The day someone walked into the office wearing a corporate grade privacy violation on their face
Posted by a_shootin_star@reddit | talesfromtechsupport | View on Reddit | 321 comments
So this happened last week, and I’m still recovering from the collective aneurysm it caused across four departments. I work IT for a company where "please don’t leak our stuff" isn’t just a guideline, it’s practically a lifestyle. You’d think this would be intuitive. You’d think people would maybe ask before bringing in gadgets that can livestream the entire building to Meta’s servers. You would be wrong.
I’m sitting at my desk, sipping my first coffee, pretending today will be normal, because hope is a disease... when Security calls me. Not emails, not messages. Calls. That’s already a red flag because the only time they call is when someone tries to badge in using a frozen lasagna or something equally cursed. "Uh, can you come to reception? We… have a situation."
Great. Love that. Nothing ever begins with "situation" and ends with "and then everyone got cookies."
I head down, and there’s an employee standing there like they’re about to board the Starship Enterprise. Backpack, badge, smile, and the most innocent-looking pair of Ray-Ban glasses I’ve ever seen. Except these are not innocent. These are smart glasses. As in: camera, microphone, AI assistant, cloud upload, easily mistaken for spy gear smart glasses.
Security looks at me with the expression of someone who has accidentally activated a bomb. "Are these… allowed?"
Now here’s the fun part: we don’t have a policy for this. At all. Zero. Nobody thought to write "don’t wear personal surveillance devices into the building," because apparently that would have been too obvious. So now it’s up to me, the IT guy who once had to explain what a GIF is to an executive, to make a spur of the moment compliance ruling on whether a pair of sunglasses is a tool of industrial espionage.
I ask the employee, as politely as possible, if their glasses record.
"Oh yeah!" they say proudly. "They do video, audio, photos, voice commands… basically everything!"
Cool cool cool cool cool.
Just what I needed before 10 AM.
Totally normal workplace thing.
Security’s eyes widen like the glasses have started counting down from 10.
So now begins the Grand Corporate Panic. Security is flipping through internal SOPs like they’re trying to summon a policy from sheer force of will. HR is pinging me asking if this falls under the wearables guideline (it does not). Compliance is in a meeting because compliance is always in a meeting. Legal is unreachable because apparently the universe hates me.
Meanwhile the employee is just vibing. Rocking their CIA cosplay. Probably wondering why half the building suddenly looks like they’re participating in a hostage negotiation.
After ten minutes of chaos and at least one person Googling "Ray,Ban smart glasses security risks corporate environment," the consensus becomes: We have no idea what we’re doing, therefore the answer is probably NO.
So I ask the employee if they have normal, non-panopticon glasses they can switch to.
Miraculously, they do.
They swap eyewear, Security sighs like they just disarmed a bomb, and the employee walks in like nothing happened while the rest of us collectively reboot our brains.
Crisis over… right?
Wrong.
Because two hours later, we receive an official ticket:
"Hi Team, We recently encountered a situation involving connected glasses (Ray-Ban model). We were unsure which guideline applies. As a precaution, we asked the employee to switch to non-connected glasses, which was fortunately possible. Could you please advise if connected glasses are allowed on our premises?"
Translation: We panicked and now we want IT to invent a rule so we don’t panic again.
We have a Legal department. 4 counsels.
So the ticket was closed and HR informed that IT cannot advise in this case, and they should be liaising with Lega. But I’m sitting here crafting the most professional follow-up response possible while my brain is screaming:
We didn’t have a policy because no one expected people to walk in wearing Facebook FaceCams on a Tuesday morning, Karen.
We will absolutely have a policy next week, though. Nothing motivates corporate rule-making like the sudden fear of being involuntarily livestreamed from the coffee machine.
TL;DR:
Employee shows up wearing Ray-Ban smart glasses.
Security freaks out.
HR freaks out.
IT freaks out.
Nobody knows what the policy is because the policy doesn’t exist.
We tell the employee to please stop being a wearable GDPR violation.
They switch to normal glasses.
Half the company is now rewriting the rulebook because one guy wanted to look stylish with auto-recording sunglasses.
R3ix@reddit
Thank you for this tale.
I’ll bring this topic to our privacy manager so we can be ready when that happens.
Fantastic_Run2955@reddit
For us,audio-only glasses is allowed.We don't work in higly sensitive environment but multiple of us have smartglasses with no cameras that help with taking meeting notes. My Dymesty actually also work really well when we meet with suppliers in Japan with limited English. The duo mode live translation works wonder and they seem very happy with them.
Myrandall@reddit
How big a company are we talking that this was going to take a week instead of two hours?
AbbyM1968@reddit
I have to admit, I wondered how long before they showed up.in a corporate office ... (I first saw just videoing ones at a motorcycle shop over a decade ago. I kinda knew they were improving along the way, but din't really pay attention)
IsthianOS@reddit
Why is this dressed up like it's a big deal it's glasses with a camera of course it's not allowed and I don't see why anyone would have anywhere near this much consternation about it
Endy0816@reddit
Be legally murky, especially in the UK, if that was their only means of seeing and it's not violating policy.
bob152637485@reddit
While everyone's reactions were quite hilarious, actually sounds pretty smooth overall. The employee being completely cooperative made it far easier of an experience than it could have been. I half expected the employee to get away with wearing them after insisting that they weren't breaking any rules.
a_shootin_star@reddit (OP)
Right? We were fully prepared for the classic "Well technically there’s no rule against bringing my wearable surveillance device into a secure facility ☝🤓".
Instead we got the mythical creature of IT folklore: a cooperative adult.
Honestly the smoothest disaster we've had in ages.
androshalforc1@reddit
Doesn’t sound like he was cooperative.
Can you not wear those?
Sure goes around corner puts them right back on
Endy0816@reddit
Was only asked if they had a normal pair they could switch to.
SongBirdplace@reddit
In surprised you don’t have a blanket rule of no recording equipment in the secure areas with lockers for devices.
Then again, I’ve been in areas that ban personal radios because they transmit data.
Jonathan_the_Nerd@reddit
Virtually all phones have cameras now. If you outlawed all recording equipment, people wouldn't be able to bring their phones into the office.
I know there are some circumstances where that's justified. But OP's office might not be one of them.
Nyssa314@reddit
The rule in the company i work at is that unless you need your phone for your work duties it is to be turned off and preferably in your locker or car. You are allowed to have your phone on in the break room or parking lot.
Now, this rule is not enforced, but it is a rule that if an operator is caught slacking off and playing on their phone while their machine isn't running they can be fired or at least written up for the phone being turned on while on the plant floor.
fencepost_ajm@reddit
Never underestimate the stupidity of people. You need an explicit policy for the idiot that will be standing there using their phone while their machine is running.
jeepsaintchaos@reddit
I work industrial maintenance. We have lots of clamps, robots, slides... All kinds of moving bits. Those moving bits are behind a roll-up door and light curtains, and can't move without the door closed and the curtains reset. You put parts in, press a button, the door closes, and machinery things happen.
I've had an operator come to me, expecting the company to replace his phone after it got smashed. Apparently this person set his phone down in a station. Door closed, clamps closed, phone went "crunch". Instead, since he was a dick, he got a write-up for having his phone out.
The second one opened an electrical cabinet to charge his phone from the HMI. Absolute no-no. Huge safety violation. The only people who are allowed to open electrical cabinets are maintenance. This particular cabinet was only 120v, but right next to it is a 480v. Now, I don't know if you know what 480 is, but it's the scary electricity. As in, you aren't surviving touching it and if you do you'll wish you didn't.
Instead of a write-up, he was walked out and fired on the spot.
AnonyAus@reddit
480 may be survivable, but you're probably not going to be happy about it......
My hat is off to those guys that work with voltage that will throw an arc out of the cabinet just out of spite even when you're doing it right!
SacThrowAway76@reddit
All depends on how much amperage you get with that 480. Amperage is what kills you.
Nyssa314@reddit
Yeah... though if the machine is running and parts are moving they can take a nap for all I care. But if that machine stops they need to be prepared to get it back moving ASAP.
GoldenMegaStaff@reddit
Many companies have gotten rid of desk phones so cell phones - company issued or personal - are all they have available.
jimboslice21@reddit
Most companies did get rid of desk phones, but not for cell phones.
Most businesses use VOIP soft phones on their computers (ringcentral, Teams, etc.)
Nyssa314@reddit
Company issued cell phones are allowed, but they are monitored and not allowed to do non company tasks.
Personally I don't use my desk phone. I have e-mail, use it.
drifterlady@reddit
I can't use your email unless you give me your credentials.
Nyssa314@reddit
Lol, you have no reason to. And reddit kind of counts as e-mail.
But yeah, most phone calls I get i can't actually address so I ignore the phone
drifterlady@reddit
But, you said "I have email. Use it". I can't, just so you know, in case you were expecting me to use your email. Thanks and have a great day.
Dazzling-Hacker@reddit
Not to mention those that need text messages or Authenticator apps.
WildMartin429@reddit
I had a buddy that worked IT support for Boeing and they were not allowed to bring their phones in due to security concerns; they had to put them in a locker before they could go into their work area.
NoComparison4295@reddit
I worked at a company that placed a security sticker over your phone camera every time you came on-site.
himitsumono@reddit
There are places that will fire you if they catch you with your phone on site. No questions, You're out. I suspect some of them might give you a pass for a flip phone with no camera. But probably not.
Long_Pomegranate2469@reddit
There's companies that sell specially modified iPhones etc that have the camera module removed.
oingapogo@reddit
I worked for a defense contractor. You could not bring ANYTHING electronic into that building. While they didn't go so far as to search your person, they did search your bag.
Also, many call centers have a no phone policy because they don't want reps taking photos of customer's credit card info.
sherlockham@reddit
I was in a military that had an approved phones without cameras list back in the day(20 years ago?).
From what i've heard, since it's pretty impossible to get a phone without a camera nowadays, you're now required to go to a phone repair place and have the camera disabled with epoxy and get a certificate that says it's been done. If you want to bring your phone onto base.
TheBobMcCormick@reddit
What country’s base is it that requires cellphone cameras to be disabled with epoxy? Legitimately curious. I’ve never heard that in the US
drifterlady@reddit
In china, visiting a tech company, all laptops had all ports security sealed and phones handed in at the entrance.
uncanneyvalley@reddit
I work for a startup who regularly visits China - travelers are not allowed to take any personal or corporate devices with company data or applications besides Okta with them. They’re assigned extremely locked down Chromebooks with limited access to corporate apps that are activated after arrival and powerwashed before leaving.
drifterlady@reddit
That sounds about right. I was with Lucent and my experiences were in the early 2000s
des506@reddit
Haha yeah Singapore. I didn't hear of epoxy method back then. But the original method was to go to the telco, and get the camera module removed and certified with a sticker covering where the camera used to be. Luckily they removed the certification requirement when I "served". So any phone repair shop could just remove the camera module and be allowed in.
sherlockham@reddit
Singapore. I know they were super weird about the whole camera thing when I was in there. I'm would not actually be too surprised if they did progress to permanent disabling of cameras with epoxy.
For the most part, people would just get something cheap to bring onto base and leave their nice phones outside, even back then.
des506@reddit
Oh god the stupid lion branded phone or ino. Couldn't even launch WhatsApp without it crashing once or twice. Worked better as a hand warmer or paperweight.
Ender_rpm@reddit
I work in a government secure space. We leave our personal phones in lockers at the entrance before we even cross the credential boundary. I often feel about 5 years behind popular technology culture :(
Scared_Bell3366@reddit
If it can record or transmit, it’s not allowed. Some days I’m surprised I can keep my car keys on me.
Death_God_Ryuk@reddit
Yeah, you end up with a big stack of phone lockers outside the work area.
mortsdeer@reddit
They sell rolls of red stickers specifically shaped to cover phone camera lenses. Use enforced by the bouncers at the best dance clubs, I'm told.
abritinthebay@reddit
Right? Like… assuming this is real there is a basic level of competence in their guidelines/rules that is utterly absent.
GrumpyBearinBC@reddit
Are you referring to GMRS / FRS / VHF 2 way radios or AM/FM radios?
SongBirdplace@reddit
AM/FM standard radio.
SongBirdplace@reddit
The rule banned any device that could send, receive, or store electronic information that was not cleared by security. The computers were very locked down and only in a few rooms. Personal phones were banned as a matter of course and had been since the 90s. The radio in question had to get special permission and was just a radio. It didn’t even play CDs.
Night_Albane@reddit
The last couple of times I was in a Secure location/facility all recording devices had to be removed. Unsure why that wasn’t on the books here.
Loko8765@reddit
Any personal electronics. I’ve been in places where you had to lock up your analog wristwatch.
TheArmoredKitten@reddit
It would be funny if the Soviets hadn't pulled it off at least once.
mattl1698@reddit
in another timeline where the CIAs operation acoustic kitty succeeded, you'd have to store your cat in a locker too just in case it had been implanted with a listening device
toxicatedscientist@reddit
My brother is a watch guy, he’s got one that’s purely mechanical: literally wound by movement. Wonder how theyd feel about that…
Loko8765@reddit
If they were feeling talkative they would say “we’re not going to take it apart every morning to check it, and you wouldn’t want us to, so in the box it goes”.
In practice they are not talkative and you’re not there to cause trouble.
toxicatedscientist@reddit
Lol it’s glass on both sides
lucidposeidon@reddit
I love skeleton face watches. Do you know the name of the watch he uses?
toxicatedscientist@reddit
Laco is as much as i know, but i think that’s the brand
burnedbard@reddit
I mean, this would make sense for a normal caseback but an exhibition caseback should show enough in theory.
jchamberlin78@reddit
My company's policy is nothing with a battery. Includes car remotes.
af_cheddarhead@reddit
Fitbits, not allowed in DOC SCIFS, yeah that went over well with the CrossFit crowd.
ahazred8vt@reddit
The NSA had to ban Furbys because they had microphones.
https://www.schneier.com/blog/archives/2024/02/documents-about-the-nsas-banning-of-furby-toys-in-the-1990s.html
deeseearr@reddit
I'm reminded of the time that US soldiers deployed to secret bases in the Middle East... Shared the precise paths of their daily walks using a fitness app. Where anybody could see them.
FangsFr@reddit
I see your secret bases, and I raise you ballistic missile submarine patrol dates.
deeseearr@reddit
Well, fortunately that was over a decade ago and everyone has learned...
Never mind.
vinyljunkie1245@reddit
I'll go in with War Thunder players getting into arguments about the specs of military equipment and posting classified documents on public forums to prove others wrong
https://blog.acer.com/en/discussion/3318/war-thunder-039-s-history-of-classified-document-leaks
AdSpecific867@reddit
People definitely look as those.
A Russian sub captain got kudos from what looked like a Ukrainian general in military intelligence on the last run he logged, after someone killed him in a park that same route.
reverendsteveii@reddit
you have to lock up that thing that looks to security like an analog wristwatch but could be anything until they actually get up in its guts and verify
Loko8765@reddit
Exactly. Some genuine digital watches are very analog-presenting, so really well-funded adversary could do something very difficult to detect.
LustForLulu@reddit
They can do it to laptops, too. On his last trip over to China, some time ago, my husband made sure to take his old, almost broken and dead backup laptop with him. The device had been wiped very thoroughly clean by every means he and IT could come up with, had an updated copy of Windows on it, and only the files he would need for the trip. There was no data related to his professional or personal accounts on it at all. We both agreed that there would be no communication that week beyond potentially a phone call made from the U.S. embassy to touch base and say hello. (At the time, we were both federal contractors for different branches of government. We were not taking chances.)
Prior to leaving, he set some traps that would be almost unnoticeable on the inside of that laptop. When he got back, he did not turn on the device. He merely opened the case and determined that all of his traps had been set off or disabled. And, there was new hardware in the case that wasn't present when he left the States. So he turned it over to IT, and we have never seen that computer again, which we're okay with.
PartTimeZombie@reddit
I have to lock my phone and watch up before I go into an office at work, which has an Android TV on the wall.
Not sure how it makes sense, and the guy charge got a bit pissy when I laughed at them.
Glimmu@reddit
Yeah, this sounds like they cosplay as a secure facility.
Less_Author9432@reddit
Re: The mythical cooperative adult
My question is, was this guy so dumb that it never occurred to him that his glasses were a problem? Or was he so smart that he knew the glasses were a problem, knew that there were no actual rules against them, and decided that the best way to point out this hole in corporate security was to wear them to work to see what would happen?
a_shootin_star@reddit (OP)
Short answer? Design department. He really thought they were just cool glasses. Totally oblivious.
pockypimp@reddit
Having studied Graphic Design and work in IT this makes total sense. Having dealt with Marketing it REALLY makes sense.
I had Marketing at my last job ask why we blocked Google Drive (we were a Microsoft operation) and couldn't understand the security risks considering they were handling trademarked logos from clients along with product release info.
KindBear99@reddit
I'm genuinely curious, what app (besides the google suite) allows multiple users to simultaneously edit a document in real time, no delays? Does the online office 365 do that? Box? Canva? I feel like that is where Microsoft is really lacking and when I really wish my company was a google based company.
pockypimp@reddit
Office 365 online does, it's a bit janky if you're using desktop and online at the same time as there's more of a delay. My coworker and I have been editing the same Excel file with the online version and the file stored in Sharepoint with no problems.
KindBear99@reddit
Thanks! Good to know, maybe I'll try Office 365!
pockypimp@reddit
I haven't tried with Word so that may be weird. In Excel the cell being edited will have a colored outline with the logged in user's initials in a color matching circle next to it. So you can see who is live editing what.
Word probably does the same thing that Google Docs does, same kind of look.
thecrius@reddit
Ah. I see.
therealkami@reddit
Everyone reading this just nodded and thought "Yeah that makes sense."
cheesenuggets2003@reddit
This makes more sense with a right-brained person.
KelemvorSparkyfox@reddit
Jeanne Robertson has entered the chat
(Maysherestinpeace)
Nihelus@reddit
This is why it’s great working in an at will state. I don’t remember what the topic was but we had a deputy (I’m no longer a LEO to be clear) who was pushing us on something just about as dumb as this situation, because it wasn’t in policy. I said, “Yup, you’re right. You don’t have to do that. We also don’t have to employ you.” Surprise, surprise, he started complying with common sense.
H0t4p1netr33S@reddit
Your physical security guys are also really well trained. They deserve a massive shoutout for catching it and effectively categorizing the threat before you even arrived.
JustAnotherDogsbody@reddit
You had me right up until "cooperative adult" definitely broke my "suspension of disbelief"
It's like when you're watching a TV/movie and the character slyly inserts a USB drive into a laptop, without once losing their shit about where the damn thing is, what kind of adaptor you need, or whose idea it was to only have USB ports on the docking station... etc.
"Mission is a bust, I only brought a usb-C OTG cable, and the target wanted to know why I was walking around trying to find the docking base!"
Ranger7381@reddit
My question is if the person was told not to put the glasses back on while in the building?
craigmontHunter@reddit
Where I am in this case the glasses would be put in an electronic locker by the front door and they can get them on the way out.
asr@reddit
Do you do that for phones as well? They can also record stuff.
craigmontHunter@reddit
Depends on whose phone and what’s happening, and what building. Guests have to put their phones in, other people depending on what’s happening. We do have corporate phones, so you will see phones in areas, sometimes we have to lock it all up (or leave it at our desk/office if we’re going to a sensitive area). There are no blanket rules, but where there are rules they are enforced.
asr@reddit
So follow the same policy for the glasses.
binaryhextechdude@reddit
Yeah I'm confused how they were allowed to still have access to them. Also, every policy should be updated with the default answer is no, until we asses risk and decide to say yes.
merc08@reddit
It doesn't sound like they put them back on later. The ticket was about documenting the original incident.
Ashenfall@reddit
If they're not wearing or using them, they're effectively the same as any other personal device that could potentially record (i.e. anybody's mobile phone). If they're told they're not allowed to have something in the building just because it could potentially record, that covers an awful lot of devices.
Better to just allow them to keep them in the building unused, and then quickly introduce a policy specifically banning wearable cameras.
binaryhextechdude@reddit
The only point of the glasses is to stream video to Meta. No one buys them to reduce glare on their commute. Your phone tells time, tells you the weather etc etc. To me there's a big difference.
Ashenfall@reddit
I haven't said otherwise. However, in the context we're talking about - a device being unused - there is no discernable difference in risk.
Wizzle-Stick@reddit
this is the most unbelievable bit in your story. i encountered this nightmare recently and they tried the "show the the policy". like mother fucker, ill throw the policy at you. i wrote the policy. i am the policy.
calllery@reddit
All said and done, everyone should have got cookies.
reverendsteveii@reddit
there isn't a policy about general recording equipment? if there is, then the only difference here is how that recording equipment is attached to the body and that's pretty clearly not gonna be relevant to the policy
Canuck-In-TO@reddit
Honestly, I think you’re lucky you didn’t get someone on their bad day.
The guy could have pushed back and stood his ground about the whole thing.
I would have just made a snap decision and told him, “you fully know this is a secure facility and you’re putting us at risk by bringing those in here. Either leave them at the security desk or it’s going to be a career move on your part (for those that don’t know, that’s the threat of being fired).
Soepkip43@reddit
Cudos to security for spotting them.
pagso3000@reddit
Thankfully we have a rule at work that only company issued cameras can be used in the office. And those have to be approved by security. Violating that can result in fines and/or prison.
jeffbell@reddit
The Air Bud gambit.
captmac@reddit
The words you’re looking for are “or as determined by [IT/legal/dave in the mail room] when considering organizational needs.”
the_stanimoron@reddit
He was testing the company, a la custodes blood games.
Ashamed-Ad4508@reddit
Meh. You Musta missed buying the powerball that day....
green_link@reddit
right? my response as a IT professional would have been, we don't have a policy about them specifically, but we do have a policy regarding leaking information and since these directly connect to an outside server they fall under that and are not allowed. i would suggest to security that they confiscate the glasses and the employee can pick them up at the end of the day or when they leave the property next. but they are absolutely not allowed into the facility.
then i would advise HR and legal to modify existing policies or make a new policy
but yeah everyone seemed to take it really good in my opinion. especially the employee
B_T-S33@reddit
Good on the security that caught this.
Mike312@reddit
Yeah, that's surprising that they'd notice this and then immediately escalate.
usernamedottxt@reddit
Yeah, I went through this last year myself. Except security didn’t catch it, some random person in a meeting with them did. Roughly same outcome, with a bit more incident response element to clean up.
happy_and_angry@reddit
I'm amazed nobody said either, "are you fucking stupid?" or reenacted the, "I award you no points" speech from Billy Madison.
Xenoun@reddit
Yeah but that's why any sane company with security restrictions has a policy that limits functionality of approved devices, and only gives examples of devices that applies to rather than trying to list everything they can think of in a rapidly expanding tech market.
This would be a non issue at my work, employee told to change the glasses or go home.
T_Thriller_T@reddit
I have never, ever worked at a company which had a "functionality of approved devices".
I have had multiple companies that, very plain and simply, stated that any devices recording pictures, video or audio must be approved / any recordings of those kinds must be approved on premises (and by all people involved).
Which, in all honesty, is a lot better than having to define that devices aiding in a medical disability (like insulin pumps etc) are okay and that glasses which also stream are not
Xenoun@reddit
Yeah, recording etc would be some of those functions that I was saying are limited/ controlled.
ignescentOne@reddit
This. The policy should read something like: devices that record video or audio are not allowed unless explicitly approved by. You don't ban specific items, you ban what they do, and then craft exceptions that let people have the things they are allowed. (Or not - we used to have to drop our phones off in a basket like we were in school, and pick them back up on the way out of the secure area.)
greypiewood@reddit
The device could "just" stream video or audio, but not permanently save. I guess technically the device has to record locally, at least temporarily, in order to stream, but how many people would understand that nuance? "My device doesn't record, it just streams so my followers can see what I do at work."
ignescentOne@reddit
Ianal, but generally the term 'recording' does not require 'saving to permanent storage for a minimum of x time.' The info is being written somewhere, so as to be broadcast, and is therefore 'recorded' even if that recording is only in active memory or network packets.
masterventris@reddit
And this is why legal docs are stupidly long.
"Devices capable of any of the following: record, capture, transmit, memorise, imagine, hallucinate, or otherwise cause a representation of reality to be visible from another location or device, in realtime or otherwise..." etc
merc08@reddit
That's the crazy part of the story for me. The company apparently has a strong "don't leak our stuff" guideline / lifestyle, but not even a single policy that says "no cameras" or "cameras may be prohibited in some areas" or "personal devices may be denied access for any reason"?
filthy_harold@reddit
The whole story reads like AI. Normal companies have rules that say no photography unless you get a media pass and then anything you intend to make public has to go through legal. While a phone could easily be recording audio and video surreptitiously, glasses are even more so. Plus that video is not stored on the device, it's being uploaded to the cloud which obviously is against the rules as well. There's absolutely nothing confusing about smart glasses. And management always reserves the right to say no smart glasses even if there's nothing specifically against the rules.
SidratFlush@reddit
Solicitors get paid by the ampersand and comma in contracts.
abritinthebay@reddit
This seems like it should be covered by any other policy around recording devices.
The fact that it’s not makes me concerned about so much
UninvestedCuriosity@reddit
"because hope is a disease" absolutely sent me. Emergency policy writing is going to be the name of a band one day.
Lazy_Excitement334@reddit
Agree, and thats where I decided a human wrote this post. AI has inherited a sense of humor from Elon.
TheRealJackOfSpades@reddit
Wow. A sane response. How novel.
HavBoWilTrvl@reddit
Having worked for a Fortune 500 financial company for the last several decades, I am no longer surprised when coworkers just don't think about how they are putting customers and the company at risk of major data breaches.
SciJohnJ@reddit
Does the company ban cell phones too? They can record and stream audio and video too. I would not hold one piece of tech to a higher standard than another just because of its shape.
root_27@reddit
I am guessing not as the company didn’t have a flat out no recording equipment in the office policy. However, something that can record without it being obvious you are recording is very different from something you actually have to hold up and record.
Like it’s pretty obvious when you’re taking pictures of company documents on your Phone less obvious if you’re recording them through your glasses.
danteselv@reddit
The glasses make several very audible notifications of recording aswell as a giant LED beaming to say "HEY GUYS LOOK AT ME. MY GLASSES ARE RECORDING YOU WITHOUT CONSENT LOL"
ThereUHavit@reddit
You can put a phone in your shirt pocket to discretely record. You can discretely record from a Galaxy Flip phone without holding it.
dingo1018@reddit
Now I want to know what this 'company' has to hide, amirite? I bet they are coreing out homeless braines and stuffing in just enought compute so they can work the phones, and I want to be the first to say I am utterly sickened by what I have just learnt, sickened!
dnabsuh1@reddit
Do you have a policy about recording with cell phones? These would probably fall under that.
Hminney@reddit
This is a ridiculous situation. You don't need new policies - you might want to issue clarification by email, but there is no need for a fuss, you simply agree with security on the door and say "this site does not transmit photos or audio or any other corporate information to servers that are not our own except as specified (eg use of mobile phone)" and tell them either the glasses go off in a bag or they need to be left at the desk to collect on departure. Minimum fuss, no grey lines. Since it was a first time, you can choose, but I'd submit it as a gross security violation from an employee who should have known better to whatever your route is. I'm guessing since security called you that you can submit directly, but a junior might need it to escalate within it first. This is not an it issue. This is an "everybody stops and reports security risks" issue. It is involved because it uses your special knowledge.
Prohibitorum@reddit
I hate to be the guy, but doesn't this have a distinct chatgpt smell for anyone else?
xelab04@reddit
"work IT for a company where "please don’t leak our stuff" isn’t just a guideline, it’s practically a lifestyle" didn't even make it past that before coming to find the AI comment
"because hope is a disease... when Security calls me. Not emails, not messages. Calls. That’s already a red flag because the only time they call is when someone tries to badge in using a frozen lasagna or something equally cursed" nobody speaks/writes like that, let alone a tech person
zanderkerbal@reddit
This is not true, there are absolutely redditors who speak and write like that for a reddit audience.
I could believe this is AI though.
SolaceInCompassion@reddit
Oh, absolutely. The writing style is in lockstep with the AI cadence.
erebus2161@reddit
I don't know about AI, but definitely sounds fake. The employee just stands there like a moron through the whole thing. And ultimately wears other glasses without hassle, but never offers that suggestion themselves.
Also, were these prescription rayban smart glasses or was not wearing glasses at all not an option?
ZenDragon@reddit
I was thinking Claude.
0800_BANDO_TRAPPER@reddit
I couldn't put my finger on it but I despise the way this is written.
iheartnjdevils@reddit
I was going to argue that it doesn't have the classic "It's not this, it's that," that AI loves so much, or the 3's for effect. But then I reread the first paragraph.
Uglynator@reddit
chiming in to say the same, though i believe this to be claude. definitely smelling machine generated
Candle1ight@reddit
Thought the same thing. Going to think of it like a creative writing story.
groucho_barks@reddit
100%. The story isn't even that dramatic, but was so overblown. Some people emailed and called back and forth for 10 minutes and the guy just took the glasses off? Big fricken woop.
Kasper_Onza@reddit
Why would that not fall under wearable tech?
Wrong_Cat4825@reddit
I know secure sites when even bringing in a stamped audio CD (so never write able) was forbidden
A_Rod_H@reddit
That possibility dates from the days of the Sony rootkit audio CDs or earlier
ThatUsrnameIsAlready@reddit
I don't believe that you didn't have a blanket "no recording devices" policy.
preparationh67@reddit
Yeah, this sounds like the kind of story you see a lot of AI cheating or whatever where the behavior was very obviously covered by the current policy but just not enumerated specifically as "no AI blah blah blah
or "no always on recording wearable" and no people that's not how rules work. You don't actually need to list every thing just produce boxes to check on OK vs not OK. If someplace designed their checkboxes that incompetently well....
ThatUsrnameIsAlready@reddit
I suppose this scenario isn't impossible, but any remotely competent legal team knows what GDPR is, at which point IT doesn't even get a say on this policy.
Dom_Shady@reddit
I wonder: wouldn't smartphones be under that policy as well?
SimplyExtremist@reddit
Yes they are and they’re not allowed beyond a clearly marked door in all the places I’ve worked.
Budget-Ice-Machine@reddit
In my company we just say "no recording" and trust employees (and maybe fire some that betray the trust)
BeerForThought@reddit
Is there an exception for marketing if they do their own socials and product release photos?
Budget-Ice-Machine@reddit
Yes, although I never saw someone from marketing filming in more sensitive areas, we have some relaxation areas that have much less strict guidelines
mrcaptncrunch@reddit
Not them, but my experience is it depends on the business.
I have been in some that the answer is simply, no. Marketing is done at most the lobby and don’t record towards the inside.
I have been in others where they need so much approval for just being in hallways. I have seen, you can be in X or Y at Z hallway, can point to the wall, and record no more than x feet behind.
There are some hard core industries.
FunnyAnchor123@reddit
In my experience, companies will have conference rooms next to the front door but separated from the rest of the building by a guard station. Outside vendors, job interviews, training -- all of these happen in those rooms.
Intel used to have a rule of no recording devices in their labs, but that was relaxed when TPTB realized (1) you have to really make an effort to see any IP secrets, which would be obvious to everyone standing around you -- most of the time, all anyone could see in a lab are computer & server boxes, & once in awhile the motherboard inside; & (2) any determined spy could smuggle out photos of IP secrets if they wanted.
Turns out having a cell phone with a camera can be very useful: it allows a tech to record serial numbers -- & system configurations -- accurately.
BeerForThought@reddit
What about studio pictures of the product? If they're that secretive they should be done in house.
mrcaptncrunch@reddit
Rarely one will see a picture of a product like that.
It requires way too much authorization. Even for them to be in there. There are some, yes. Everything on the product is just turned off and there’s a review process for publishing to make sure that nothing that’s not wanted isn’t seen.
This starts before leaving the area. Then once they leave, to actually publish, there’s the review process.
Other areas don’t have a physical product. There are some team pictures. They’re usually taken outside in the campus. Maybe with the main building in the background.
BeerForThought@reddit
Thanks for the education! I have an invention but as a company of 1 I don't really know how the big boys do it.
me_groovy@reddit
So as long as the meta glasses aren't actively recording, that'd be ok?
Because you can bet they're passively recording in the background
HeKis4@reddit
No way to tell if they are recording unless you're watching network traffic though, which isn't exactly easy on a personal android phone connected to cellular. If they were only cameras I'd mandate whatever form of webcam cover that would work, but OP looks like he's in more of a "leave them at the entrance" kind of company.
warm_kitchenette@reddit
In addition, to do voice control, the devices would have to be passively listening.
odaiwai@reddit
They're almost certainly listening for the "Ahoy Telephone" wake up command...
darkest_irish_lass@reddit
Right here is the kicker. Google knows all and any computer with an AI is a sinkhole for anything that happens on that computer.
Wheat_Grinder@reddit
Reminds me of the guy who posted a TIFU years ago where he got fired for Pokemon Go with a policy like that, he was pointing the phone all around to find the pokemon like an idiot
Centimane@reddit
You could word the policy like "no recording". And then so long as people aren't pulling out their phones taking videos the phones are fine.
If the glasses are always recording with no way to disable, then they're not allowed.
An application of such a policy - you can be partially assured the phone isn't recording while it's in someone's pocket - mostly that it wouldn't record any meaningful video (it might still be able to pick up sound though). The glasses are being pointed at any data the person is looking at, which makes them more problematic.
Basically make it the individual's problem: "Can you prove those glasses aren't recording?" "no" "then they gotta go".
HeKis4@reddit
Pretty much this, I've worked at a place that did sensitive research, not defense but definitely at risk of industrial espionage, and the policy was webcam/camera covers on everything company issued, and trusted to not use personal devices to record with "no pictures" signs and mandatory security training where they insisted on this.
lemlurker@reddit
most places that run this dilema have a "no operation" rules. as in you are not allowed to operate the camera on a smartphone but you can havbe it on you and use it for other stuff. certainly at he lower security levels. a buit higher up and its "absolutly no electronic devices not issued by corporate"
Dhaeron@reddit
A buddy of mine works at a place with a strict no cameras rule. He's only allowed to bring a personal phone if he agrees to let security disable (permanently) the camera on it. Company phone is also an option, though he decided to actually get a phone without a camera. Doesn't even have a touchscreen, had no idea these things still existed.
lemlurker@reddit
Apple make special iphones with no camera for nuclear powerplant workers. I've been working in defence for several years. We have a secure floor that we aren't allowed any electronic services in. Even car keys are discouraged. Lockers are provided outside
merc08@reddit
I worked in a secure facility once with a "no personal electronics" rule. The PR department got cleared to take some very carefully framed pictures. The IT department got them a completely analogue film camera (that they screened) for the event because they wouldn't budge on the "no electronics" rule even for a standalone camera.
schumi23@reddit
To a certain extent there's a question of trust - you trust peoples' smartphones in their pockets isn't filming. But do you trust Meta to not be recording from the camera always pointing at whatever the person is looking at?
https://www.404media.co/whats-the-difference-between-ai-glasses-and-an-iphone-a-helpful-guide-for-meta-pr/
SongBirdplace@reddit
Yep. Which is why if you do it you provide lockers. People lockup their tech away from the work area.
af_cheddarhead@reddit
We have a "No Unauthorized Cameras" policy. Yes, that include cell phones.
Forsythe36@reddit
We have not had this yet. Looks like I’ll be creating one this morning lol
Strait409@reddit
Just out of sheer curiosity, OP, do you work for a certain company with its headquarters in south central Texas, specifically between Austin and San Antonio?
erebus2161@reddit
What I think is most interesting about this story is that no one even tried to explain the situation to the employee nor did the employee pick up that there was a problem and offer the resolution from the start.
ashamancurtis@reddit
Here’s a solution: do you have a policy in place that forbids recording company confidential information on unsecured private systems like phones? Or taking pictures of company confidential information?
If so, it applies to smart wearables as well, especially since you can’t lock those devices down like a cell phone.
1hero_no_cape@reddit
I've been in buildings as a contractor where NOTHING capable of transmitting was allowed inside, including the key fob to unlock my truck.
Wasn't even a smart key, just a lock/unlock fob.
e28Sean@reddit
Shit... I've worked places where those glasses would have been confiscated and destroyed, and the guy wearing them would have been fired just for bringing them onto the property.
-TheDoctor@reddit
That seems...excessive.
hornethacker97@reddit
Not remotely excessive for contractors with Secret clearance or higher
dustojnikhummer@reddit
Destroying peoples property in the entrance lobby is not excessive???
hornethacker97@reddit
Do you understand clearance and secrecy at all?
dustojnikhummer@reddit
Yes, and he wasn't actually let inside, was he? That doesn't give you the right to destroy peoples property. You can demand footage deletion (or firing of said employee), locking the device in a locker until they leave for the day etc. Doesn't give you a right to smash their fucking glasses. You can have prescription lenses in those you know?
And what, do you smash your employee's windshield if their dashcam catches sight of your building when they are pulling up to your parking lot??
hornethacker97@reddit
No one said that what was described would fit the situation OP describes. What was said is that in some situations it would not be overkill. There are situations and locations where contractors have to sign documents and have certain clearances before they are even allowed to have the address of the job site, and in those situations they are made aware that certain violations have certain consequences. If a highly secretive government facility tells a contractor or employee “you may not bring any recording device to this facility whatsoever or it will be confiscated and destroyed”, then it is a perfectly valid thing for the facility security to do just that. No one said that is remotely related to what OP described.
-TheDoctor@reddit
Stealing and destroying people's expensive personal property without their consent is excessive (not to mention, potentially illegal). Firing someone over what was, in this case, an honest mistake/misunderstanding is excessive.
silverheart-nine@reddit
If you're working in the kind of high-security environment (military/CIA comes to mind) where that extreme response is SOP, then there's no way you haven't already signed something in your training/contract agreeing that you understand it's what will happen if you bring unauthorized spying-capable devices.
Luckily for Glasses Guy, the workplace in OP's story doesn't seem to be quite that level of high-stakes security.
-TheDoctor@reddit
Except security did its job in the case and the employee wasn't actually let inside while wearing his camera glasses. He was still in the lobby and could have simply been asked to take them home.
participlepete@reddit
I remember back in the 90's the furor over the Furby toy. We did tech support for Hasbro, and one of the guys I know who worked at one the 3 letter agencies you don't talk about, banned them because they listened and could play back audio. Got some weird calls about that one.
ZengineerHarp@reddit
I used to work in a secure area - “no personal electronics” was the blanket rule - and I seriously considered bringing in my 1998 classic Furby to decorate my desk. I went so far as to ask the security folks if that would be allowed. I’m intrigued to report that as of the late 20-teens, the policy was “Furby may enter the secured area, but then he can never, ever leave .”
NetworkingNoob81@reddit
Like the Hotel California!
dustojnikhummer@reddit
Such a lovely place.
WaytoomanyUIDs@reddit
Jeez when I worked for a company in the financial industry NOTHING with storage capacity, a USB slot or a camera was allowed in the offices, (had to be left at security) not even ereaders. And everyone in the company had to do security training quarterly that covered that.
StudioDroid@reddit
I was working in some datacenters in India. When entering they xray your bag and do the usual metal detector scan for weapons. They were also concerned if I had a camera in my bag. Apparently the 2 smartphones, tablet, and 2 laptops that all had cameras in them were not an issue, they were just looking for dedicated cameras.
Lots of signage saying NO PHOTOS, except I learned that it was okay to photograph my racks and installation, just don't see any other racks.
nothingtoprove@reddit
How to deter future issues, say to the employee: “You know, I don’t think that we DO have a policy prohibiting the use of such a device. Congratulations, you are about to be named in a new policy!”
Then have the policy named something like: “Prohibition on the wearing or use of surveillance technology on corporate property. This means YOU, {employee name}!”
ajkimmins@reddit
Is there not something about photography or video capturing devices?
RogueThneed@reddit
Right? I worked for a bank 30 years ago that had policies like this. (Yes there weren't smart phones yet, but there were cameras, including digital ones.)
curmudgeon55@reddit
What's the policy on cell phones in the office?
PigHillJimster@reddit
As a contractor I have been on some company premisis where I have had to be searched and any mobile phones, watches, USB sticks laptops have been taken from me, sealed in my prescence and put in a locked cabinate until I have left the building.
My current work involves projects that connect to devices like Alexia, Google Nest etc. We do the testing with these in special locations on a separate network where the devices cannot pick up 'business conversations'.
Yeah, I've seen policies written covering this subject that although were written before smart glasses, would include them.
EmberQuill@reddit
So many people in the comments baffled by the idea that not everybody works for a defense contractor. There's a pretty wide gap which a lot of companies inhabit between BYOD and "Phones must be locked up at the front door." And people are stupid about nonspecific rules so I can see the same kind of kerfuffle happening at my own employer. It probably did happen already, but I don't work with that area so I wouldn't have known.
flaming-bunnies-197@reddit
"Nothing ever begins with "situation" and ends with "and then everyone got cookies." hahahahhaahahahhahaaha I am absolutely stealing this!!
kai58@reddit
Why the panic? Just tell the guy no. If they throw a fit they can explain to the relevant people why they should be able to wear it because theres technically no rule against it
zeus204013@reddit
This sound crazy, but people in prison are streaming because authorities without spine (because fear problems inside prison). No jamming devices because "reasons". In the main city of my country. In another they are well isolated, no bullsh!t allowed!!!
ratsta@reddit
Thanks for posting. I just forwarded a tl;dr to my org.
NewSpace2@reddit
What is this writing style called?
murobureau@reddit
ChatGPT bro-speak
Commercial_Pain_8113@reddit
Typical HR
ryytytut@reddit
Not gonna lie I expected them to be wearing a meta quest 3 (in passthrough mode, obviously.)
Can you tell I think very little of the average intelligence? Lol
tailaka@reddit
Were the glasses not covered by multiple policies regarding pictures, video, & sharing(online) of any data on worksite. I would imagine one pair of glasses violated policy in several different counts. Either way good job Security for stopping a potential breach.
mwb1100@reddit
Your company doesn’t have a no cameras policy?
RFDrew11357@reddit
When our company first started issuing iPhones, Security freaked out over the cameras. We had areas where no photography was allowed. Personal iPhones were not allowed to be brought into those area. Same with work phones if you didn't work in the area. However, some of the people who worked in the area were required to be available on their iPhones. The solution IT and Security came up with was destroying the camera lenses by placing a nail on the lens and tapping with a hammer. The truly stupid thing was they could have solved the problem by letting those guys keep their BlackBerrys.
Alanjaow@reddit
Message to the CEO:
"Hey, these glasses have a possibility of recording everything the employee sees, a lot of which is under NDA"
Message from CEO to all staff:
"Anyone have any arguments as to why these glasses should be allowed?"
A week later, after nobody says anything in defense of em, a ban is put in place. A Ray ban, if you will (oh, and I will).
x39-@reddit
I do hope you disallowed smartphones too, because otherwise you already have a massive surveillance collection in the pockets of literally every single worker
iceph03nix@reddit
I'm surprised there's not a "no photos or recordings on or of company property without permission" policy in the handbook somewhere. That's been pretty standard everywhere I've worked.
There's usually lots of people with some sort of permission, but not blanket recording of everything permission
gagcar@reddit
It's weird that this was a problem to me. I work in a very similar field now and you can have whatever you want while you're not in the red zone. You just can't record with a non-controlled device.
xcski_paul@reddit
When I worked for Kodak, I had to buy a (pre-smart) cell phone without a camera because even a phone camera was seen as a security threat.
raider1v11@reddit
If it's a secure facility, other recording devices wouldn't be allowed. Same policy would apply to these. At least for my areas of Healthcare. You wouldn't need a special policy for eyeglasses vs phone.
SuperCheezyPizza@reddit
Just tell the employee he needs written consent to record from every person within his presence. Within 1 minute it will collapse on itself.
Immediate-Panda2359@reddit
WTF? "No photography, videography, or or audio recording" covers this and from your description of the facility, you must have that, right?
rskurat@reddit
it's a clear and simple NDA violation
GeekGurl2000@reddit
Farcebook is Meta-static!
intentsman@reddit
Your facility sounds fascinating.
Could you post some pics please?
/s
jda@reddit
The real fun starts when HR+Legal require you to find a way to support & manage the smart glasses because they are an assistive device protected by the ADA.
toxicoke@reddit
In a way, it's good that they did that. It helped boost your security. It's like how showing that a lock can be easily picked is a good thing because then you can improve it.
WildMartin429@reddit
Do you have any policy that prevents people from bringing in a camcorder and recording? Any policy that prevents people from recording with their phone? If so this should fall under one of those policies unless you've written the policy so specifically that they mentioned specific devices individually instead of saying "no recording devices".
fuzzytomatohead@reddit
i had a feeling the second i read the title this was gonna involve ray-ban metas
WavePsychological789@reddit
oh cool so everything went as expected!
BigWhiteDog@reddit
I'm shocked that security noticed!
Brick_wall899@reddit
I find it hard to believe there wasn't a generalized policy against bringing in unauthorized recording devices in a secure environment. There shouldn't have needed to be a specific policy against connected glasses specifically. This should be a nothing but what we say is allowed is allowed situation.
bigbirdtoejam@reddit
Does your boss have pointy hair? Do you also do TPS reports? Sounds like a bucket of leeches in your pants would be more fun
The_JSQuareD@reddit
Are smartphones banned at your place of employment? It so, isn't it obvious that the smartphone ban extends to smart glasses? If not, why would smart glasses be a problem if employees are allowed to bring in smartphones that are constantly listening and have recording capability?
bdm68@reddit
It's not obvious that a smartphone ban would automatically cover other devices. It depends on how the policies are worded. If the policy bans by types of devices, the policy would be deficient because new devices with dubious capabilities are not covered until policies are updated.
It would be better to ban devices by their function and have a default policy that allows discretionary banning to cover the unforeseen.
adumblittlebaby@reddit
I'm not sure a smartphone that can potentially listen is the analogous to a pair of glasses that, by default, is a camera pointed at every single thing you look at - every document, every email, every meeting, every coworker.. nobody takes their phone out and directs the camera over every single thing they read. There is definitely a level of nuance here you're kind of dissembling away.
The_JSQuareD@reddit
Yeah but unlike the smartphone, these glasses have a very obvious indicator LED that turns on when it's recording. People take their phone out all the time for many reasons; if a malicious employee wanted to covertly record with their phone it wouldn't be hard to do. But with these glasses it would be obvious that they're doing so very quickly.
09475G59@reddit
AI slop holy shit
RicksterCraft@reddit
Yeah the analogies are straight from a ChatGPT output. I miss when Reddit had hand-written fake stories. Now the fake stories are obviously fake, even if the stories themselves are mundane like this one...
Starfireaw11@reddit
Unless you have a policy that bans smartphones and similar devices in the office, the risk is exactly the same.
RedditVince@reddit
In my job you could go to prison for just walking in the building recording. They don't even like cell phones in your pocket so block cell signals in the building. You have to go outside or be near a window for any cell signal.
And lets just say the network is the most secure in the modern world. And the receptionist is the Fully Trained Security Staff. No Fkn around at all and nary a smile in the place....
PerniciousSnitOG@reddit
You know, it's reddit, so you never know if something is the truth, or just a flex. In case you're actually part of such an environment , and especially if you're part of the security team, let me pass on a useful Mike Tyson quote:
Everybody Has A Plan Until They Get Punched In The Face
Though "Everybody Has An Unbeatable Security System Until They Get Punched In The Face" would be a more literal way to put it.
RedditVince@reddit
Yep, I understand it is 100% the tightest security system in the world. When it gets breached it is always an internal reason and everyone gets a new page in the annual training. - lol
Geminii27@reddit
There's no policy about bringing in cameras, microphones, or other recording devices to the workplace?
Rathmun@reddit
Did you already have a social media policy for what employees can post to facebook? Because if so, you absolutely already had a policy for the glasses that post everything to facebook. (Maybe they don't make it viewable to the general public, but it's there.)
Ex-zaviera@reddit
You have a way with words, Star. But also, ouch!
DoubleOwl7777@reddit
yeah these glasses are scary. i hate that in todays day and age corporations spying on you has just become normalized. the spyware is often literally built into the operating system.
Aida_Hwedo@reddit
Agreed, but like a lot of tech these days, it’s a double-edged sword; smart glasses are incredibly useful for certain disabilities (mostly blindness right now) and the price is downright reasonable compared to a LOT of other assistive technology.
Due to a combination of poor memory and lack of facial recognition, I honestly wish I had something like this to help me with people’s names… but even an offline-only device would obviously be a privacy NIGHTMARE in quite a few professional settings.
Triknitter@reddit
They're also shitty glasses. You can't adjust them, they're harder to clean, you have to have special labels to ship them because of the batteries, you have to send them to specific labs (most of which suck and do crappy work) to get lenses ... they're just awful.
Dogzillas_Mom@reddit
Why would the employee think it’s okay to wear such a device to a secure work location in the first place? They should know better.
1radiationman@reddit
The vast majority of companies don’t have a policy for this, although it’s pretty sad that Security is looking to IT for guidance and not either Legal, HR, or Privacy.
harrywwc@reddit
and still no cookies?
(other than the in-browser kind ;)
af_cheddarhead@reddit
I bet they would fall under the category of "No unauthorized cameras", one of many reason smart phones are banned in my facility.
Dunnachius@reddit
How the heck was the employee accepting of just… not bringing them in?
ccsrpsw@reddit
We actually do have a policy for this - and have had them for quite a while - from Occulus days.
Blanket policy: No recording devices (cameras, phones, etc.) in any area handling sensitive data (CUI, ITAR, Business Sensitive, etc.) without written authorization from Security and CISO. [Guess what - everything is Business Sensitive, isnt it!]
Specific Addendums: Smart Glasses are specifically prohibited from all locations, without approval from Security, CISO and COO/CEO [note the extra layer].
No push back so far from the 10 or so people (in a company of 20K+) who have said smart glasses. Everyone gets it.
Ycr1998@reddit
OP... is this post related somehow?
Minflick@reddit
Why not have security hold them until the employee finishes his shift?
KowalskiTheGreat@reddit
Im surprised nobody at my job has bitched about my meta displays yet, the bigwigs were in the other day and talked to me while wearing them, I even showed one the lens display, but nobody said anything negative. It's gonna be a sad day if they decide to make it a thing. They were expensive as heck and I don't have much use for them outside work, the live language translation/subtitles comes extremely handy on a daily basis among other things.
I can just record shit on my phone if I wanted to anyway, and it wouldn't have a mandatory bright white indicator light at eye level. I'm not enough of a scumbag to try those blocking stickers although I don't think they actually work on the newer models, especially indoors
EstablishmentHonest5@reddit
I would imagine the smart glasses are treated like a video camera. If you can't record in the building, the smart glasses aren't allowed.
JosKarith@reddit
My response would be "I'm sorry but we can't be certain where the data streamed from those is stored, which jurisdiction it falls under so I can tell you the default response from Information Governance will be No until they've done a full DPIA and GDPR assessment..."
I work for the NHS in ICT so I see a LOT of stupid requests like this.
Cygnata@reddit
Hell, most Federal restricted sites ban Furbies, and those don't actually record. Smart glasses should have been a no-brainer.
bigshmoo@reddit
Last time I saw smart glasses at work one of the founders was wearing them.
BeanbagBunniesBlunts@reddit
All of this is manufactured. Ai bullsh*t
TerraPlays@reddit
So many stories here are AI now. Funny that. You'd think we'd be more observant of such a thing.
Slider_0f_Elay@reddit
Good on security for recognizing the threat. And yeah, nightmare of legal/ corp CYOA but as far as disasters go the after action on this is pretty nice.
davewh@reddit
Geez I'd think this wouldn't be an issue. Secure facilities should have a definite policy about no recording devices. No storage devices. No communication devices. None. Zero. Nada. Here's a locker to leave your forbidden devices. Have a nice day.
collinsl02@reddit
Properly secure ones do. Ones learning the ropes or being constantly reactive or ones which aren't actually secure but oretent to be don't.
LLPF2@reddit
It's just that easy.
sykes1493@reddit
I have seen someone walking around a military base wearing those meta glasses. I didn’t say anything at the time because the idea of someone being that dumb was so alien to me that I didn’t even recognize them as meta glasses until days later.
TbonerT@reddit
Most areas on a military base would be fine to record. There’s likely a small degree of intel to be gained but the explicitly sensitive things tend to happen behind locked doors.
sykes1493@reddit
CUI may not be as damaging as secret or top secret but it is still CONTROLLED unclassified information. Considering that people aren’t supposed to take pictures with their phones on base, smart glasses are probably a no-no.
TbonerT@reddit
Yes, sensitive things, like CUI, tend to not be visible to someone walking around on base taking pictures. All kinds of people live and work on military bases and they regularly invite the general public for things like air shows or aircraft carrier tours.
sykes1493@reddit
Sure but when you are walking out of the finance building wearing a camera on your face, that could be an issue.
TbonerT@reddit
Probably not. People’s data isn’t just laying around all over the building. CUI data on a screen should only be visible to people with clearance and need to know, just like classified data, and physical documents will have cover sheets, and again, still only be visible to the appropriate people. You can hang out all day in the lobby and not see anything you shouldn’t be able to see. You could, at least, if you weren’t escorted out of the building before long.
RustyKnight83@reddit
You deserve cookies.
DasAllerletzte@reddit
The deletable kind?
RustyKnight83@reddit
Cookies of the delectable kind!
commentsrnice2@reddit
That’s just deletion of the oral variety ;)
tgrantt@reddit
Delete all cookies? Y/N?
commentsrnice2@reddit
🍪🍪🍪🍪
JNSapakoh@reddit
Why not just ask ChatGPT what your policy should be? Tell it all of the work you do, give it any secrets you don't want to leak, and ask it the security risk if Meta gets their hands on any of it ... what could go wrong?
nebu1999@reddit
Interesting this did not come up and lead to a policy development when the Google glasses were released circa 2012.
Now with the rumor about Apple building a interactive "pin/badge", people need to get proactive.
CrunchyButtMuncher@reddit
This is an ad written by AI
ChangeMyDespair@reddit
This made my day and it's not even noon yet.😀
rosscoehs@reddit
Do you have a policy prohibiting smart phones and smart watches? You've got a policy prohibiting smart glasses.
bstrauss3@reddit
I'll take BS that never happened for $200, Alex.
You have a policy that prevents recording on site without permission. Bada Bing
You have a policy preventing storing confidential information in uncontrolled stores. Bada Bang
W1ULH@reddit
We run an ITAR compliant facility.
A few months ago we had a very similar situation occur, but it was easy enough to make a ruling... we already dont allow any recording on the factory floor, of any computer screens, or of any paperwork (outside of marketing specific rules, etc).
So the simple ruling was, can't wear recording-capable wearables any place in the building they could 'accidentally' record customer data. Doesn't matter what the wearable is.
jassi007@reddit
This happened at a former workplace of mine. The person wrote code. The difference is, security didn't catch them up front, someone found their livestream of them working, with visible code on their work PC, and also going to the restroom. Yeah, they did not turn off their stream while using the restroom. I don't think the workplace had a streaming wearables policy, but other policies certainly covered giving away confidential information and some kind of sexual harassment while filming coworkers in the restroom. They were terminated that day to a colossal lack of judgement.
SlowmoSauce@reddit
Should fire that employee for being an absolute dork. Lol.
MistahWhiskers@reddit
This is like when Michael Scott tells the story of quitting, and he describes driving there, getting out of the car, walking up to the door, getting in the elevator, etc.
If someone told me this story at a bbq, the only good part would be getting to tell everyone else I met the guy who tells the most boring stories in the world.
Possible-Tangelo9344@reddit
Do you not already have a rule about smartphone usage? Seems like if I can bring a smartphone with a camera inside i can wear my smart glasses; if I can't bring a smartphone inside then I can't bring smart glasses.
Ora rule about recording inside in general?
DiligentCockroach700@reddit
I'm sooo glad I'm retired from all that shit now!
xubax@reddit
I'm hoping i can soonish (like 5 years or less).
Every major refresh we do now, I hope who be my last with that particular technology.
Photodan24@reddit
Am I the only one who doesn't recognize the "badge in using a frozen lasagna" reference?
junkstabber@reddit
You don't just have a "no unapproved recording devices" policy? Sounds like a Ray Ban ad.
xubax@reddit
So many people reading this are probably thinking, "oh, fuck, we need to deal with this. "
truemccrew@reddit
Meanwhile, everyone else in the building has an open laptop, complete with camera and microphone.
Alternative_Pen5879@reddit
Okay what? Non-panopticon glasses?
Panopticon I pa'noptıkon, pan'optıkon | noun historical
a circular prison with cells arranged around a central well, from which prisoners could at all times be observed. ORIGIN mid 18th century: from pan-'all' + Greek optikon, neuter of optikos 'optic'.
I really need to see the specs of those glasses 🤓
MostlyPretentious@reddit
This makes me laugh because I work in a technical role in Compliance. Our Privacy guy is always stressed because of sh*t like this, but he doesn’t hesitate to issue dictates at a moments notice or bring out the banhammer.
techn0goddess@reddit
Highly entertaining, but still very informative, write-up. A+
EagleKeeper76-0022@reddit
I enjoy your writing style.
Sunbolt@reddit
You’ll absolutely love ChatGPT then.
Maleficent-Pin6798@reddit
Likewise, reminds me a bit of the old BOFH stories, iykyk.
Elvessa@reddit
This is just like the million years ago at the beginning of regular email use. All the lawyers I know freaked out. Me, I just copied the same “if this isn’t for you, don’t read it and shred it” language we all had been using on faxes for years.
For some reason, no one could grasp that it was the exact same concept as a fax (sending info electronically), so that problem had already been solved.
murmelchen@reddit
Damn, another thing for our compliance team. We didn't think of that either, yet :D
greentintedlenses@reddit
The one time I didn't just go straight to the tldr and it's just a drawn out story about a guy bringing in meta glasses.
I deserve the lost time I guess
piclemaniscool@reddit
The worst part about corporate environments is you can't just make a rule like "have some common sense" because everyone follows policy like it's a second set of the Bill of Rights.
A decent compromise would be "no non-company cameras pointing at people's faces." in case no recording devices is too extreme.
JulianSkies@reddit
That would imply that any two people you meet on the street have the same definition of common sense.
Common sense ain't defined anywhere.
piclemaniscool@reddit
It would be defined at the company's discretion. That's how things usually work when people aren't hiring lawyers to pick apart every word in the rulebook
Mr_Gaslight@reddit
A blanket no recording policy is really hard to enforce.
ojessen@reddit
To be fair, and using my risk management point of view, I don't see why anybody panicked, because the only reasonable reply to the guy would be "Are You F*cking Kidding Me?"
Remindes me of this onefte.com cartoon, which I sadly can't post here, so I posted it over there: https://bsky.app/profile/owejessen.de/post/3mdicmgoaj22t
thorcik@reddit
Holy shit, now I wonder if my workplace has this scenario sorted out. And I'm afraid to ask lol
FlexOffender3599@reddit
Legality and corporate secrecy aside, anyone who thinks that it's normal to covertly record everyone you meet and to wear an AR display with AI feedback to get through their day to day life is an antisocial freak who should be shunned by society until they stop being so weird.
cheesenuggets2003@reddit
Is this person a janitor? I've been a janitor before, and I wouldn't wear such glasses to work at the mall (partly due to pay).
DasFreibier@reddit
Most places I worked at had a clause in the employment contract that company secrets, should you know, be kept secret
Pretty sure that falls under that
Stryker_One@reddit
So, I can bring in my Benelli M4?
BellaSquared@reddit
Had to be a Tuesday!
Abracadaver14@reddit
So if you're in the EU, the answer seems pretty simple: recording people on their workplace is not allowed without express and individual permission.
J_Landers@reddit
Wouldn't this already fall under a data retention/handling policy? You can't protect business proprietary information if you're livestreaming everything you see to the internet.
xmastreee@reddit
Reminds me of a place I did some work at, very secure, they wouldn't even let me in with a smart watch. Nothing fancy either, just a Pebble Time. But because it had connectivity, it wasn't allowed in.
that_one_wierd_guy@reddit
the rules should be definitive but broad, with several people on site with authority to make immediate decisions on anything that causes an is this a violation situation.
remember, there's no such thing as mostly secure.
dickwildgoose@reddit
That's clearly enough excitement for one day. Send everyone home.
CharcoalGreyWolf@reddit
Everyone will say all the tech stuff that needs to be said here.
Great writing. Please keep writing.
JelloOverall8542@reddit
“Hope is a disease…” about fell out of my chair…
JaschaE@reddit
Affixing a hidden camera (and microphone) to your person was once a very clear violation of trust. It was mostly an issue in very trust based environments, where official policy was to send the offending party on an impromptu scuba vacation. I'm not saying I recommend this policy, but I kind of understand.
Even if it wasn't extremely clear that meta will use that footage somehow and therefore extract information, it wouldn't be the first wearable where the data upload happen to be less encrypted than desireble