Helping people with computers... one answer at a time.

If you have to ask, you probably don't want to know.

Download the mp3


This is Leo Notenboom for

An incredibly common theme for questions I get has to do with privacy. How to maintain it, how to break it, and when it's reasonable to expect it.

This week I got, once again, the question: "Can my employer track what I'm doing on-line?".

The answer? "Of course they can".

So can your ISP at home. Or your school. In fact, anyone providing your internet access can, if so inclined, peer into your surfing, IMing, gaming, or other on-line habits. It's not even that hard if you have the level of access that your these service providers have.

They key is that phrase: "if so inclined."

Now, most of us are not nearly as interesting as we might think we are. By that I mean that while your employer, school, or ISP could snoop in on you... would they really bother? Most of us just aren't that interesting.

Of course there are a couple of exceptions. If you're doing something illegal, for example, the government could force your provider to trace or snoop on you. We've seen illegal music downloaders get caught this way.

"Just because they can watch you doesn't mean they are."

The work place has an extra level of concern as well: because you're using their equipment and connectivity, they have every right to restrict and monitor what you do even if what you're doing is perfectly legal. The most common monitoring is probably to verify that you're not goofing off on company time. But if you're doing something against company policy, for example, they might also notice. They might see that you're emailing the competition or maybe using certain internal code names in external communications. It's even perfectly legal for them to install spyware on the machine that they own but that you use in order to monitor what you do on your computer.

So how do you maintain some semblance of privacy if your provider can watch?

First off, be realistic. Just because they can watch you doesn't mean they are. In a sea of thousands upon thousands of customers, your data is probably just so much noise to your service provider.

Second, live up to your employer's or school's expectations. If they have a policy against non-work or school related internet use then save that for your own time.

If you are concerned about your privacy you really have only two choices: don't do things that you'd be concerned about using providers you don't trust, or try and hide what you're doing using techniques such as encryption. Unfortunately in the latter case, your provider may not see what it is you're hiding, but they will be able to tell that you're hiding something.

I'd love to hear what you think. Visit and enter 11479 in the go to article number box to access the show notes and to leave me a comment. While you're there, browse over 1,100 technical questions and answers on the site.

Till next time, I'm Leo Notenboom, for

Article C3023 - May 13, 2007 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

Tony Webb
May 18, 2007 10:05 PM

I'll give the same answer as Leo - Yes employers can track your activity. I sell what is know in the trade as 'content filtering software'. Its stops end users doing anything that is non business on company machines and company time. For web filtering the product works from a database of millions of categorized URL's. From this they can grant access to business related sites and stop non business related sites from being requested. It will actively block and report, on individual users, groups or domains activity and can be scheduled to send reports to heads of depts, HR etc. It even has a catagory for proxy avoidance for the hardened end user. Obviously rules and policy can be set to allow users to surf during their dinner if they require, as long as the sites visited do not cause offence to anyone, porn etc, to a colleague or compromise the integrity of the network, spyware and viruses etc.

September 11, 2007 7:40 PM

Thanks for your answer.
Can the employer retrieve my old emails once I have trashed them?

Leo A. Notenboom
September 12, 2007 10:53 AM

Hash: SHA1

Yes. An employer could certainly set things up to retrieve your deleted emails.
Most commonly, I would guess, by capturing them all before you even see them.


Version: GnuPG v1.4.7 (MingW32)


June 30, 2009 1:17 PM

can my employeer read my yahoo,aol,msn, etc, emails?

May 11, 2010 8:43 AM

If my work laptop is attached to my home network, what is the best way to ensure that my employer doesn't see the rest of the network?

If you're seriously concerned, I'd use a second or third router, as in How do I protect myself from my children?

David Ziegler
May 11, 2010 12:00 PM

Thanks, Leo.

I'm glad you made the main point. It deserves repeating:

Your employer owns the computer, with all its capabilities, you use at work. Therefore, your employer has every right to monitor it for any reason or no reason at all.

It may be a PC, but it's not your personal computer.

May 12, 2010 1:19 PM

If your employer is paying for the computer, and the Internet access, is it not reasonable that they expect it will be used for work? Also where you are allowed personal access, is it not reasonable that the employee will not visit sites which may bring negative publicity to the firm? Think of two recent examples, the McQaurie bank employee accessing pictures of a nearly naked supermodel on his computer, while behind him, a fellow employee is doing the nightly financial news broadcast, so instantly this is broadcast Australia wide. Secondly the whole world now knows that one of the large financial houses were doing porn on the Net while the GFC was in meltdown around them - Nero fiddles while Rome burns? Is that a place you would feel safe for your money? If you don't want your employer to monitor your computer use, use your home one, and visit what you like, where you like, when you like.

May 13, 2010 2:09 AM

It is worth mentioning that companies most often have privacy policies or general IT policies that are shared upfront with all employees who, in return, are obligated to sign on these in agreement before start of employment. Such policies would admit to these "snooping" behaviors or "the right to snoop" in the event of suspected employee behavior. Bosses must be clear about this however because it pre-warns employees and deters them from misusing company resources.

John Doe
May 25, 2010 10:13 AM

Just use if you feel you absolutely must handle some personal business on your work computer. Yes, your employer will be able to see you went to the anonymizer site, but everything you visit through the anonymizer portal will be invisible to your boss.

May 26, 2010 11:35 AM

Its ok that the facility is being provided by the employer and so on,but is not the fundamental priviledge for the user to get his data safe for his it not a sort of enchroachement in some bodies privacy.
Kindly suggest some means to check such intrusion.And what should be checked on the machine to confirm such intrusions.

You cannot conclusively check for or rule out monitoring, you must simply assume that your computer and your communications can be tracked.

September 27, 2011 2:41 PM

This sort of answers my question but not fully. What about if you are using your personal computer at work? I am using the company's internet, which is allowed after business hours, since we actually live on site. I am wondering if my employer can see what sites I'm visiting even though they have no access to my computer?

Mark J
September 27, 2011 9:57 PM

Your employer can see any activity that happens on their network.

AN Other
October 30, 2011 4:27 PM

Employers CAN track you; but if you are allowed to surf personal things, keep it strictly to "clean" stuff, like news websites, PCPro magazine, the local newspapers, AutoTrader (as examples).

However, be aware the logs are deleted after a fair period of time, usually 6 or so months, but it varies.

May 22, 2012 8:27 AM

If you work from home over a VPN (virtual private network) using your own computer, can the company track what you are doing when you are not connected to the VPN? My understanding is that for company laptops, once you connect back to the company network, it will download all activity that was on that laptop. Just was not sure if something similar was the case for personal computer when you connect to the vpn. Is this still the case if you delete the internet history and cache as well?

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to to ask your question.