A friend of mine has just been suspended from work for apparently downloading porn on his work's network. This accusation is completely false (so he tells me and I do believe him) as he know's the company's rules & regs and that the computer network is monitored and that there is software on the system to prevent such access, so wouldn't do anything so stupid - he doesn't even access porn when he's at home.
What he needs now is: a) technical help regarding the Internet - what could cause the pop-ups and links to porn sites appear without his asking for them (which he said he suffered from regularly while using Net search engines). He said the pop-ups only came up when he was surfing the Net at lunch (for private, non-porn related things like shopping & on-line banking) or doing a search for job-related information. Also, what could bypass the company's system and download files to the hard drive (apparently files have been downloaded that are attached to his account but he's not aware of any, other than the work-related ones).
Don't the porn companies create some sort of link to popular/mis-spelt words in search engines like Google, Yahoo! and Ask Jeeves? Is there any proof of this? Net articles, legal cases?
b) legal advice on how to handle the disapliniary case he's got to attend some time next week (he told me but I can't remember the date). What should he expect to encounter, how should he prepare?
c) any links to legal cases of similar/identical such things that have happened before - what the charges were (his is gross misconduct for the accessing of porn), what evidence was submitted by the company and individual being charged, what the outcome was, etc. etc. Is there a precedence out there that he can quote in his hearing to defend himself with? Any evidence to support his innocence?
Please help people as this poor guy is shitting himself. He's been a loyal employee for the company for over two years and has never had a problem like this before! He's always arrived on time, stayed late when asked or needed, taken only a handful of sick days . . . he's pretty much a model employee. He can't believe that this is happening, and frankly, neither can his family or colleges - several have been round to offer support and such.
Thanks in advance everyone!
-AK
Posted by Aban Rune (Member # 226) on :
Well, my office has similar safeguards in place. Any site, even pop-ups, ads, etc. that the software deems inappropriate or, in many cases, even shopping-related, are blocked. Period. It won't even let you access the URL, let alone download things from it. If his office has something like this, he shouldn't have been able to get to those sites even accidentally more than once at most, until the software figured out what the site was.
If those images or files were downloaded by his machine, they should be in his temprary internet files cache. If they're not there, they've either been cleared out, or he didn't download them.
I don't know how he would go about proving that he didn't do it. It would seem that the only people who could "frame" him would be the folks in his office's IT department. Usually they're the only ones with access to network stuff. Maybe someone's using his machine without his knowing it.
Posted by David Sands (Member # 132) on :
I want to be clear here, for the sake of my own professional ethics, that I am not dispensing legal advice here.
That said, do IT divisions keep the equivalent of a keystroke tally of when certain files make their way into the system? Or wouldn't his own computer have a tag on the file saying when it was created?
I'm not a licensed lawyer (or barrister as you all call them over there) yet, and I don't know the laws of your jurisdiction, so I can't tell you what the best course of action is. The best advice I can give is get an attorney, which I know is expensive, but might be the only kind of person with the expertise to fight these charges. Specifically, you're going to want to find a solicitor or barrister who specializes in employment law who also has some experience in IT issues.
Good luck.
Posted by Lee (Member # 393) on :
My wife used to work for an employment law department in London, I'll get her to look over this thread and see if she has any suggestions. She still has strong links to the department - on a consultancy basis - so might even be able to put you in touch with someone. Which city does your friend work in?
Posted by akb1979 (Member # 557) on :
Thanks guys!
Aban Rune - yeah, that's what I thought, but it looks like that his building uses, for some reason, a seperate network (something to do with the technical side of things) and doesn't have the same protective software as the others.
Been chatting to him over the weekend and while the software isn't there, they are monitored. He's only recently moved there on a part-time basis, still working at his old office that has all the software. The account that he uses used to belong to someone else who's now left. There are also virus's on the PC, but after talking a bit we've come to the conclusion that this wouldn't affect the pop-ups and file access/download issue. Right or wrong?
I've said that he can argue that the company is at fault for not having provided the same level of security as it's main network - an I right? Will that be enough to get him off this/prove it's not his fault?
David Sands - neither of us is technical enough to know. But apparently files have been downloaded, he's still waiting for the evidence to arrive through the post . . . as for the solicitor - he can't have one in this disapliniary meeting, but can involve one if he's found guilty and wants to appeal or if it goes to another stage (i.e. they can't reach a decision on this occasion).
Lee - PLEASE! Any help is greatly appreciated! Posted by Balaam Xumucane (Member # 419) on :
quote:Originally posted by akb1979: The account that he uses used to belong to someone else who's now left. There are also virus's on the PC, but after talking a bit we've come to the conclusion that this wouldn't affect the pop-ups and file access/download issue. Right or wrong?
Well that sort of depends on the virus. I had a client whose PC caught a nasty strain of Backdoor.Hogle that turned his computer into a veritable porn kingdom. Seemed to piggyback on IE and would jack his favorites every time he openned a new browser window. Persistent bugger too. He said he hadn't been looking at pr0n either, but then who would cop to that?
Posted by David Sands (Member # 132) on :
Sorry I couldn't be of more help. I'll say a prayer for your friend.
Posted by Mucus (Member # 24) on :
pop-ups and links: Thats actually pretty easy. I've seen a number of malware programs much arround with IE bookmarks, redirect Internet requests, etc. However, downloading porn to directories outside of of the Internet cache is a bit difficult and unlikely.
I'm more interested in what you said about him using an account that was held by a previous employee. (and why a work machine was kept in production despite having viruses on it)
mis-directed sites: Yes, in fact we once had the fun of watching a friend hit sexcrawler in a public venu with a mis-spelling of metacrawler.
key-stroke tally: I would only expect this to occur in the most draconian of workplaces. As for tabs of file creation, yes on the system in question, through simple file-meta data kept by the OS itself.
Posted by akb1979 (Member # 557) on :
quote:Originally posted by Mucus: I'm more interested in what you said about him using an account that was held by a previous employee. (and why a work machine was kept in production despite having viruses on it)
Yeah that struck me as a bit strange, but apparently the administrator's PC also has at least one virus on it - I think that's a bit fishy.
quote:mis-directed sites: Yes, in fact we once had the fun of watching a friend hit sexcrawler in a public venu with a mis-spelling of metacrawler.)
Yes that happened to someone else at the company when using Google - they mistyped something and porn sites popped up. They immediately called the IT department, which is what my friend would have done if it had happened to him.
quote:key-stroke tally: I would only expect this to occur in the most draconian of workplaces. As for tabs of file creation, yes on the system in question, through simple file-meta data kept by the OS itself.
The evidence arrived at his house today, in fact I've only just got back from there having visited straight from work. The only thing he's got is a list of site names that have been "accessed", the downloaded stuff is not mentioned anywhere except in the transcript of his interview with the HR Director when she told him. He's going to call her tomorrow after he's read through it again and taken notes.
Balaam Xumucane - that sounds like a real bastard of a virus! Not sure what virus's are on his PC, he never took a good look. But he'll certain raise this in the meeting (once I tell him) - thanks!
David Sands - he's not religious, but right now he'll take any help that he can get. Thanks!
Thanks all round! Will be back when I know more.
-AK
Posted by The Mighty Monkey of Mim (Member # 646) on :
quote:Originally posted by akb1979: he's not religious
Well there's his first problem right there. This must be retribution.
SERIOUSLY. Posted by akb1979 (Member # 557) on :
Posted by akb1979 (Member # 557) on :
Well my friend had his meeting today. It did not go well.
The HR Director is out for his blood and he's really depressed about this. She now wants to involve the head of the IT department to look into this in greater depth. The issue is now what caused the computer to access the data - the HR Director thinks that it can be only him, which he denies.
He's thrown all of his evidence into this, but to no avail! He feels as though no matter what happens, his fate was decided weeeks ago - guilty: fired due to gross misconduct.
She's a real bitch! What can he do!? Can he call her and say "you've treated me like shit so shove the job where the sun doesn't shine!"?, or would he then be in breach of contract? Posted by David Sands (Member # 132) on :
How soon will the IT department report with its findings?
Posted by Lee (Member # 393) on :
Ok, information on the law (This is Lee's wife!):
1. Your friend should have been given the opportunity to take someone with him to the meeting. Refusal to allow his representation or to take someone with him to a formal disciplinary is a clear breach under the Employment Rights Act
2. If he was not alowed to take a solicitor then he should have been informed, in writing, that he could have a friend or union representative present. This is his legal right.
3. He needs to get a copy of any policy on which the company is replying in relation to internet use/downloading of porn or anything else for that matter.
4. If there is a policy, he needs evidence that this policy was available and published to all employees. If it is not a published policy then the company cannot rely on it as the employee needs to be 100% aware that the policy exists. If they don't or there is no policy, then actions cannot be brought under it and employtees cannot abide by something they no nothing about!
5. If there is no policy, then they are, by sacking him (if this is what they have done), in breach of his contract (I think). They have already breached his rights under disciplinary procedures and Fairness at Work Act.
6. I don't think you will find any case law on this in relation to disciplinary proceedings but you might find something in relation to any employment tribunal which has been decided and decisions are public so anyone can get hold of them.
7. If he has been dismissed, and it looks like it is unfair, i.e. not allowed representation or to take legal advice (which they would have had to pay for in the first instance which is probably why they refused his legal representation), he needs to file an IT1 at the employment tribunal within 3 months less 1 day of the act (unfair dismissal or, possibly in this case also constructive dismissal). He can do this himself by the internet and if he searches for "employment tribunals" on google, he should find a site where he can lodge one. This is free.
8. He may need to get a lawyer. Sometinmes by filing an IT1 this is sufficient to get the company talking again as they receive a copy and are asked to file a response etc which starts their legal fees rolling. They sometimes then offer to settle "out of court" so to speak to save face and get you out of the way! Lodging of an ET1 is also public and there are people out there who look up companies who are being sued by employees and phone them to ask why they are being so sued! Employers don't like the publicity!
9. He can act for himself with no cost. ET's are meant to help people!
10. I can assist wherever possible and also recommend some excellent lawyers with the best reupation in this field in London. They are trade union lawyers and therefore do not cost the earth. If it goes to Tribunal and settles before hand, he can include in any settlement, his legal fees.
11. I will try and look up some case law for you and get the Acts sorted out on which he can rely etc
Hope this helps
Kate (Lee's wife)
Posted by Lee (Member # 393) on :
BTW: ET1 and IT1 are both the same form! Sometimes called one or the other!
Posted by Dat (Member # 302) on :
But the question is if these laws or anything similar exist in England where the incident is taking place.
Posted by Lee (Member # 393) on :
We're TALKING about British law, dumbass. What part of "I can assist wherever possible and also recommend some excellent lawyers with the best reputation in this field in London" didn't you understand?
(and this is me saying that - Kate was far less civil!)
Posted by TSN (Member # 31) on :
And if you can't trust legal advice from a giant canary, whom can you trust?
(I kid.)
Posted by AndrewR (Member # 44) on :
How can anything reguard to the internet and computers be 100% fool-proof. I mean Microsoft can't even plug big holes in their system. I personally don't think they should be allowed to say - this person did this, and that person did that based on computer tracking. If any evidence is to be given, it should be given by a minimum of at least two reputable people who had first hand witness to the situation.
I'm sure you could exploit the whole 'computers aren't infallible' angle
2. Could you also play the angle that somebody is out to get you - and maybe sue the place of employment for workplace mistreatment/bullying/harrassment.
Posted by akb1979 (Member # 557) on :
Next meeting - 20th October.
He's "remembered" some relevant facts that might help him get off the hook so to speak - he's forgotten about this other person using his user details due to the stress involved but he's gonna fight for it.
IT turn around? Not sure, obviously within a week!
Lee and Kate - thanks! Check your e-mail account for a reply to your PM.
As for everything else - I'm tired now so will save these pages and read later when I've got some energy and had a chance to talk with me mate!
Many thanks everyone!
-AK
Posted by Sol System (Member # 30) on :
Ah, yes, "computer error," I'm sure that goes over well with IT professionals around the world.
"Dude, my computer spontaneously downloaded Russian pornography, I swear!"
Posted by AndrewR (Member # 44) on :
Well, they can't proove that a person DID visit a site without them being video-taped or witnessed by at least two non-connected people. That is, without beyond any doubt.
Posted by akb1979 (Member # 557) on :
Well . . . he got the IT report on his PC. The list on the PC matches that on the server (makes sense as it logs everything every user does), although he hasn't seen this list. But . . . he's apparently accessed, downloaded files from a site and deleted them from the hard drive. Problem is, the site that he apparently downloaded from isn't in the list at the dates specified (for that site there's only one entry near the beginning of the month and he says that is a pop up). The IT guys says isn't possible as
quote:". . . advised that pop ups do not affect the speed which the computer runs at and that cookies ar only recorded when someone intaracts with a page. Pop ups are linked to cookies, therefore for a pop up to appear a cookie would have to be present. Pop ups do not appear as visited sites".
This has me a bit confused, can someone explain this to me please?
Also, sites he's been on every day for work don't appear on the list he's got either. Sounds like it's a major cock up if you ask me - their evidence contradicts previous evidence! He's also not got a copy of the files that they've saved as evidence which he's gonna try and get before the next meeting.
The IT guy also said there are no viruses on the PC - my mate thinks someone has cleaned it up to make him look bad as there were definately some on there.
All in all, his stress is rising and his depression is getting worse! Anyone got any advice for his meeting next week? Posted by Cartman (Member # 256) on :
Cookies, on their own, can not open popups, but popups themselves can not open either without cookie information already present or the right strand of virus or spyware. Whatever it was, though, it should have been removed from his workstation by the IT folks at the first sign of trouble, which is the point your friend should be driving home, very loudly, with the IT department, or, more succintly, that he needn't have visited (ie. interacted with) $FORBIDDENPAGE to have been infected by something malicious that redirected his browser there (which would then have stored a cookie pertaining to that site in its cache) or spawned popup windows all over the place, or both.
Posted by Jason Abbadon (Member # 882) on :
Sounds like they're looking to fuck yor pal: if the list of visited sites is incomplete, who's to say it's not doctored? Of course, if your pal say's "The list's not complete: I got to Flare when I should be working!" it's aticket to unemployment as well.
Your pal may seriously want to seek employment elsewhere after he's off the hook: if they wanmt him fired this badly, they'll find another way to make it happen.
Posted by AndrewR (Member # 44) on :
AND it all comes down to - the only way they can SAY he's been to any 'illegal' sites - is that if they have VIDEO evidence or that two non-connected people witnessed his activities. BTW This is me talking here, not law things - but it is just common sense. If they can just 'say' that someone is doing one thing and there is no '1st person' proof - then it sounds fishy. It obviously is just the company wanting the person to be out of there but trying to concoct evidence enough to dismiss him. Fight it all the way, computers aren't infallible.
Posted by TSN (Member # 31) on :
"...cookies ar only recorded when someone intaracts with a page. Pop ups are linked to cookies, therefore for a pop up to appear a cookie would have to be present."
Maybe I'm missing something, but this sounds like complete bullshit.
"...popups themselves can not open either without cookie information already present or the right strand of virus or spyware."
Erm... Or by simply visiting a site that has pop-ups on it...
Posted by Cartman (Member # 256) on :
Well, yes, but I was specifically talking about a popup opening for previously not visited site A while browsing unrelated site B (or while doing desktop activity C, even) due to the presence of virus or spyware X or cookie information Y stored during earlier browser hijack Z.
Posted by akb1979 (Member # 557) on :
Kazaa had been previously installed on the PC by the previous user - who's account my mate was made to use. The IT guy has admitted that this can be responsible for pop ups but that it was removed sometime after being installed.
Doctoring a PC - we're heavily leaning towards this conclusion.
So are you guys saying that the IT guy doesn't know what he's talking about (cookies, pop ups, etc)? Posted by Cartman (Member # 256) on :
Removing KaZaa alone will neither get rid of the spyware it deposits during installation nor of the veritable sentient microculture of organisms that almost invariably grows larger every time it's run. Have your friend mention that in his next hearing as well.
As to how knowledgeable those IT guys are, well, a single quote really isn't much to go on, but this does have a lot of hallmarks of a setup.
Posted by AndrewR (Member # 44) on :
Oooh yeah - Kazaa being on there opens up all sorts of questions - and yes, getting rid of it alone, won't fix it - neither will running a program like Adaware - you have to run several different programs to get rid of most spyware - and even then you don't get rid of it all.
The fact that he was forced to use a computer that was used by someone else puts holes in his computer usage security. Actually, that goes for anyone using a computer that is or has been shared.
I don't care what they say, i reckon they just cannot ping someone beyond reasonable doubt. I mean the release of SP2 and microsoft and countless thousands of hakers have made it painfully aware that XP is FAR from a secure product.
Posted by Jason Abbadon (Member # 882) on :
The real question- did your pal do something to someone higher up that would provoke this kind of retaliation?
If not, the question becomes- Can he still function in his job if nothing can be proven and he's retained? He's have to deal with whatever stigma comes with this kind of (presumably well known) injquiry.
Posted by akb1979 (Member # 557) on :
Cartman - hallmarks of a setup - too bloody true! That's what we think the IT guy has done as he doesn't really like my mate (think he had problems with his PC and asked the IT guys round to fix it too many times - not his fault that it didn't work right but then people are strange).
AndrewR - thanks.
Jason Abbadon - Who knows with these people and no he won't function there - he'll quit.
Can anyone confirm/deny TSN's first part of his reply about pop ups please? Ta! Posted by Mucus (Member # 24) on :
*L* If I'm reading this thread correctly, someone installed Kazaa on an office computer? Quality.
I'd have to agree with TSN with a qualifier. You can open a pop-up with a couple lines of Javascript with no need for cookies. Similarly, cookies are used for tracking information about visitors (which can be benevolent(Solareclipse probably uses them to track if we are logged-in) or not (tracking advertising info))
There is absolutely no necessary requirement for one to create the other. That said, they may be positively correlated. A site that doesn't shy away from pop-ups *probably* won't shy away from cookies either.
I would also note that as Cartman pointed out, if a pop-up completely unrelated to the site you are browsing (i.e. if a pop-up occurs while browsing here) then you probably have an ad-ware problem.
Posted by akb1979 (Member # 557) on :
Yes - the previous user also played games at lunch time.
Thanks Mucus, I'll pass that onto my friend. Posted by Topher (Member # 71) on :
I would hope that the previous user was fired long ago for such behaviour.
Posted by Jason Abbadon (Member # 882) on :
He was probably promoted.
Posted by akb1979 (Member # 557) on :
Nope, he left just before his contract expired - he'd used up all of his hol's and needed to find another job, so just left about one or two weeks early. He was a real slacker too. Never liked him either.
One question - if they refuse to give him evidence to look at, what can he do about it? Can he have the case against him "thrown out" due to unfairness/rule breaking? Posted by akb1979 (Member # 557) on :
Well, it's over.
He went to the meeting, presented his case and then it was adjourned for about 20 mins. He then went back in and they told him that they would be taking it to the second stage of warning - i.e. his first written warning (verbal being the first). They factored in his good conduct to date and, from his impressions during the meetings, the fact that they can't 100% prove that it was him due to all that crappy software on the machine.
He's happy with this and has now left the company, being paid his notice period in lieu - his stress is finally over. He's sad to be leaving this way, but that's the way it is. He's gonna miss people there as they will miss him (all of them are disgusted at the way that he's been treated, but happy that he's happy with the outcome).
I have been asked to pass on his deepest thanks and appreciation to those of you who have helped with advice and technical and legal know-how and who have offered him support. So . . .
THANK YOU SO MUCH!!!
PS- yeah, I posted this in the wrong topic - silly me!
Posted by AndrewR (Member # 44) on :
Well, this is good to here. Now maybe they should look into the IT Staff? Posted by David Sands (Member # 132) on :
Please convey my congratulations to him! And I hope he finds success elsewhere.
(You've been a good friend to him, akb, so Huzzah! for you as well!)
Posted by Jason Abbadon (Member # 882) on :
As good an ending as possible I guess.... STill seems like they framed him good though.
Be sure that wherever he works next, the computer is either new or he does some serious cleanup work on it to prevent this from happening again.
Posted by Dat (Member # 302) on :
And make sure that he doesn't add them to his references list. They might try to fuck up any chances he may have with potential employers he applies or meets with.
Posted by akb1979 (Member # 557) on :
AndrewR - the IT staff are OK, it's just the Head of the department who's a fucking areshole. While my mate was having his trouble, the head was bullying his staff and caused one some real shit so he's now left to work in another area away from the guy.
David Sands - Thanks! (From him and me).
Jason Abbadon - yeah, that's how we all feel but he's just glad to be out. Other memebers of his department are planning a mass resignation to totally fuck the company up for what they've done - they're actually afraid it could happen to them too!
Dat - he's gonna use them once and then never again.
![[Eek!]](eek.gif)
This accusation is completely false (so he tells me and I do believe him) as he know's the company's rules & regs and that the computer network is monitored and that there is software on the system to prevent such access, so wouldn't do anything so stupid - he doesn't even access porn when he's at home.![[Confused]](confused.gif)
Is there any proof of this? Net articles, legal cases? ![[Smile]](smile.gif)
![[Frown]](frown.gif)
But apparently files have been downloaded, he's still waiting for the evidence to arrive through the post . . . as for the solicitor - he can't have one in this disapliniary meeting, but can involve one if he's found guilty and wants to appeal or if it goes to another stage (i.e. they can't reach a decision on this occasion).![[Big Grin]](biggrin.gif)
![[Razz]](tongue.gif)
![[Wink]](wink.gif)
![[Mad]](mad.gif)
![[Roll Eyes]](rolleyes.gif)