Super illegal in Germany, luckily. It's shocking to me how people here accept this as normal.
You shouldn't lose all rights just because someone is paying you any amount of money. The company does not own you. You're not a soulless resource that can be used and tossed whenever your boss pleases.
Kind of ironic isn't it, the people against universal medicare are the same ones spouting "freedom", but infact universal medicare would give them more real individual freedom than any other bills sent to the Senate these days.
The USA system is particularly broken. Just because healthcare is private doesn't mean it needs to be ruinously expensive, most other countries manage.
> Once healthcare is tied to employment, that is exactly what people are.
Yep, and this marvelous US productivity hack by employers and lawmakers (/s) - of making affordable healthcare conditional to employment - is unfortunately growing around the world. Parallel to this move is the continued commodification of most other resources and relationships.
In the US, anyone can buy the same health insurance from healthcare.gov. However, if you are not self employed, then you will have to pay with post tax dollars as opposed to pretax dollars.
Employers do pay a portion (usual 50% or more) of the health insurance premiums, but these days it is just another form of compensation, worth somewhere around $200 to $1,200 per family member per month (pretax).
Before ACA, it was true there were cases you simply could not get health insurance without an employer, as you could be denied for a multitude of reasons.
You can always work somewhere else. Or start your own company. Or even organize, which is a legally protected ability in the United States.
Don't accept that bullshit. Especially if you're a software engineer and have a million opportunities.
I resigned from a big tech company because I refuse to build any weapons, period. I'll always refuse to build them as long as I live. I can easily get hired somewhere else.
Have some self respect and demand to be treated with dignity. To hell with the bosses' intimidation
To hell with the bosses. Organize with a few friends/coworkers and start a workers cooperative, where every one is paid the same and has a say in decisions.
However, that requires some savings and some political perspective. I understand why someone who just struggles to pay their bills every month "thanks to" their corporate overlord (i.e. "wage slavery" as that is/was called) would not consider it a viable option.
Organize with your fellow workers. Sabotage the company. Make your managers' lives miserable, but do it collectively ;)
Or create your own company. Sabotaging someone else's company and feeling entitled that they should give you money for your activity sounds like... theft?
Sabotage is arguably far worse than theft; would be glad to have this kind of unreasonable-malicious individual filtering themselves out of my company - and ironically they certainly are a supporting point for companies who want to monitor and control to catch stated malicious behaviour/sabotage; they clearly have resentment and won't be as successful themselves as otherwise because they're wanting to waste energy, perhaps energy from anger - but certainly that of resentment - rather than directing it to do better themselves, which doesn't include sabotage or wasting energy; that's a violent and self-harmful act IMO.
Re: theft - they didn't mention theft in their comment (unless they edited it out; why not version control on HN?) but the problem I have with theft is that it allows thieves to gain resources that they didn't develop to earn themselves, that they don't yet deserve - giving them power they don't deserve nor have learned how to wield adequately.
"You can always fight and become a gladiator champion to win your freedom."
If the alternatives suck (being poor or a social outcast) or are hard (entrepreneurship) or not that different (another soulless corporate job), how much freedom is there really?
You can't accept to work anywhere else, companies need to adhere to the needs of the people working, and have respect. If we start dodging problems by moving companies instead of fighting back, we'll soon have no company where we can work which is respectful.
I'm sorry for you. But maybe your situation will change in the future and you will recover your freedom. Most of us chose to fight when necessary and take the risk to lose the battle
Exactly what makes starting/owning a company in US so great and efficient. Exactly what makes being an employee in US often such a crapfest for most of ones active life
A person can recognize reality while knowing it should be different. Recognizing the need for something to be different is the first step in it becoming different.
Learn to read the OP's sentence as "A person should not be a soulless resource..." - that is often what is meant.
My employer in Germany (U.S. company with an incorporated branch in Germany) recently started using Deep Packet Inspection and is decrypting all SSL traffic. While they're not logging all keystrokes, they can read everything.
Reading about this topic, it seems this is also not legal, especially when limited personal internet usage is allowed as well in the contract.
What's the right way to approach this issue? I guess if someone brings this up, they'll just update contracts and say that personal internet usage is forbidden? It still feels like someone is watching you.
If you have legal insurance, ask the lawyer to look into it and write a letter. This seems very illegal and a single letter from a lawyer will scare the company enough to stop it.
They probably inspect the traffic for information security. Specifically to check if there is no hacking going on (suspicious data extraction, c&c calls etc)
It's clear that, in their super-capitalistic view, if they pay you a salary they own you for 8 hours a day. Property doesn't have rights, so neither do you.
This has been clear for quite some time, but it's reaching exaggerated extremes in recent years.
It's worrying how US companies are expanding so intensely into the EU as well.
The term "Human Resources" is slowly creeping into German corporate speak. Before that it was called "Personalverwaltung" (employee management) which I think is a way better and more fitting name.
Holy hell. "Human Resources" implied that as an employee, you're a resource to be exploited - used up and discarded. "Human Capital" implies your employer owns you.
I got a new co-worker (product manager) who seemed like a nice guy, well-spoken, seemed to listen to us techies, fun to have lunch with. The only thing that seemed "off" about him at first was that he unironically referred to people as resources. "We can deploy without a proper review for now since the design resource is on holiday". Like, there was only one "design resource", he was called Andrew and their desks were next to each other! I thought it was weird, but I just brushed it off since other than that he seemed fine.
At first. After a few months, though, he proved himself to be classical politicking a---hole and a horrible bully if you got on his bad side. I take that as a lesson to trust my instincts more.
I think the difference is that at the C-level, executives play checkers, where every piece is the same and you can allocate "resources" (aka people) as commodities. Below that we're playing chess and every person is a distinct individual. It's at the transition in either the hierarchy or in this case you're co-working trying to position himself in the former while working in the latter where it gets unpleasant and weird.
always when i hear someone calls a fellow colleague a ressource (in corporate context) or device (in sport context) it always proved true that these people were manipulative as hell.
Not really, though you are probably just making jokes.
"Resources" can surely mean "assets" (note that the relevant resources are selected...), which is not at all diminishing or ghastly, and also honestly means "what is available to fulfil a need". Implication of «expoitation» (or, even farther, "expendability") is not necessary, though "being used" is surely there - but that is the job itself.
"Capital" implies "investment" - what you invest is the principal, "capital", while the additional returns are the secondary part -, not necessarily that «ownership» that implies a loss of freedom: contractually, you allow your employer to make your work part of an investment. Again, it is the job itself. The capital is what you have invested and returns after having brought fruit: again, they are assets.
Terms have broad semantics, it is never a good idea to interpret with partiality. :)
Edit: I am not denying that some employers may de facto as if interpret "resources" and "capital" dishumanly: I am stating that the fault is not in the jargon.
What does "People Management Team" mean? That's what our HR has adopted, I think to sound less scary but to me it comes across like total social control.
I noticed the intrusion of that terminology in the German speaking area from a small thing, a joke from Miguel Fernandez:
«Wo is der Azubi?! Sie meinen der Primary Business Solutions Executive Assistant. ...Der is grad kacken.»
I think the trend comes from the globalization of business and trade, so that when parts meet there is no translation of titles but a sort of spontaneous international convention. This avoids questions like "So, what is exactly your job as /Azubi/?".
(Of course, still tongue-in-cheek, it may remain a justified question to ask "What is exactly your job as PBSEA".)
>Companies use the term "Human Resources", literally. Without translation.
Interesting.
When it arose there must not have historically been anything similar commonly seen.
Could be all previous German engineering success has been best accomplished without anything resembling an American-style HR approach.
After all, today's HR designation took root during the belt-tightening of the '80's under Ronald Reagan, and as we have seen has declined in usefulness from there continuously over the decades.
No translation was given back then either, and that was in the USA :)
Workers are minor annoyance for amazon. If they could do everything with robots they would. This is the tragedy of automation and robotics. As soon as it becomes an option there will be massive unemployment unless we figure out a better model.
Let's see if people will also shallowly dismiss Stephen Hawking saying the exact same thing you just said.
> If machines produce everything we need, the outcome will depend on how things are distributed. Everyone can enjoy a life of luxurious leisure if the machine-produced wealth is shared, or most people can end up miserably poor if the machine-owners successfully lobby against wealth redistribution. So far, the trend seems to be toward the second option, with technology driving ever-increasing inequality.
Back in the day when everything was manual I think you could reasonably make a living farming your own land. It was hard work but it was possible.
Nowadays everything is so optimized that margins are razor-thin and the remaining farmers are being squeezed from every side, both from the demand side for their produce (supermarket chains driving prices down) and from the equipment side (John Deere & co intentionally making equipment that's impossible to repair unless you pay them exorbitant prices).
Missed the point. Hardly anyone is a farmer. We all have many luxuries because people who otherwise would be farmers are to some degree instead doing useful things other then fighting gophers and locusts.
This isn't about automation separated from the world it is used in, this is about automation speeding up inequality that isn't just growing, but accelerating -- and the predictable outcome that those who exploit and don't share with people when they still kinda need them, will certainly not share once they no longer need them for anything whatsoever, and can kill them in vast numbers trivially. If it was already occasionally possible to get soldiers to do it, how much more so owithout pesky humans and their consciences getting in the way.
> But few would wish to go back.
What does that even mean? I would love to "go back" and deal with things by not just letting the masses starve while people in costumes play god and smell their own farts, which is exactly what they do today. I would LOVE to see see that space exploration and awesome inter-species music festivals we might have in 2021 if the last few millenia hadn't been such pathetic ass.
Automation is as much of a tragedy as 3/5 people not having to work in agriculture or not having to spend hours washing your clothes by hand. A job becoming unnecessary should be a good thing. If you become unnecessary, something is wrong, and not necessarily with you.
> Slightly tangentially to your comment, I believe that people tend to vote based on the fact they believe they either are, or will soon be, part of the one percent.
As quoted in A Short History of Progress (2004) by Ronald Wright:
> John Steinbeck once said that socialism never took root in America because the poor see themselves not as an exploited proletariat but as temporarily embarrassed millionaires. This helps explain why American culture is so hostile to the idea of limits, why voters during the last energy shortage rejected the sweater-wearing Jimmy Carter and elected Ronald Reagan who told them it was still “morning in America.” Nowhere does the myth of progress have more fervent believers.
Socialism/Anarchism has serious roots in the United States. See the history of the underground railroad, the Industrial Workers of the World (IWW) and actual gun battles against the militias of the bosses (Pinkermen), workers opposition to the first world war and their jailing for anti-war propaganda (anti-war doesn't mean anti-revolution, on the contrary), etc..
At some point of course a lot of people are gonna think a 0.001% to become a millionnaire and 99.99% chance to stay a wage slave all your life is better than great chances to be detained, mutilated or assassinated by the police or a militia.
The irony of how little May 1st means in the US today, is that May 1st as the international day of labor demonstrations stems in part from the AFL announcing to the First International that they planned to pick up demonstrations for the 8 hour day again, in part in commemoration of the Haymarket Massacre.
So in large parts of the world organised labour annually takes part in demonstrations as a direct result of the commitment of US unions.
Indeed, I think HN has a bug[1] where posts about labor rights are implicitly downranked. This can happen even when the topic is technologically interesting (such as here) and the workers in question are tech workers. I hope we’ll fix this bug soon, because HN is really the perfect place to voice concerns about labor right issues related to tech workers.
That said there were some pretty goods discussions following the walkout at Blizzard/Activation where this implicit downranking didn’t happen. I want to see more of that.
I guess it is not the discussions about labor rights that are downvoted, but politically turning it into "capitalism bad, socialism good" when labor rights are not specific to one of these options.
It is similar to people pretending morality exists only within religion, human rights and labor rights are perfectly compatible with capitalism: positive example France, Germany, negative example - all the failed socialism attempts in the past 100 years, from Soviet Russia or North Korea to Venezuela and Cuba.
Note: I see labor rights part of the human rights, not as an economic or government system. I definitely consider "progressive social issues" a fake term trying to suggest the notion that "progressive" is related to real (positive) progress, while "progressive" is a term the socialist movement in USA hijacked for their benefit, completely unrelated to "progress" as in the English language dictionary.
> all the failed socialism attempts in the past 100 years, from Soviet Russia or North Korea to Venezuela and Cuba.
As someone from Northern Europe I feel the need to point out that socialism != communism.
The failed states you mentioned above all have/had a communistic rule. My impression is that media in the USA portrays these as being the same and evil which I don’t agree with.
The unique-to-the-US narrative that socialism == communism is another valuable tool that works towards maintaining the current imbalance of power in the US (hence my comment above about how people vote).
If you think people implying that advancing issues important to powerless people is positive progress is some evil socialist deception, it's strange that you've latched on to the term "human rights" as if it refers to anything that exists or can be enforced.
No, I am only saying socialism = progress is false. I am pro labor rights and more widely pro human rights, but I don't accept socialists hijacking the term "progress" for their benefit, they can be openly calling themselves socialists.
>wannabe capitalists with a dream of one day being the oppressive CEO abusing their workers
Alternatively, we're just people that recognize that it's absurd to think you have, or even deserve, to use someone else's property for whatever you want.
Do you also think it's oppressive that public libraries have rules against using their computers for porn?
> it's absurd to think you have, or even deserve, to use someone else's property for whatever you want
How you read this into my comment is beyond me. An employee cannot use the company-provided resources in whatever way they like. If they do, that's grounds for termination.
German labor laws recognize that total surveillance is not aligning with the values of a free society. Life does not stop at work, every company event should tell you that. Instead there needs to be indications that the employee is acting in bad faith, then the employer can "surveil" the employee in a limited fashion, like read work emails (not private emails) or search their desk. The same as police cannot search you whenever they like without reason.
It’s worth remembering that many Germans still have direct experience of living in the surveillance state of East Germany, and I would expect know better than most how these tools can be used
I think the parent poster meant that the memory of a surveillance State is alive and well in East Germany because it was only two generations ago.
In other countries like France and Belgium, the surveillance State has been aimed at specific communities and at remote colonies lately, but a generalized state of surveillance has not been seen since the 1940s so people tend to underestimate the dangers of that based on little living memory of how authoritarianism grows.
Perhaps we should return to feudalism, as it is absurd to think you deserve to use a lord’s property without putting in any labor for them.
To me it’s absurd that the system is such that the one’s doing the most don’t get to decide what happens with the fruits of their labor, and are under the mercy of whoever happens to own that workplace.
"Company time" is steering you wrong there. When a worker's shift starts she doesn't become chattel property of the employer for the duration of her shift. Instead, she's doing work that the company paid for while retaining her own personhood.
My question is about German law. Company time is relevant because a contract requires compensation in order to be in effect (which you are paid for under company time).
It's a huge security risk to add a keylogger. It's also a deep invasion of privacy and compromises the ability of employees to conduct private one on ones, which are important for the mental well-being of a company of people. Imagine working from an office with a microphone attached to your desk that pipes everything you say to your boss, your boss's boss, all the way up the chain. People need to vent. Sometimes people need to waste time and shoot the shit about things unrelated to work. People need to be able to discuss things in private without fear. Otherwise the culture will descend into a constant state of paranoia and dysfunction.
It basically devolves the workplace into wargames where the employee focus becomes an "us vs them" battle stalemate with management re: tracking and obsessing over the KPIs vs how to beat the KPIs.
I worked in call center management and saw this play out real time. They made clients wear fitbits and hit metrics to qualify for the cheaper health insurance plan. Workers put the fitbits on drill bits and ran drills to whirl around the fitbit to beat the metrics. Then there was a mass group chat about how to beat the system. Then peoples personal cell phones had to be banned and kept in lockers outside the offices. And around and around and on and on it went. It was literally like Tom and Jerry and everyone was miserable and meanwhile the company wasn't doing well because nobody was focused on getting any high quality work done because of all the distractions and drama over the tracking.
Good working relationships has the capacity to boost productivity like nothing else. The cost of the unproductive time of a pleasant work-place conversation should be easily out-weighed by 'happy socially-engaged-in-the-workplace employee' pulling out all the stops to solve problems for their colleagues.
I don't believe this can be represented by KPIs, and therefore doesn't factor into (bad) managements' view of the world.
The company cannot even look at the employee's work emails unless there are already indications that the employee is acting in bad faith ("Anfangsverdacht").
” According to the guidelines, if the use of the Internet and email services is only permitted for business purposes, the employer can check the Internet use of the employees randomly, to make sure that they use it for business purposes only.”
This is false for the general case. The employer always needs a reason, e.g. the employee appears to be browsing the internet the whole day instead of working. And even then, the work council has to be consulted.
The employer can look at work emails if it's the last resort (no other means to get the information), they have a reason (like if employee is sick and a customer emailed them directly with important contract data), a member of the work council is present, and it's been cleared by the GDPR person (whatever they're called in English).
Labor laws have been shaped by courts so it's quite confusing, even to Germans. Rulings are often decided by minuscule details that don't appear to be big but often are, so generalizing is hard.
If a customer phone the support directly, are they going to hold the phone for hour waiting for approval? Only after the approval, the support can start reading the work email and decided the next step.
Co worker and manager need to aware of the work progress, just in case the employee is sick or something.
Employee should do their private work on their own devices.
The company can easily take measures to prevent situations like this by using a proper CRM solution. If the company didn't, it's its own fault. Flaws in internal processes don't legitimize surveillance.
It's also valuable to co-workers and managers to know if the employee might be engaging in behavior that could get them sick, or if they are looking for another job. So employers should really be able to monitor their employee's own devices, health records, and expenditures.
The company can record phonecalls with customers as long as the customers agree, which is already being done under the disguise of "improving customer service". The company cannot record all phone calls an employee makes.
The company can simply require all customer communication to go through a proper CRM. This way there is no need to look into an employee's personal inbox.
I'm not a huge fan of this monitoring, but why be so dramatic? You aren't losing any rights here, let alone all rights. You do not have a right to use your employer's computer without your employer's permission.
If you want to do something that isn't monitored, just use your own computer instead of your employer's computer. You should be doing this anyway, keystroke monitoring or not.
In short, you definitely have a right to send e.g. personal emails from your work computer and your employer definitely does not have the right to go look into them for instance
I'm not so sure about that. Do large-enough French companies supply their own Certificate Authority to all company computers (like all large corporations)? If so, then they're free to browse/search/store all https communications from any company machine, right?
The assumption is that employers and IT departments will always "follow the rules", but it's impossible to verify something like that. The way corporations would be "caught" would be from huge numbers of whistle-blowers but that's a risky career move for most IT workers.
The good news is IT departments and individuals generally don't care to spy unless there's something really high-value at stake and only then towards very specific "targets". With few exceptions, the vast majority of workplaces tolerate ordinary personal use of corporate computer resources.
The inside of a company is not a bubble isolated from the rest of the society and with a different set of laws. Despite what billionaires really want it to be.
That's correct, which is why the same laws that say you can't just take someone else's computer and do whatever you want with it apply within a company just the same. On a company laptop, you do not have the right to do anything on it without permission from the company.
These are the same laws that also allow surveillance cameras not only within company properties, but even in public.
You do not have the right to privacy when you are not in a private space. This applies to company computers just the same.
This kind of dystopia is thankfully not one that everyone lives in.
In Europe you generally have a graded expectation of privacy that does not disappear the moment you enter the workspace.
We recognise that people have needs that are not met if you treat them as automatons.
To your surveillance camera point, I live in the UK which is renowned for the number of cameras. If I point a surveillance camera at the sidewalk in front of my house, I'd break the law.
>To your surveillance camera point, I live in the UK which is renowned for the number of cameras. If I point a surveillance camera at the sidewalk in front of my house, I'd break the law.
Is this true? So your camera is only allowed to point at your property and nothing else? I don't see how this could possibly be true when you're allowed to take photos in public. Or does the fact the surveillance camera is fixed make a difference?
"One use case provided is that a customer service worker walks away from their computer and then a roommate grabs the machine to use its internal search tool and see what a celebrity has been buying on Amazon. But just four cases have actually been identified in which imposters accessed such data. And the result for workers of implementing the software is a constant feeling that someone is watching over them."
Not to backseat design (ok, to backseat design), but shouldn't it be the case that access would already be scoped to accounts relevant to active tasks, and not every one of the 300M+ active customer accounts, especially without some sort of escalation or break-glass? That rationale for this software is likely invented, right?
"It’d be one thing if these workers were well paid, but they’re not."
quick survey -- this would still be put on the "bad ways to treat your workers" list, correct?
If you think about how phone support works, it would be pretty challenging to prevent the support staff from being able to access an arbitrary account.
You'd have to set up a system where the phone tech could not access the account data unless the customer relayed the right name, SSN, or whatever other validation that they were the right person (people forget passwords!). But this means you need to be able to look up an account by some kind of PII, or at least ask the customer to cite some recent purchases (to prove ownership)... in which case the tech has to be able to see the purchases to validate them!
Anyway, I'm sure there's some path here to make it mostly possible, but I don't think it's easy and I'm sure it's a higher-friction customer support experience.
yes, I sort of assumed--maybe incorrectly--that these employees/contractors handle chats and calls that were initiated from the help center and a logged-in account.
agree with grandparent that incoming cold calls would be more challenging in terms of both authenticating the caller (some places I've called just seem to match phone number) and limiting access to information.
Agreed. That sort of data should not just be a few clicks away and with only a reliance on honesty and will power to stop abuse.
You need to have this sensitive data locked down appropriately so that people cannot just unilaterally access it on a whim. There should be an audit trail back to some rationale for access (e.g. support case) that enables access, and if the data is sensitive enough it should use multi-party auth.
Keyloggers are not going to stop someone who is using someone else's computer already - they are WHY they are using someone else's computer!
Yeah but similar techniques can be used. Like a yubikey with fingerprints to do important things, a bt ring that needs to be close to the computer to keep it unlocked, etc.
The idea is that you can solve the problem without having to spy in your employees every move, and focus on securing important operations.
Definitly no. My laptop may lie around in my absence, my key is on my keyring and I take it when I close the door to go outside. Besides, even in the unlikely event they have the key, they still don't have my fingerprints to activate it. This also doesn't address the BT ring.
If you have to worry about your room mate acquiring all of that, your threat model doesn't allow for remote work as the adversary will bypass the keylogger too.
You are working for a retailer, not the militaries.
I assume that my keystrokes are always being monitored on a company device. Obviously I'd prefer to not be monitored, but I don't really have an expectation of privacy at work on a work device.
Is that warranted by other practices of your employer (locked down laptops, etc.?)
We give full admin rights to laptop owners and don’t install spyware. I would be sad if a coworker acted as if their keystrokes were being recorded; thinking that would surely slow them down and make them more careful about pursuing all promising research paths. So I think it’s important for companies that don’t spy to signal that they don’t; the opportunity cost outweighs the marginal security benefit.
Once a company reaches a certain size and deals with sensitive enough data, it's poor risk management practice to leave device security entirely up to the individual. Mistakes are made, malware-laden software is downloaded, laptops are lost in town or borrowed by kids or S.O.'s at home, etc. Restricting the user's device permissions is not a judgment cast on any individual specifically, it's just a responsible way to deal with something that statistically happens sooner or later even with perfectly well-intentioned employees.
Does your company has network-based IDS? Or local antivirus/ endpoint protection? What happens if those detect something?
In a lot of places, in case of severe signal, like computer reaching out to know malware C&C servers, the computer is taken by IT and investigated - does it really have malware? How did it get on PC? Did it propagate?
This sometimes involves digging through browser cache and history.
So even if you not recorded all the time, you should be prepared that your computer will be taken away from you at any moment and browser history examined. Such is the life in a big company.
Yep, the responses are interesting as they all assume a certain company size (which makes sense given how many faang etc. employees post here.) Eventually a company will hire IT that create their own work and aren’t mindful of the chilling effect monitoring has.
It’s very common to have locked down devices. No admin rights of course, but also a whole suite of surveillance software permanently running (antivirus, local blacklist of websites and executables, SSO authenticator…).
>thinking that would surely slow them down and make them more careful about pursuing all promising research paths.
Huh? I've worked at multiple companies that all do very broad device monitoring (it's fairly standard at all large companies) and I don't think I've ever heard anyone express any concern like this. I've certainly never felt this way myself. What "promising research paths" are you talking about? Do your google searches at work frequently involve porn or something?
Where I work, I will frequently attempt to visit sites, generally the tech blogs of individuals, that are blocked by my company’s filters.
I get big scary corporate “You’re not allowed to go there!” and get the feeling that there’s now somehow some black marks on my invisible permanent record, because I wanted to read something about Zig or something.
I know I’m not going to be fired for something like that. What I don’t know is if some higher up just looks at some roll-up without digging or understanding, the kind of scenario that could come up in something like, for example, layoffs.
Definitely has a chilling effect for me personally.
> Do your google searches at work frequently involve porn or something?
If I want to look up example of string operations in C I might Google "c strings" or "c strings examples". Incidentally, in similar fashion to G-strings, a C-string is a type of lingerie.
If I'm doing quick graphics adjustments I don't want to bother the art department with I might use the fantastic GNU Image Manipulation Program and do a search for "gimp tricks" or "gimp tutorials". Incidentally, as anyone who's seen "Pulp Fiction" might know, a gimp is a type of BDSM gear. Definitely not savory for work.
This is why, much as I'm concerned about personalized searches, it's kind of non-negotiable for me that to function as a professional software engineer I should be logged-in to my Google account. It's the only way I can be sure not to get results from, say, Victoria's Secret.
In the US, that might be a wise assumption for any individual to make. However, I think you still should push back on these practices as a society. Why should this be legal? What common good comes from this?
That's because you probably don't live in western Europe.
Over here, when a company would do that and use it against me, I would sue them for privacy breach. Employee rights are very well protected in western Europe.
And internet activity. Even if you put a personal device on company WiFi you should assume that the DNS and TLS SNI/IP data is being logged and analysed.
Use a VPN, that way if you good off on your phone during the day at least they can only see how many bytes you're using and when
It's my employer's laptop, so I agree. I do make an exception for things benefits-related, as in a medical claim won't necessarily make it back to my boss, even if it's done on a work computer. I don't think it's strictly true, but I can make a case for how HR should shield certain things IT might collect from my boss.
In practice, companies only have humans look at IT use if there's a security problem or a performance problem.
When I was younger I used to think I wasn’t good enough to work for a FAANG company and so avoided all the unpleasant interviews with them.
Whilst that’s probably still true, I now also wouldn’t want to work somewhere like that if the “prize” for being accepted is to be treated like a machine or worse.
Being a contractor seems like a much more honest bargain. You pay me and I make something for you.
How I do that is my business as long as it meets the spec.
I used to care about that too until I got enough money (not a TON, but enough to put my worries aside for 5-10 years) from equity working at a smaller company.
Now I'd rather keep a simple job and work on side projects that interest me than working at a FAANG.
Today it is to 'combat data theft', tomorrow it will be like Amazon fufillment centers in the Call Center no time to take a potty break. Let's hope we don't hear about the pee jugs there too.....
>>tomorrow it will be like Amazon fufillment centers in the Call Center no time to take a potty break
That's already two decades back.
I remember back when I started out in the 2000s. I worked at a call center here in Bangalore. The breaks were one 35 mins(lunch), three 15m breaks spread over the shift, which most people took to use rest rooms. Many times you need to call the floor manager, and they turn it down. You need to hold your rest room emergency until they let you go to the toilet for 15 minutes. You got penalised if you over shot the 15m rest room break.
They even had metrics like resolve rate, calls per day, escalation count, data collection metrics(if you made 3 mistakes entering the user email, you were fired) etc etc.
It doesn’t matter that CSAs are working remote. There are monitoring solutions for those too.
Here’s a recent report on one of the companies that counts Apple as its customer monitoring employees by video. [1] Apple in this instance responded that it prohibits such monitoring.
When I was at university, they implemented a register for classes by phone system in the early 90s. (How things were done before computers…)
I remember being in the bursars office and someone was complaining that they registered for a class and it didn’t show up. The woman working there spun her screen around and said “here are all you keypresses from last week, you clearly didn’t register.” Now with so much more computing power/networking and storage everything is stored..but I wonder if they’ll ever look?
My highschool job was working at a call center for resort & hotel reservations (big range from $40/night to $9000/night). I loved that job and soon got promoted to train new agents.
Hung out chit chatting with management and reading books / creating static websites with Notepad++ (no outside software allowed) when the call volume wasn't too high.
Googling "pac man" yields the pac man doodle, which I played so much (google obviously wasn't blocked but a lot of sites were).
I’ve seen this kind of thing a lot. Two reasons this always happens to the lowest ranked. First because they can- these jobs are largely easily replaceable so even if the workers resist they will be quickly replaced by someone who can be pushed around. Second because people constantly come and go from these jobs they tend to attract some bad apples so there is some need to monitor them more closely.
The purpose of the monitoring is to prevent data theft, and is specifically for customer service associates. Customer service associates have access to sensitive customer data that even management or IT employees do not have.
Modern management believes that the lower ranks need the whip while upper ranks need the carrot to get motivated. It's the same as people are getting nervous about inflation when lower wages are rising but not when the top 1% incomes are going up.
> Average weekly earnings since January are up $15.59, but with inflation surging to levels not seen since the early 1980s, real weekly wages are down $8.99, the largest real-dollar drop in wages since Bureau of Labor Statistics data were first collected in 2006. By comparison, real wages have fallen more in the past seven months than they rose in the final 27 months of the Obama presidency.
I'm willing to believe this, but I want to be clear - you've marked an average bottom 50% wage and an average top 1% income. Is that top 1% wage income or all income?
I feel like people are getting outraged at the title. This isn't a keylogger. It's recording keystroke/mouse patterns to create behavioral profiles, not monitor content. It's just to try to heuristically detect whether the wrong person is operating an account.
There's more to it than that though. As the article notes, Amazon are ruthless when it comes to squeezing every last drop out of their workers. Sure, this software is _currently_ going to be used to try and reduce imposter attacks, but given their reputation I don't think it's unreasonable to see this as potentially leading to increased surveillance of their workers (which will be marketed as 'helping increase productivity'). I would wager that this is why people are getting bent out of shape over the article.
I mean, I guess that could happen. But it's not clear why we should be upset about something that might happen in the future. This software doesn't really get us any closer or further from that happening.
If Amazon wanted to keylog its employees, they'd just create a keylogger for that purpose, not repurpose this thing.
It is a fantastic idea.
Next step will be wires on the head and some ai to guess what each worker is thinking.
And fire those with non compliant thoughts must go.
What a wonderful company /s
Between this, the coming back into the office, to the general rumors of Amazon's work culture going back for years, I find it hard to imagine a more undesirable place to work.
Human nature, like nature, abhors a vacuum. Surveillance capitalism is expanding exponentially in the new space created by digital technology. It is shaping the amorphous silicon with software, behaviors and business models that reflect the distorted morality and deficient humanity of a narrow clan.
This land grab is only possible in societies with no countervailing forces, either in government, judiciary, journalism, business world or civic society. Alas the US is very nearly such a failed society, as evidenced by its still smouldering Trump period. This is disastrous for the Western world in general (and Europe in particular) which for decades has simply followed the US lead in tech.
Tech is not just another cog in eternal societal struggles. Things are coming to a head. The challenges are compounding and the sustainability of our entire (eco)system is at risk. Tech should be at the forefront of shaping healthy social contracts to help us transition to a viable state. It is one of the few levers left that have a positive range. Instead it is abusing and eroding the most vital ingredient of a healthy society: trust
To paraphrase: Monitor your own keystrokes and combat soul theft. Make sure you program the kind of future you want to live in.
What is "surveillance capitalism"? I remember in my country when we had "socialist" in the country name we used to have a huge surveillance system called "state security" (Securitatea Statului, in Romanian) and I figure surveillance and capitalism can coexist, but they are independent.
Is there any reason not to assume they don’t for software engineers as well?
Honest question, I assume this isn’t covered by two-party consent of recording. Are there any legal frameworks covering employee monitoring in the US or on the state level?
Is it different if alerted on violation as opposed to a manager browsing their employees activity on a whim?
If your company uses teams....you already have a keylogger installed in your machine.
The moment I discovered this, I stopped using teams to talk to my manager/teammates about my frustrations or concerns. I ask them to speak on the phone or face to face.
Amazon does not provide a company phone. Employees install paging app on their personal phones. I wonder how closely they monitor activities on phones of their employees.
Marshall Brain’s short novella “Manna” is worth reading, if only because it keeps becoming reality with every development like this one.
To be specific, I’m referring to the first dystopian half of the book. I suppose the people at the top of Amazon are gradually entering the utopian second half.
This is what life below the API would feel like. Expectations: ML and algos are automating most boring jobs like couriers, drivers, cashiers or fulfillment center workers. Reality: ML and algos automating jobs of line managers.
I work in a customer-facing position within network security at AWS. This sounds dystopian and inhumane. But to do their job effectively, these employees (much like myself) must have access to a lot of critical data that can do a lot of damage inappropriately leaked.
This may not be the best solution to protecting data, but it's a hard issue to solve.
Stuff like SIM swapping and recent Twitter hacks come from insider threats. Consumers want companies to protect them (i.e. the consumers) from insider threats. How are companies supposed to do that? Monitoring the speed of typing is one not-particularly-invasive way to do that.
TL/DR: Don't eat the sausage if you can't stomach how it's made.
And yet they remain. So is it too far? If it were too far, they would get regulation slap on the wrists, or it would be impossible to find employees for their positions. So as long as the signals of being too far, there's no need for them to change behavior. (from their PoV at least)
Looks this was being downvoted. Probably for the “Not a big deal really”, possible tone of saying “we should accept micromanaging distrust”, and the behavior monitoring of drivers and warehouse workers is dystopian, this could well go that direction.
However, if you’re working at an employer-provided work device, your practice is a wise one.
But this applies to any sort of crime: there are limits to what is reasonable surveillance. Of course the legal system is different than what a private company does with its employees, but I think it’s useful to note that there are limits to how far we can go to catch these things.
I've worked at places where data theft meant a spy was violating arms control treaties. You get access to the data you need, and every access and egress is logged. A keylogger is a frankly ridiculous solution to this problem.
Simply audit the events where data is accessed (they also suggest this in the article). What advantage does monitoring keystrokes give? This smells more like an attempt to detect unproductive workers to me.
> Simply audit the events where data is accessed....
That would be a sane approach. Indeed, if there's "data" to guard, then one just properly secures it and allocates access to it. If "theft" happens, then there's access log.
If data is ubiquitous that everyone should be able to access it, then it's hardly data to "guard". In any case, it makes more sense to monitor access to data, not just a sea of keystrokes... unless the concern lies with something other than the data.
You gotta assume if someone is an engineer they can do some nasty stuff. The idea is there's professional etiquette and ethics. It's as easy as encrypting some code, downloading it as some image file, and running it through a benign sounding script. Keystroke monitoring is more likely to find you chatting with your SO than a breach.
That’s why your kids have cameras in each of their school bathrooms’ toilet stalls to catch the ones selling nickel bags. Or would if that were legal.
Normalizing the surveillance state is the chilling part. It’s just that the corporation is state entity, not the government.
To your point, the reason we have bad cops is that we have problem people that carjack, rape and the like, so we therefore have cops. If people really didn’t want bad cops, they wouldn’t crime.
But I doubt Amazon has lost much money from the looks of it.
Criminal insiders that prey on the customers are a more interesting target, but I suspect they are in different unmonitored areas.
You shouldn't lose all rights just because someone is paying you any amount of money. The company does not own you. You're not a soulless resource that can be used and tossed whenever your boss pleases.