Do you think
A PFY who had the benefit of a better mentor would have located a copy of the naughty files in a Drop Box for insurance purposes?
The head of Canada’s .ca internet registry is under fire following allegations multiple IT staffers were axed after a porn stash was apparently discovered on his iMac and reported to HR. Byron Holland, CEO and president of the dot-ca operator CIRA, had more than 1,000 explicit photos of himself and others engaged in sex acts …
"Go to HR" has to be the worst possible advice for anything work related. HR are not your friends. They are the enemy. Under no circumstances should you involve HR in anything unless absolutely necessary, and then only if you have cast-iron evidence you are innocent/the victim/etc., also away from company property so they cannot get hold of it.
HR are there for the company's benefit, not yours.
A few months later, Holland allegedly asked for the transfer to be “completed” at which point the IT staffer who had seen the images asked his colleagues what to do, and they recommended taking the issue to human resources....at the end of the probe, Holland remained as chief exec, though three IT staff were fired and others decided to [read: "were asked to"] leave.
Human Resources exists to protect upper management from the employees. Just like @DavCrav wrote, going to H.R. is the worst possible advice for an employee up against top management. Of course Holland was dead wrong and the IT bods completely right, so of course H.R. punished the innocent IT bods.
I saw a similar situation where the manager claimed the IT guys had planted the images on his company computer.
When in this situation, either quit or call a lawyer.
"When in this situation, either quit or call a lawyer"
Which is probably what they did. The fact that they all had to sign an NDA to keep their severance suggests they got the best they could. If they didn't follow company procedures by involving HR, they would have not even got this and would have been hung out to dry.
HR kept the damage costs to a minimum by removing the lowest paid problem
"HR kept the damage costs to a minimum by removing the lowest paid problem"
And assuming the employees got paid off, they are also out of a company that willingly sacrifices employees to protect senior people.
I realise this isn't "justice", but the world isn't always fair - walking away with your costs covered is sometimes the best you can hope for.
If the employees didn't get paid off, they are still free of a company that would willingly screw them.
"And assuming the employees got paid off, they are also out of a company that willingly sacrifices employees to protect senior people."
Which - now it's come out - is now known to do this.
There are now a lot of ethical companies which won't touch anyone above PFY level from CIRA with someone else's ten-foot bargepole. Many of them might well have a legal claim of employment taint against CIRA.
> Of course Holland was dead wrong ...
How?
This North American fear of nudity is bizarre. They're just (non-illegal) photos. People getting their knickers in a knot over them are weird.
Also, the guy is the head of the company. He runs the show. If the staffers involved can't deal with nudity, they should have just told him directly and/or gotten someone without the weird hangups to complete the work. It's not complicated.
good point ! its all legal, they wernt even published.
you dont immediately sack people with nude images - or how would those porn sites keep staffed?
its just down to policy - which is optional for the CEO
Also the staffers involved could presumably manage to transfer files from A to B without looking at them if they wanted.
My boss recently framed his letter from HR that explicitly tells him to look at porn during work hours.... I, myself have had 3 different department heads OK my viewing of filth to investigate a problem before clearing the issue ahead of time incase HR caught wind (it also helped that I used a non-standard net connection thus avoiding the proxy filters that are set up to catch this sort of thing).
This is for a FTSE 100 company... Fun times...
Anon because I still work there.
Is this a case of puritanism or appropriate use of resources?
Yes he's the head of the company, but he still has a responsibility to the board or CIRA's membership around appropriate use of business resources and the potential for inappropriate use within the company.
Given that companies are generally becoming less tolerant of mixing private lives with company business, there is also the question around the CEO's judgement.
> They're just (non-illegal) photos.
In the U.S. it would fall under sexual harassment to store them on your company owned devices and expose yourself to IT staffers. It was inadvertent as he knew the photos were there as evidenced by his later request. They weren't his medical records...which still would haven't been on the company's device.
Just because he's the head of the company doesn't mean it would be appropriate for him to walk around in a robe and let his penis hang out when IT staffers came into his office.
Not complicated, don't go posting nudes of yourself around your workplace.
In the U.S. it would fall under sexual harassment to store them on your company owned devices and expose yourself to IT staffers. It was inadvertent as he knew the photos were there as evidenced by his later request. They weren't his medical records...which still would haven't been on the company's device.
Just because he's the head of the company doesn't mean it would be appropriate for him to walk around in a robe and let his penis hang out when IT staffers came into his office.
Not complicated, don't go posting nudes of yourself around your workplace.
Did you mean to use the word inadvertent there? it doesent make sense.
also , if the staffers could possibly refrain from going "OOOH, naughtypic.jpg !!!? Whats that ? I'll open up one or all of the Boss's private files out of a curiosity and a desire to see naked ladies...."
then they wouldnt be "exposed"
Do these same staffers walk into a newspaper shop , and see all the naughty magazines on the top shelf* , then start grabbing them and rifling through them saying "ooh im so offended!"
*i dont know if the internets killed that business off yet , but the same applies if u substitute "newspaper shop" for "internet"
"This North American fear of nudity is bizarre."
You mean Bibble Belt USAian. Canucks are a _lot_ more tolerant.
if it was bad enough to raise eyebrows in a Canadian company it would be bad enough to raise eyebrows in a French or German one
HOWEVER: This comes under misuse of company resources and abuse of staff.
As a non-profit there are strict rules about use of company equipment for personal purposes and as a company there are even stricter ones about exposing staffers to unsavoury images.
CEOs are not immune to such charges. He's not an "Owner", he's an "Employee" - more importantly he's an officer of the company, with a high level of trust implied that he won't misbehave with company time or hardware.
On the kind of salary being paid to afford to go to places like Hedonism Inc you can afford your own fucking equipment to store your home-made porn, and yet it's virtually ALWAYS this kind of C-level twit who seems to think they can treat company equipment as personal property - it's not.
They should be fired for stupidity and hubris. Whatever pictures tickle their whatever is not salient; that they were not only using the company resources for their fetish, but also making the maintenance of that fetish part of the responsibility of IT is pompous buffoonery. While we didn't toss tea into the great lakes (unlike our neighbours, we are not tossers), we don't take kindly to pomposity. We routinely eject PMs over it; so this tiny pond wanker should be gone before the moderators approve this.
Depends where in Canada, there is a Canadian Bible belt, encompassing much of the prairies (particularly Sask and Alberta and if you look at their provincial politics you see that displayed, Kenney recently rolled back many protections for LGBTQIAA youth in Alberta), heck even rural parts of Ontario are seriously conservative in nature and voting habits
"They're just (non-illegal) photos."
It could still be against company policy to store such images on the system or company computers.
The PFY's were silly to not have made copies for insurance. Since they featured The Man, it's a little richer than if they were just common ordinary naughty photos from the internet.
Apparently, these images couldn't be a "plant" as some (or all) featured the exec.
I agree about backing the images up and stashing the copies off-site someplace. It would have made the severance discussions much more lucrative. I would have also insisted that the departure was officially at my behest and I would receive nothing but glowing recommendations.
One employer had a rule that if you were sent naughty pictures the email should be forwarded minus the naughty pics to IT. You were supposed to delete all traces of the pictures from your computer. Somebody once forgot the delete the pictures before forwarding to IT and everyone got an eyeful.
While this is partly true, you still need to involve HR in the same way as you need to involve your own manager, and for the same reason: if you don't, it can be held against you.
HR are there to protect the company, yes. That doesn't necessarily equate to supporting its management against you, though. Quite often, the management are by far the greater threat.
"HR exist to protect senior management from their own stupidity."
They do that by bringing in enough new stupidity to swamp out the bad decisions of management.
Maybe it's hard to notice I don't care for HR. I think that it's gone from a person that makes sure everybody signs the employee rules, the insurance paperwork is submitted and mandatory records are correctly kept to a fiefdom that often has no clue what the company actually does and what all of the other employees do outside of their department. Their department is there to create as much headcount as possible and to make sure job applications and complaints are handled in the slowest way possible (to show they need more staff, thereby raising the headcount).
FTFA: Those departures were unrelated to the incident cited above and were fully documented, proper, and in CIRA’s best interests.
..and only coincidentally occurred immediately after the discovery of the inappropriate material on the CEOs laptop.
Feel bad for the PFYs involved. Perhaps they can win an wrongful dismissal case, but they'll choose their next BOFH more carefully. Agree that a better BOFH wold have taught them to cover their "donkeys" before exposing the CEO. Roll of carpet, a shovel and some quicklime optional.
The IT staff were rightly sacked since they committed bad actions, no matter how tasteless their boss was for leaving his crap about.
a/ Whining at Human Resources. [ I would hope the rugged Canadians to be less concerned with effete PC nonsense.
b/ Transferring data to a Windows computer.
d/ Interposing their own judgement as to which data they shall move.
c/ Causing the hard drive with his private information to be destroyed.
Something that the SNP follow to this day (talk about freedom and yet their response to any issue is ban something (latest being a plan to make misogyny a criminal offence (without defining misogyny in anyway and ignoring completely a very senior judges review (that they spent hundreds of thousands of pounds on), hand vast sums of money over to private companies while claiming they can't pay the disabled/carers/elderly any more as there isn't any money, give vastly undue influence to religious groups (despite religious adherence being a minority pursuit in Scotland)
This one I completely agree with, "Interposing their own judgement as to which data they shall move.".
Actually very true, they should have stopped all actions and gone "whinning to HR" immediately, not picked out stuff and tried to half-finish the job. Additionally we trogs on the shop floor are not paid to think, we have management above us who get paid a lot more than we do to deal with this sort of stuff. Tell HR and your manager about it, be 100% honest and let HR and your manager deal with the fallout.
I agree with others, HR is not to protect you, they're there to protect the company above all else. HR makes sure that you are able to keep inline with company policy and where necessary find ways to ensure you stay compliant with company policy no matter what it takes and where you won't be compliant they will find ways to ensure troublemakers are "handled".
Did I hear a lawyer salivating at this? In the damages thing the lawyer would say they will win or get some cash, otherwise not charge you a fee (they figure there is a pretty good case or a settlement to be had), then they make a bundle (probably a settlement)... and after the bill, you would be left with tuppence.
Yes, I had a friend to whom this happened. The lawyer said if they lose he'd take 5k, if they win he'll take 50% + expenses - which finally turned out to be the aforementioned 5k. Given the gain was 12k, the lawyer walked away with 11k and my friend with just 1k... (For the record, those 5k expenses were just for showing up at the trial, since the case was obvious. The whole procedure took 5 minutes, the employer's lawyer hadn't even bothered to show up, there was no way he could had won this.)
My lawyer in a similar-ish situation with a small company (constructive dismissal) told me that he suspected that they would simply liquidate and start up again because the sums involved would be considerable. In fact he suggested I "put up with it" and stay with the company to see what eventuated.
It was extremely good advice. The HR person and the general manager were out of the door before I was, and I went of my own accord.
In this case my personal view is that provided the material was not actually Epstein-style illegal the IT staff should have stayed schtum and copied the material over. The result of the trial for defamation of the maker of the Pedolo Model 3 should remind us that the laws are only for the little people.
"At the point of firing and NDA, I'd pause and go get a lawyer."
Even in the USA (and especially in Canada) you can't NDA something illegal or contract out of a legal requirement.
In most places, attempting to (or suceeding in) force an employee to sign a NDA to cover up unlawful activity or to contract out of legal requirements becomes a criminal matter and the employee is held utterly blameless in the matter as the company is deemed to hold all the cards.
One one side; As long as the images are not illegal who gives a flying fuck?
On the other side; Firing the techies for finding said pics on a work computer no less = dick move.
On the gripping hand; Running and whingeing to HR about pics of a few bewies = childish dick move.
No one in this story has covered themselves in glory
Sorry, almost gave you a thumbs up for the Gripping Hand reference...
But, this was a work computer, so there is absolutely no excuse for having private images on it, let alone erotic/porn images, even if they were his own. Most companies have very strict policies about that these days.
Firing the techies was definitely a dick move.
The IT staff going to HR because of a violation of company policy, as long as they had gone through their manager, was absolutely the right thing to do. That is what HR is supposed to be there for. At least in the parts of Europe where I have worked.
I suspect the issue that got them fired was probably the waiting a few months. Given that the images could have been anything - including something very illegal - HR should probably have been notified straight away. And that's likely what the policy said, which is why they were fired.
I've been at workplaces where similar things happened. IT people went straight to HR... and nobody got fired.
The right word here is policy. If the company has an approved and published policy regarding the use of company's computers then it should also specify actions to take. In the absence of such a policy, you're pissing against the wind, unless it's clearly illegal like in the case of child abuse when you go straight to the police.
"One one side; As long as the images are not illegal who gives a flying fuck?"
No one actually, however every employment contract including yours, has a clause about inappropriate use of company equipment being grouds for dismissal. So if you're doing the same and storing "grumble flicks" on your work laptop I'd get them off before you get called into HR!
The reason is simple, the company gets it's arsed sued if for any reason said "grumble flicks" on company laptop get seen by a minor or a company client or partner. Exec with smut filled laptop goes to a school to give a talk, puts laptop on school hall display, up pops Shag McNasty doing the horizontal dance.
The other reason is that if you let one person do what they want, then everyone will and the execs are supposedly our betters and should set a good example for we plebs on the shop floor, sadly we all know that's crap and they're worse than us for not using their nous, incompetance is the pathway to upper management.
No one actually, however every employment contract including yours, has a clause about inappropriate use of company equipment being grounds for dismissal.
many many posters are quoting that one , i call bullshit on 3 counts
1) He's the CEO and the rules dont apply - unless its a security issue like having a strong password
2) company car . comapny phones . company clothing can all be used for "personal use" right?
you can call your friends on the work phone cant you?
You can use your comapny car to go to the supermaket cant you?
You can even use the company internet to post shit on face book as long as its in break time...
3) storing 1000 pictures on a laptop hard drive? how much resource drain is that? Every executive probalby wastes more money than that 100 times over every week on their expenses account
4) innapropriate use is a very flexible term - see 1)
That's actually a very good question. ICANN is the grandfather in this domain, we have Afrinic and now Canada as well.
I'm guessing it's because they don't have all that much to do once the domain names have been approved. So they just sit around all day and wait for something to do, which of course means there is ample time to fool around. And, humans being humans, if they have time to fool around, they will.
Have worked for a NHS trust were whenever the chief exec connected his iPhone, all his naughty pics with his wife got copied to his home drive, and quietly deleted by IT.
Have worked for another NHS trust where the chief exec got sacked due to comments made to HR by doctors/consultants leaving the Trust. Affairs and sex rings mentioned as reasons for dismissals on both sides.
This post has been deleted by its author
Having personal data on a work computer is generally against policy, but isn't inherently improper or illegal, right?
My question is this: the people doing the transfers clearly were perusing the data on said executive's computer. Isn't this also against good IT practice as well as potentially against IT policy?
There is likely all manner of sensitive information on a CEO's computer - work as well as anything else. Is it acceptable that an IT person tasked with data transfer is looking at any of it, for any reason? I'm talking not just about personal pics, but work evaluations of other employees, corporate budgets, board level reports, discussions with potential partners, acquirers or acquirees etc.
If this is not proper or acceptable, the reporting of personal pics on said CEO's computer would be like a john complaining to a policeman that the prostitute he solicited ran away with the money without giving sex...
Fair points. In my experience, it comes down to company policy and is a civil matter. "Illegal" is more a test of whether the activities are criminal.
IT often has broad authority to access, and to a certain extent audit, computer use within the normal performance of work duties. For example, if someone's hard drive is getting full, I'll look for what is using disk space and ask whether it should be moved or deleted. If someone has network problems, I'll check if the security software or the web firewall has blocked access. If I replace someone's PC, I'll copy their files to the new computer and will try to place them where the person will find them. If I'm working on an email problem, I sometimes have to look in email messages..
You can see how we sometimes view personal data without intending to spy.
There are also times when I've been asked to act on specific employees: audit their web activity, give another employee access to their mailbox or home directory, that sort of thing.
The corporate policies that permit IT to access company computers also require IT staff to follow reasonable orders (and be ready to leave if you think they are unreasonable.) Don't abuse computers or people. Report violations as appropriate.
I can't fault the IT staff in this situation. They gave the CEO a chance to walk away and, when pushed, acted to protect themselves from being complicit.
To be clear, I think most companies' policies is that any personal data put on a work computer is:
1) No longer subject to personal privacy laws
2) Is not going to be officially supported by the company - i.e. backup, recovery, IT help etc
I don't think I've seen policies that prevent all personal use of the computer - these are impossible to enforce, or at least enforce without being extremely intrusive.
Ultimately, if the issue was that the IT people didn't want to move the data because it was personal under 2), that's one thing. If the issue was objection over the material itself - this seems odd since it shouldn't matter if the material is sexual or just a lot of saved games of Minecraft - particularly since there is no mention of said CEO showing this to anyone.
"I don't think I've seen policies that prevent all personal use of the computer - these are impossible to enforce, or at least enforce without being extremely intrusive."
Yes, it is hard to enforce. I don't think I've ever been anywhere where personal use wasn't allowed by policy or severely restricted. It was no problem if you wanted to book a table at a local restaurant or search for someplace to hold your wedding reception on your own time. Leaving your computer on at work and using it as a backup device for your home computer would be a problem.
Most companies don't want personal information on work computers due to liability issues.
The policies remain in place so the company preserves their rights to delete any personal information or user loaded software/data with no liability. If they plan to replace all of the computers in an office over the weekend with shiny new, they don't want to have problems with somebody that's out screaming about not having had time to retrieve all of their personal stuff. The company also wants the right to snoop any computer they want any time they want.
"it shouldn't matter if the material is sexual or just a lot of saved games of Minecraft"
With sexual stuff there could be lots of issues. Are any people in the images underage (for Canada even if they weren't where the photos were taken). Revenge porn, peephole photos, etc. There's a new law twice a day. Somebody new with no safety net might be worried about liability by just knowing about the photos. If it turned out that there was people in the images that were not of legal age of consent, could IT be held as complicit in the transfer if they knew that the photos were naughty? I'd hope that a court wouldn't drag them through the process, but it's best to be nowhere near the mud puddle so you don't get splashed. I left a company that played fast and loose with safety laws. As the listed safety officer, I didn't want to be anywhere near that place when something happened. I could point all I wanted at senior management and it might do me no good at all.
I guess true. If none of it was illegal then was none of their business unless of course the policy they sign when they join up states they shouldn't have it on company machines. If it was found on their laptops, that said CEO would of had them fired. You could also argue the point of going to HR was to cover yourself. You'd now seen it, he'd realise later that you'd seen it and panic and because no one has been told, blame you for putting it on there. So you're covering yourself before that happens by just mentioning it to HR "We had to copy files of the CEO's old machine. Just thought you might want to know there appears to be porn there".
But you could also just argue "As we were in the folder ready to move it, thumbnails were on so it was impossible to not see the files. Besides. We had to make sure we'd got everything the CEO wanted so obviously had to check the folders in case he'd saved files in other areas of the drive you normally wouldn't save too".
It's a difficult one. Very difficult as you could then give the same defence to Gary Glitter who took his PC in to repair at PC World. At which point they obviously had a look through his files and then found the shit they did and rightly reported him. Could he argue "Why were you looking through my files in the first place?"
If you are transferring stuff from a Mac to a PC, it's pointless to transfer Mac specific software and you may be tasked with converting data files into a format that a PC application can read.
Even if you are transferring from an old Mac to a new Mac, you may need to be sure that software continues to work on the new machine. You make not be able to get away with just cloning the drive or running the migration utility.
Sensitive information should be encrypted. Especially so if the computer is a laptop. I've been at companies (not in IT) where everybodiessalary.doc was just flung into the SVN system meaning it transferred a copy to my computer (BYOD). That's not a good thing to do when it turns out that you can't get a rise because they just hired that useless intern for more than they pay you. With dealings like that, you'd think that salary information would be kept confidential. Lucky for me my supervisor noticed the same file show up in his directory as well and made sure I was bumped up a grade. He took offense that the people I was supervising were being paid more than I was because they brought new people in at prevailing salaries but were loath to gives rises to people that have been with the company for some time. I wasn't there for much longer following my supervisor out the door. With him gone, the engineering team was headed for the bin.
No matter who, where or at which company you should never save nude, porn or anything of a sexual nature to your work computer. It's not a matter of legality but it is a matter of HR processes, professionalism and quite honestly decency.
I've worked in IT for 20 years and I have had to deal with similar situations and in most of them the person with the porn got the sack! This is in the UK.
This was poorly dealt with all around.
Out of all the jobs I have have I have seen a lot of porn on computers. What have I done about it? Nothing. I copied the files over, that was my job at the time, On one occasion I had a quiet word with the person later that it was a bit much.
When I worked at a PC retailer on the, not infrequent, times where I repaired a computer and found porn/nudes as the background I would change the background back to the windows default, without comment.
What you have on your computer is none of my business.
Fair point, except that - as others have pointed out above - it wasn't his computer. It was the company's. Which is a totally different kettle of fish.
I have no problem with people having the (to use a former colleague of mine's phrase) "kinky latex donkey buggery" stuff on their own, personal machines.
It's a bit like Content Moderators (I've talked to a few recently, not a job if you are not tough skinned, moderating internet content at its extreme worst). The interesting thing I found is that they are explicitly taught to apply Policy, not to make their own standards. It would be the same in this case, apply company policy, if it is not covered then it's not your position to apply your own. This does not stop you raising policy gaps and seeking guidance on how to apply in future, and/or clarification in the policies. Not doing this leads to lots of cans of worms such as invasion of privacy,or uneven application, singling out particular individuals (whatever you may think about the content). The only exception here, which can also lead to problems is (depending on your legislative context) you may be obliged to report certain types of content to authorities ... but that's up to corporate counsel or whoever has corporate responsibility, and you do your bit by raising it with them. if there is no policy or obligation then you are back to applying your own judgement (and raising THAT if it is problematic).
What about simple self interest?
How would reporting my boss' boss' boss' ... boss help me?
If it is some kind of BS test, My answer is I didn't see them, I don't look at things that are none of my business. We all can see what happens when you report C level people.
Best answer is keep it to yourself, and have a little chuckle about it to yourself from time to time. I am NOT the morality police, and I do not want the job.
there is no reason that anyone in IT should have opened up those personal files.
that is called snooping and makes me wonder what other files were checked out by the curious IT guy.
the files were not a crime, naked adults are not a threat.
all of the files COULD and SHOULD have been xfered without being viewed at all.
I am a retired Sys Admin. We found that men with offices, with a door, were the most likely to have porn on their PCs. 99% of porn is on men's PCs so if you are going to HR go to a woman manager in HR. Our three worst abusers were a manager in IT (most ignorant person in IT), a male manager in HR and another man in a remote office. We could tell that this last man was always on time for work and did not leave early because the logs with URL entries had time stamps. Solid porn from 8 to 5. No one was fired but they were warned and suddenly the porn stopped. There were a lot of red faces.