Abstract
There seem to be many reasons today to increase employee and user monitoring as a measure of security. The well-known insider threat is the first one: Statistics tell that security breaches caused by employees or internal users of information systems outrun the attacks of external hackers in number and severity. In connection to this aspect another motivation to implement workplace surveillance is the fact that in many countries a CEO or a board member of a company can be held responsible for the use employees make of the communication systems provided by their employers.
Nowadays a third reason has become even more important than the two already mentioned. Organisations struggling with the increasing pressure by law and by financial regulations to implement risk management realise that the behaviour of employees is a source of „uncertainty and unpredictability in any organisation’s environment“ [StSt03, p. 153]. The best measure to minimise this risk seems to watch every person working in an organisation as closely as possible to predict what he or she is up to. Companies try to make starting lawsuits against insiders as easy as possible. As a result of these considerations preventative security measures like access control are often devaluated. Employee monitoring is presented as the key to secure IT environments and communication systems.
Unfortunately, technicians and managers tend to overlook the drawbacks and unwanted side effects of surveillance. This article will focus on these aspects. It aims to show that monitoring can undermine the power of an organisation and its chance to be a learning organisation, because the unpredictable elements of the employees’ behaviour are not only a source of uncertainty, but also a source of creativity desperately searched for in a period of weak economy. Furthermore, surveillance itself poses new security threats to those who use it thoughtlessly.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Arnold, John: Security Monitoring — Why and How? Implementing a Real-World Monitoring System. In: Information Security Bulletin, Volume 9, Issue 3, April 2004, p. 85–94.
Batscha, Zwi: »Despotismus jeder Art reizt zur Widersetzlichkeit«. Die franz ösische Revolution in der deutschen Popularphilosophie. Suhrkamp, 1989.
Bitkom: Die Nutzung von Email und Internet im Unternehmen. Rechtliche Grundlagen und Handlungsoptionen. Bitkom 2004 (http://www.bitkom.org/de/publikationen/1357_7594.aspx)
Buber, Martin: Das dialogische Prinzip. Wissenschaftliche Buchgesellschaft Darmstadt, 51984.
Independent Centre for Privacy Protection (ICPP) / Unabh ängiges Landeszentrum f ür Datenschutz (ULD) Schleswig-Holstein and Studio Notarile Genghini (SNG): Identity Management Systems (IMS): Identification and Comparison Study 2003 (http://www.datenschutzzentrum.de/projekte/idmanage/index.htm).
Introna, Lucas D: Opinion. Workplace Surveillance ‘is’ Unethical and Unfair. In: Surveillance & Society 1(2) 2003, p. 210–216 (http://www.surveillance-andsociety.org/).
Lane, Frederick S. III: The Naked Employee: How Technology is Compromising Workplace Privacy. AMACOM American Management Association, 2003.
Luhmann, Niklas: Vertrauen. Ein Mechanismus der Reduktion sozialer Komplexit ät. Enke, 31989.
Nogala, Detlef: Der Frosch im hei ßen Wasser. Wie in der informatisierten Gesellschaft des 21. Jahrhunderts Überwachung trivialisiert wird. In: Schulzki-Haddouti, Christiane: Vom Ende der Anonymit ät. Die Globalisierung der Überwachung, Heise, 22001, p. 149–165.
Reicherzer, Judith: Ausgebrannt und angefeindet. In: S üddeutsche Zeitung Nr. 133, June 12th/13th 2004, p. 28.
Ripperger, Tanja: Ükonomik des Vertrauens — Analyse eines Organisationsprinzips. Mohr Siebeck, 1998.
Ropohl, G ünter: Ethik und Technikbewertung. Suhrkamp, 1996.
Schneier, Bruce: Warrants as a Security Countermeasure. In: Cryptogram, May 15, 2004 (http://www.schneier.com/crypto-gram.html).
Sprenger, Reinhard K.: Vertrauen f ührt. Worauf es im Unternehmen wirklich ankommt. Campus, 2002.
Stanton, Jeffrey M. and Stam, Kathryn R.: Information Technology, Privacy, and Power within Organizations: a view from Boundary Theory and Social Exchange perspectives. In: Surveillance & Society 1(2) 2003, p. 152–190 (http://www.surveillance-and-society.org/).
Weil, Simone: Gravity and Grace. Routledge and Kegan Paul, 1965.
Wiele, Johannes: Content-Filter als pers önliche Assistenten. In: Nadin, Minai: http://trust://das.prinzip.vertrauen. Beitr äge zum internationalen Kolloquium »Vertrauen. Das 21. Jahrhundert und dar über hinaus«. Synchron Publishers, 2001, p. 207–226.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2004 Friedr. Vieweg & Sohn Verlagsgesellschaft/GWV Fachverlage GmbH, Wiesbaden
About this chapter
Cite this chapter
Wiele, J. (2004). Big Brother does not Keep your Assets Safe. In: ISSE 2004 — Securing Electronic Business Processes. Vieweg+Teubner Verlag. https://doi.org/10.1007/978-3-322-84984-7_9
Download citation
DOI: https://doi.org/10.1007/978-3-322-84984-7_9
Publisher Name: Vieweg+Teubner Verlag
Print ISBN: 978-3-528-05910-1
Online ISBN: 978-3-322-84984-7
eBook Packages: Springer Book Archive