Alberta bans keystroke logging

The director of the Parkland Regional Library in Lacombe, Alberta, had some doubts about the productivity of one particular employee. Being the progressive manager that she is, she decided to assess the worker’s productivity by installing keystroke logging software. This application does just what its name suggests: It records an employee’s every keystroke so it can be reviewed later by Big Br…er…the employee’s manager.

The employee found out and filed a complaint with the province’s information and privacy commissioner, who ruled that the action violated the Freedom of Information and Protection Privacy Act. The Globe and Mail has the story.

The library director is miffed by the ruling. She claims that it’s hard to measure the productivity for the kind of job this employee performed, and “We thought that using an objective check through the computer would be the most fair and objective way to do that.??? Now she fears the ruling has removed an objective means of measuring performance from employers’ arsenal. If this blog were focused on Human Resources, I would rail at length about the ineptness of a manager unable to establish performance measures upfront and then assess the worker’s productivity based on an assessment of performance against those measures. But this is a communications blog, so I’ll stick to my knitting and just note that keystroke logging is another in a long list of engagement killers.

Regular readers can stop here. You’ve heard this rant before.

Engagement is a goal most executives want their employee populations to achieve. Highly engaged workforces, research shows, produce double-digit growth for their employers. Engaged employees are passionate about their work. They want to go the extra mile to meet goals. They want to pull other employees along. A variety of factors play into commitment. Trust is one of the most important. So what does it say to employees who know the company has no problem with secretly recording every key they tap on their computer keyboards? “I’ve done nothing wrong, I work hard, I produce results, but they don’t trust me.” That will build a passionate, committed, engaged workforce. Even considering only one employee who was suspected of slacking (it was never proved), other employees know it could happen to them. In fact, they have no way of knowing their keystrokes aren’t being logged right now.

So maybe the Parkland Regional Library director has lost the only tool she’s clever enough to use to assess her staff’s productivity. On the other hand, there’s now a glimmer of hope that her staff can begin to build a sense of trust. While it’s too bad that it took government action to open that possibility, I’m still applauding Alberta for its decision.

Thanks to Slashdot for the pointer.

07/20/05 | 4 Comments | Alberta bans keystroke logging

Comments

1.I mean, you'd have to laugh, wouldn't you -- as my London friends would say, "what is she like?"

It would be interesting to track her career prospects in light of her stunning display of an understanding of engagement and soophisticated management practice.

Lee | July 2005 | Adelaide, Australia
2.As an employer in Alberta I would like to offer a differing opinion to in office computer use by staff.

Although, the staff person will immediatly cry 'violation of privacy', the computers in the office are supplied for the primary benefit of the company...not the staff person.

When that staff person, clicks on their personal 'hotmail' or other mail provider not sanctioned by the office, they are inviting viruses and other adware into the office environment. Or if the whole network goes down for extended periods of time. Who should be responsible for those reperations, when those computers fail? ..the employee? ..the company?

This abuse of company computers is not in every case, but a great many. As an IT firm, we see it daily. Simply ask any office tech if he has found questinable material on any given office computer.

Even though the person used in the example may exist, I have found that most humans will, if given the opportunity waste company time without regard for their futures, they will. When dismissed they exclaim.."I did my best!"

If you are being paid to do a job, then your obligation and responsibility is to that JOB to the best of your ability ALL the time.

Yes privacy is important, so keep the personal stuff at home, where you can keep it private.

There should be no fears of company BIG brother.. or of an abusive staff member. One should remember that trust is a two way street and that both sides are just as important.

My rant
Thanks
Adam

Adam | July 2005 | Edmonton
3.Ahh, Adam, you've opened the door for my standard rant on this topic!

Trust is, indeed, a two-way street, but you'll never get it from employees if, as soon as they walk through the door on their first day, they know that management doesn't trust them. This occurs if their access to the Web is blocked, their emails are being read, their keystrokes logged, their activities monitored.

Does this mean employers cannot act when an employee is abusing company privileges? Of course not. But management by exception is a preferred course, with action taken AFTER a manager has identified an employee who may be abusing company resources or taking undue advantage of his or her employer. The fact is that most employees want to do a good job. They want promotions, bonuses, recognition. I can think of no greater demotivator to these employees than knowing they have been painted with the same brush as the small percentage who are not interested in doing the work or being productive.

Yes, these computers are company resources. An employee's computer at home is his or her personal computer, but most employees do company work on their own computers. Research indicates that, among knowledge workers, every hour spent on non-work-related online activities is balanced by about 1.5 hours of work done at home (or otherwise away from the office and off the clock). Think about it, Adam. Do you read work-related email at home? Work on reports?

This is the reality of the connected, always-on world. There is no clear line between work and home. If employees are expected to do work at home, then employers must expect that they live part of their life at work. This concept is known as work-life integration (the logical alternative to the bankrupt notion of work-life balance). If I spend two hours at home doing work, then why should the company care if I check soccer scores or read movie reviews at work? The ultimate measures of performance are productivity and quality of work. If these are high -- if my deadlines are being met and I'm producing excellent work -- who cares which part of that work is done in the office and which at home? But to suggest that I spend hours per night at home doing company work but am restricted from engaging in non-work activities at the office is simple denial of the state of the connected world today.

Employees whose performance is suffering -- who are not meeting deadlines, whose quality is declining, who for other reasons lead managers to suspect abuse of company resources -- these employees should be subject to monitoring.

As for the employee in question in the Alberta case, there was no reason to suspect him, from what I read; only a dim-witted manager who couldn't figure out how to assess performance and productivity in the first place. If I were him, and learned my keystrokes were being logged, I would have been furious, too.

Shel Holtz | July 2005 | Concord, CA
4.I am the employee that was fired after filing a grievance as a result of discovering the keystroke logging software on my workstation. Curiously enough I was the one that provided them with a way of objectively measuring IT support staff performance by way of the open source trouble ticketing program, Request Tracker.

Furthermore, the issue of performance was nothing more than a feeble attempt to justify the installation of the keystroke logger. Two weeks after the keystroke logger was installed and two weeks before I was dismissed I received a positive performance review from the director of the library. I am pretty certain she knew nothing of the keystroke logger at that time and only after it was discovered did she concoct a story to cover for her husband, the network administrator.

In addition to this I would like to suggest to Adam that there are numerous ways to gauge productivity without resorting to the indiscriminate use of keystroke loggers. In any case, if you're worried about the misuse of computers you button them down, set up a proxy server, build a proper firewall using pf on OpenBSD, provide only what is neccessary to do the job. Believe me, it will make your job a whole lot easier in the long run.

Anyhow..., in case anyone is interested there are copies of most of the documents concering this case at the following URL:

http://www.terremoto.ca/privacy/privacy.html

There's a ton more to this story than meets the eye.

Dan W. Armeneau
http://www.terremoto.ca/

Dan W. Armeneau | July 2005 | Red Deer Alberta

« Back

Contact

Email: .(JavaScript must be enabled to view this email address)
Phone: +1.415.881.7435
Cell: 925.864.2249
Skype: shelholtz
Twitter: @shelholtz

E-Newsletter Sign Up

Nuzzel has discontinued its newsletter service (along with everything else). I am actively seeking a new solution to continue producing a short, useful newsletter. Stay tuned. In the meantime, you are welcome to visit my link blog, from which I choose the stories I include in my newsletter.