System Adminstration and Corporate Ethics? 192
Not-a-BOFH asks: "About seven years ago while SysAdmin'ing for a (then) small software company, I was approached by the CEO regarding a technical issue. He explained to me that he got a bit hot headed at another employee and sent said person an email that he now wished he hadn't sent. His request to me was to dig through this person's email and delete it before he came in that morning. As the SysAdmin, this was certainly possible for me to do, but I've always tried to remain ethical when having such access to sensitive documents. In the case of email, I explained to the CEO that to me it was like tampering with the U.S. Mail, and I wasn't comfortable doing it. Long story short, my boss had no issue with it, and wound up doing it anyway. Looking back now, I'm not really all that surprised that that decision of mine led to my getting fired, but I've always wondered how many other people have had similar situations happen to them, where personal ethics and CEO heavyhanding came into play, and their job security suffered from the clash."
excuse me? (Score:4, Insightful)
Re:excuse me? (Score:3, Insightful)
Re:excuse me? (Score:2, Insightful)
The admin would have been required to look through his mail to find the mail and then remove it. There could be a number of private things in that mailbox, including a loveletter from the admins wife or something like that, you'd think that would end up in nasty court meeting?
Maybe you US folks have nothing against that as said, there's laws to prohibit that sort of thing..
Also, maybe this teached the ceo to keep his head cool later and definetely do the spanking face to face(which he should have done in the first place anyways).
What the admin could have done is that he could have said that the mail is protected with some geewhizcryptosystemv.454.4, or say that the mail had forwarded to some hotmail account .
Re:excuse me? (Score:5, Insightful)
Cat the mailbox, pipe through grep. awk/sed scripts for trimming/whacking mailspool come for the asking.
BTW. In the U.S. there is no guarantee of privacy for corporate e-mail systems. Period. End-of-question. This is until another court decieds otherwise.
If you want something private, use your disks, "your" wires, and your crypto.
Re:excuse me? (Score:2)
Firstly, while I understand that employees, in general, don't have complete rights to privacy at their workplace (in so long as a 'you will be monitored' agreement has been given/understood by the employee), I think the sysadmin should, at the very least, let the CEO know that this is a one time thing and that he/she should, in future, think before hitting the send button. All too often people are calous where e-mail is concerned; sending diatribes in haste, and a lot of stuff that they'd never, ever say in real life (or over a telephone) to another person.
Now, to the other purpose of my message - you mention awk/sed scripts to run across a mail spool, do you happen to know of any that would run across a spool and remove messages by age? I maintain several (RFC822) spools for use in my IMAP clients at all my various locations, mostly mailing lists, digests, etc. and have searched Google in vain for a script that will parse out old messages. The only other viable solution I've found is to simply bulk-archive the entire spool at xxx interval, which is, to say the least, an imperfect solution. I'd write it myself, but I'm not quite comfortable enough with sed/awk to prune entire messages, and I'd likely wind up going through a hundred test spools before I got it right. :) Any pointers would be greatly appreciated.
Re:excuse me? (Score:2)
This is a job for...
P R O C M A I L ! ! ! [procmail.org]
Really, this thing is amazing, and it's probably already installed by your distro on Linux. On BSD it's in ports - and you can build source for Solaris, etc. If procmail needs help, it comes with formail, and both play well with sed in a script.
BTW: an answer [mpe-garching.mpg.de] to a very similar question from the procmail list. YMMV.
Re:excuse me? (Score:2, Interesting)
this, would be illeagal in several countries, maybe not in usa but still, the original asker didn't spesify he was living in usa.
even using some automated program to go through it could be considered as the same, if the purpose was deleting the mail. this is why several big institutions are not putting email filtering in effect(automatically removing virii and bad_stuff_in_general) around here.
in usa wonderland of rights, you might not be entitled to any privacy protection against your employer though.
Re:excuse me? (Score:2)
Do your self a favor and stop using mbox format. It sucks. [cr.yp.to] You should be using maildir [qmail.org]. With maildir, every message is a separate file. This means no locking, no corruption, no crazy message scanning, etc. Want to delete every message over 180 days old? Easy:
find
There are scripts [qmail.org] to convert mbox to maildir and vice versa.
Re:excuse me? (Score:2)
Re:excuse me? (Score:2)
The only time I generally use offensive words and phrases is with my good friends (or close family), but that's (almost ;) ) always in jest, so I surely wouldn't want an e-mail client telling me off for it.
Remember that the most hurtful words are often the most common, just put together in a particular way meant to offend. Simply telling a person you've lost respect for them can, in some cases, be devastating.
Re:excuse me? (Score:2)
It's not ethical because for starters it might breach the Human Rights Act - not sure if this applies in the US though and its funny seeing the US replies already as in the UK we have this thing called privacy you see - I've yet to spot any discernable privacy in the US - everyone is like "yeah! just open up the guys mailbox and delete it". In the UK you could be looking at 2 years in prison for that!
Oh please.
With Maildirs I can just grep for the subject line and erase the file without seeing any other email. Now mbox is a different situation but I would imagine that something similar is available on win32.
Re:excuse me? (Score:2, Insightful)
I agree it can get silly, however the law is the law. Sure you can grep etc. and find a mail, however firstly, what if you make a typo and forget to pipe and output all the guys mail to the screen, and secondly, what if they are using Outlook? Try deleting a single mail from an exchange server without opening up the mailbox. I suppose it's a moot point in the US, but we UK sysadmins have to consider these things. It can get very silly indeed.
Re:excuse me? (Score:2, Interesting)
I agree it can get silly, however the law is the law. Sure you can grep etc. and find a mail, however firstly, what if you make a typo and forget to pipe and output all the guys mail to the screen, and secondly, what if they are using Outlook?
Are there no clauses for accidental exposure in the UK? Seems awfully strict to me.
Re:excuse me? (Score:4, Interesting)
I think you will be looking at this like we all were and going "HUH??" by now, as obviously it makes thing extremely difficult! Basically you can think of it as a Big Brother type of law. Oh and if you are thinking "no problem - I'll just use crypto" that's 2 years in prison if you refuse to hand over your encryption keys [ecommercetax.com].
Then we have the The Human Rights Act 1998 [hmso.gov.uk] which strenghens the privacy of the individual. This is the one where I'm not allowed to look at personal information, however under RIP I *can* open up mailboxes if I'm investigating "an incident" however if I see anything else (non work related) while I'm there I'm not allowed to discuss it or use that information in any way. *phew*. Obviously all this stuff can be a nightmare, and so they way that we get around it is to have company policies about email, such as clearly documented allowed uses and document that all mail is potentially going to be read etc, however even that can get awkward as under the Human Rights Act 1998 we have to provide private means of communications of individuals. This includes things like staff having access to personal email (in practice a viral back door nightmare) and guaranteed un-monitored phones (i.e. payphones). All in all it's quite a complicated profession nowadays - lol.
Re:excuse me? (Score:2)
Re:excuse me? (Score:5, Informative)
http://news.bbc.co.uk/1/hi/sci/tech/957460.stm
Seems it's about the same in the UK, as is here. In other words tell them that you monitor the e-mail and you can read all of it.
Not so fast! (Score:2)
Was that your professional legal opinion? I'm no lawyer, but I'm afraid I fail to see how either of the articles you cited supports such a black and white view.
The BBC article is two years out of date and not particularly technical, so I'll ignore it.
From the second article:
A little research suggests that there has not yet been any serious test case on the issue of e-mail monitoring by employers, which makes bold claims such as yours dubious anyway. There is, however, a lot of lawyerly ass-covering about the possibilities of misinterpretation of the legislation by businesses, the risks of monitoring everything rather than specifics and of monitoring content rather than usage, and the possibilities of employees taking legal action under data protection legislation, the HRA itself, or just claiming constructive dismissal and going after the employer that way.
Re:excuse me? (Score:3, Interesting)
Reevaluating one's ethics does not happen in a matter of minutes.
Re:excuse me? (Score:2)
But deleting it, when they've asked for it?
I could see getting upset with an employee who refused to do that.
Getting upset? (Score:2)
Sure, particularly when you're the type of CEO who sends personal rants at people and then realises he ****ed up.
Personally, I wouldn't have had a problem if the techie guy could just zap the message without any side effects. I'm not exactly full of sympathy for an executive who forgot to think before speaking, though.
Re:excuse me? (Score:3, Insightful)
a favor than to harangue them on personal
responsibility at every opportunity. Sheesh...
It's not the USMail (Score:5, Insightful)
Re:It's not the USMail (Score:5, Insightful)
This is an excellent point to remember... While it may be a flaw in judgement to actually send the message out... All email going to a business account is owned by that company... Thus if the company says that it needs to be removed, then it does...
Just like spam or abusive mail sent company wide, it's just a degree of difference... If someone wants to have their own personal account they need to pay for it themselves... While the company pays for the service, the company gets to call the shots...
Re:It's not the USMail (Score:2, Insightful)
This is entirely false. The computers and disk space are owned by the company, so they have the right to control what is on them, but they do not necessarily own the contents of the messages. The contents of the messages are property and copyright their respective authors or business if they were written in a business capacity. Tranfer of ownership requires compensation and contract.
Otherwise, I could just get someone to email me the linux kernel or WinXP and it would be my property because it arrived at my mail server.
Re:It's not the USMail (Score:4, Insightful)
True.
The contents of the messages are property and copyright their respective authors or business if they were written in a business capacity. Tranfer of ownership requires compensation and contract.
First: regardless of what the message contains, or who or why it was writen, as long as it was writen on a company computer, sent over a company network, and/or sent via company emial, the company has a right to do the following:
1) view the message
2) save the message
3) archive the message
4) redistribute the message (i.e. asking the corp. lawyers to review the contets for breach of contract, or bringing the contents to the attention of law enforcment)
5) publish (i.e. put it up as an example of what not to do through company mail.)
6) edit (clearly they would have to say that they edited it, but for example 5 they might want to take out the names and dates or classified company data.)
7) claim ownership. (This is slightly "ify", but many companies claim ownership of everything that you create while you work for them, others only claim ownership of things created during work hours or on company equiptment. Ether one applies here.)
Now in this instance it was the CEO who asked, so there was a certian amount of authority there. If it had been VP of HR, or even VP of the Tech Dept I would say they did not have the authority. But, the CEO is charged with running the company and to a certian extent his word within the company is law, sort of like an old fashioned king. I would have required that the CEO give me a writen request as the CEO to remove the email, I would have attached a copy of the email (printed out) to the signed document, and then I would have deleted the document. Issue resolved, and my tail is covered.
Re:It's not the USMail (Score:3, Informative)
The author did not mention whether the company he worked for had any official policies on the subject, but if they did then it doesn't matter who does the asking, if the action is not allowed by the published policy then it should not be done.
As recent history shows, the CEO does not always act for the best of the company; she/he is not above being questioned. And for something like this I would at the very least required the written request or just have refused to delete the mail.
Re:It's not the USMail (Score:2)
Point taken, but this is really just semantics... Too many people think of their email at work as their own personal email... Just like their computers putting credit card information, and other things on the computer isn't a smart move...
Fact is that the company can in most circumstances do anything they want with the information...
I don't make the rules, I have to live with them myself... And I made sure that before my laptop is returned to company inventory everything is wiped, let them do a fresh install...
Courts have ruled several times that companies can go in and do anything they want with the data, baring it not being illegal. Copyright only protects against distribution. Viewing the information and deleting it are definately permited.
Types of email and files you can't remove... Financial information, SEC and IRS have rules against this, doesn't mean that it isn't done, but it is illegal in some cases.
Incriminating evidence, this is punishable under the guise of hindering a "word escapes me" investigation.
Other than that, the owner of the equipment has a pretty wide latitude with what he/she/it does with the information.
I understand your point and it's valid, but the basis of my arguement still stands.
Re:It's not the USMail (Score:2)
Re:It's not the USMail (Score:4, Insightful)
Gee someone wrote something they later regreted, there's nothing wrong with deleting the mail in that case.
I agree with you to the extent that the lowliest employee can petition the sysadmin to delete a regretable email to the boss and expect the same prompt service.
Otherwise, it looks rather asymmetric in terms of rights and privileges. If you're willing to go down that road, you may as well become a feudal or tribal society (which, admittedly, is how many corporations are structured).
Re:ethics != abetting liability-causing acts (Score:2, Insightful)
Email vs. telephone (Score:3, Insightful)
But non-internal e-mail is a different thing altogether. Now, the fact that it is technically legal for companies to eavesdrop on employee email, but not on employee telephone conversations does seem to be very wrong. Email should have some expectation of privacy--with the limitation that writing or reading personal email during company time is as wrong as personal telephone calls.
Re:Email vs. telephone (Score:5, Interesting)
Where I work, we use MS Exchange configured in Enterprise mode. There is a feature to allow unread email messages to be "recalled"; however, the implementation of the feature is such that each email-reader (User Agent) can disable the feature completely or disregard individual recall requests.
My personal use of the feature is most often to recall an email that contains an error. I then substitute a corrected version of the email. When this works, and the message is recalled successfully, it removes from my communication the possibility that the receiver will save the email that contained the bad data, and not save a follow-up email that explains the errors of the first email.
While some will argue that it is a user's *right* to be able to read every email sent to them, it is just as easy to construct an argument that until an email is read it is the sender's *right* to be able to un-send it. To my mind, anytime we can put in place technology that allows poeple to correct their mistakes (be they emotional mistakes or technical/informational ones) it makes it easier for us to all get along with one another. The less stress we inject into our workplace/relationships, the better!
Re:Email vs. telephone (Score:2)
Most of the time, you are correct. It simply smooths personal relationships, or corrects errors--and that's all to the good.
However, in certain instances that sort of thing can be used for unethical purposes. For example, if you've done something illegal or unethical, you might use this feature to hide the evidence. I'd have to consider it abuse to use the feature in that manner.
A silly example: Re: Why didn't I get that cushy promotion? Duh, because you're a woman!^H^H^H^H^H^H lousy worker. So there is at least some potential for abuse. I'd say that the method I suggested at the beginning of the post is good enough that it doesn't have to be improved upon with a un-send feature.
How is this like tampering with the US Mail?? (Score:2)
He wasn't asking you to read anyone else's mail, nor falsify information.. he just wanted to retract communication that he sent! What's the big deal?
Every day. (Score:5, Interesting)
Sadly, I think that is leftover from the collegiate atmosphere where the sysadmin culture evolved--corporations have no such rules or regard for privacy. The fact that most corporations track every metric and move their employees make.
If you are allowed to have the illusion of freedom and fairness as a sysadmin, enjoy it but make no mistake: it is an illusion, and if it interferes with real work, higher-ups or the bottom line these "ethics" are going to take a walk.
Businesses only respect ethics that are enforced by government agency and carry real penalties--manipulating internal email is not one of these.
BOFH with Ethics? (Score:4, Insightful)
These sorts of things are a very fine line. The best thing is to establish your view of things up front when getting the job, but emphasize that if the person is misusing, cheating, lieing, etc. i.e. doing anything bad, their mail is open for review.
I have found that letting your coworkers know your stance on these things can be beneficial to the IT BOFH or BAFH. They will feel more comfortable with you if they are honest. Remember, IT fixes the problems before they are found, past that, IT is damage control.
-LW looking for a job. lw@lwolenczak.net
Re:BOFH with Ethics? (Score:2)
You say you are willing to crack open an employee's mailbox at the first hint of something bad. Well, geez louise, Mr. Ness, I'm guessing that, unless you work in a three-man college boutique Web design shop, you're not really in any official position to determine when it's time to drop the hammer on someone who has "crossed the line."
The best thing is to establish your view of things up front
Sorry, Tex, the best thing is to have e-mail policies defined in an employee handbook which the new perp, er, I mean, worker signs. If you, as a sysAdmin, want to contribute to Fighting for Truth and Justice, put the six-shooter down and research your state's and the federal guidelines for how these things are legally handled, and back-stop your HR department by ensuring your company's policies are at least as stringent as the law.
Never open another employee's e-mail, unless instructed to do so by your supervisor (or your CEO. Duh.) The policy every where I have seen regarding ex-employees' files, electronic or otherwise, was to ensure they were promptly turned over to that ex-employee's former supervisor. But made privy to a sysAdmin? You gotta be kidding!
letting your coworkers know your stance on these things can be beneficial
It's not Your stance, Linus. It's the company's policy. That's how you need to represent it to "your" users. If your company does not have an official stance on these mattters (not uncommon five years ago but hard to imagine today), find the right person (Hint: He ain't in the IT Group) and offer to assist in writing it. Ultimately, if your "stance" discreps with the policy of the company, expect to part ways.
I got fired for doing that a few weeks ago.
errm, that may have been the reason they cited, but I'm guessing the gun's been cocked and loaded for a while.
Re:BOFH with Ethics? (Score:4, Insightful)
MIS is not the dude. We're talking Legal, we're talking HR, or some over-arching "Corporate," but not MIS.
I would expect my employer to monitor my activities. I would not expect that monitoring to be done by a rogue MIS "dude," except when given specific instructions or clear patterns and guidelines by someone else.
Besides, most smaller companies (atleast here in north carolina, don't have a written policy re: email.) If you are the dude, what you says goes
That's the problem. It needs to be written down, with all department heads in agreement, and it needs to be in step with federal guidelines. This was all an amorphous "new frontier" a half-decade ago. The processes and protocols are pretty well-established these days.
I apologize if you felt I was ranting, and I do not wish for you to be without work. Unfortunately, I have encountered too many sysAdmins who believed that because "they had the power" (i.e., root access), they had either a right or God-given duty to be judge, jury, and executioner in matters of e-mail policy. It doesn't -- it shouldn't -- work that way.
Re:BOFH with Ethics? (Score:2)
Re:BOFH with Ethics? (Score:2)
Re:BOFH with Ethics? (Score:2)
outlook (Score:3, Interesting)
You should have used MS Outlook, it is the most ethical email system since it has the "Recall" feature. The CEO could have recalled the email without presenting anyone with any ethical dilemas
Re:outlook (Score:5, Insightful)
It's interesting you should mention this, because the designers of NT (and VMS) actually did consider that there are cases in which the administrator of a system should not have access to certain files on the system. For example, should the sysadmin have the ability to view or even edit the payroll file? Or HR records? Unix does nothing to prevent it - root has access to all files. On NT, however, any user can have an ACL that denies the sysadmin rights to access a file or folder, and can log attempts by anyone including the sysadmin to do so. Another difference is that on NT you have to "take ownership" of a file, but on Unix you can "change ownership" of a file. That means that if you change the ACL on a file you had no read access to to give yourself access to it, you cannot change it back to what it was.
There is a special privilege on NT called "Backup Operator" - it allows you to copy any file to tape, or back again, but does not let you read the file. The developers of Unix, in an academic environment, did not consider how the system would be used outside of that setting, and many of the architectural choices they made are ill-suited to the corporate world.
Re:outlook (Score:2)
Just as an extention to this, with Exchange 2000, domain admins and the like are explicitly blocked from accessing user's mailboxes. You have to do some non-trivial ACL editing to get that ability.
Re:outlook (Score:2)
'There is a special privilege on NT called "Backup Operator" - it allows you to copy any file to tape, or back again, but does not let you read the file.'
The idea of having a special privilege that allows a user to copy any file to tape or back is neither new, nor unique to NT. In fact I've worked on Unix boxes that had something remarkably similar. (Look up CMW before you claim that Unix doesn't prevent Root reading certain files. This Grade of Security exists but is such a pain to use it's limited to very specialised uses, HP-UX CMW, SCO CMW and Trusted Solaris are the only implementations I know of right now...)
But what happens when a "Backup Operator" copies a disk to tape, takes the tape to a Unix box, and DD's the tape into a file. They can then go through, modify that file and DD it back onto the tape.
Sure it's far fetched, but if I wanted to boost my salary by hacking the payroll records then I could do it that way. Of course I wouldn't dream of doing such a thing.
People might also want to check out the SAGE [sage.org] Code of Ethics [sage.org].
Z.
Re:outlook (Score:2, Interesting)
Finally, as a user (or as the user's process), there are plenty of encryption tools that would prevent the sysadmin from being able to get at data, even if it were world-readable.
Re:outlook (Score:2)
barring DRM technology, I don't think that you can prevent the person that can load a new/modified kernel into place.
There is a saying, "Root, God, what's the difference".
System Administrators need to be trustworthy, just as much as your CIO, CFO, CEO, etc etc etc.
If you can't trust them to do the job, they shouldn't be in that position in the first place.
It's the same as any job, I'm not going to take my car to a mechanic that has the habit of driving customer's cars home at night...
They have my keys, there isn't anything to stop them from doing so, but it's a matter of trust and ethics...
No program can stop someone from getting in if they want to... Heck, I don't even have to go in myself, just search the net for a tool to break the system.
Easy ways to get in, asside from the obvious tape access that was pointed out before.... Boot to linux on a disk or some other tool that allows you to access hard drives, go in, pull file.
Add debugging card to system, load program, pull debugging snapshot.
Seach the web for a version of the program with this feature disabled...
Windows likes to make it seem like they are secure, but truly if you have access to the machine you can get in...
Encrypted dongles are harder to break, but it didn't take long for them to be broken...
Basically, if you can reboot the machine and it still runs, and you have physical access to a system you can do whatever you want... Might take a bit of work, but it's not impossible...
For those that you can't poweroff and bring back up, I assume certain bodies would have adequate tempest systems to break even them.
It's just more work than most of us like to expend...
Sorry for jumping on you but this is Microsoft FUD passed off as a truth. Which is one of the reasons I don't work with Microsoft if I can avoid it... I prefer to know what's going on in my system.
Re:outlook (Score:2)
You can set their password, but not get it, you can however get the encrypted password off the harddrive and take your time with l0pht crack.
The administrator in NT can take ownership of any file, but the file is then theirs, making it obvious what they did. The log file cannot be tampered with, and if you clear it the first log entry is that you cleared it.
Within the NT system there is no "root", of course if all you want is read access you can boot into another system (say linux or dos with NTFS support) and read away, I believe that there is even a fairly cheap NTFS writer for dos for bootdisk administration of NT.
I don't think anyone really has a problem with the therory behind windows security, the problem is that it is a trivial system to punch holes in often.
what's the ethical issue here? (Score:3, Insightful)
1) It's NOT the US Postal Service - it is company email to be used for company business.
2) Most corporate email servers (Exchange, Notes) have a built-in functionality to remove a damaging or sensitive message (and it's reasonably easy, since they store the message ONCE in a database and link it to the multiple recipients). A friend who works at a big law firm recently had this happen - a secretary accidentally released a sensitive personnel memo to the entire firm, and the IT personnel activated this feature to quickly remove it (but not before a bunch of people printed it, forwarded it to their hotmail accounts, etc.).
Commonplace (Score:3, Interesting)
ethics != abetting liability-causing acts (Score:2, Interesting)
But seriously, corporate mail isn't some sacrosanct thing. It's less like the US mail and more like FedEx. If you discovered that you'd mailed the wrong package, I figure FedEx should return it to you and let you make it right. What you're doing is saving the company from liability: "Oh, crap! I Didn't mail out Teddy Bears to that orphanage, I mailed out Glass Shards!" In all honesty, if you got fired for it, you had it coming. You're someone's employee. Next time check the org. chart.
Private not public (Score:2, Insightful)
Re:Private not public (Score:2)
The one piece of information we're lacking here is details on exactly what was said in this CEO's email. Perhaps the sysadmin felt the email was expressing feelings or facts that were in everyone's long-term best interest to be passed along, even though the CEO later started having 2nd. thoughts about it?
Again, this isn't really so much a question of legality as it is morality/ethics. Yes, it's quite clearly *legal* for a company to demand to look ay any email they like on their system, delete any email they like on their system, etc. The courts will back them up on this.
On the other hand, should a corporation be this heavy-handed in their treatment of their email system? That's a completely different question.
Putting myself in the CEO's shoes for a moment, I could envision scenarios where I might make some comments in email that really needed to be said. (Perhaps, I expose my true feelings about a problem in middle management - instead of hiding it behind the usual shield of "we want to empower our people to make their own decisions without interference"?) Perhaps, shortly afterwards, I start thinking twice about my statements, and decide it's more "appropriate" to let these managers bury themselves with their own ineptness.
Well, say my I.T. guy believes my initial statements were correct, and he doesn't want to see a number of employees working beneath these inept managers suffer any longer. He decides to challenge my request to recall my initial email. What then?
Ultimately, I'm the CEO. I have the right to hire or fire "at will" in my state. Sure, I can just can this I.T. guy.... but does that make me the better person in this case?
Just food for thought.....
Ethical? Yes and no. (Score:5, Insightful)
Is it ethical? Strictly, one would like someone to own up to their own mistakes, so, no. However, if it was an envelope sitting in the mailroom, waiting to be delivered, most people would agree it would be ethical to retrieve the envelope. Even if it had made it to the employee's mailroom pigenhole, I think most would allow the sender to ethically remove it. This situation is just an electronic extension of inter-office mail.
I'd say that people have the ethical right to recall something they've sent out under certain circumstances, and to keep the almost-recipient of their mistaken wrath from receiving the message, especially if they came to their senses right after dropping the message off -- have you ever called someone to chew them out and then hung up right after they picked up the phone? I'd argue that this could be interpreted, ethically, like that.
In fact, some mail systems (Exchange, for example) even let the users themselves recall an email that's been sent out. If the recipient has not yet read it, they never know it was recalled. If they have read it, then I'm not sure what happens -- I think if it's still in their inbox, it gets deleted (and I'm not sure if a placeholder saying "message recalled" is created or not). If it's been copied to another mailbox (particularly to a local folder), it might be missed. I know I've made copies of sensitive messages I've received, on the off chance the sender might try to recall them.
Beyond the ethics, though, is the scary thought that voicing your unease hurt you.
Did this really lead to your being fired? I'd like to think the CEO admired you for standing up to what you believed, and also for ending up helping him out in spite of that, "for the good of the company." On the other hand, maybe he was just a real jerk. (did the firing happen soon after, or years later?)
When I was a sysadmin, I'd been asked to do a couple things that I wasn't entirely comfortable with, ethically, but they were all certainly legally permissable (their network, after all), and my job wasn't to be morals cop, it was to be a good sysadmin. In these cases, I had a good enough relationship with the person making the request that I could voice my concerns, and know that he'd understand them and appreciate my opinion, without fear of recrimination. And, again, I think my ability to show that I had at least considered the ethical implications of what I had been asked to do, coupled with the fact that I was still a good employee and did what was best for the company, strenthened the trust between me and that particular upper-level-manager. So it was a win-win.
It depends on the boss, though, that's for sure.
So, I'd say that it was right for you to raise a concern, in principle, though my *personal* opinion is that you were perhaps oversensitive in this instance. It was also right for you to do what you were told (it is your job, after all). If it really lead to your being fired, then you're better off working for someone who can appreciate your moral compass.
(Note that I'm ignoring cases where the ethical issues are more severe and clear-cut, like a CEO asking someone to do something that, while legal and within his rights, might end up hurting someone else's career or something. Then it becomes MUCH more grey).
Communicating, and moles (Score:4, Insightful)
On the other hand, I also think the original poster made a mountain out of a molehill. As others have stated, corporate email is an entirely corporate-owned resource. In addition, the request to withdraw occurred before receipt, not after. So the intended recipient does not own the message, the corporation does. And if the CEO decides that the company's interests are best served by deleting that email prior to receipt, then that is indeed what the original poster should have done.
On top of that, what right, legal or moral, does the intended recipient have to an email message that has not even been received? I just don't even comprehend the moral issue, for which I apologize to the original poster.
On the face of it, the CEO intended to send the email, and then changed his intention prior to receipt. The original poster had the power to enable the overriding intention, but refused, while his immediate superior acceded to the request.
I think that no moral imperative to deliver a piece of email exists. I just don't see that there is some moral good attached to delivering mail, e- or snail-. I see a lot of utility inherent in communication, but no moral requirement for communication in general. I think that some moral good may be facilitated or hindered by communication, but now we are speaking in terms of particular instances, rather than in general terms. So, we must evaluate this particular instance.
In this particular case, the original poster has not specified that there was something in the email message that would have caused or facilitated something morally good. In fact, he specified that the email message was a hasty flame that the CEO, on further reflection, decided to withdraw -- in other words, the message would have hurt the recipient, without justification, thus being a moral wrong.
So, with no a priori moral reason to deliver email, and with the particular message's contents being morally wrong, I conclude that the original poster was, in fact, morally wrong to have refused to delete the email.
Please forgive the descent into philosophy, but that is my background, and I couldn't resist the temptation...
Well (Score:4, Informative)
To do this:
1. Find the message in the sent items folder.
2. open it
3. Go to tools
4. Click on Recall this message.
5. Follow the mini wizard and the it will try to recall the message.
And then optional steps are
6. ???
7. Profit
I am still working on steps 6 and 7 I can never get them to work.
Step 6. (Score:3, Funny)
Heavyhanding? (Score:2)
That request wasn't heavy-handed, nor was it even *wrong*. Exchange supports a "retraction" option (I see people try to use it all the time to my Unix box ). So, at least one mail server out there supports such an option, the option to recall a hasty email. What the CEO wanted to do was *correct*, you should have helped him. For him to realize his email was wrong to send is actually a *good thing*, shows some discretion on his part.
So, to be frank, I would have fired you too. You weren't being asked to cover up an oil spill or bury a body, and to get up on a moral high horse over something simple like this? Doesn't show that 'team player' spirit everyone likes
Practicality (Score:4, Interesting)
Re:Practicality - spamming (Score:2)
It's your job to make a given company's computer systems perform the tasks that they want them to perform. If that includes sending out spam, well - we all know it's a stupid idea, but let them figure that out for themselves.
I see much more of an ethical question coming up if you're asked to do something that negatively affects your co-workers. Those are much stickier situations, that do directly pit you against other employees. (Your co-workers either know, or will find out, who is behind a measure taken that affects them. They won't simply blame the company, as though it was an individual, and be done with it.)
What does ethics have to do with it? (Score:5, Insightful)
You were asked by the CEO to delete a message that the CEO himself sent. If the CEO asked you to delete messages from *someone else*, or to otherwise mess with other communications, that would certainly be an ethical issue, but that is not the case.
The corporate email system is not the US postal service, and deleting an email is not against the law (we aren't talking about tampering with evidence here). In fact, as a SysAdmin it certainly is within your capabilities and duties.
It seems like you were trying to teach the CEO a lesson (don't send hot-headed emails) by refusing his request. Instead, you were the one who was taught a lesson by being fired. Judging by the fact you are Asking Slashdot, it is one you probably haven't yet learned.
It's all in the Expectations ... (Score:4, Insightful)
We even log every message coming and going (the whole message, attachments and all), and I haven't one ethical qualm about it. I would, though, if the users were allowed to assume that "their" email was private.
You want privacy at work? Use Hotmail, etc. or an offsite POP3/IMAP with ssl support. Don't expect me to provide it for you; that is not my job.
Re:It's all in the Expectations ... (Score:3, Insightful)
Where does your logic end? Hidden cameras and microphones at the water cooler? Your office/cubicle? The bathroom? They'll owned by the corp, no? Human decency be damned, I guess.
I'm dismayed that so many fellow admins are actually defending practices like this.
Canned in the light of a seriously bad choice. (Score:5, Insightful)
Let me break it down to you:
Your boss asked for something.
You said no.
He fired you.
Read the above 5 time real fast, let it sink in nice and deep. Don't make the same mistake twice.
It is all fine and dandy that you want to live up to your ideals. It is your ideals that are flawed. Company server, company time, company resources. You were asked to do something, you did not do it. Fix your ethical issue by realizing that your trying to flex your own muscles.
Once you realize that your just a high tech janitor the better off you will be. Live and learn, but for christ sakes don't think you have any control because you don't. You want control, start you own company and push your ethics out that way.
Re:Canned in the light of a seriously bad choice. (Score:4, Informative)
Boss: Shred these accounting documents and make sure that the shredded documents get burned. We're filing bankruptcy day after tomorrow!
Neck_of_the_Woods: Yes SIR!
Sound familiar?
I once adminned a very small NT-based network for a company that was CONTINUALLY involved in litigation with their customers. The big boss decided that he wanted every employees password so he could (he claimed) "Check up that company standards for desktop configuration were being complied with." Truth of the matter was that he wanted to snoop through his employees e-mail.
I very carefully explained to him that if he collected up the passwords and opposing counsel in a lawsuit discovered that fact, it would destroy the evidentiary value of every single document stored on his system because he would no longer be able to prove who authored them.
He persisted in his request, and I told him I would NOT do it.
I wasn't fired BECAUSE I refused (yeah RIGHT), but I was let go shortly thereafter because "the company is bleeding money and SOMETHING has to be cut."
'Sokay by me, though. I got out of there with my sense of personal integrity intact and with the knowledge that, while I'm SURE my successor complied with his request, I never personally acted against the best interest of my employer.
Re:Canned in the light of a seriously bad choice. (Score:2)
Of course it does. But just because it's a disgusting way for a business to be run doesn't mean it can't or doesn't happen. People get fired for not doing what their bosses say, especially for illegal or unethical things. Most people do what's requested of them because they want to keep their job. Money over ethics for CEO and employee alike.
I personally reccomend saying "no" when asked to do things that you find unsavory or outright illegal, but don't expect to get to keep your job. The parent->parent was right in saying "yes" if you want to keep your job.
Re:Canned in the light of a seriously bad choice. (Score:2)
Re:Canned in the light of a seriously bad choice. (Score:5, Insightful)
Re:Canned in the light of a seriously bad choice. (Score:2)
How many people have to sacrifice their values for money everyday? How does one rationlize that kind of behavior? In the example, I don't think God is going to accept "my boss wouldn't let me" as an excuse. I think that says something about our society.
Email is usually the company's property (Score:3, Informative)
While you may not think it's ethical, it's usually spelled out in the company handbook of some kind. Ours states that computer, email, and phones are property of the company and should be used only for business use. While no one is going to fire me for checking out CNN, we were able to fire some people a few years back for trading some pretty nasty porn through company email.
Two additional points: our current corporate email system (GroupWise) allows a user to retract an email they've sent as long as the recipient has not read it. That gets the admin and his morals off the hook.
The other is that big boss is lucky he doesn't work is a different industry. A certain government-type place I worked at once upon a time has an obligation to keep all correspondance for a very long time, so there is a system that all email goes through -- be it inbound, outbound, or inter-postoffice -- that stores the message in a database for full text searches. If someone were to nuke that, they're next assignment would be turning big rocks into little rocks.
Is personal use ethical? (Score:2)
But the thing is, should any employer have the right to say that? You're not employing machines, you're employing human beings. Those human beings may have family situations that need urgent attention, or may need to book their car into the garage, or may need to arrange delivery of a parcel. There are plenty of things that people simply need to do during the day, and your average employee is busy at work for the whole day, at least while other businesses are open as well.
I'm not advocating totally free use of as much work time as you like for personal matters, but I think it should be illegal for an employer to completely forbid the use of communications resources and company time for personal reasons. Instead, there should simply be an understanding that employees should not do this excessively, and wherever reasonably possible, lengthy problems should be resolved on their own time.
Now, if an employer feels that an employee is abusing the system, they are at liberty to let them go. If an employee feels they've been let go unfairly, they can take it to a tribunal or a full court and ask for compensation, and an impartial third party can decide whether the personal use was reasonable under the circumstances.
Under normal circumstances, though, reasonable personal use of company resources is in the best interests of both the human beings who work for a company and also the company itself. Employees who are constantly abused in this way have little loyalty and even less job satisfaction, both of which are directly and seriously damaging to the company. Employees who are trusted and treated well by their employers have more loyalty and are much more productive.
Delete the mail (Score:5, Insightful)
The other time someone accidently mailed a bunch of salary information to a large distribution. Thank heaven for single copy message store! I was able to delete it from everywhere fairly quickly. The guys who managed the file servers had a harder job, as they were required to search and destroy any attachments that had already been downloaded and saved.
Since these events one of my qualifications for a mail server is how easily a rogue mail can be excised from the message store.
Basically, I feel like this is one of those things that is part of your job. To say it's unethical is just silly. If the CEO had shoved an envelope under the door of the person's office, and you had had the key to the door, would you have refused to open it?
On the other hand, I totally understand leading users to *believe* that recalling sent messages is impossible. You don't want them to get into the habit of using you as a safety net! When push comes to shove, however, you do your job. Delete the mail and keep your mouth shut.
That said, assuming you were in otherwise good standing they should not have fired you for this. I imagine you could have had a pretty good unlawful termination suit had you been so inclined.
Sarah
Ethical, I say (Score:5, Insightful)
I'd also tell the boss that in order to fulfill his request, I need a quick look at the original in his sent mail. I would then confirm that there were no BCCs, for obvious reasons.
Otherwise, barring some sort of registered email scheme, you aren't violating ethics or rules of evidence.
Certainly this isn't behavior to encourage in the boss, any more than building a mailserver and recovering a message store in order to recover an accidentally deleted message is. But if the dumb mistake isn't a habit, help both parties out.
As admins, we have to be able _not_ to see things that we shouldn't, and occasionally even to forget that we saw things. When you're helping a user troubleshoot their email, you'll see more about their personal lives than you would ever want to know. Those aren't things I speak about to no-one.
Don't tell me your password!
What's the written policy? (Score:2)
What is the written policy on this?
Can anyone ask the sysadmin to 'unsend' mail? Is this privileged limited to responses, or superiors sending mail to subordinates, or just people with fancy titles and corner offices?
You can defend pretty much any policy (since a corporate email account serves the corporation, not the individuals employed by it) as long as it's published and available to anyone who's affected by it.
Of course, in the real world management considers deciding this policy and committing to writing a very low priority (unless they've been nailed by a lawsuit because they lacked a formal policy and differences in treatment were attributed to the employees' race, gender, religion, or similar protected status). That's why SAGE (System Administrator Guild, www.sage.org) has established a model policy.
If your company doesn't have a formal policy, ask them to include the SAGE policy by reference. If they refuse to establish a policy, or don't honor whatever policy they have, find another job. It's a hassle, but all it takes is one lawsuit where you're named co-defendent because an employee is suing the company for "arbitrary and capricious" enforcement of IT policies to make you wish you had never shown up for your job interview.
"Technically speaking, it can't be done" (Score:5, Informative)
Bottom line is if you say "I won't", the boss might fire you but, if you say "I can't, because..."[1] - and can be convincing[2] - you can get away with not doing unethical things.
-Baz
[1] eg 'editing the mail spool by hand would invalidate the CRC's on the mail files, and might bring the server down. I could try it, but we could lose everybody's email back to the last backup - its a big risk'
[2] warning - dont try this crap on a CEO who is also a techie
The SAGE Code of Ethics (Score:5, Interesting)
Canon 2, "A system administrator shall not unnecessarily infringe upon the rights of users", seems to apply to this particular case. The relevent portion is:
"System administrators will not exercise their special powers to access any private information other than when necessary to their role as system managers, and then only to the degree necessary to perform that role, while remaining within established site policies. Regardless of how it was obtained, system administrators will maintain the confidentiality of all private information."
I read that to mean that if there is a site policy regardign email, the ethical thing to do is to follow the policy. Failing the existence of a policy, the ethical thing to do is to not infringe on the rights of the users.
voice your reservations (Score:3, Insightful)
Clearly explain why you think this is the wrong thing to do. Then do it anyway. There will always be another lackey to do their will. Once you've done you best to persuade them, the ball is back in their court, ethically speaking. And you won't get fired, although they will start thinking of you as "difficult," a fate I have long since accepted.
The all-important last step is to start looking for a job where you are valued and respected as a free-willed entity. If they'll fire you for having scruples, they are not worth the sweat of your brow.
Re:voice your reservations (Score:2)
Nixon fired two attorney-generals who refused to fire the Watergate special prosecuter. The third one fired the prosecuter; this was certainly a factor in the Senate blocking Robert Bork's nomination to the Supreme Court. Do not the two people who refused Nixon deserve honor, and Bork condemnation? There will always be another person to do the dirty work, but you don't have to be that person.
Not email related but equally deplorable... (Score:2, Interesting)
I felt HORRIBLE afterwards. I approached the three of then regarding this and told them that if they asked me to do it again I'd report it to the vendor. There was huffing and puffing but in the end I guess they either a) thought I had them by the balls or b) they regretted it as well. They assured me I'd never have to do anything so dishonest again and I didnt...
Work related, at any rate...
OP over-sensitive but it raises a question (Score:2, Insightful)
Now, in this case it's a single e-mail. What if the CEO were named Skilling and the company were named Enron and not one e-mail but 1000's. Most people would object
I don't have an answer... just the question.
Re:OP over-sensitive but it raises a question (Score:2)
Actually, that's a whole different ball of wax. There laws, regulations, and requirements that cover accounting documents; *those* are what made it illegal to be shredding paper. Similarly, there are laws coming out that classify email in the same way as paper correspondence, as pertains to corporate interests, at least. For example, for financial institutions, emails must be archived for some period of time, same as paper documents.
The trick is (Score:5, Funny)
"I'll start on it now boss, but it's going to take several hours. I don't know what something like this might do to the mail server, it's not really designed to do this."
That alone should scare most people away from it.
If it doesn't, generate some random errors, turn off a few mailboxes and blame it on the 'manual deletion of messages outside of the normal messaging interface'.
Of course, you have to fix it quickly, and then you'll look even better.
Business Email = Correspondence (Score:5, Interesting)
Our sendmail server sends all mails going out (and coming in) to a central mailbox.
That said, we also provide peole with TWO addresses, one is private and is never tampered with, the other one is public and is put inthe files. They know this, and can decide which one to use to send the mails. We are also not anal retentive about sending personal mails and phone calls from work. I mean, they are people, not machines.
However, sending business mails under your personal account is frowned upon.
This systems works well and we never had any problems with it. Also, access to the central mail file is the same as access to business files in that only some managers may look into it. But generally business EMails are treated like any other busniess correspondence: filed as it should be.
This policy has helped us a lot when people leave, but they knew beforehand that their mailboxes are open.
I thought you got screwed, but then... (Score:4, Interesting)
Heart pacemakers (Score:2, Interesting)
I was fired for being responsibly careful in initial checkout and test of temporary external heart pacemakers.
Knowing how whistleblowers rank lower than the priest(s) who founded NAMBLA, I decided to stay silent. Have never been happy about this, and am glad Slashdot permits anon. posting.
Just apoligize in advance? (Score:2, Funny)
Maybe a sticky-note? A phone call?
Another scenario (Score:2, Insightful)
You are responsible for security on the premises, and your boss tells you that he left a phone message on that employee's answering machine. He wants you to use your key, enter the apartment, and quickly go through the messages on the answering machine, and delete his message.
No ethical problem here?
I agree wholeheartedly with replies made above: unless there is a policy that explicitly allows you to go through employees e-mails, you should never touch those, even if asked to do so by your boss.
The company may own the premises, the employees' time, etc, but it should not change its privacy policy of how it treats the employees without telling them, to give them the opportunity to quit.
Re:Another scenario (Score:2)
More fun to let the message go through (Score:2)
heck, having a conflict, and then resolving it will likely bring those 2 closer together, opening the road to honest communication.
or they could be pissy and have more arguments, who cares, at least the mails gets through, that's your job, keep the system running.
Follow your conscience (Score:2)
Although, as stated, one could easily single out and erase automatically one email without seeing any of them, I am happy to see there are others like me, sticking to their work ethics.
Same happened to me. (Score:2, Interesting)
One of the company's managers came up to me and said she thought one the people under her was spending her time writing personal email rather than doing work, and please could I have a look.
I said no, absolutely not. As far as I was concerned, her email may contain personal information and I would not breach her privacy. Even if she had been abusing the system by e.g. sending hundreds of multiple-megabyte messages an hour, I still wouldn't actually _read_ it. I'd just tell her to stop it.
So, I apologised, but said she'd have to find a different way to get to the bottom of the matter.
I don't know if this had any direct consequence, but I ended up being fired a few weeks later, after being set up (reprimanded for running a password cracker (er, I was root on every machine in the company) - running a password cracker to check the hardness of everyone's passwords is standard practice for sysadmins, no ? - and for messing up a backup - which was actually my superior's mistake, but he wanted rid of me.)
I stopped doing sysadmin work after that episode.
The Start Of A Bad Trend (Score:2)
Today he asks you to delete a single email. Next week he asks you do delete a bunch he wished he didn't send, like an email asking his accountants to shred the Enron documents.
That is the seed that starts a dangerous trend.
I agree with others here that you don't argue with the CEO on the point. It's his company and his email system.
But I would have started looking for another job right away. The best way to feel good about your ethics is to surround yourself with others who feel the way you do. Obviously you wern't in the best eviroment for you. And you certainly wouldn't want to be there when the feds come around looking for evidence that was deleted.
Who owns that email? (Score:3, Interesting)
As for the "it'll teach him to think before he posts" - I think that lesson has been learned, as far as it can be. You don't thunk an executive *likes* having to plead with a sysadm for a favour?
Have the CEO put his request in writing (Score:3, Insightful)
This establishes a few things. First, it gives them food for thought about the consequences of what they're wanting you to do. Second, it establishes WHAT they're wanting you to do (and let's them know--I'm documenting the fact you're wanting me to do this fucked up thing). And third, it gives you something to fall back on in case they want to fire you for not doing this. By making them look bad for firing you, you have some sort of leverage for court, severance, etc.
I know this doesn't solve the entire dilemna, but it at least protects you in case the shit really hits the fan later.
Remember: you're the piss ant. People in power can (and WILL) fuck you up. Take a few precautions and CYA!
Not limited to CEOs (Score:2)
Re:Ask Slashdot? ? (Score:2)
Re:raises would have been a lot easier afterwards (Score:2)
Re:YOU SHOULD NOT HAVE BEEN FIRED FOR THIS (Score:2)
It's a sticky situation. There should have been a policy; this would have guided him. In the absence of a policy, the CEO, or any other duly designated executive of the company, has the right to tell him to do this. In theory, it should have gone through the Sys Admin's superior; generals don't tell lieutenants how to secure the perimeter.
Two lessons here. 1: have a policy. 2: do it through email; then you have a paper trail. In this case, an email to his the right people, say, his boss, or if there is no boss, to the CEO in question, and possibly CC'd to the HR head, just saying 'I did that task, but think we need a written policy for such things in the future, just so everybody knows what's going on.'
In other words, he had a moral objection to it, not an ethical one. Ethically, he's wrong. Morally, well, they're his morals, so he's right.
Re:Golden Rule... (Score:2)
Re:OK _ a "REAL" ethics story then... (Score:2)