Personal and Business Uses for Keyloggers.

Would you like to use a keylogger to spy on your spouse?  How about your kids?  Is it legal?  Can an employer use a keylogger to monitor employee computer activity in the workplace?

Usually, when I am discussing keyloggers, it is the kind of keylogger a cyber-criminal would use, and how to keep them off our computer.  Today we are looking at this from another angle.

A keylogger, if you don’t know, is a small hardware device that attaches to the keyboard, or software program that you install on the computer.  These products capture everything that the computer user types, and saves it to a file called a “log.”   The hardware devices have to be removed periodically to download the file.  The software usually sends the log file automatically on a prearranged schedule to whoever installed the software.

Keylogger hardware runs between $35 and $60, the software versions run $45 to $70.  There are also a handful of free keylogger software products including keyloggers that are part of the Kali Linux pen-testing distribution.  Once place to find and compare software products is at Keyloggers.com

In the United States, there laws to protect us from the illegal use of these sorts of products, such as the Computer Fraud and Abuse Act.  Using these without permission is a type of illegal wiretap.  Legal use may require a court order.  But these products are legally for sale online from retailers such as Amazon, so what does constitute legal and illegal use?

Let’s start with the easy one first, your children.  It is definitely illegal for an outsider, a child stalker or predator, to surreptitiously install a keylogger and use it to collect information about your kids.  But parents do have the legal right to “spy” on their own children, and this may in fact be a pretty good idea.

When it come to your spouse, you do not have a legal right to spy on them.  This is a very, very dark gray area.  If you are going to spy on your spouse as part of a divorce proceeding, you need to talk to your lawyer first, and follow their advice.  If the computer in question is shared between you, then community property laws would apply, but his or her work laptop that is owned by their employer definitely is not open for surveillance.

If you are spying on your spouse because you are some sort of sick control freak, then maybe you should get professional psychiatric help.  In this scenario, your spouse would have the legal right to have your brought up on charges.

In the realm of employment, things are still gray, but a much lighter shade of gray.  First of all, employees have no expectation of privacy when working in an employer provided office, on a computer system, across a computer network, or on an email system that is owned by the employer.  That’s right, cubicle farmers, your employer can and probably does monitor at least some of your computer, email, and online activity.  Whether this collected information an be used against you in court, should they have cause to sue you, depends on whether they have informed you of this surveillance, and you have given them permission to do so.  This usually happens on your first day of employment when you sign your Employee Policy Manual, Computer Acceptable Use Policy Manual, or some other employment agreement document.  So the answer is, yes, your employer can use a keylogger or other surveillance software when you are working on their toys.

I am not an attorney, so this article is for general informational purposes.  But if you are looking to get into the spy business, just remember everything you are doing is probably illegal.

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Owner of the WyzCo Group Inc. In addition to consulting on security products and services, Bob also conducts security audits, compliance audits, vulnerability assessments and penetration tests. Bob also teaches Cybersecurity Awareness Training classes. Bob works as an information technology and cybersecurity instructor for several training and certification organizations. Bob has worked in corporate, military, government, and workforce development training environments Bob is a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. Bob has been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.