On Fri, Feb 26, 2010 at 10:09:57AM -0700, Graduate Studies Web Master wrote: > > You seem to feel that one person's right to e-mail privacy is more > important than another individual's right to keep the government from > dictating what he or she can or can't do with their own equipment or > network within their own home.
In an earlier thread, I mentioned that there are plenty of cases where I believe the government should dictate what you can or can't do within your own home. I love James' analogy about letting someone use your computer. I think there's a sort of spectrum of types of monitored data, ranging from least-sensitive to most-sensitive. You have to draw the line somewhere, and this is what seems reasonable to me: 1: least-sensitive: I agree that there is a reasonable need to be able to monitor a network for purposes of quality control. Some information, such as IP headers and packet sizes seem perfectly reasonable to monitor (they're the equivalent of looking at the envelope but not opening it), even though they occasionally contain somewhat sensitive information. The most fierce privacy advocates might argue that this shouldn't be available to network admins; most of us think that it's okay to use this sort of data, probably with restrictions on how the data can be used and stored. 2: somewhat-sensitive: There are borderline cases, such as requested URLs. James gave the example of monitoring your family's internet usage. I think that it's wrong to monitor this information unless everyone is clearly informed what is being monitored and how it will be used. If you let a guest use your computer, you should clearly let them know that URLs are being monitored. 3: most-sensitive: Data such as keystrokes, passwords, cookies, and contents of email may be extremely sensitive. It should be illegal to invite a guest to use your computer and to steal their password with a keystroke logger. I don't care if it's your computer and network; we're living in a civilized society, and there are plenty of prohibited activities. I think this is still true for the example of family monitoring. If your children want to let you read their emails, that's fine, but you shouldn't be able to do it without their consent. If you want to read their emails, and they don't let you read, then you can restrict their computer usage (or fall back on various forms of parenting), but snooping isn't the answer. If you read your children's emails, diaries, etc. without their consent, they will rightfully hate you. Because they know it's wrong. (By the way, someone mentioned the example of email and virus scanners for security purposes; I think they are fine as long as only the sender and recipient of the email are involved. Admins should never read people's mail.) So, yes, there should be plenty of restrictions over what you can do with your network. -- Andrew McNabb http://www.mcnabbs.org/andrew/ PGP Fingerprint: 8A17 B57C 6879 1863 DE55 8012 AB4D 6098 8826 6868 -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info (unsubscribe here): http://uug.byu.edu/mailman/listinfo/uug-list
