Is criticism of Moderators a bannable offense?

[D_B]

[REPORT] bad post





OK, I'm sorry, I just could not resist

 

[mike_s]

The line between troubleshooting and invasion of privacy is very fuzzy. I've been doing system administration for 10 years and I'm still not sure exactly where the lines are drawn...

The Privacy Act covers that with government systems that are administered. Most private systems fall under the same laws, unless the terms of service agreement states otherwise. (Believe it or not, we have to take lenghty boring classes on this at work...)

The "fine line" is whether a) you are invading someones privacy intentionally or b.) targeting them individually for violation without reason (supeona, etc).

Pete's already said he does't allow 'browsing' of PM's (invasion of privacy). I'm sure he doesn't allow 'targeting for violation' either.

 

[CBulla]

Mike, you are correct.

 

[The Chairman]

Well, except for you mike_s. We share your PMs in the back room all the time. What a hoot!

Just kidding of course. We are pretty stingy when it comes to giving ANYONE rights to get near our data base. I made a promise that I intend to keep.

 

[lamont]

The Privacy Act covers that with government systems that are administered. Most private systems fall under the same laws, unless the terms of service agreement states otherwise. (Believe it or not, we have to take lenghty boring classes on this at work...)

The "fine line" is whether a) you are invading someones privacy intentionally or b.) targeting them individually for violation without reason (supeona, etc).

Pete's already said he does't allow 'browsing' of PM's (invasion of privacy). I'm sure he doesn't allow 'targeting for violation' either.

Legally it may be obvious, but in practice when I'm going through files because filesystems fill up looking for someone's files to delete, I could easily invade someone's privacy accidentally...

I also frequently use administrative rights to become other users to debug issues (very similar to the case in question) and could stumble across sensitive data that way...

It might be legally defensible, but I would prefer to not be in a situations where I knew anything about user's private data... I guess I may have a higher standard towards privacy than the government or legal system does...

 

[mike_s]

Legally it may be obvious, but in practice when I'm going through files because filesystems fill up looking for someone's files to delete, I could easily invade someone's privacy accidentally...

I also frequently use administrative rights to become other users to debug issues (very similar to the case in question) and could stumble across sensitive data that way...

It might be legally defensible, but I would prefer to not be in a situations where I knew anything about user's private data... I guess I may have a higher standard towards privacy than the government or legal system does...

Well that is within the scope of your job. So it is legally defensible.

However, if you stumble across something such as kiddie porn on someons private data files while executing your job duties, you are bound to report them. You do not continue the investigation "yourself" as you could now be tainting any evidence on the system. This is where you report to your Information Assurance officer, CID, or the appropiate authorities.

However, if you one day just go in and decide to see what files a user has on their private data area without justification, that constitutes a violation of the Privacy Act. If you target your search on one person w/o reason, then that is considering 'targeting' of them and again a violation of their privacy.

If you notice that most systems have a banner warning that you have to click OK and agree to consent to monitoring on company/corporate/government systems. This allows more monitoring, but does not allow invasion of privacy. Believe it or not it's been challenged in Federal Court and the challenge was upheld.

 

[lamont]

Well that is within the scope of your job. So it is legally defensible.

However, if you stumble across something such as kiddie porn on someons private data files while executing your job duties, you are bound to report them.

I haven't found kiddie porn, but I have found evidence of porn surfing before and I reported it and the whole thing gave me a fairly bad taste in my mouth. I don't like doing actual policing. Of course if I find it and I know its going on I open myself and the company up to legal exposure if I know its happening and I didn't do anything about it. I prefer not to look and not to know, but if someone is stupid enough to get caught I'll compile evidence against them.

I do get proactive about people violating security and often go out and find setuid binaries that software developers are using to get root on servers. That isn't a privacy issue, though...

 

[RS]

Yeah.

Huh??

 

[Hammerhead]

But it still gets me back to the point, why is it any of anyone's business other than the banned member and board.

I might be being a bit ignorant here (far from the worst of my flaws...), but if the banned member is banned for something he / she posted in a public forum, where does the issue of privacy come into it?

e.g. I post picture of my winky, someone objects (not sure why one would, of course ), mod investigates reported post, finds my winky-pic and bans me. As I first posted the picture publically, how can I complain if the mod answers any question regarding my banning with "well, the silly so-and-so did post a picture of his winky..."

 

[Azza]

A winky? Man...where's your self esteem. Its called "Big Boy"... not a winky.