Re: [SQU] The law and proxies? from Marc van Selm on 2000-11-20 (squid-users)

From: Marc van Selm <marc.van.selm@dont-contact.us>
Date: Mon, 20 Nov 2000 09:37:15 +0100

At 03:07 PM 11/20/00 +1100, Dean Grubb wrote:
>Hi,
>
>We've always had monitoring and reporting packages running for our
>proxies. Pwebstats for general proxy info and usage, and sqmgrlog for
>logging against IP/Username.
>
>I've just turned on Authentication for our main proxy. (Netware 5 LDAP)
>
>We have an Internet Usage policy within our organisation, stating that we
>do monitor users and their usage. But since I've enabled proxy
>authentication some people feel this is a violation of there privacy and
>have started to rant and rave about big brother, unions etc.
>
>So I was wondering what experience other squid cache administrators have
>had with this.

I think it depends on who is paying the bills, if you do it secretly or not
and for what are your users supposed to use the web. In The Netherlands is
it legal to monitor telephone calls if the employee knows it and if that is
his or her job. It is not legal to monitor private conversations (I think
that applies to all media). But if your employees are told not to use these
services for private use (moderate should be ok), that Internet use is
monitored and that statistics are used for whatever management reason I do
not think there is a legal problem. What you should not do is to give
managers direct unfiltered access to individual web access logs unless
there is a real suspicion of miss-use of the service. I'd say providing
statistics is enough and establish a good and published policy for
"escalation" procedures. Make sure the administrator has safeguards to
protect him/her from management trying to bypass the policy and order
out-side policy access to the logs.

These are my Eur 0.02

Marc

>
>Is there a law/bill that say's we have the right to monitor the users on
>our LAN/WAN?
>
>Dean Grubb
>Customer Support Officer
>TAFE Tasmania

--------------------------------------------------------------------
Marc van Selm
NATO C3 Agency
Communication Systems Division, A-Branch
Tel: +31 70 3142454
E-mail: marc.van.selm@nc3a.nato.int (PGP capable)
Tactical ATM: +31 70 3148183 / 71183
--------------------------------------------------------------------
Private: selm@cistron.nl, selm@het.net, http://www.cistron.nl/~selm

--
To unsubscribe, see http://www.squid-cache.org/mailing-lists.html

Received on Mon Nov 20 2000 - 01:40:46 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:56:27 MST