• Korne127@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    You work in the US, right?
    I’m so sure that this would be absolutely illegal in the EU. Privacy laws are rather strict here and I can’t imagine that it would be legal in any way to say that you’re doing an anonymous survey if it isn’t actually anonymous.

    • Ace_of_spades@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      I live in the UK.

      The consultancy never claimed that the surveys were anonymous. Pretty much every manager did when they sent it out to their employees. I guess lots of bosses in the UK have no problem with lying to their employees.

      Privacy laws are only as good as their enforcement. I’ve seen first hand the slap-dash attitude the NHS has to patient confidentiality and the police using databases for their own personal reasons. I’ve also experienced UK primary schools violating confidentialities. No repercussions for any of them.

      • Comment105@lemm.ee
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        If you were to reveal this information while you were still employed, would they have had legal repercussions against you as a whistle blower?

        • Ace_of_spades@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          1 year ago

          No legal repercussions.

          I did some consultancy for the NHS (hint for anyone in IT: DON’T) and tried to whistle-blow the absolute shocking state of patient confidentiality. Nurses would routinely look up things to use or for gossip or leverage over people. For example, one nurse was able to access patient details to help her friend get ammunition in a divorce and custody battle. Another used it for playground gossip against a mother who had offended her and spread around that she was on antidepressants. When I started the complaint (giving multiple examples), they closed ranks and decided my claims were due to “miscommunication” and/or were fabricated. I could prove this data had been accessed and who had accessed it on the system’s audit trail. Nothing was done. They have policies in place stating not to do that, but they were routinely ignored.

          Same with the police. Officers were using police databases to stalk and harass exes, exes new partners or neighbours who had pissed them off. The Independent Police Complaints Commission are a joke and are staffed by ex police officers who had personal relationships with the people involved. The complaint was closed and I received a letter months later thanking me for withdrawring my complaint. I never withdrew the complaint and was informed that I had and I was unable to open it up again. This was 10 years ago and I haven’t worked for any police department since or relied on the police for anything.

          GDPR and data protections laws are all well and good, but without enforcement they are meaningless.