As a systems administrator, I have a higher level of access to people’s information – their files, their account details, their email. But, as quoted a number of times in SpiderMan, “With great power comes great responsibility”.
Yes – I can pry into anyone’s files or emails *if* (big “if” here) I was requested to by a manager, in writing and with a reason why. No, I do not do it just for shits and giggles. To be perfectly honest, I get enough email of my own without spending time trawling through someone else’s.
As a member of SAGE-AU (yes, I’m spruiking a bit here) I adhere to a code of ethics, as all systems administrators *should* do. I know many who don’t. The “Prviacy” statement of the SAGE-AU Code of Ethics states:
“I will access private information on computer systems only when it is necessary in the course of my duties. I will maintain the confidentiality of any information to which I may have access. I acknowledge statutory laws governing data privacy such as the Commonwealth Information Privacy Principles.”
I will access private information on computer systems *ONLY* when it is is necessary in the course of my duties. We do get requests from people to be able to access files or emails – someone’s away unexpectedly and that report that’s due in 15 minutes is required right this minute, someone has left the organisation and there are critical pieces of information and contact data in their email, a user is at home and has forgotten their VPN password and needs a file emailed to them to work on from their own home drive.
These are all examples that I have personally had to deal with in regards to accessing data. They’ve all been requested through the proper channels and the access that I have had to these files has been done with privacy in mind. No copies were kept. No files were passed on to people they shouldn’t have been. No passwords exchanged…and I’ll save *that* topic for another blog article.
I know that in my job, I strive to not cross that line. Sometimes the line can appear a bit blurry – scanning across a drive to find “unauthorised files” that users have to find a folder containing music files of a favourite band. No matter how tempted, or how inviting that may appear, it’s not your right to look into the files or to take copies. It is a breach of privacy, even if the files are unauthorised.
I resent the implications that I see in both the media and in popular culture that people who are “computer geeks” access files just because they can. Sure, some do. But the majority of us do the right thing, not just because we know that it’s the right thing to do but because we truly do not have the time to spend hours sifting through those photos of James and Anna’s wedding, or that music collection that you’ve so kindly decided to put up onto our file server, or to read those emails going back and forth between yourself and your brother over who’s in charge of organising mums birthday dinner.
We have our own jobs to do, we have our own emails to read, our own files to organise and browse through, our own lives to care about. Just because we *can* access your files, doesn’t mean we do. So please don’t ask the stupid question – “You can pry into anyone’s files or emails….right?”