Lex Nokia
February 2, 2009 9:41 AM   Subscribe

A company that generates innovation and IP should be allowed to monitor employee emails.
posted by KokuRyu at 9:49 AM on February 2, 2009

Nokia accounts for a quarter of Finland's exports and a third of the market capitalisation of the Helsinki stock exchange. So a threat to leave the country would have a terrific amount of weight. That's a vast amount of political power for a company to wield. Probably enough to say: what it wants, it gets.
posted by WPW at 9:56 AM on February 2, 2009

A company that generates innovation and IP should be allowed to monitor employee emails.

In this case, that translates as:

A company that generates innovation and IP should be allowed to break the law.

Why should they?
posted by DreamerFi at 10:10 AM on February 2, 2009 [1 favorite]

A company that generates innovation and IP should be allowed to break the law.

They're trying to change the law, which indicates they aren't trying to break the law.
posted by KokuRyu at 10:22 AM on February 2, 2009

In an ideal world, a company threatening to leave a country if its bullying doesn't work should be treated as a pariah; whichever country it tries to go to, it should be refused any license to operate a business.

In the real world, the people involved will probably come to some backroom arrangement that will let them spy on citizens. I hope Finland knows what its doing.
posted by Blazecock Pileon at 10:33 AM on February 2, 2009

A company that generates innovation and IP should be allowed to monitor employee emails.

Why?
posted by shmegegge at 10:38 AM on February 2, 2009

The subtext to that first comment is that they are vulnerable to trade secret distribution via email. Or so I guess.
posted by greekphilosophy at 10:50 AM on February 2, 2009

i gathered that. what i mean is, why does that mean they should have access to their employees' private communications?
posted by shmegegge at 11:03 AM on February 2, 2009

They aren't asking for the right to access private communications; this is all to do with emails sent from work. Nokia wants to "monitor their workers' electronic correspondence for information including the sender and recipient of the email, the time it was sent and the size of attachments." As far as I can tell from reading a few articles on this, they aren't even asking for the ability to read the contents of the email or the attachments.

The whole thing is, to me, a non-issue. If a Nokia employee wants to send personal emails at work that won't be snooped on, then just use GMail or the like. Or, hell, they work at Nokia. Surely they can send and receive personal emails from their cell phones.

On the other hand, I don't see how this level of monitoring would stop any but the dumbest corporate spies. Copy stuff to a usb drive and email it from home or an internet cafe if you want to sell corporate secrets.
posted by jedicus at 11:24 AM on February 2, 2009

So, the current law means that a company cannot read it's own sendmail logs...

The new law would allows a company to see that, for example, joe@nokia.com sent an email with a 1Mb attachment to jim@huawei.com, but not be able to see the contents of the email nor the attachment...

This is hardly spying on citizens, this is more like normal usage monitoring of a corporate resources...

Anyway any corporate spy with half a brain has many more secure, secret and anonymous methods of passing on secrets than using corporate email (upload via personal PDA/phone, walk out with mini usb key, send using https webmail etc).

EFFI's problem with the law (according to this badly translated blog post) is not that a company should be allowed to monitor it's own email, but that the new law is too wide, encompassing any form of internet communication -- including P2P, skype, web access+uploads, for any 'community of subscribers', thus including schools, libraries, parliament...
posted by nielm at 11:26 AM on February 2, 2009

Oooh, thanks for the clarification, but under the new law, who gets to monitor all that?
posted by KokuRyu at 11:37 AM on February 2, 2009

They aren't asking for the right to access private communications; this is all to do with emails sent from work.

I'm not sure I agree with your definition of "private," there.

The whole thing is, to me, a non-issue. If a Nokia employee wants to send personal emails at work that won't be snooped on, then just use GMail or the like.

The article linked above doesn't say whether they want to access the logs for their employees' company emails (@nokia.fl or whatever) or any and all email accounts used from work. can you link us to the other more informative articles you've been reading?

On the other hand, I don't see how this level of monitoring would stop any but the dumbest corporate spies.

yeah. which is why i still think to myself, "why should they have this?" it won't actually provide them with what they want, if what they want is the ability to ferret out industrial espionage.
posted by shmegegge at 11:44 AM on February 2, 2009

The article linked above doesn't say whether they want to access the logs for their employees' company emails (@nokia.fl or whatever) or any and all email accounts used from work.

I don't actually know that the law doesn't permit the right to monitor 3rd party accounts, just that technology pretty well prevents it. The easiest way around it, a keylogger, almost certainly runs afoul of the privacy protections left in the law because it would capture everything, including email contents. Anyway, there's always cell phones.
posted by jedicus at 12:11 PM on February 2, 2009

I think this post needs more (and better) information. There are too many open variables to be able to discuss this issue properly.
posted by KokuRyu at 1:03 PM on February 2, 2009

Companies in the U.S. already have this, and more. Not that that is a good thing, but well, it's not the end of the world.

I do know that Nokia has much to fear from industrial espionage, and they take it seriously. A friend of mine used to run one of their design shops in Southern California. The security at their facilities would make your head spin.
posted by Xoebe at 3:24 PM on February 2, 2009

I would imagine its hard for most of us to have much sympathy for seemingly benign access. Most of us expect our corporate communications to be fully monitored. Nokia seems to be demanding a very rudimentary level of surveillance.

Even though they may have previously broken the law, apparently it was to ferret out industrial espionage (instead of say, details about employees sexual lives or other non-work related matters).

I certainly would never have a problem with my employer having such access to my work email traffic.

Now, did they break the law before? Are they blackmailing their host govt (give us this law or we leave)? Even reasonable requests, when they are voiced as unreasonable demands, upset reasonable people.

My conclusion: I sympathize with Nokia's wishes and concerns, and they apparently have been dealing with the matter awfully. (Their actions remind me of framing a guilty person).
posted by el io at 6:19 PM on February 2, 2009

Most of us expect our corporate communications to be fully monitored.

Yup, in the U.S. your employer can do any damn thing it wants with its computers. It can record every keystroke, capture every screen, so the real surprise with this story is that Finland gives employees the right to privacy on corporate machines and networks. That sounds ludicrous to my American ears.
posted by exhilaration at 10:44 AM on February 3, 2009