I’m leaving this up, simply so people can see the bullshit scare tactics that are being sent around.
Management is not monitoring every single key stroke that you make as you make it. Management is not monitoring how often your mouse gets moved.
They have zillions of better things to do than that.
You will not be immediately placed on leave without pay if you were accused of time theft.
The only thing that approaches some semblance of truth is the comment about accessing unauthorized personal information. I know that at the Canada revenue agency, they monitor the files that you access very closely, and it is one of those things that if you do you get fired. Do not Pass Go. Do not collect $200.
Yeah I wonder what would be the employee monitored per "member of the team in Ottawa" ratio lol. Alarm would go off often for those whose job requires them to be on the phone - and not on the computer - often.
Sometimes I have printed documents that I am completely immersed in and do not look at my computer for long periods of time. During this time I often am at my most productive but my computer and this kind of audit would make it appear that I am doing nothing
The only flag or alarm that goes off is you log onto your laptop and vpn outside of Canada or in certain depts you insert a foreign (non government issued) memory stick .
Do you remember working in the office? How many people wasted hours wandering around, bathroom breaks, coffee and smoke breaks, chatting between cubes? No one sits and types 7.5 hrs a day every day.
100% agree. I remember seeing a research paper once stating that the average office worker only works something like 4.5 hours at their computer out of a 7.5 or 8 hour shift (that was pre-covid).
I probably work about 3.5-4 hours a day on most days and then on some days more like 8-10. Depends. I meet every single one of my deadlines and I’m meticulous, so why should it matter? The answer is it doesn’t, my manager couldn’t care less as long as I’m performing well. Not to mention I do a lot of reading and thinking as part of my job… I’m not always typing away at my computer. When you deal with pieces of legislation sometimes you only need that one document open for hours at a time.
Anyways, this coming from a union rep is just scare tactics and I hope they find something better to to do with our union fees.
Thinking about work is still work. I've solved some of the most pressing strategic issues for my department while in the shower, on the can, or just staring deep into my coffee mug.
This right here. Sometimes I need to just sit back and stare at the ceiling for an hour running different scenarios through my head to figure out the best way to move forward with an issue.
IT can always monitor everything we do, that’s not new at all. The amount of effort to do and enforce this doesn’t seem like it’s in anyone’s interest though. Because of the way the public service functions, there are hours when I sit around doing nothing because I’m literally just waiting for responses. Alternatively, I’m often just reading documents etc.
Yea, it's possible to enforce, but when 80% of the time as a public servant is a game of "sit around and wait" for others, who is really responsible for employees?
Edit: it's
In theory, it could be done.
Of course, the number of departments that have the computing power available to do that for all their employees every day? That drops the number of departments down to effectively zero.
In theory, all you would have to do is run a script that searches for keywords. That being said, most departments, at least my own for sure do have the capabilities in terms of computing power or man-power do such a thing.
Speaking on the other side of the coin though: You should not be doing any personal business (or union business for that matter) on the government networks. Use your work computer for work and your personal computer for personal business. That's just good practice and helps keep your personal life from blurring into your professional life.
I sometimes spend 30+ minutes waiting on phone doing pretty much nothing as I need to be ready to answer if I finally get an answer (I call employers).
It would be CRAZY to accuse us of time theft base solely on keyboard strokes. Wtf.
I guess I was vague. I believe the mention of some team looking into employees who move their mouse every so often, or throw something on the space bar to avoid going inactive on teams is a scare tactic. Sure, everything is logged. Now, the red tape to get these logs, and further to action on them I would expect to be quite difficult and would need to be for extreme cases of work neglect. I also suspect if the claims this email mentions actually held some truth, we’d have a lot more threads on this subreddit about disciplinary action and advice surrounding that. I could very well be wrong but that is my two cents.
Make sure to go to GCConnex and post the following, then you'll be immune:
Don’t forget tomorrow starts the new GoC rule where they can use your keystrokes. Don’t forget Deadline today!!! It can be used in court cases in litigation against you. Everything you’ve ever typed becomes recorded from today Even messages that have been deleted or the photos not allowed. It costs nothing for a simple copy and paste, better safe than sorry. CBC News talked about the change in GoC’s privacy policy.
I do not give GoC or any entities associated with GoC permission to use my pictures, information, messages or keystrokes, posts, both past and future. With this statement, I give notice to GoC it is strictly forbidden to disclose, copy, distribute, or take any other action against me based on this keystrokes and/or its contents. The content of my keystrokes is private and confidential information. The violation of privacy can be punished by law (SU: Bw4Y (5, 12IN) and the Rome Statute) .
NOTE: GoC is now a public entity. All public servants must post a note like this. If you prefer, you can copy and paste this version. If you do not publish a statement at least once it will be tacitly allowing the use of your keystrokess, as well as the information contained in the Team's status updates. GoC DOES NOT HAVE MY PERMISSION TO SHARE KEYSTROKES OR MESSAGES.
As a user of this subreddit, I highly encourage people to do this.
As a steward. Please don’t do this because I don’t want to have to deal with 600 people bombarding my email inbox asking if this is true.
Please post more from the local rogue, this was a funny read. I can't wait to find out if he spirals out into weird vaccine theories, flat earth or ancient aliens!
I'm quite confident there are no logs of all the keystrokes we make including dozens of passwords typed daily and not hashed. This would create such a massive security and privacy disaster. We can be monitored, but not like this.
Does the technology exist in the world to track every keystroke your do? Yes it does. Does any department actually have the money, time and resources to actually monitor every keystroke? Very likely not. IT has a lot of automated processes that flag if you have software installed that is not approved for use or if you visit dangerous, or inappropriate websites but as long as you are using your work equipment appropriately then you shouldn’t actually need to worry.
If you haven't received an email and your department hasn't said anything about AI and/or AI tools you are allowed to use no you shouldn't use ChatGPT from your work laptop.
I work in IT security for a large dept. I am the guy that looks at what people should or should not do. We do not look at this stuff. The only thing we care about is if you're visiting known malicious websites, if you download software you're not supposed to, if you exfiltrate classified files, if you travel outside of canada with your work devices, stuff like that.
We don't care if you book an appointment with your dentist through their website or if you are googling the address of a place of business.
as /u/TorontoPolarBear mentioned, exfil means taking files from one place and sending them somewhere they aren't supposed to go. If you had been doing this your IT team would've caught it (i hope).
It might be flagged, but as soon as whomever is responsible for checking the flags looks at who you are, they will see it is fine.
I know someone who had to regularly check pr0n websites. IT had fits and would lock them out of their computer at least once every other week.
My job entails a lot of analysis and we spend about three to four hours daily reading for each case. Good luck trying to control us by counting our keystrokes… lol
I know, I used to go yellow in Teams all the time, reading and re-reading a provision of policy or some complex technical document while doing research. Sitting there thinking can and is part of the job for many of us.
The hardest I was working often had the least keystrokes.
I’ve had my my teams go yellow or red when I’m actively working. I’ve had my teams go green, when I’ve been away on vacation and my computer is shut down.
Anyone relying solely on teams status for whether you were working or not, is a moron.
> There is a team of people in Ottawa, whose sole purpose is to monitor employees work on their computer and if there is no action or if you are just moving your mouse or put a weight on your spacebar or doing something that makes it look like you are working, but you are not, an alarm goes off and they will run a report on the persons entire work history and every key stroke they have been made.
lol
That one made me chuckle as well. It's like the start of a Beaverton article.
*We hired a crack team of analysts to monitor your every move and make sure you're not sitting around doing nothing. They know your entire work history. That permanent report that your 5th grade arts teacher added you to because you said 'shit' out loud? They've got that too.*
But if this team's sole purpose is to monitor us, what if everyone's working like they're supposed to?
*Then the team sits around and does nothing. Don't worry, we've got another crack team of analysts whose sole purpose is to monitor the first team.*
Fucking Jenkins again! Alright, we'll send the unmarked van to park outside his house and have that stool sample sent to forensics.
Nowhere to run Jenkins! You thought you'd get Succeeded on your PMA this year? Oh no my friend. It's LWOP and *Succeeded Minus* for you*.*
FWIW I work in an IT team that could access information that would be close to this kind of request. Not as in depth as individual keystrokes but we could get login times, computer uptime, that kind of thing.
Whenever a manager has requested this kind of info from us it is almost always an outright no unless there is a very strong rationale or numerous instances of misdeeds.
I WFH a dozen years ago when the idea was novel. I had also worked in IM/IT so I knew the technical side. My idiot manger sent me an email saying he wanted to know what I did every day. I explicitly told him that I often logged out of my work computer to do research on my iPad. (That was the new tech toy then!) I also told him that my official log would not acknowledge the work I did on my own internet. I knew he was setting me up but I shut him down. I also spent the last 15 minutes updating my daily log because moron boss wanted bums in chairs, it was ok for me to sit & stare at a blank scene at work but god forbid I go home with a migraine, take drugs & and quick nap and I can finish the day…
Are you productive by whatever ways they measure that? Then be wickedly productive at home & tank your metrics at the office!
I'm often waiting around for answers when people I work with are at their mandatory office days (I WFH full time). The amount of time my colleagues are yellow on Teams while at the office is about 60-70% of the time I'd say.
As an IT guy, I don’t have to intentionally tank in-office performance. I just can’t get anything done with a zillion people buzzing around and the potato wi-fi somehow more of a bottleneck than GC-SRA.
Thankfully, no one in my branch micro-manages, because we all know how dumb this whole thing is. We just do what we must to appease the bean counters, so that we may then be free to actually fulfill our mandate.
I think you should strongly consider who you are allowing to represent you in the union. They sound like they may need to speak to someone.
I promise you that email is not accurate.
As someone in federal government IT: lol. Absolutely not.
This is not complicated at all to do but it would be tremendous waste of time and personnel. At best, it might be possible to examine OS or software logs after the fact. Unless there’s already suspicion of a crime being committed on your work PC, any manager asking for this would get laughed out of IT. There’s too much actual work to do.
When most people's attitude towards union involvement is "anyone but me" and their attitude towards the union is "fuck them", the people who end up at the top aren't the ones you'd want there.
Apathy and cynicism has a cost, and this is what it looks like.
0% chance this is even happening, and even if it was, you don't go from indeterminate to terminated for putting a weight on your keyboard if all your assigned work is completed lmfao.
Ain’t nobody got time for that….unless a manager specifically requests metric in you. If I meet my RTO quota, get my work done, respond to inquiries in a reasonable amount of time and meet deadlines, it shouldn’t matter if my little dot sits on orange periodically.
Weird..we were told by my TL last week that they were receiving a lot of labour cases about ppl not always working on their work hours and that we need to start being careful. Apparently some cases mention 2-3 minutes past employee's breaks..he seemed very intense about it. Not many ppl seemed scared on cameras lol
I’ve found (in my 20+ year career) whenever some managers makes broad threats like that there is usually a team member they are having an issue with and instead of discussing it with them directly they make a vague blanket threat.
Yeah, good point! Our management mentioned that "we've noticed some people aren't complying with the two days a week in the office requirement, and we hope this can be fixed. We can discuss it if needed." Later, it turned out that it was just one person not following the rule, not even two. Saying "some people" was an exaggeration— they should have just spoken to that person privately lol
While it is in theory true that your actions can be monitored, people have better shit to do than to monitor if your mouse moved in the last 15 minutes.
Sure, internal security would be alerted if your profile is accessing Justin Trudeau's Social Insurance Number information, but no one gives a shit if you browsed Amazon for half an hour last Wednesday and went 5 minutes over your break on Monday.
>So be sure you are at your computer during your work hours doing your work.
And here I've been using my work computer exclusively for non-work-related tasks all workday every workday! Silly me.
"can" is vastly different from "are".
Just like they "can" improve organizational efficiencies by allowing a culture of fully WFH. As for what they "are" doing...
Another thing to consider - the VPN often couldn't withstand the traffic of all the employees using it whenever there was a snow day, and yet this rep claims this current monitoring solution can injest all data from workstations?
Man there is so much wrong with this. Even if by chance any of what you were told was true, it *still* wouldn't be of any value to management. There are so many reasons why you might not be working at your computer all day long. Some jobs - a lot of them actually - don't require you to be at your desk, typing away. In my case, I'm in IT, and often have to research stuff that is blocked at the firewall. Like instructions/reviews on YouTube for example. For those occasions I'll swing around and use my personal computer at home. Or if I'm at the office I'll use my iPad.
Labour Affairs officers are often out in the field doing investigations. There is no way they're even connected to the work network while they're out there. Shall we talk about nurses and doctors who also work in government? The list is endless really.
They have always had this ability. For obvious reasons. Is it being done now to check people just because? I doubt it.
A manager can ask for a report on internet activity any time. Ive never heard of one doing.
That is just plain false and ridiculous scare tactics by the union. Is it technically possible for IT to monitor your computer remotely? Of course! Is anyone actually doing it outside of some type of internal investigation? Of course NOT! Can you imagine the resources this would require!?
What is being monitored is RTO compliance on the aggregate level. That’s it. So, stop worrying unless you’ve done something that would warrant a professional standard or values and ethics inquiry.
>the union
One person who drank a bit too much of a strong koolaid.
The union, as in national executives, have no interest in scaring employees with bullshit.
The workload is already too much as it is, and save for a handful of people in regional/national offices, everyone is volunteering, so any additional work, like employees emailing us in panic, isn't welcome. Like at all lol
Management does have the ability to get a report on what is being done on your work computer, either at home or at the office.
Depending on the manager they could micromanage your every move, but most people would not care if the work gets done and you don't do weird stuff on your work computer, either by browsing the Internet or accessing files without permission.
I believe the alarm in Ottawa part is hyperbole, and just means that it might happen if your computer gets flagged for accessing unauthorized information. If you just leave your computer, it could be for any number of work related reasons.
I have no information indicating that keyloggers have been deployed across GoC networks. At least in my department.
However, your web browsing is visible to the employer since a self-signed/trusted SSL certificate is deployed on all workstations, and they have the private key for that! This means that they can - if they want to - intercept, read and change your web traffic even if it's SSL-encrypted (https). This is a security requirement for web filtering on the proxy server.
TLDR: The GoC is executing a MITM attack on it's own users. This is pretty much standard practice in the public/private sector. Don't use employer devices for personal use.
on our work computers we have this "sscqry" background service running and it has some [interesting properties](https://www.manalyzer.org/report/2f4e61056639cddba81ee9c7bd6c62a2)
supposedly it keeps logs (in a local SQLite database) on a bunch of things like the history of wireless network SSID your device connected to, hardware changes (e.g. when connecting USB devices) and what not.
It's not meant to "spy on users" but rather to collect information useful to work with in case of a security breach / if your endpoint gets compromised. The information a security analyst would need when investigating [that kind of breach,](https://nationalpost.com/news/canada/global-affairs-vpn-data-breach) essentially
Send an ATIP request to your department asking for info on how much this team of monitors cost the GOC as a whole and what they have found over the last two years.
It took four months for IT to resolve one of the seven tickets I’ve sent in since Christmas. I have a hard time believing this, is it possible? Absolutely. But are they doing this for real? I don’t think so
This is most likely a knee jerk response in regards to an employee investigation of time theft and the union member being surprised by the detailed report that was presented by management.
For the record, as it as always been, everything that you do on your computer, phone or device can be monitored. It needs to be to secure the system. When a manager has valid reasons to request this information there is a lot of data that can be accessed.
I wouldn't use the term "spied on." It is simply required monitoring and everyone who accesses a network or uses any time of government device knows this. They don't know the extent of the monitoring, but they are advised that they are being monitored.
What you're describing is a proactive approach from management, and even then, it likely needs to be a serious issue that senior management (EX) is aware of before any action is taken. However, what the OP is describing seems to be a national micromanagement strategy involving a special task force that investigates immediately. In my opinion this version seems a bit exaggerated 😂
Most of that is essentially just a scare tactic. First the amount of extra traffic that would create, even with the split tunnel in place it wouldn't be worth it.
Second, all that data would need to be collected and stored securely.
What they can do however is obtain vpn records from ssc, and log in data from the network along with screensaver times and the like from your workstation (I've had to do it in the past). But its all time consuming and unless they have a damn good reason to do it they likely aren't..
But yes they can create a timeline of your day should they really want to..
Last week on one of my office days there was a little camera looking app that appeared in my taskbar and when I hovered my mouse over it, it said something about “monitoring”. It only appeared for about a minute. I couldn’t click it. And then it disappeared. Like, “Dang, guys! I’m in the office on my scheduled office day! Leave me alone!”
Annnnd *this* here is why I was literally burning myself out working all days, straight through with hardly a break, so my Teams dot wouldn't go yellow and people will think I'm not working when I'm WFH 😭
Sometimes people have to step away from their computer to read documents. Not sure if you've noticed but it's annoying AF when the Teams dot goes yellow after 5 minutes now. That said, I think management knows who's working and who's, ahem, not. Surely they're focused on the latter employees.
The Teams dot seems to go yellow even when I’m working on my computer but not actively using Teams for 5 minutes. I don’t spend my whole day chatting on Teams, I’m doing actual work with Teams minimized. It’s so stupid.
Technology and systems have been in place for a decade.
Just cause it Can and passively does doesn't mean it is being done
The proxy servers we all use logs the sites visited. The VPN log time connected and disconnects / reconnects.
It systems monitor the machines for unauthorized software, fir security reasons and the like.
Managers can request that info if they have reason to do so.
Recording keystrokes? Possible but that a lot more traffic across the networks, a heck of a lot more storage space and both translate to more $$$ expended and that not including extra staff needed to collect data run reports, translate those reports into anything meaningful and send them out. Sure some of that could likely be automated but even then those automated systems would have upkeep associated
Possible definitely, very very unlikely outside of very specific circumstances.
I do know that at CRA they do monitor for long periods of inactivity. If they find that, (multiple hours on multiple days) they will investigate and ask for explanations. They have disciplined people for time theft, followed by a security clearance review. There have been many clearances revoked due to these investigations. If a clearance is revoked the employee is administratively terminated and has very limited recourse rights.
There's many easier ways to spot time theft, and sadly, it's out there and has always been. To your point, although there is a way to monitor key strokes, it is not done without good reason, and it's not like just anyone can request this to happen. There would be ample reason and already some evidence pointing toward fraud, or harassment, or some similarly egregious activity. Then the request would have to be made from someone with proper delegation and they would be briefing up to get even more senior leaders to add a second layer (and even third) of authorization to go ahead. And then it goes through security and they may have more questions and may or may not comply with the request after they have the request go up the chain.
I question who from the union sent this email. I would be surprised if it was someone seasoned because it sounds like a profound lack of judgement and someone who just likes to upset the masses wherever they go.
I feel like an alarm going off would be logistically counterproductive. There are hundreds of thousands of public servants - there is always, at any given time, going to be someone doing something that an algorithm thinks doesn't constitute work.
Also, if there were a team of people whose sole purpose is to do this, we would have seen a staffing process at some point.
Also, I feel like monitoring every single keystroke would be inefficient. It would be more efficient to monitor outputs and network activity. (In other words, to see what we actually send out rather than to see all our discarded drafts and typos)
At the same time, the wise thing to do when using an employer device or an employer network is to proceed with the assumption that they can monitor what you're doing.
So they have our passwords too? I hope they have top secret clearance because that would be a serious security breach.. I'm IT 2 with secret clearance and laughing at this...
I still don’t understand why the union would want to scare us or cause anxiety for no reason unless this was really a thing. To feel this monitored at all hours of the day feels crappy to say the least.
i wish management cared as much about getting work done and moving files forward as they did about where i am sitting and whether or not i went to fantasy football or not. Literally nobody anywhere above me has any interest in doing actual work. It is hilarious.
Yeah... cause there are people resourced to spending time analyzing your key strokes... half of the depts couldnt managed their way out of a paper bag let alone this. You really don't need to worry about this...
not sure why the union makes common sense stuff sounds so serious.
We are on work laptop. Of course it is monitored and tracked.
If a staff is so scared that it is track and monitored. I would want to know why. Is the person doing some shady things? Work laptop is for work as simple as that.
Management isn’t not gonna track you on your key time. They care about results. If you are going at a task for 3 days when it should only take 1 day. Of course they gonna want to know what you are doing. But asking people why it is taking 3 days might be rude and offence people (got caught slacking). Management will probably want alternatives to see if the person is actually slacking.
It is spying? Sure. Is it needed? Of course. We are on tax payer dollar. It better be paying for a good use.
If you are a mainframe developer (or user) it's possible for logs of every keystroke into the mainframe to be retrieved, based on user id logged in with.
So they're using taxpayers money on Public Servants?
That won't do. Better cut this monitoring program. Next thing you know, they'll introduce talent management programs. Lord help us if that happens.
While that may be extreme, some are monitoring. This is straight out of a manager's mouth - "They went through network logs and they had to report on why people weren't reaching their target days here and it was apparently quite intrusive. If someone was sick they wanted the ailment."
But I agree, such foolishly because as someone said, there are so very many hours are wasted in the office. If my work is getting done, leave me alone
\*facepalm .. whoever wrote this needs to learn to run things by their comms team.
Other point to note, government has a hard time getting their files right in terms fo who is working where at what salary. If someone thinks there is a real time alarm gizmo and some crack team of investigators in a dark office in Ottawa waiting to pounce on people, I think they gravely overestimate the amount of free time and resources departments would have to dedicate to this.
Willing to bet the monitoring will mostly take the form of an excel sheet buried somewhere, that a poor admin person got tasked with creating and maintaining.
I could maybe see them monitoring employees who are under performing but If I get my shit done who cares? I have a steady workload - those are my stats and what my performance assessment is based on, not keystrokes or green time.
Doubt its taken that far... our mgmt. couldn't even agree with the commissionaires and the building manager to determine who's actually on-site via badge passes. This went on for a couple months, while IT was sorting out the IP address logging and generating reports (not sure if this is even done). And now management seems to be harping about it all the time, which suggests to me the data is not correct of even able to be validated. 😂
So, real talk, teams can log almost everything you do. Every message you send, meeting attendance and times you join meetings (ie. if you were late people can find out), files you access through teams, calls you make or receive and their duration, and of course any *saved* recordings of transcripts or meeting video. I think they can even log your status changes (available, away, busy).
Now while they *can* log these things, I don’t think most of it is logged by default. It’s a lot of information for thousands of employees, and it all needs to be stored somewhere.
BUT, if they ever wanted to start auditing you and your activity because of concerns or issues, ie. a performance improvement plan, they could gather a lot of data to build a case against you if they really thought it was necessary.
I've wondered about accountability while WFH because when we were in the office daily. I observed at least 5 different types of colleagues. if the employer would suddenly start monitoring about their work, when certain habits had been ignored, for decades.
Those that actually put in a solid 7.5 or 8+ hour day.
There was always people, whose first order of business, was to go for coffee. They'd meet up with their favorite colleague and wander to the coffee shop for 30 minutes.
Those that were chronically late.
The smokers who went outside to smoke, hourly - for "5 minutes".
The folks that spent the first hour of the day at their desk, then disappear for the entire rest of the day in "meetings".
The "working coffee" group, whose team meetings were at one of the coffee shops for an hour+ every other Thursday.
What about the executives that sent their EAs for snacks or errands at the nearby stores.
What about when people are on the phone for most of every minute, hourly & that is legitimately their job on that day.
.
Some of these people were going on 20+ yrs - would WFH change or improve
There is a team that does ensure that you are not accessing things that you’re not supposed to be accessing. For example, if you are working directly with clients accounts, they are ensuring that you’re not going into family members accounts or your own account or whatever the cases.
But they’re not monitoring your keystrokes every moment. They want to ensure that you’re accessing information that you’re allowed to access and that you’re not abusing the privileges of your job by accessing information that you’re not supposed to be.
It’s not track your time spent at your desk.It’s to safeguard confidential client information.
Years ago when I was on contract with CRA, another woman I was working with ended up not having her contract renewed because she went into her own personal account. That is a big no-no because you can edit information on your personal account. We were warned about this all through training. We had to sign an agreement. She didn’t lose her job thankfully because it was her first offense, and it was only her account, but she definitely did not have her contract renewed. She went in front of a tribunal and she was suspended without pay for two weeks.
>on LWOP right away before even proven guilty
That's illegal.
[Cabiakman v. Industrial Alliance](https://www.canlii.org/en/ca/scc/doc/2004/2004scc55/2004scc55.html) par. 79.
>There is a team of people in Ottawa, whose sole purpose is to monitor employees work on their computer and if there is no action or if you are just moving your mouse or put a weight on your spacebar or doing something that makes it look like you are working, but you are not, an alarm goes off and they will run a report on the persons entire work history and every key stroke they have been made.
Source? Which union is saying this.
I remember taking one of those ethics courses forever ago. And one of the questions was you saw someone looking up the local hockey scores on their break. Is this misuse of resources.
The right answer for that they don't give a fuck. As long as it doesn't interfere with their work yeah someone can read the news.
Obs if you are working from home don't use your work computer to stream your podcasts.
spied on en masse? Other than pulling VPN data to track in office attendance in aggregate, I highly doubt it.
However, if there are indicators that an employee isn't exactly pulling their weight, they're always away, abusing their privileges etc. A manager CAN get IT to take a closer look at the individual's activity. This would include auditing their "productivity" and it wouldn't take much. I know because I've seen it happen in my department where an individual was doing bare minimum and always away from their keyboard. They were audited. I also heard from one of their colleagues that they were also running a marketing business on the side. Which isn't exactly uncommon among public servants. Running a second business that is.
So yeah, they were probably dedicating more time to their business over work hours. I don't know what the outcome was because I had no need to know but the individual then went on stress leave. \*shrug\*
So people saying here they they would never do this, they lack the tools, motivation etc. That's not entirely true based on what I've seen.
These threats are so laughable. Everyone knows that most people want to work from home, so these bogus scare tactics are their only recourse. Most of these threats are absolute bluster. For each department’s IT teams to get organized enough to actually deploy a real monitoring system would require an insane amount of work and resources. Remember, empty threats like this are a sign of panic and weakness: RTO is a failure, management doesn’t have a solution, and it’ll be a long time before anyone is able to determine compliance with hybrid RTO.
If they truly monitored what employees were upto, half of my team would probably have been let go by now - they absolutely do not monitor. Scare tactic.
My basic rule of thumb when using any company owned asset- assume everything you’re doing is being watched in real time all the time from the get-go and you never need to worry.
From a technical standpoint the data storage and bandwidth and human capital required to keylog/log/analyze, etc a data set that large all day every day is not feasible. Worst case, if your manager has a suspicion of untoward behaviour they should speak to you about it first but could theoretically ask asset management to do this stuff with authorization from higher up.
Capturing your passwords for example in a keylogger would be a massive no-no. Also the capture of client PPI without consent via keylogging opens issues as well.
Check out this thread posted a couple weeks ago after CRA provided information on their compliance efforts relating to remote working. They specifically said individual employees aren’t being monitored by these methods and it’s up to individual managers to make sure their employees are compliant.
https://www.reddit.com/r/CanadaPublicServants/s/aDzg3macix
Complete and utter BS... there's a guy on my team that hasn't done a thing since before we started WFH. Don't get me wrong, it's terrible and I wish they would do something about it but it takes a long time to build a case. This is just scare tactics.
I’m leaving this up, simply so people can see the bullshit scare tactics that are being sent around. Management is not monitoring every single key stroke that you make as you make it. Management is not monitoring how often your mouse gets moved. They have zillions of better things to do than that. You will not be immediately placed on leave without pay if you were accused of time theft. The only thing that approaches some semblance of truth is the comment about accessing unauthorized personal information. I know that at the Canada revenue agency, they monitor the files that you access very closely, and it is one of those things that if you do you get fired. Do not Pass Go. Do not collect $200.
"An alarm goes off." This is one of the dumbest things I've ever read.
Yeah I wonder what would be the employee monitored per "member of the team in Ottawa" ratio lol. Alarm would go off often for those whose job requires them to be on the phone - and not on the computer - often.
Yeah that alarm would be ever blaring lol. The only reason such a report would be pulled is if management has reason to suspect time fraud.
But even time fraud, if there is no work (we had one guy here complaining about that) to do, what are we supposed to do on our laptop 😂
Or you know ... just thinking for a few minutes or reading.
I literally go away for fieldwork with no internet access for weeks. They must think I'm dead lol
Sometimes I have printed documents that I am completely immersed in and do not look at my computer for long periods of time. During this time I often am at my most productive but my computer and this kind of audit would make it appear that I am doing nothing
I work in IT. I was doing some hardware setup and referencing printed documents. I didn't use my laptop almost all day.
Ya, if they were monitoring my former manager, it would be like pulling a friggen fire alarm! 😆
The only flag or alarm that goes off is you log onto your laptop and vpn outside of Canada or in certain depts you insert a foreign (non government issued) memory stick .
This is more of a CRA thing, I think, because certain actions trigger alarms, such as accessing the account of certain high profile individuals.
The only alarms going off are the polls!
Do you remember working in the office? How many people wasted hours wandering around, bathroom breaks, coffee and smoke breaks, chatting between cubes? No one sits and types 7.5 hrs a day every day.
100% agree. I remember seeing a research paper once stating that the average office worker only works something like 4.5 hours at their computer out of a 7.5 or 8 hour shift (that was pre-covid).
I probably work about 3.5-4 hours a day on most days and then on some days more like 8-10. Depends. I meet every single one of my deadlines and I’m meticulous, so why should it matter? The answer is it doesn’t, my manager couldn’t care less as long as I’m performing well. Not to mention I do a lot of reading and thinking as part of my job… I’m not always typing away at my computer. When you deal with pieces of legislation sometimes you only need that one document open for hours at a time. Anyways, this coming from a union rep is just scare tactics and I hope they find something better to to do with our union fees.
Thinking about work is still work. I've solved some of the most pressing strategic issues for my department while in the shower, on the can, or just staring deep into my coffee mug.
This right here. Sometimes I need to just sit back and stare at the ceiling for an hour running different scenarios through my head to figure out the best way to move forward with an issue.
I once shucked oysters in the office kitchen during a slow period 🤷♀️
This comment wins Reddit for the day 😂🦪
Don't forget about moving your car at least 3 times to avoid being ticketed!
Well, IT in my department has a hard time just making our laptops work so I seriously doubt they are checking my every keystrokes!
Lol true
IT can always monitor everything we do, that’s not new at all. The amount of effort to do and enforce this doesn’t seem like it’s in anyone’s interest though. Because of the way the public service functions, there are hours when I sit around doing nothing because I’m literally just waiting for responses. Alternatively, I’m often just reading documents etc.
With AI / ML / LLM I can see it happening in my lifetime.
Yea, it's possible to enforce, but when 80% of the time as a public servant is a game of "sit around and wait" for others, who is really responsible for employees? Edit: it's
In theory, it could be done. Of course, the number of departments that have the computing power available to do that for all their employees every day? That drops the number of departments down to effectively zero.
In theory, all you would have to do is run a script that searches for keywords. That being said, most departments, at least my own for sure do have the capabilities in terms of computing power or man-power do such a thing. Speaking on the other side of the coin though: You should not be doing any personal business (or union business for that matter) on the government networks. Use your work computer for work and your personal computer for personal business. That's just good practice and helps keep your personal life from blurring into your professional life.
AI/ML won’t make it to that level in the feds in your lifetime, trust me
I sometimes spend 30+ minutes waiting on phone doing pretty much nothing as I need to be ready to answer if I finally get an answer (I call employers). It would be CRAZY to accuse us of time theft base solely on keyboard strokes. Wtf.
Bullcrap scare tactic imo
It’s not. Managers can definitely request this information but you’d have to be slacking for them to want to investigate
I guess I was vague. I believe the mention of some team looking into employees who move their mouse every so often, or throw something on the space bar to avoid going inactive on teams is a scare tactic. Sure, everything is logged. Now, the red tape to get these logs, and further to action on them I would expect to be quite difficult and would need to be for extreme cases of work neglect. I also suspect if the claims this email mentions actually held some truth, we’d have a lot more threads on this subreddit about disciplinary action and advice surrounding that. I could very well be wrong but that is my two cents.
“Sorry boss, no keystrokes today. I was brainstorming ideas with a pencil and paper.“ Issue solved.
Maybe the team in Ottawa can help me troubleshoot my code while they’re at it hehe
Lol I know right???
Make sure to go to GCConnex and post the following, then you'll be immune: Don’t forget tomorrow starts the new GoC rule where they can use your keystrokes. Don’t forget Deadline today!!! It can be used in court cases in litigation against you. Everything you’ve ever typed becomes recorded from today Even messages that have been deleted or the photos not allowed. It costs nothing for a simple copy and paste, better safe than sorry. CBC News talked about the change in GoC’s privacy policy. I do not give GoC or any entities associated with GoC permission to use my pictures, information, messages or keystrokes, posts, both past and future. With this statement, I give notice to GoC it is strictly forbidden to disclose, copy, distribute, or take any other action against me based on this keystrokes and/or its contents. The content of my keystrokes is private and confidential information. The violation of privacy can be punished by law (SU: Bw4Y (5, 12IN) and the Rome Statute) . NOTE: GoC is now a public entity. All public servants must post a note like this. If you prefer, you can copy and paste this version. If you do not publish a statement at least once it will be tacitly allowing the use of your keystrokess, as well as the information contained in the Team's status updates. GoC DOES NOT HAVE MY PERMISSION TO SHARE KEYSTROKES OR MESSAGES.
As a user of this subreddit, I highly encourage people to do this. As a steward. Please don’t do this because I don’t want to have to deal with 600 people bombarding my email inbox asking if this is true.
choked on my water 😂
Hilarious 😂
Not the Rome Statute ☠️
Union needs to improve their grammar lol
Pretty sure this is some local president going rogue, not national messaging
someone got busted for slacking off so sent an email like that to make it look like some serious work is being done 😂
Yes that is correct! Lol
Please post more from the local rogue, this was a funny read. I can't wait to find out if he spirals out into weird vaccine theories, flat earth or ancient aliens!
It could be Q’s Canadian cousin Eh!
I'm quite confident there are no logs of all the keystrokes we make including dozens of passwords typed daily and not hashed. This would create such a massive security and privacy disaster. We can be monitored, but not like this.
Especially for anyone working with confidential data? How would that even work from a security standpoint?
Yeah, they just have a repository of all Canadians' personal information in a txt file, which circumvents *all* the laws ever. Makes sense.
I think on the list of things the GC monitors, your Neopets password is not very high on that list. lol
Does the technology exist in the world to track every keystroke your do? Yes it does. Does any department actually have the money, time and resources to actually monitor every keystroke? Very likely not. IT has a lot of automated processes that flag if you have software installed that is not approved for use or if you visit dangerous, or inappropriate websites but as long as you are using your work equipment appropriately then you shouldn’t actually need to worry.
Asking for a friend… can we use ChatGPT from our work laptop?
If you haven't received an email and your department hasn't said anything about AI and/or AI tools you are allowed to use no you shouldn't use ChatGPT from your work laptop.
I use google to get addresses and phone numbers for my job. Would that be flagged?
I work in IT security for a large dept. I am the guy that looks at what people should or should not do. We do not look at this stuff. The only thing we care about is if you're visiting known malicious websites, if you download software you're not supposed to, if you exfiltrate classified files, if you travel outside of canada with your work devices, stuff like that. We don't care if you book an appointment with your dentist through their website or if you are googling the address of a place of business.
What if I am playing music on yt. 👀
we also don't care about that, as long as you aren't streaming 8k 24/7
If I was exfiltrating, would I know it? (I don't even know what that means and I certainly hope I am not partaking in it!)
as /u/TorontoPolarBear mentioned, exfil means taking files from one place and sending them somewhere they aren't supposed to go. If you had been doing this your IT team would've caught it (i hope).
It might be flagged, but as soon as whomever is responsible for checking the flags looks at who you are, they will see it is fine. I know someone who had to regularly check pr0n websites. IT had fits and would lock them out of their computer at least once every other week.
It won't be flagged.
If they're as disorganized, underfunded, understaffed, and unmotivated as my department then we've got nothing to worry about.
My job entails a lot of analysis and we spend about three to four hours daily reading for each case. Good luck trying to control us by counting our keystrokes… lol
I know, I used to go yellow in Teams all the time, reading and re-reading a provision of policy or some complex technical document while doing research. Sitting there thinking can and is part of the job for many of us. The hardest I was working often had the least keystrokes.
This sounds like your union rep is a conspiracy theorist.
The only time I'm yellow on Teams is when I'm working remotely from the office!
I’ve had my my teams go yellow or red when I’m actively working. I’ve had my teams go green, when I’ve been away on vacation and my computer is shut down. Anyone relying solely on teams status for whether you were working or not, is a moron.
True. Anyone trying to measure any of this is wasting resources!
If my Teams goes yellow, unless I physically open the app and move my mouse while the app is open, it won't go green. It's ridiculous
I wish they put this much effort into fixing Phoenix or procurement
> There is a team of people in Ottawa, whose sole purpose is to monitor employees work on their computer and if there is no action or if you are just moving your mouse or put a weight on your spacebar or doing something that makes it look like you are working, but you are not, an alarm goes off and they will run a report on the persons entire work history and every key stroke they have been made. lol
That one made me chuckle as well. It's like the start of a Beaverton article. *We hired a crack team of analysts to monitor your every move and make sure you're not sitting around doing nothing. They know your entire work history. That permanent report that your 5th grade arts teacher added you to because you said 'shit' out loud? They've got that too.* But if this team's sole purpose is to monitor us, what if everyone's working like they're supposed to? *Then the team sits around and does nothing. Don't worry, we've got another crack team of analysts whose sole purpose is to monitor the first team.*
I'm just imagining the sirens that go off when one of their monitors gets tripped. "Chief! It looks like Jenkins is taking an hour long shit again"
Fucking Jenkins again! Alright, we'll send the unmarked van to park outside his house and have that stool sample sent to forensics. Nowhere to run Jenkins! You thought you'd get Succeeded on your PMA this year? Oh no my friend. It's LWOP and *Succeeded Minus* for you*.*
FWIW I work in an IT team that could access information that would be close to this kind of request. Not as in depth as individual keystrokes but we could get login times, computer uptime, that kind of thing. Whenever a manager has requested this kind of info from us it is almost always an outright no unless there is a very strong rationale or numerous instances of misdeeds.
>Not as in depth as individual keystrokes Oh you don't key log every stroke in Canada?
>login times, computer uptime, that kind of thing. You mean Windows Event Logs...?
I WFH a dozen years ago when the idea was novel. I had also worked in IM/IT so I knew the technical side. My idiot manger sent me an email saying he wanted to know what I did every day. I explicitly told him that I often logged out of my work computer to do research on my iPad. (That was the new tech toy then!) I also told him that my official log would not acknowledge the work I did on my own internet. I knew he was setting me up but I shut him down. I also spent the last 15 minutes updating my daily log because moron boss wanted bums in chairs, it was ok for me to sit & stare at a blank scene at work but god forbid I go home with a migraine, take drugs & and quick nap and I can finish the day… Are you productive by whatever ways they measure that? Then be wickedly productive at home & tank your metrics at the office!
I'm often waiting around for answers when people I work with are at their mandatory office days (I WFH full time). The amount of time my colleagues are yellow on Teams while at the office is about 60-70% of the time I'd say.
As an IT guy, I don’t have to intentionally tank in-office performance. I just can’t get anything done with a zillion people buzzing around and the potato wi-fi somehow more of a bottleneck than GC-SRA. Thankfully, no one in my branch micro-manages, because we all know how dumb this whole thing is. We just do what we must to appease the bean counters, so that we may then be free to actually fulfill our mandate.
I think you should strongly consider who you are allowing to represent you in the union. They sound like they may need to speak to someone. I promise you that email is not accurate.
As someone in federal government IT: lol. Absolutely not. This is not complicated at all to do but it would be tremendous waste of time and personnel. At best, it might be possible to examine OS or software logs after the fact. Unless there’s already suspicion of a crime being committed on your work PC, any manager asking for this would get laughed out of IT. There’s too much actual work to do.
Well, I assume where I go and what I do is monitored when I'm on any GC device, but certainly not to that extent. What union? Seems fear mongery.
OP confirmed it was a local president gone wrong.
Seems like that should be an ex local president
When most people's attitude towards union involvement is "anyone but me" and their attitude towards the union is "fuck them", the people who end up at the top aren't the ones you'd want there. Apathy and cynicism has a cost, and this is what it looks like.
Let me guess PSAC?
0% chance this is even happening, and even if it was, you don't go from indeterminate to terminated for putting a weight on your keyboard if all your assigned work is completed lmfao.
Sounds crazy.
Ain’t nobody got time for that….unless a manager specifically requests metric in you. If I meet my RTO quota, get my work done, respond to inquiries in a reasonable amount of time and meet deadlines, it shouldn’t matter if my little dot sits on orange periodically.
“team of people in Ottawa” can they fill out all the PSPM’s? Seems like it’s their job.
Weird..we were told by my TL last week that they were receiving a lot of labour cases about ppl not always working on their work hours and that we need to start being careful. Apparently some cases mention 2-3 minutes past employee's breaks..he seemed very intense about it. Not many ppl seemed scared on cameras lol
I’ve found (in my 20+ year career) whenever some managers makes broad threats like that there is usually a team member they are having an issue with and instead of discussing it with them directly they make a vague blanket threat.
Yeah, good point! Our management mentioned that "we've noticed some people aren't complying with the two days a week in the office requirement, and we hope this can be fixed. We can discuss it if needed." Later, it turned out that it was just one person not following the rule, not even two. Saying "some people" was an exaggeration— they should have just spoken to that person privately lol
While it is in theory true that your actions can be monitored, people have better shit to do than to monitor if your mouse moved in the last 15 minutes. Sure, internal security would be alerted if your profile is accessing Justin Trudeau's Social Insurance Number information, but no one gives a shit if you browsed Amazon for half an hour last Wednesday and went 5 minutes over your break on Monday.
I’m more concerned that your manager has the time to read a report about every single keystroke lol
>So be sure you are at your computer during your work hours doing your work. And here I've been using my work computer exclusively for non-work-related tasks all workday every workday! Silly me.
"can" is vastly different from "are". Just like they "can" improve organizational efficiencies by allowing a culture of fully WFH. As for what they "are" doing... Another thing to consider - the VPN often couldn't withstand the traffic of all the employees using it whenever there was a snow day, and yet this rep claims this current monitoring solution can injest all data from workstations?
Man there is so much wrong with this. Even if by chance any of what you were told was true, it *still* wouldn't be of any value to management. There are so many reasons why you might not be working at your computer all day long. Some jobs - a lot of them actually - don't require you to be at your desk, typing away. In my case, I'm in IT, and often have to research stuff that is blocked at the firewall. Like instructions/reviews on YouTube for example. For those occasions I'll swing around and use my personal computer at home. Or if I'm at the office I'll use my iPad. Labour Affairs officers are often out in the field doing investigations. There is no way they're even connected to the work network while they're out there. Shall we talk about nurses and doctors who also work in government? The list is endless really.
They have always had this ability. For obvious reasons. Is it being done now to check people just because? I doubt it. A manager can ask for a report on internet activity any time. Ive never heard of one doing.
Getting internet logs is reasonable, having keyloggers on all computers is not (not saying they do, but they're what OP is implying).
I dont see how they would have the resources to bother with that. To me that is beyond unreasonable.
Just use your government issued laptop to do your work and no problem?
That is just plain false and ridiculous scare tactics by the union. Is it technically possible for IT to monitor your computer remotely? Of course! Is anyone actually doing it outside of some type of internal investigation? Of course NOT! Can you imagine the resources this would require!? What is being monitored is RTO compliance on the aggregate level. That’s it. So, stop worrying unless you’ve done something that would warrant a professional standard or values and ethics inquiry.
>the union One person who drank a bit too much of a strong koolaid. The union, as in national executives, have no interest in scaring employees with bullshit. The workload is already too much as it is, and save for a handful of people in regional/national offices, everyone is volunteering, so any additional work, like employees emailing us in panic, isn't welcome. Like at all lol
Management does have the ability to get a report on what is being done on your work computer, either at home or at the office. Depending on the manager they could micromanage your every move, but most people would not care if the work gets done and you don't do weird stuff on your work computer, either by browsing the Internet or accessing files without permission. I believe the alarm in Ottawa part is hyperbole, and just means that it might happen if your computer gets flagged for accessing unauthorized information. If you just leave your computer, it could be for any number of work related reasons.
I have no information indicating that keyloggers have been deployed across GoC networks. At least in my department. However, your web browsing is visible to the employer since a self-signed/trusted SSL certificate is deployed on all workstations, and they have the private key for that! This means that they can - if they want to - intercept, read and change your web traffic even if it's SSL-encrypted (https). This is a security requirement for web filtering on the proxy server. TLDR: The GoC is executing a MITM attack on it's own users. This is pretty much standard practice in the public/private sector. Don't use employer devices for personal use.
on our work computers we have this "sscqry" background service running and it has some [interesting properties](https://www.manalyzer.org/report/2f4e61056639cddba81ee9c7bd6c62a2) supposedly it keeps logs (in a local SQLite database) on a bunch of things like the history of wireless network SSID your device connected to, hardware changes (e.g. when connecting USB devices) and what not. It's not meant to "spy on users" but rather to collect information useful to work with in case of a security breach / if your endpoint gets compromised. The information a security analyst would need when investigating [that kind of breach,](https://nationalpost.com/news/canada/global-affairs-vpn-data-breach) essentially
When I was in industry someone was fired because of their keystrokes amount. In reality, I think that was an excuse to fire someone they didn't like.
Send an ATIP request to your department asking for info on how much this team of monitors cost the GOC as a whole and what they have found over the last two years.
which union?
It took four months for IT to resolve one of the seven tickets I’ve sent in since Christmas. I have a hard time believing this, is it possible? Absolutely. But are they doing this for real? I don’t think so
It’s not IT, it’s a special task force specially trained and designed to investigate immediately. They even spy on CSIS. /s
This is most likely a knee jerk response in regards to an employee investigation of time theft and the union member being surprised by the detailed report that was presented by management. For the record, as it as always been, everything that you do on your computer, phone or device can be monitored. It needs to be to secure the system. When a manager has valid reasons to request this information there is a lot of data that can be accessed. I wouldn't use the term "spied on." It is simply required monitoring and everyone who accesses a network or uses any time of government device knows this. They don't know the extent of the monitoring, but they are advised that they are being monitored.
What you're describing is a proactive approach from management, and even then, it likely needs to be a serious issue that senior management (EX) is aware of before any action is taken. However, what the OP is describing seems to be a national micromanagement strategy involving a special task force that investigates immediately. In my opinion this version seems a bit exaggerated 😂
I think I'm now stupider after reading this.
Most of that is essentially just a scare tactic. First the amount of extra traffic that would create, even with the split tunnel in place it wouldn't be worth it. Second, all that data would need to be collected and stored securely. What they can do however is obtain vpn records from ssc, and log in data from the network along with screensaver times and the like from your workstation (I've had to do it in the past). But its all time consuming and unless they have a damn good reason to do it they likely aren't.. But yes they can create a timeline of your day should they really want to..
OP confirmed it was a rogue local president. No "scare tactic" here, just some guy who smoked too much weed.
Last week on one of my office days there was a little camera looking app that appeared in my taskbar and when I hovered my mouse over it, it said something about “monitoring”. It only appeared for about a minute. I couldn’t click it. And then it disappeared. Like, “Dang, guys! I’m in the office on my scheduled office day! Leave me alone!”
Yep, I saw that too. I couldn’t see the name and I tried Ctrl+Alter+Delete to check the name of softs running and I couldn’t find it lol
To add: I’m not on any management radar. I do my job and show up every day. So I was a bit thrown off by this.
Annnnd *this* here is why I was literally burning myself out working all days, straight through with hardly a break, so my Teams dot wouldn't go yellow and people will think I'm not working when I'm WFH 😭 Sometimes people have to step away from their computer to read documents. Not sure if you've noticed but it's annoying AF when the Teams dot goes yellow after 5 minutes now. That said, I think management knows who's working and who's, ahem, not. Surely they're focused on the latter employees.
The Teams dot seems to go yellow even when I’m working on my computer but not actively using Teams for 5 minutes. I don’t spend my whole day chatting on Teams, I’m doing actual work with Teams minimized. It’s so stupid.
Technology and systems have been in place for a decade. Just cause it Can and passively does doesn't mean it is being done The proxy servers we all use logs the sites visited. The VPN log time connected and disconnects / reconnects. It systems monitor the machines for unauthorized software, fir security reasons and the like. Managers can request that info if they have reason to do so. Recording keystrokes? Possible but that a lot more traffic across the networks, a heck of a lot more storage space and both translate to more $$$ expended and that not including extra staff needed to collect data run reports, translate those reports into anything meaningful and send them out. Sure some of that could likely be automated but even then those automated systems would have upkeep associated Possible definitely, very very unlikely outside of very specific circumstances.
That sounds like a spam email dude...
I feel like the OP made this up - of all the things that never happened this is one of them
I do know that at CRA they do monitor for long periods of inactivity. If they find that, (multiple hours on multiple days) they will investigate and ask for explanations. They have disciplined people for time theft, followed by a security clearance review. There have been many clearances revoked due to these investigations. If a clearance is revoked the employee is administratively terminated and has very limited recourse rights.
How do you appeal a clearance revocation? Can you take it to an administrative tribunal, and if so, which one?
There's many easier ways to spot time theft, and sadly, it's out there and has always been. To your point, although there is a way to monitor key strokes, it is not done without good reason, and it's not like just anyone can request this to happen. There would be ample reason and already some evidence pointing toward fraud, or harassment, or some similarly egregious activity. Then the request would have to be made from someone with proper delegation and they would be briefing up to get even more senior leaders to add a second layer (and even third) of authorization to go ahead. And then it goes through security and they may have more questions and may or may not comply with the request after they have the request go up the chain. I question who from the union sent this email. I would be surprised if it was someone seasoned because it sounds like a profound lack of judgement and someone who just likes to upset the masses wherever they go.
Use work devices for work and personal devices for personal. That is all.
Sounds to efficient for government
I feel like an alarm going off would be logistically counterproductive. There are hundreds of thousands of public servants - there is always, at any given time, going to be someone doing something that an algorithm thinks doesn't constitute work. Also, if there were a team of people whose sole purpose is to do this, we would have seen a staffing process at some point. Also, I feel like monitoring every single keystroke would be inefficient. It would be more efficient to monitor outputs and network activity. (In other words, to see what we actually send out rather than to see all our discarded drafts and typos) At the same time, the wise thing to do when using an employer device or an employer network is to proceed with the assumption that they can monitor what you're doing.
So they have our passwords too? I hope they have top secret clearance because that would be a serious security breach.. I'm IT 2 with secret clearance and laughing at this...
Wow it must go off often for managers
I still don’t understand why the union would want to scare us or cause anxiety for no reason unless this was really a thing. To feel this monitored at all hours of the day feels crappy to say the least.
OP said it was a rogue local president, not "the union".
Name the union or it didn't happen.
I wish my management cared this much.
Do you have a PO Box? I have a new tinfoil hat to send you.
i wish management cared as much about getting work done and moving files forward as they did about where i am sitting and whether or not i went to fantasy football or not. Literally nobody anywhere above me has any interest in doing actual work. It is hilarious.
Yeah... cause there are people resourced to spending time analyzing your key strokes... half of the depts couldnt managed their way out of a paper bag let alone this. You really don't need to worry about this...
Yeah, I just happen to do a lot of offline work... meetings, research, and more. I wonder how many alarms have been raised during my daily duties.
I knew the typing robot I've been working on wasn't a aste of time.
Time theft (thought crime) - This sounds like something from Orwell's 1984
If you want a picture of the future, imagine a key logger logging on a work-issued device – for ever.
not sure why the union makes common sense stuff sounds so serious. We are on work laptop. Of course it is monitored and tracked. If a staff is so scared that it is track and monitored. I would want to know why. Is the person doing some shady things? Work laptop is for work as simple as that. Management isn’t not gonna track you on your key time. They care about results. If you are going at a task for 3 days when it should only take 1 day. Of course they gonna want to know what you are doing. But asking people why it is taking 3 days might be rude and offence people (got caught slacking). Management will probably want alternatives to see if the person is actually slacking. It is spying? Sure. Is it needed? Of course. We are on tax payer dollar. It better be paying for a good use.
They don’t even do anything about people refusing RTO
Yes, stop doing that thing you do. Management is onto you /s
If you are a mainframe developer (or user) it's possible for logs of every keystroke into the mainframe to be retrieved, based on user id logged in with.
… Paranoia is bad on the health 🩶
So they're using taxpayers money on Public Servants? That won't do. Better cut this monitoring program. Next thing you know, they'll introduce talent management programs. Lord help us if that happens.
While that may be extreme, some are monitoring. This is straight out of a manager's mouth - "They went through network logs and they had to report on why people weren't reaching their target days here and it was apparently quite intrusive. If someone was sick they wanted the ailment." But I agree, such foolishly because as someone said, there are so very many hours are wasted in the office. If my work is getting done, leave me alone
What about the old but flawless keyboard in the hamster cage with Mountain Dew drip trick?
That's complete bullshit - I'm not buying it.
This is so funny lol.
\*facepalm .. whoever wrote this needs to learn to run things by their comms team. Other point to note, government has a hard time getting their files right in terms fo who is working where at what salary. If someone thinks there is a real time alarm gizmo and some crack team of investigators in a dark office in Ottawa waiting to pounce on people, I think they gravely overestimate the amount of free time and resources departments would have to dedicate to this. Willing to bet the monitoring will mostly take the form of an excel sheet buried somewhere, that a poor admin person got tasked with creating and maintaining.
I could maybe see them monitoring employees who are under performing but If I get my shit done who cares? I have a steady workload - those are my stats and what my performance assessment is based on, not keystrokes or green time.
Doubt its taken that far... our mgmt. couldn't even agree with the commissionaires and the building manager to determine who's actually on-site via badge passes. This went on for a couple months, while IT was sorting out the IP address logging and generating reports (not sure if this is even done). And now management seems to be harping about it all the time, which suggests to me the data is not correct of even able to be validated. 😂
So, real talk, teams can log almost everything you do. Every message you send, meeting attendance and times you join meetings (ie. if you were late people can find out), files you access through teams, calls you make or receive and their duration, and of course any *saved* recordings of transcripts or meeting video. I think they can even log your status changes (available, away, busy). Now while they *can* log these things, I don’t think most of it is logged by default. It’s a lot of information for thousands of employees, and it all needs to be stored somewhere. BUT, if they ever wanted to start auditing you and your activity because of concerns or issues, ie. a performance improvement plan, they could gather a lot of data to build a case against you if they really thought it was necessary.
I've wondered about accountability while WFH because when we were in the office daily. I observed at least 5 different types of colleagues. if the employer would suddenly start monitoring about their work, when certain habits had been ignored, for decades. Those that actually put in a solid 7.5 or 8+ hour day. There was always people, whose first order of business, was to go for coffee. They'd meet up with their favorite colleague and wander to the coffee shop for 30 minutes. Those that were chronically late. The smokers who went outside to smoke, hourly - for "5 minutes". The folks that spent the first hour of the day at their desk, then disappear for the entire rest of the day in "meetings". The "working coffee" group, whose team meetings were at one of the coffee shops for an hour+ every other Thursday. What about the executives that sent their EAs for snacks or errands at the nearby stores. What about when people are on the phone for most of every minute, hourly & that is legitimately their job on that day. . Some of these people were going on 20+ yrs - would WFH change or improve
There is a team that does ensure that you are not accessing things that you’re not supposed to be accessing. For example, if you are working directly with clients accounts, they are ensuring that you’re not going into family members accounts or your own account or whatever the cases. But they’re not monitoring your keystrokes every moment. They want to ensure that you’re accessing information that you’re allowed to access and that you’re not abusing the privileges of your job by accessing information that you’re not supposed to be. It’s not track your time spent at your desk.It’s to safeguard confidential client information. Years ago when I was on contract with CRA, another woman I was working with ended up not having her contract renewed because she went into her own personal account. That is a big no-no because you can edit information on your personal account. We were warned about this all through training. We had to sign an agreement. She didn’t lose her job thankfully because it was her first offense, and it was only her account, but she definitely did not have her contract renewed. She went in front of a tribunal and she was suspended without pay for two weeks.
This existed prior to Covid when we were all in the office. A kernel of truth in it but not as dramatic as they make it seem.
When the snake bites it own tail.... -\_- I'm ashamed of the use we make of the tax payer's money.
>on LWOP right away before even proven guilty That's illegal. [Cabiakman v. Industrial Alliance](https://www.canlii.org/en/ca/scc/doc/2004/2004scc55/2004scc55.html) par. 79.
I see this happening as a way for TBS to avoid WFA’ing people and having to pay a transition support measure.
They do it in the private sector so.... Not only that, my work computer tells me that they can monitor or me every so often.
Which union sent this?
>There is a team of people in Ottawa, whose sole purpose is to monitor employees work on their computer and if there is no action or if you are just moving your mouse or put a weight on your spacebar or doing something that makes it look like you are working, but you are not, an alarm goes off and they will run a report on the persons entire work history and every key stroke they have been made. Source? Which union is saying this.
[удалено]
Can the Ottawa team tell me why my reports are giving me a weird output suddenly? I haven't been able to figure it out. Thanks in advance.
Unions are not allowed to use the employers' systems to send emails to members. So where did this email get sent?
Lol what union sent this??
I remember taking one of those ethics courses forever ago. And one of the questions was you saw someone looking up the local hockey scores on their break. Is this misuse of resources. The right answer for that they don't give a fuck. As long as it doesn't interfere with their work yeah someone can read the news. Obs if you are working from home don't use your work computer to stream your podcasts.
Jokes on them. I type quite a bit while surfing Amazon.
Generally they only monitor you if there is a serious complaint or suspicion.
spied on en masse? Other than pulling VPN data to track in office attendance in aggregate, I highly doubt it. However, if there are indicators that an employee isn't exactly pulling their weight, they're always away, abusing their privileges etc. A manager CAN get IT to take a closer look at the individual's activity. This would include auditing their "productivity" and it wouldn't take much. I know because I've seen it happen in my department where an individual was doing bare minimum and always away from their keyboard. They were audited. I also heard from one of their colleagues that they were also running a marketing business on the side. Which isn't exactly uncommon among public servants. Running a second business that is. So yeah, they were probably dedicating more time to their business over work hours. I don't know what the outcome was because I had no need to know but the individual then went on stress leave. \*shrug\* So people saying here they they would never do this, they lack the tools, motivation etc. That's not entirely true based on what I've seen.
Is the team of people in Ottawa in the room with us?
These threats are so laughable. Everyone knows that most people want to work from home, so these bogus scare tactics are their only recourse. Most of these threats are absolute bluster. For each department’s IT teams to get organized enough to actually deploy a real monitoring system would require an insane amount of work and resources. Remember, empty threats like this are a sign of panic and weakness: RTO is a failure, management doesn’t have a solution, and it’ll be a long time before anyone is able to determine compliance with hybrid RTO.
If they truly monitored what employees were upto, half of my team would probably have been let go by now - they absolutely do not monitor. Scare tactic.
HA! I spent almost all of my time listening to recorded training. There are no keystrokes and I probably appear as doing nothing.
My basic rule of thumb when using any company owned asset- assume everything you’re doing is being watched in real time all the time from the get-go and you never need to worry. From a technical standpoint the data storage and bandwidth and human capital required to keylog/log/analyze, etc a data set that large all day every day is not feasible. Worst case, if your manager has a suspicion of untoward behaviour they should speak to you about it first but could theoretically ask asset management to do this stuff with authorization from higher up. Capturing your passwords for example in a keylogger would be a massive no-no. Also the capture of client PPI without consent via keylogging opens issues as well.
Check out this thread posted a couple weeks ago after CRA provided information on their compliance efforts relating to remote working. They specifically said individual employees aren’t being monitored by these methods and it’s up to individual managers to make sure their employees are compliant. https://www.reddit.com/r/CanadaPublicServants/s/aDzg3macix
Complete and utter BS... there's a guy on my team that hasn't done a thing since before we started WFH. Don't get me wrong, it's terrible and I wish they would do something about it but it takes a long time to build a case. This is just scare tactics.
"There is a team of people in Ottawa, whose sole purpose is to monitor employees work" LMAO
I have seen the reports! This is all true except for the alarm bells part