
Invasive, secretive “bossware” tracking workers - samizdis
https://www.eff.org/deeplinks/2020/06/inside-invasive-secretive-bossware-tracking-workers
======
hirundo
My boss has us using a bossware SaaS app that tracks our work with exquisite
detail. It's called GitHub. The tracking consists of our trail of commits to
various repos. (Along with the resulting error logs and tickets.) He can see
exactly what we're doing for the project and when. In fact he has a team that
"peer reviews" the tracking data line by line and are not shy about pointing
out deficiencies.

To track other things, like time on task or web surfing habits, would not even
be redundant, just superfluous.

~~~
posedge
People who truly think this is any useful kind of metric are probably the ones
who think # lines of code written = productive work. Or, as Bill Gates put it
so nicely, they are measuring the progress on the aircraft by its weight.

~~~
koheripbal
There's nothing as effective as a good manager.

A good manager can often sense when someone is not doing their job, or has
disconnected.

In one case, a good manager came to me and asked me to check the "bossware"
software to see if a certain employee was working while "working from home".

...turns out they were not. So we terminated them.

Good manager + bossware = Efficient process.

~~~
rbrtl
How was the manager a good manager here?

They didn't "sense" anything, they just asked you to show them some stats on a
dashboard. They didn't approach the person for an explanation or conversation.

This manager totally removed the human from the person struggling with their
job. That makes them a good robot.

~~~
kuzimoto
Just to give them the benefit of the doubt, we don't know if this is the first
or tenth time this employee was slacking off, or what action (if any) had
already taken place to improve things.

I can additionally imagine that koheripbal was not privy to any information
regarding that employee's performance besides that one thing.

------
tyxodiwktis
I used to work at a company that hired temps off Craigslist to do fairly
sensitive healthcare work. The economics and extreme seasonality made that the
only viable approach. Software like this was absolutely critical to limiting
what people could do and preventing things like identity theft etc. Strong
deterrent effect too- during orientation they would show people exactly what
they could see. Not great in a general work environment with FTEs but these
tools have legitimate uses.

~~~
deeblering4
Not hiring temps off craigslist to do sensitive healthcare work seems like a
pretty viable approach, too.

~~~
tyxodiwktis
Unfortunately everyone in the space does it. Hiring 200 FT with benefits that
you only have work for during two months a year will quickly put you out of
business.

~~~
AstralStorm
You could be the company that does not and gets as big as SAP.

(Which does not.)

------
yepthatsreality
If your employees are so unaccountable and the work they do is so untraceable
and often neglected, then there’s a management problem.

~~~
koheripbal
These software help management deal with that problem by providing
transparency and auditability to the work performed.

~~~
raxxorrax
The better managers I know are pretty critical of quantifying every work
metric possible. Either you get it or you don't but perhaps that separates
good managers from bad ones.

If you cannot define a goal that people can work towards aside from a most
uncreative KPI, it is always a management problem. At least in engineering.

It is a work culture thing, but if you have a constructive one established,
these tools can do much damage.

------
rhacker
My worry is that companies like Zoom will start offering enterprises higher
paid plans that effectively install this software. So think about the next
time you join a meeting you may be installing something like this. And... what
if you join some of those meetings on your personal laptop?

~~~
judge2020
Zoom already basically did this, but they removed it:
[https://support.zoom.us/hc/en-
us/articles/115000538083-Atten...](https://support.zoom.us/hc/en-
us/articles/115000538083-Attendee-attention-tracking)

Archive:
[https://web.archive.org/web/20200401215500/https://support.z...](https://web.archive.org/web/20200401215500/https://support.zoom.us/hc/en-
us/articles/115000538083-Attendee-attention-tracking)

Very old blog post on it: [https://blog.zoom.us/zoom-tips-for-educators-
attendee-attent...](https://blog.zoom.us/zoom-tips-for-educators-attendee-
attention-tracking/)

~~~
TuringNYC
Attention trackers sound like they would be difficult to get right.

For example, I have three monitors and one is on zoom. During the zoom conf,
i've got full view of the screen, etc. But the focus is on another screen,
where I continue slack/messaging/typing/coding/etc. Would an attention tracker
be smart enough to realize that -- despite not being focused on the Zoom
window -- that I indeed am listening and viewing it?

~~~
degenerate
Gotomeeting has an "attention" metric and it's completely, utterly useless. It
works by seeing if the gotomeeting window has focus. Not even attempting to
track visibility, but actual window focus. It's the laziest crap imaginable,
yet unchanged for years now.

~~~
underwater
Paying attention during a meeting is pretty binary. Either you're engaged or
your checking emails/Slack/etc. I've yet to meet anyone who successfully
multitasks in Zoom calls.

~~~
mschuster91
> I've yet to meet anyone who successfully multitasks in Zoom calls.

The thing is that in all too many meetings, a certain percentage of the
attendees is only required for a certain period of time.

~~~
NewsAware
Assuming attention is binary as parent suggested, than having someone in a
meeting where they listen in, but in parallel working on something else seems
to me to be a problem. Maybe the meeting should be split in that case so only
people who are actually required and therefore spend their full attention on,
are present in the split parts. Not saying bossware is the best (or even an
acceptable) solution to that problem, but it would surely be benefitial for an
organization to reduce such inefficiencies.

------
emersonrsantos
Micromanagement is a bad habit of insecurity that rots leadership, it affects
the company health so much. One more source of emotional distress that makes
good people leave.

Accountability (AKA delivery, outcome) is the best metric for me.

~~~
koheripbal
What makes you think this software is used for micromanagement?

In most cases, it's used for auditing. If someone is suspected of abandoning
their job, or stealing, or working a 2nd job, or etc... then the logs are
reviewed.

~~~
to11mtm
Possibly because they've experienced their data being used in the past for
Micromanagement.

Source: Been Micromanaged in the past and seen scenarios where said
micromanagers used such data on others.

------
crmrc114
Legal Problem; the moment you log this crap as a company... It's discoverable.
That sexual harassment lawsuit that just came up? You are legally required to
now do data hold on all these keylogs and screenshots you took. Oh and now you
have to explain to a jury how you don't fall into the common charge of "could
have or should have known" that abuse was occuring. I mean, you had all these
logs and you still let this go on!?

Any corporation that collects these logs is asking for danger. Give a good law
firm that much data, they will nail you.

Not to mention if you fire someone for burning time and they sue for wrongful
termination and you get an e discovery request..to see if you applied that
surveillance to everyone equally. Let's request a random selection of logs
from 10 staff members in the same or related roles.

This level of monitoring can get you in some huge problems.

~~~
DaiPlusPlus
> That sexual harassment lawsuit that just came up? You are legally required
> to now do data hold on all these keylogs and screenshots you took. Oh and
> now you have to explain to a jury how you don't fall into the common charge
> of "could have or should have known" that abuse was occuring. I mean, you
> had all these logs and you still let this go on!?

I can understand lawyers making that case, but do juries actually agree with
that? Lots of organizations collect internal data en-mass but they're all
siloed away and disconnected - so while the company-as-a-whole has all the
data, no-one inside the company could combine them together (or more likely:
no-one inside the company even considered that they could combine the data
together).

Hypothetically, if a company was doing everything - including logging every
keystroke, instant-message chat and recording every audio and video call - but
just archived it without doing any information-extraction - or they tried but
the signal-to-noise ratio was too low, would that convince a judge to instruct
a jury to disregard that?

And isn't that why investigative agencies seemingly stopped asking ISPs and
legislatures to record _everyone 's_ search-engine queries and DNS lookups -
simply because the amount of actionable, useful data is impossible to find
until some-bad-thing already happened?

~~~
kube-system
If I could bet large sums of money on a jury not knowing anything about how
companies handle internal data, I absolutely would.

~~~
__MatrixMan__
I wouldn't take that bet. Though, I think it would be up to a prosecuting
attorney to subpoena and present the right evidence.

One way to protect the average employee from the overreach of bossware might
be to teach prosecuting attorneys to weaponize it against its users (i.e. the
bosses). But that would ultimately involve shining light on data whose
exposure might harm the very employees that we're trying to protect.

What an ugly lose-lose situation.

------
tjpnz
I've heard a few stories about how Japanese companies are using these. There's
one company which deployed a webcam app on their employees laptop to "track
attentiveness" and dock pay for periods of time where they take their eyes off
the screen. Another company is asking employees to wear a device (with camera
and sensors) around their necks in order to track their overall "happiness".
Stuff right out of 1984.

The fact there are people in my profession working on such things troubles me.

~~~
koheripbal
We just use it to make sure people are working.

We discovered one person who, while "working from home" logged in at 9am,
wrote one email, then again at 5pm, and did nothing in between.

We suspected as much, but the surveillance software allowed us to provide the
evidence for that person's dismissal.

~~~
tjpnz
Couldn't you also solve this through better management? If someone isn't
hitting their targets I don't think you need that kind of evidence to begin
the dismissal process.

------
abstrct
Don’t use the company device for personal use. It’s just not appropriate, for
so many reasons.

~~~
bob1029
This is a cardinal rule for me. I have a personally-owned PC that is used for
my work, but it is exclusively used for that purpose. The only extent of
personal use on my work PC is this website. Everything else I will RDP from my
work PC to a personal machine, or physically go use it. I've extended this
ideology to other areas. I have a separate physical machine I use only for
banking and stock transactions. It's kinda like a shitty DIY Bloomberg
terminal in my kitchen.

I find that having multiple physical computers, each with a very specific
purpose, is an excellent way to context switch and maintain that psychological
isolation between duties. There are definitely security/privacy benefits as
well, but I hesitate to delve into that rabbit hole of a discussion here.

~~~
gentleman11
It’s a good solution, but for workers in lower paying jobs it’s hard to afford
even a single device

~~~
csunbird
Everybody should be able to buy a $300 device, I think.

------
PeterStuer
I'd be interested in a tool or list of reliable detection methods for the
presence of these programs. Do regular antivirus programs that can be user
added detect these by default? I woud assume the one supplied in the company
configuration has these whitelisted.

~~~
daenz
I'm almost inspired enough to create an open source "killer" of these
background programs. "Bossware" is one of the most infuriating things I've
seen wrt employment in a little while.

~~~
gen220
Depending on your definition of bossware, this may or may not be practically
impossible. If you consider carbon black to be bossware, you would have to
exploit the operating system vuln to get around it.

Every once in a blue moon, our security team runs a p99-latency scan on my
laptop, that basically bricks it. I’ve tried and failed to kill it, but I’m
open to suggestions!

~~~
novok
If you have admin on your machine, turn unload the kernel extensions and turn
it off. One dirty secret is that many IT departments wont notice or wont care.

~~~
PeterStuer
Unlike HN readers, most employees do not have admin on their work computer,
and for good reason. Doesn't mean they should suffer 'bossware' and most
certainly not without informed and explicit consent.

------
gorgoiler
In a contract between two parties, no party has any kind of legally elevated
position over the other.

Many employment contracts are written by employers though, so this culture
that the employer is some kind of gentle but strict super entity pervades
through the language of employment contracts.

The company is just another Joe, and you have just as much right to dictate
the terms of your employment as they do, just as you have equal standing in
any contract you enter into with your mom, your husband, or your church.

One thing that helps pick apart the engrained culture of faux company
superiority is to imagine they are a church instead.

Quoting the following part of EFF’s article makes me feel like they are still
toeing the line.

 _> [the state] must also establish protections for churchgoers: surveillance
of parishioners should be necessary and proportionate [and] parishioners
should have the right to know what exactly their priests are collecting._

~~~
rocqua
Just because two parties are legally at the same position doesn't mean there
isn't a power imbalance. Without collective bargaining, any employment
negotiation is going to be lopsided, since not having a job hurts a worker a
lot more than having one employee fewer hurts an employer.

I think I am pretty good at my job. I get great feedback from all sides and
complete my work on time and with high quality. We are also looking hard for
more people because we have too much work. Getting people up to speed also is
a big issue, so my employer invested a decent amount in me. In all, I have a
dang good bargaining position.

And yet if I were to quit my job, that would hurt me a lot more than it would
hurt my employer. I would lose 100% of my income, which is essentially
catastrophic. I would run massive risk in needing to find another decent job,
would probably have to move, and wouldn't know whether I would like my new
job.

Meanwhile, for my employer, a few projects would be slightly delayed, and we'd
have to be more held-back in accepting new work. Nothing really impactful.
Hence my employer holds a lot more bargaining power than I do.

------
mjayhn
I learned that Teams has idle reporting recently. Now I don't trust any of
these collaboration apps.

~~~
discordance
Got a source on that? - I can only find the following:

\- Display name is the display name of the user. You can click the display
name to go to the user's setting page in the Microsoft Teams admin center.

\- 1:1 calls is the number of 1:1 calls that the user participated in during
the specified time period.

\- Channel messages is the number of unique messages that the user posted in a
team chat during the specified time period.

\- Reply messages is the number of unique reply messages that the user posted
in a team channel during the specified time period.

\- Post messages is the number of unique post messages that the user posted in
a team channel during the specified time period.

\- Meetings organized is the number of scheduled meetings a user organized
during the specified time period.

\- Meetings participated is the number of scheduled meetings a user
participated in during the specified time period.

\- Chat messages is the number of unique messages that the user posted in a
private chat during the specified time period.

\- Urgent messages is the number of urgent messages that the user posted in a
chat during the specified time period.

\- Group Calls is the number of group calls that the user participated in
during the specified time period.

\- Audio time is the total audio time that the user participated in during the
specified time period.

\- Video time is the total video time that the user participated in during the
specified time period.

\- Screen Share time is the total screen share time that the user participated
in during the specified time period.

\- Last activity is the last date (UTC) that the user participated in a Teams
activity.

From [https://docs.microsoft.com/en-us/microsoftteams/teams-
analyt...](https://docs.microsoft.com/en-us/microsoftteams/teams-analytics-
and-reports/user-activity-report)

~~~
mjayhn
Ok now that I'm reading I'm wondering if I'm wrong, but I'm seeing some posts
about it having an idle tracker and that lurkfromhome website exists which is
what really solidified my decision. I'm looking around more, I'll post if I
find anything, let me know if you do, because I was pissed when I found out.

------
blackrock
But most of my important work is done off screen.

Like, staring off into space.

Like, I’m stuck on solving a problem. I look and I look. I can’t find it. I
walk away, thinking about it. Still nothing. I drive home, then, I get my
a-hah! moment.

I solve the problem. And it was a one liner, to fix the problem.

~~~
toto444
I remember reading a commenter on HN saying that most problems are solved
going to the toilets. I hope no one installs bossware there as well.

------
NumberCruncher
> Let’s be clear: this software is specifically designed to help employers
> read workers’ private messages without their knowledge or consent. By any
> measure, this is unnecessary and unethical.

I am too European to understand how this can be legal.

~~~
koheripbal
In the US and Canada, this has been upheld in court as legal numerous times.

Any activity done on the company equipment/software is considered work product
and is accessible for audit/reviews.

In our case, we only open these logs if a manager has an issue with an
employee (either a complain against their conduct, or drop in attendance/work
product).

Often, the metrics show that the employee is just doing other work that the
manager isn't aware of, but sometimes it's clear that the employee has either
abandoned their job entirely and is just doing nothing - and the logs give us
legal grounds for termination.

We tell everyone that the system is monitored - we're very transparent about
that, and remind them that person comms should be done from their phones. I
honestly don't understand the controversy.

This transparency has saved good employees, highlighted bad managers, and
helped us remove bad apples.

------
WarOnPrivacy
Many years ago I spied on employees (of my client). Specifically, there were
always few sales guys who'd spend hours a day lost in games, dating sites,
etc.

Who hasn't gotten lost on the internet? However, these guys were at it every
day. From my perspective, they were caught in a trap that wasn't good for them
or the company. I wanted was to help them find their way back to doing what
they were good at.

I setup a squid proxy, got good at regex & category blocking.

After hitting my proxy, the sales guys would get a little frustrated but they
invariably redirected themselves and that'd be the end of it. No need to
involve management.

Non-stupid employers know that what employees need are duties they can care
about & opportunities to make something better.

What employees don't need, to excel at their jobs, is to be surveilled,
micromanaged or tightly restricted. (Granted, a few might hit a dark patch &
need some guidance. A rare few might be beyond guiding and have to be let go.)

tl;dr: Don't be a crapty employer & you won't have an imaginary need to spy on
your employees.

~~~
to11mtm
I worked at a place once that had a similar policy. The head of IT had a
background in mind-games. So, he had fun with it.

Blocked websites would get you a nastygram page, along with a warning that
repeated attempts would result in an email to your manager.

If you tried to use one of those 'proxy' sites that would try to get around
blockers, You got an extra-special-nastygram. Told you that an email was
immediately sent to your boss, and his boss, and the Director of IT.

Well, I tripped -that- warning once, (trying to do a task at my manager's
request,) so I let him know I couldn't and he was going to get an e-mail about
it.

"What? I don't see one... Go talk to IT and tell them we need it."

I pondered this as I walked to the IT office. Thankfully I had a great rapport
with them, so as they went to put in an exception I asked.

"So, does anyone really get an email?"

 _smirk_

~~~
WarOnPrivacy
One guy installed Ultrasurf. First time I'd seen it. I didn't come up w/ a way
to defeat it at the edge so I added a reg entry that redirected the output of
the exe to NULL. It's a fairly obscure hack; I had been using it to offline
malware.

------
non-entity
One of my coworkers at my last job was involved on writing a piece of such
"bossware" (although nothing as extreme as the examples in the article). It
used some WMI interfaces to track what users were doing. He seemed to express
at least some level of uncomfort with it, but ultimately wrote it anyway.

------
6c696e7578
With a key/screen logger on your personal, or corporate device, what happens
to your gmail login (assuming you're permitted personal email at work)? The
company where I work permits a small amount of time for personal affairs,
checking bank/email if required, I've never personally done this as I'm fully
aware of a MITM proxy.

All that aside, if you were to log into your personal bank account, or
personal email, what are the restrictions around where the data is logged, or
who has access to the data. This should extend to the disk storage
replacement, if a disk is upgraded, or becomes faulty, where does the data
centre remote hands put the faulty/old disk once popped from the tray?

Lets hope that gmail account didn't provide MFA for another site login.

Should this type of software be announced in employment terms?

------
posedge
The thought that apparently some employers think it is a good idea to spy on
their employees on such an invasive and unethical level makes me sick. Not to
mention that the lack of trust in such a company has probably eroded
productivity a long time ago.

------
analog31
Is there something like pi-hole, that could block this stuff by interfering
with the internet connection?

------
b34r
I deleted my org’s off my computer since I have root privs. They asked to put
it back and I’ve been ignoring them. I signed an NDA, if that’s not good
enough... idk what to tell you.

------
confounded
Anyone have a method/script to detect these via ps or similar?

In a previous job I had an alias to monitor for and kill Tanium, though now I
don’t even know what I’m looking for.

------
threatofrain
Same discussion at same link.

[https://news.ycombinator.com/item?id=23717964](https://news.ycombinator.com/item?id=23717964)

------
spiritplumber
[https://marshallbrain.com/manna1.htm](https://marshallbrain.com/manna1.htm)

~~~
hrhrhrd
Sounds exactly like an Amazon warehouse or Uber. The gig economy is Manna.

------
vyshane
This article resonates with me. I feel very strongly about spyware (Bossware
is too kind). Views expressed here are my own, not those of my employer.

I work for a company that makes an automated time tracking product (WiseTime
[1]). We migrated our infrastructure to EU/Germany because we wanted to fall
under a jurisdiction that is one of the strictest when it comes to privacy.
This is how we think about the problem.

\- Many professionals (lawyers, contractors, ...) get paid for the time that
they bill their clients

\- Manual time tracking (start/stop stopwatch) sucks

\- Automated time tracking is an order of magnitude more convenient

\- If you are going to automate the problem away, make sure that the system
cannot be abused to spy on people

\- Otherwise no one will want to use it!

We view privacy as one of our most important features, and our systems were
designed from the ground up to protect it.

\- Your activity is captured into a private timeline that only you can see

\- To make your time available to your team, you must select the activities
that you want to share, and explicitly post them to the team. It's like
sending an email. Your draft is private, but once you send it off, then your
recipient has a copy of it.

\- We allow you to anonymise your posted activity data when you leave a team

\- We allow you to specify filters around what activities should and shouldn't
be captured. Of course you can delete anything you want off of your private
timeline.

\- We provide user-level and team-level data retention settings. We
automatically purge data that falls outside of your desired retention period.

\- We silo our data layer so that we don't store any personal information with
user activity data. User activity data is siloed away from posted team data,
and so on.

\- We take GDPR seriously and we even have automated processes to purge data
from our Sales team's CRM

We are a remote-first team, and we wanted to build a system that we personally
dogfood without any qualms.

[1]: [https://wisetime.com](https://wisetime.com)

~~~
umvi
I often find myself thinking about problems in the shower or out on walks, and
that's also when I have big breakthroughs. How does WiseTime ensure I'm paid
for that time too, not just when my butt is in my seat?

~~~
vyshane
That's a tough one to automate. Right now, it involves logging a manual time
entry to your timeline (then posting it). If you walk away from your computer
and come back, WiseTime will ask whether you want to log the time (or part of
it).

If you wake up in the morning, jump into the shower, solve a problem there,
and hop onto your computer, WiseTime will then offer to log the last several
hours including your sleep time. Edit down to 10 minutes (or however long your
shower was) and log it. A bit contrived, but that's the best I got at this
time. It's a tough problem to solve ;)

------
tjbiddle
I'll share my experience, even though it's on the pro-monitoring side:

I run a small e-commerce company. It's myself, and two customer
service/operations team members that I have hired out of the Philippines. I
live in Indonesia (I'm American) and my company serves those in the US.

I made my first hire back in November 2019, and originally just had her paid
salary and an expectation of 40/hours a week.

After a while, she started occasionally disappearing for a day or two at a
time. Always having some excuse - which I try to understand. But when I'm
running a business on US-hours and my only person working in that timezone
disappears, it gets hectic quick.

She was doing phenomenal work, but these gaps caused me extreme stress and
were affecting my business. I also felt my trust for her disappearing every
time left and then came back with an excuse, that sounded legitimate enough,
but nevertheless - it was becoming unacceptable. I felt like my payment was
not being justified, and that I also was beginning to resent her as my
business would suffer and my own mental health was deteriorating. I couldn't
rely on her. We had multiple discussions, but when there's an excuse - it's
hard to debate that.

In addition, I was finding that some tasks that I could complete very quickly
myself - would take her forever or be incomplete.

But I also wanted to be understanding - I wanted to give the benefit of the
doubt, and assume her excuses were legitimate.

So I had a two-fold plan:

1) Setup time-tracking software and switch her pay to hourly. I gave a small
raise, as well as paid vacation time based on hours worked, as an incentive. I
wanted to make the switch, but still make it fair - and if anything, for her
to come out ahead.

2) Begin to make headway on hiring a second person so that when these
legitimate use-cases pop up, that we're still covered.

I ended up choosing HubStaff - which looking at the chart on the article,
appears the least invasive - which makes me happy with my decision.

I have it configured to track applications and websites monitored, screenshoot
every 5 minutes or so, and logs keyboard and mouse activity levels, but not
actual data. 99% of what I use it for is just the time-tracking, but sometimes
when things aren't completed on time - I can take a quick peak and see that
yes, it does appear she was busy all day (Or enough - I don't expect people to
hammer out 100% productivity - her activity levels usually hang between
30-60%) and was being honest. In addition, now that I've hired a second
employee - I can compare their activity levels together to get a better idea
on what's normal.

And as for my original experience of her disappearing. She still does that on
occasion. But now, since she's not logging in - she's not getting paid, so I
can assume it's legitimate. And I have another employee logging on later
during the day to ensure there's not a backlog.

I guess my point here is that the tools are only as nefarious as your
employer. I'm not looking to infringe on privacy, or micromanage. I very
rarely even bother looking at the information it tracks - but it's a
reassurance I'm not getting cheated when something awry pops up.

~~~
NumberCruncher
I guess you pay her a US salary or something comparable.

~~~
tjbiddle
To put it bluntly: That would defeat the purpose of outsourcing to other
countries.

I asked what salary she wanted, and I pay about 20% over that. She's able to
support herself, put her sister through school, and help family when in need.

~~~
NumberCruncher
Fair enough.

------
mark567g
can this type of software be installed remotely via cisco anyconnect?

------
MintelIE
Intel ME can be used to monitor employees without the OS ever becoming aware
of anything. The only way to detect it would be to sniff the network.

~~~
etaioinshrdlu
The management at Intel itself are also highly paranoid. They have been using
"bossware" for over a decade before COVID. It's just known as a paranoid
company.

Although, probably a lot of large corps aren't too different.

~~~
dboreham
I experienced this 20 years ago when working on a collaborative project with
engineers at Intel. They searched me on leaving the building every day. And
this was just an office building, not a final assembly plant where it might be
reasonable to want to look for theft of production units. It was like exiting
Fry's. I made a mental note then never to work for Intel.

------
m3kw9
Boss ware vs Boss screen

------
skylarchunk
Perhaps the ethical qualms could be settled if the tracing of workers were
handled by a neutral third party. Being tracked by parties you are affiliated
with opens a whole can of worms.

~~~
jodrellblank
How can they be a neutral third party when they're paid by, and report to, the
employers and not the employees? Their incentive would be to find problems,
because that makes their service look worthwhile.

~~~
Shared404
I'm going to play devils advocate here...

They could make the data for all levels of the organization public within the
organization. Doing this would allow for time tracking to be had for the
scared middle management, but also give any employees the chance to view any
unfair treatment.

Of course this would never happen, but honestly, I would probably be ok with
it.

------
iamleppert
I worked at a company that made software that could record employee phone
calls and the video of their screens. It was a source of great fun to watch
some of the videos where the employees got busted watching porn. One guy even
used a customer credit card to order a bed off Amazon.

If you’re dealing with hourly employees that are bottom of the barrel, this
kind of monitoring is absolutely necessary to keep them in line.

~~~
Shared404
As a recently ex-hourly "bottom of the barrel" employee, I would ask you to
reconsider your position.

We are people too. If you have good management, you really don't need to worry
about it. Also, anything useful that you described, sans credit card fraud,
could be accomplished by network logging, without any need to invade the
privacy of your employees.

In the case of the guy who used the customer CC to order a bed, you would have
been alerted whenever they were sued for credit card fraud, unless I'm deeply
misunderstanding the system here.

edits: Remove personal attack and increase clarity. Although I still feel
justified, I appreciate the quality of discussion on HN to much to risk
polluting it.

