A report by Cyber-Ark Software suggesting that one in three IT workers snoops through personal electronic data has received quite a bit of attention in the blogosphere. Interestingly, most of the workers surveyed either snooped because they were disgruntled or simply because they could:
The company reports that one IT administrator laughed out loud as he answered the survey, and said, “Why does it surprise you that so many of us snoop around your files, wouldn’t you if you had secret access to anything you can get your hands on?”
While I like to believe that most of us are more ethical than that, the issue is slightly different in Ed Tech. The question becomes, since we are dealing with children, do we have a responsibility to police our users? Does this go beyond snooping and into the realm of due diligence? Do we want to know if our users have pornography on their computers? Probably.
How about personal emails? We're supposed to be archiving them, along with every other bit of electronic data created on or with school equipment. If we will need to discover emails in the future, don't we want to make sure that our users aren't receiving regular updates from www.swingerswithbizarrefetishes.com?
Unfortunately, this level of snooping sets a dangerous precedent. Users have a reasonable expectation of privacy. It seems, instead, far more useful to have a solid acceptable use policy in place that can be referenced if problems arise down the road.
What do you think (and do)?