Is This an Invasion of Privacy?


You’re searching for something you need in the company database.  You stumble across a folder that looks interesting and when you get in, you’re floored.  This folder contains the salary information, performance reviews and management concerns corresponding to all of the people in the company.  You know you shouldn’t have access to this folder, but apparently you do.

What do you do with this information?

  • Close out of the folder without reading any further.  Inform your manager and your IT team that you have access, and suggest they fix that.
  • Make copies of all of the files, and read them at home when you have time.
  • Share the link with your work-buddies.
  • Share the link with everyone in the office – the ultimate in transparency.
  • Hold onto the information for a rainy day – you never know when you might need to play that card.

With security systems less than secure and passwords either known office-wide or easy enough to figure out, being presented with this situation is far from abnormal.

What would you do?


Popular search terms for this article:

invasion of privacy, invasion of privacy at work, invasion of privacy articles

After spending way too long in the corporate world, Jason has switched to full-time freelancing. With any luck you enjoyed this article - and if you need one of your very own, give him a shout! @brandscaping on the twitter, or at brandscaping.ca

Discussion

  1. P.S. Jones on the 14th July

    I would notify someone about it immediately. And not because I don’t want to know what’s in the file or I don’t think if I know everybody should know. But because companies today often track who accesses what files and for how long. If I say nothing, two months later when IT is checking something, it may look like I accessed the file on purpose. Which is grounds for termination in some cases.

    • Andy on the 15th July

      If your company terminates employments on the grounds of circumstantial evidence without looking at the actual details of they case… I probably wouldn’t want to work there in the first place.

  2. Mickey on the 14th July

    I would close the folder without reading any further and iInform my manager and suggest he alerts the IT team that you have access

  3. Tadd on the 14th July

    I’ve been there. And yes, inform management. Even if you don’t, there is a possibility they know you accessed it – so better play the good guy anyway!

  4. Joan on the 15th July

    No point. All those data are public in my company; but in any other company I guess I’d make a copy for myself, just in case and because information is power, and after that, alert IT.

    By the way; it is pointless to say they might know who accesses the files. A company with a tech implementation that allows monitoring of files would as well have a good permissions-based system, so I assume if the files are free in the wild, it is because there’s neither of systems implemented.

  5. I would choose:

    Close out of the folder without reading any further. Inform your manager and your IT team that you have access, and suggest they fix that.

  6. Samoth Notron on the 15th July

    First zip the whole lot ionto one file and upload it to a backup/online sync service like dropbox and save it for later. Then tell your IT department and manager.

    It is their fault that you got access to the data, which would leave you open to say that if your account could access such sensitive information how safe is my account and everything I do on it(including personal out of work hours info i.e. credit card usage, email, baking)?

    It is well known that many business’s are jumping on the “credit crunch” band wagon to keep costs as low and cheap as possible. So it may be worth while to have some back up if you find yourself in a sticky situation.

  7. Alex on the 15th July

    Close it and inform your IT team asap, absolutely. As interesting and enticing as it may be, with the ease in which logs for file access to folders can be implemented, you wouldn’t get away with it.

  8. Josh Arguello on the 15th July

    This scenario played out very similarly at my work several months ago. An HR employee accidentally sent a salary-sensitive document to the wrong printer in another department. The person who picked up the print-out hid the fact that it came through their printer.

    It turns out that the person who received the print-out then shared the salary information with 2 other people in his department. When IT finally tracked where the page went, and management started questioning the folks in that department as to whether they “came across” the print-out it was denied and they said they never saw it…

    It didn’t take long, but it was finally discovered that they had indeed been in possession of the information; all three of them were terminated. The kicker is, if they had just brought the page into HR and said “um ya this printed out on my printer” they would never have been even in hot water, let alone fired.

  9. hrvy86 on the 15th July

    rar it, dropbox it, go home and read it, save it for that special occasion

  10. Chewyraver on the 16th July

    I would do several of those options. I’d copy it to a secure location (i.e. personal removable storage) and then report the fact that I can access it to the right people and keep the copy for when I need to play that card 😉

  11. Jason Finnerty on the 16th July

    I’m curious if there are any IT folks out there. Do you actually look back at the access logs on a regular basis? Or maybe just for fun? :-)

    Joan – I applaud your company. That level of transparency has not been my experience. Obfuscation, favoritism, and secrecy seem to be more prevalent. All the more reason that I am happy to be self employed!

    Brandscaping

  12. L1 on the 16th July

    Inform someone. I work in IT and they can we can see what you are doing, what you have accessed etc etc. So if you don’t tell anyone it looks suspicious.

  13. Gemma on the 19th July

    Something similar actually happened to me once. But in this case the boss accidentally emailed the salary spreadsheet to every employee in the company! He went around the entire office and made everyone delete it, but not before some of us had opened and read it – and yes, I read it – I’m only human. There was egg on his face that day, I tell you.

  14. Brian Altenhofel on the 19th July

    I’d just let IT know that there is an issue and move on. But that information is publicly available one way or another (at least in the United States) anyway.

Add a Comment