back to article 'Lex Nokia' company snoop law passes in Finland

A new law that will allow increased monitoring of employees’ electronic communications by their employers was passed by Finland’s parliament on Tuesday. Despite splits on the government side – most notably within the Green party – the Bill had a healthy majority: 96 in favour, 56 against, with 47 absent from the vote. The …


This topic is closed for new posts.
  1. The Fuzzy Wotnot
    Thumb Down


    So let's apply that to EVERYONE! Yes, that includes you politicians in your ivory towers! As an average Joe who pays my taxes and technically your employer I want full access to all your electronic comms while on official government business please?! No didn't think so!

  2. Mark Weston
    Thumb Down


    "This allows employers to investigate the log data of employees' emails, if the company has reason to suspect that corporate secrets are leaking out of the company or that its communication networks are being misused."

    Well, duh. What do we expect here? Can employees really aspire to a right to unconditional privacy when using company resources and spending company money? If it's personal business and it needs to stay private, why are you doing it on a work computer?

    If I own the kit and own (or pay for) the network then I think it's pretty natural that I expect to have the right to monitor and control how it's used. Companies are not only vulnerable to heavy costs if employees abuse their IT facilities, they can often be legally liable when their employees misbehave. It's not unreasonable for employees to hope for a presumption of privacy in normal circumstances, but it's just as reasonable that a company be able to police employees who are breaking the rules.

    The office cubicle is not the same as the public square.

  3. Dave

    Who owns the email?

    I'd say that if it's a company email account then I'd expect the company to have the right, especially if it was announced up-front, to check the contents. I don't know if they actually do, but I assume my employer does, which is why I don't use my company email account for things I'd much rather they didn't know.

    If I was going to leak things to external parties I wouldn't email it, I'd most likely use a USB key or SD card, especially as they've thoughtfully provided us with laptops that handle SD cards. Or I'd just have it on the laptop and copy to another network using wireless. So many ways that are hard to monitor (unless you've got a really good and solid IT setup), why use the one they can spot?

  4. Anonymous Coward
    Black Helicopters

    Security, Yes, But The Law of Unintended Consequences...

    Here in the US, they passed this wonderful little piece of legislation called PATRIOT.

    At the time, I said that it would be useful in going after terrorists, but that what would actually happen, is that every podunk rent-a-cop outfit would start using it to go after jaywalkers.

    That's EXACTLY what happened. I'm too lazy to go after the stats, but they are out there.

    I believe that the British experience has been similar.

    Pass the popcorn.

  5. Anonymous Coward

    Red Tape

    Not that I support this legistlation (on the contrary; I'm a member of Electronic Frontier Finland) it must be said here that, if someone missed it, for a company to gain access to an employer's email headers (and they can't access the actual message body) they have a lot of red tape to deal with. Which is of course a good thing. Yet, to repeat a cliche: who watches the watchers?

    This piece of crap was forced through without much thought about practical implementation. The national privacy watchdog has been given some additional resources to deal with 'Lex Nokia', but it seems that it's not nearly enough.

  6. Anonymous Coward

    "We were just following orders!"

    Would be a classic Nokia response, having just written the orders down and having passed them to a government-level stooge to read out, leading to the next classic Nokia phrase: "We seem to have a perception problem here, how can we manage that?"

  7. Anonymous Coward

    @Mark Weston & al

    I don't understand the idea that the company can snoop on you just because you're using their hardware. I find it ironic that especially Americans seem to think so - land of the free etc. Part of my benefits includes a mobile phone (and all calls, including private ones, lets make that explicit) - now should my employer be able to listen in on every phone conversation?

    @Dave: the new law only allows monitoring of the recipient etc, not the actual contents.

    Speaking of irony, would you believe that I'm typing this at Nokia offices on my own laptop with a 3G modem?

  8. Martin Silver badge

    @Who owns the email?

    But you just know that in 6months someone is going to have a little word with their Jaqui Jaquidottir and claim that people are using gmail or their own phones to leak company secrets - and the law will quietly extended to allow Nokia to 'request' this data from the ISP/phone company aswell.

    Otherwise Nokia will be forced to leave Finland etc ...

  9. Noel Morgan

    Listening in

    To Anonymous Coward (14:02)

    I do not think an employer should be able to listen in on every phone conversation - however if they are paying the phone bill then they should at least be able to look at the logs of the phone numbers that have been called.

    This is not the same as listening in to a possibly private phone call. If I want to talk to someone without my boss knowing about it - I will use my own private phone/email account/postal address.

    That is what is being debated - the ability to check the logs of messages that are sent/received not the contecnt . As far as I am concerned there is a major difference between the two.

  10. Anonymous Coward

    well, actually

    The corporation where I work reserves the right to monitor all calls made on THEIR phones and all traffic on THEIR network; which includes all emails sent on THEIR computers. If you want privacy, you must use your own phone or computer off company premises. What i'm typing right now can (and probably is) being monitored and/or recorded.

  11. Slate


    Quoting AC 14:02 "I don't understand the idea that the company can snoop on you just because you're using their hardware"

    Are you kidding me? Doesn't the very fact that it is their hardware entitle them to use it as they see fit? I have never heard of any company whose employee policy didn't state somewhere that company email is intended for company correspondence only, or some similar words. Even if everybody knows that the rules are loosely if at all enforced and everybody emails their spouse, or passes around jokes, the language is still there and is "officially" the policy. Our emails are not only archived and retained for 7 years, they are also actively monitored. Not every message is read, obviously, only a representative random sample but if a certain flagged word is used in a message that email will be sent to a reviewer to read. And the filtered words can be added at will to flag any subject.

    I am in IT so I don't get to read any of the juicy details of peoples personal lives, but if some supervisor/auditor/regulator/whoever says "I need to see all messages sent by X employee during the month of May 2003", then 5 minutes later they will have a CD in their hands to read at their leisure. Not trying to be funny here but I assumed that this was true Everywhere

  12. John Smith Gold badge

    Funny this never happened with dumb terminals.

    People thought they were company property and were for company business.

    This may not be the case in Finland. which seems to have serious privacy laws.

    Let me be clear. It is not *your* PC. It is your companies.

    But I do wonder about this. Your on company property and presumably company time. If its their email account as well how much expectation of privacy can you have? This can definitely get complicated with home workers. Private email account, company supplied PC? Emails stored on PC and PC returned to office?

    How about the mobile phone supplied to most Sales people? UK practice is for the company to get a copy of the bill and reimburse. They retain the right to check such numbers against their customer list. Ask someone to tell you what their total bill was and just pay it for them. I dont think so.

    Put simply if they pay for some degree of particular services outside of your salary why would you not think they should have some level of oversight?

    Private phone, private email address, your personal PC at home. Rather different. That would be MYOFB.

    As for a strip search. What is the Finnish for "What is your probable cause?"

    What are they looking for anyway? Stolen goods (or "Shrinkage" as they say in the building industry) or a USB memory stick? If so that is a very clumsy way to (try to) stop data leakage.

    But a strip search. What is Finnish for

  13. Anonymous Coward

    "Lex Nokia would give employers greater powers than those invested in the police."

    Unless this law gives employers the right to snoop on their employees' PRIVATE email, I fail to see how this is the case. My guess is that if the police give you an email address, login, and passsword, and if you sit in the police station and send an email, they've probably got the power to read it.

    And as some here have pointed out, what the hell happens when one of my employees is trading kiddie porn (or worse, copyrighted music) with his company email? I'm prohibited from finding out but legally liable if someone -else- does?

    This is lunacy. I run a small business in the US, and I can't imagine not being able to, say, dig through an out-sick employee's email for something a customer sent to him yesterday. What am I going to tell my client - sorry, buddy, I'm not authorized to read my own company email?


  14. Andus McCoatover

    @ "John Smith" - Finnish for...

    "What's your probable cause" comes out of as:

    Mikä on todennäköinen syy?

    Well, you fec*king asked.

  15. Anonymous Coward

    If you are at work you are monitored

    Quoting AC 14:02 "I don't understand the idea that the company can snoop on you just because you're using their hardware"

    Never heard of remote viewing ?, this is where all of the workstations' desktops are displayed on a screen in security or the bosses office, each in it's own window -- if anything untoward is seen then a click on the window makes it go full screen so you can see what is going on, you can save the screenshot for evidence if needed.

    A lot of companies use this kind of monitoring, your boss has a right to know if you are browsing Fleabay (or worse) when you should be working.

    Icon is the boss going through your coat pockets looking for USB sticks etc.

This topic is closed for new posts.

Other stories you might like