Presentation is loading. Please wait.

Presentation is loading. Please wait.

Institutional Telecomms and Computer Network Monitoring Andrew Charlesworth University of Bristol 10 June 2002.

Published byCharles Manning Modified over 11 years ago

Similar presentations

Presentation on theme: "Institutional Telecomms and Computer Network Monitoring Andrew Charlesworth University of Bristol 10 June 2002."— Presentation transcript:

1 Institutional Telecomms and Computer Network Monitoring Andrew Charlesworth University of Bristol 10 June 2002

2 Introduction It is a criminal offence to intentionally and without lawful authority intercept any communication in the course of its transmission by public or private telecoms systems (TS). Interception on a private TS is not a criminal offence –Where the person intercepting controls the relevant private TS, or –Has express or implied permission of such a person to intercept communications on that private TS. In such circumstances, interception may, if made without lawful authority, give rise to a civil action on behalf of the sender or the recipient.

3 Introduction II Individuals intercepting/monitoring phone calls & emails on institutional systems without the institution's permission are committing a criminal offence. Institutions could be sued by staff, students & 3rd parties for listening to/recording internal & external phone calls & emails. As the Acts definition of transmission is wide, institutions could be sued by staff, students & third parties for reading emails or listening to voice mails stored on a private telecoms system.

4 Examples Mr A, a private detective, installs a home-made phone tap on a BT line to intercept Mr Bs phone calls - intentional and without lawful authority - a criminal offence. Mr A, a private detective, installs a home-made phone tap on a line in the internal phone system of Bumbleside University, which is connected via a PBX switchboard to the BT network, to intercept Mr Bs phone calls - intentional and without lawful authority - a criminal offence.

5 Examples II Mr C, a staff member of Bumbleside University Computer Centre, illicitly uses system privileges on the University computer network, which is connected to the Internet via JANET, to intercept emails sent by Mr D, a member of the University. Mr C does not have the express or implied consent of the person with a right to control the relevant private telecom network (the University) - intentional and without lawful authority - a criminal offence.

6 Examples III Mr C, a staff member of Bumbleside University Computer Centre, acting on a memo from the V- C of the University intercepts e-mails sent by Mr D, a member of the University, to Mr E. Mr C has the express or implied consent of the person with a right to control the relevant private telecoms network (the relevant officer of the University). This is not a criminal offence. However, unless the relevant officer of the University has lawful authority to require the intercept, Mr D and Mr E may be able to sue the University.

7 Legitimate Private Interceptions The RIP Act provides lawful authority for legitimate interceptions of communications by institutions on their private telecoms networks. –where the interception is by, or on behalf of, a person running a TS for purposes connected with the provision or operation of that service –there is no requirement on the network operator to give warning of the possible loss of privacy in such circumstances. The main rules for legitimate interceptions are laid out in the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000.

8 T (LBP) (IoC) Regulations Interceptions are legitimate if: –Done by or with the consent of a person carrying on a business, for purposes relevant to that business, and using that business's own TS. –The controller of the TS on which they occur has made all reasonable efforts to inform potential users that interceptions may be made. Where the institution cannot use the regulations to justify interceptions, it can only intercept communications on its private network with the consent of the sender and the intended recipient.

9 T (LBP) (IoC) Regulations Institutions may monitor and record communications: –To establish the existence of facts to ascertain compliance with regulatory or self-regulatory practices or procedures or to ascertain or demonstrate standards –In the interests of national security –To prevent or detect crime –To investigate or detect unauthorised use of TS –To secure, or as an inherent part of, effective system operation Institutions may monitor but not record: –Received communications to determine whether they are business or personal communications –Communications made to anonymous telephone helplines

10 Examples Bumbleside Universitys Alumni Office wishes to conduct phone solicitations of former students (who have consented to their data being used for this purpose). It monitors staff phone calls to Alumni to ensure that staff adhere to correct procedures, including data protection rules, and for future staff training purposes. Both staff and Alumni should be informed that calls may be monitored and /or recorded.

11 Examples II Bumbleside University suspects that certain user accounts are being used to commit computer misuse offences. It monitors user accounts that display suspicious behaviour. Users should be informed that this monitoring/recording may take place; this can be done through the Universitys Regulations and Guidelines and reinforced by registration documentation, login warnings and stickers on equipment.

12 Examples III Bumbleside University has reason to believe that its computer facilities are being misused to send unsolicited commercial emails. It monitors user accounts it suspects of being used to send such messages. Users should be informed that this monitoring/recording may take place; this can be done through the Universitys Regulations and Guidelines, and reinforced by registration documentation, login warnings and stickers on equipment.

13 Examples IV The University uses certain logging mechanisms to ensure the efficient functioning of its email systems. The logging mechanisms allow authorised staff to access and monitor the use of user accounts as an incidental part of that logging. Users should be informed that this monitoring/recording may take place; this can be done through the Universitys Regulations and Guidelines, and reinforced by registration documentation, login warnings and stickers on equipment.

Download ppt "Institutional Telecomms and Computer Network Monitoring Andrew Charlesworth University of Bristol 10 June 2002."

Similar presentations

SURVEILLANCE: opportunities and pitfall David Matthias QC and Ryan Kohli.

SURVEILLANCE: opportunities and pitfall David Matthias QC and Ryan Kohli.
TECHNO-TONOMY Privacy & Autonomy in a Networked World Learning Module 2: Legislating Privacy: Your Rights.

TECHNO-TONOMY Privacy & Autonomy in a Networked World Learning Module 2: Legislating Privacy: Your Rights.
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Overview of the Regulation of Investigatory Powers Act 2000 Andrew Charlesworth University of Warwick 10 June 2002.

Overview of the Regulation of Investigatory Powers Act 2000 Andrew Charlesworth University of Warwick 10 June 2002.
Using Information at the University University Secretarys Office

Using Information at the University University Secretarys Office
Data Protection Information Management / Jody McKenzie.

Data Protection Information Management / Jody McKenzie.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
The Problem Solvers TM www.singleton.com Privacy Rights: Minors and Parents Michael J. Hewitt Marcel Daigle Singleton Urquhart LLP.

The Problem Solvers TM Privacy Rights: Minors and Parents Michael J. Hewitt Marcel Daigle Singleton Urquhart LLP.
Workshop on Harmonizing Cyberlaw in the ECOWAS region ( Procedural Law in the Budapest Convention ) Ghana, Accra 17 – 21 March 2014, Kofi Annan International.

Workshop on Harmonizing Cyberlaw in the ECOWAS region ( Procedural Law in the Budapest Convention ) Ghana, Accra 17 – 21 March 2014, Kofi Annan International.
The Do Not Call Register Act 2006 and The Spam Act 2003 Jane Cole Manager, Telemarketing Investigations Section Julia Cornwell McKean Manager, Anti Spam.

The Do Not Call Register Act 2006 and The Spam Act 2003 Jane Cole Manager, Telemarketing Investigations Section Julia Cornwell McKean Manager, Anti Spam.
Higher Administration and IT Administrative Practices.

Higher Administration and IT Administrative Practices.
Www.oaic.gov.au Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.

Introduction to the APPs and the OAIC’s regulatory approach Presented by: Este Darin-Cooper Director, Regulation and Strategy May 2015.
The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.

The role of the Office of the Privacy Commissioner in telecommunications Andrew Solomon Director, Policy.
Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?

Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?
INTERNET and CODE OF CONDUCT

INTERNET and CODE OF CONDUCT
HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.

HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.
Money Laundering 23 September 2014. Contents 1 What is money laundering? 2. The ‘primary’ money laundering offences 3. Failure to report and tipping off.

Money Laundering 23 September Contents 1 What is money laundering? 2. The ‘primary’ money laundering offences 3. Failure to report and tipping off.
Property of Common Sense Privacy - all rights reserved 01875340890 THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.

Property of Common Sense Privacy - all rights reserved THE DATA PROTECTION ACT 1998 A QUESTION OF PRINCIPLES Sheelagh F M.
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Similar presentations

Ads by Google