good case to say that you are no longer responsible for ANY communications or use of internal applications under your account as the use of key loggers captures your passwords.
Not sure of the legality of the capturing all data, but suspect it is legal as long as you are notified.
Not sure of the legality of the capturing all data, but suspect it is legal as long as you are notified.
Thks Rod.This is the concern I have. I discovered the program had been downloaded when checking download history on the main computer used. No notifications or permissions given. Management were then confronted and argued the fact that key loggers/spyware are not illegal in Australia! It seems going on what Anna suggests (above) they may in fact be correct in all states except ACT and NSW? Which is astounding. I think the law needs to catch up to what businesses are doing in WA?
My new partner had a key logger installed on her pc laptop. Her ex made himself the administrator of the house key logging every password even her own mygov which are private accounts.
He made up emails and changed passwords a period of around 6 months and had access to everything making her frustrated. It was even to the point remote accessing her web cam one night to see what she was up to, checking up on her with his app on his phone, checking the login reports via his modem.
I say, wtf, big breach of privacy act in SA or what then also mounted as cameras on the house to see if she was coming or going every move she was and had taken was monitored
He made up emails and changed passwords a period of around 6 months and had access to everything making her frustrated. It was even to the point remote accessing her web cam one night to see what she was up to, checking up on her with his app on his phone, checking the login reports via his modem.
I say, wtf, big breach of privacy act in SA or what then also mounted as cameras on the house to see if she was coming or going every move she was and had taken was monitored
The activities of your partner's ex are illegal under Commonwealth law and probably under the WA criminal code. Recommend you call the police and give them your evidence.
Most businesses should have an IT Policy which is signed on start. If they don't have one, they are on very shaky ground when it comes to monitoring employees IT activity. Even in WA. Usually, the HR department is responsible for this policy being brought to the attention of new employees.
Similar threads
