Being stalked by my close colleague at work for 8 months (Gossip and Rumours)

Undervalued

tevezratman said:

Thanks for your responce.

Appreciate all the input - Maybe next time I will go rumaging through his office draw to see what I can find.

Maybe next time I will randoly say did you get a warrant

Lets see if he lives it

Or maybe not!

Stick to the moral high ground!

robatwork

Saw the title and thought "This will be stalking like 99% of the people who say they've been scammed".

Was right.

He's a creep but that's about it.

ThunderHoof

This falls under the computer misuse act 1990 which would mean gross misconduct.

https://www.legislation.gov.uk/ukpga/1990/18/section/1

Unauthorised access to computer material.

(1)A person is guilty of an offence if—

(a)he causes a computer to perform any function with intent to secure access to any program or data held in any computer [F1, or to enable any such access to be secured] ;

(b)the access he intends to secure [F2, or to enable to be secured,] is unauthorised; and

(c)he knows at the time when he causes the computer to perform the function that that is the case.

(2)The intent a person has to have to commit an offence under this section need not be directed at—

(a)any particular program or data;

(b)a program or data of any particular kind; or

(c)a program or data held in any particular computer.

[F3(3)A person guilty of an offence under this section shall be liable—

(a)on summary conviction in England and Wales, to imprisonment for a term not exceeding 12 months or to a fine not exceeding the statutory maximum or to both;

(b)on summary conviction in Scotland, to imprisonment for a term not exceeding [F412] months or to a fine not exceeding the statutory maximum or to both;

(c)on conviction on indictment, to imprisonment for a term not exceeding two years or to a fine or to both.]

JReacher1

This does not fall under the computer misuse act. The OP unfortunately gave the person access by not signing out of a shared computer. 

The person who read the messages has not done anything to get this access so is not in breach of the act.  

Undervalued

ThunderHoof said:

This falls under the computer misuse act 1990 which would mean gross misconduct.

https://www.legislation.gov.uk/ukpga/1990/18/section/1

Unauthorised access to computer material.

(1)A person is guilty of an offence if—

(a)he causes a computer to perform any function with intent to secure access to any program or data held in any computer [F1, or to enable any such access to be secured] ;

(b)the access he intends to secure [F2, or to enable to be secured,] is unauthorised; and

(c)he knows at the time when he causes the computer to perform the function that that is the case.

(2)The intent a person has to have to commit an offence under this section need not be directed at—

(a)any particular program or data;

(b)a program or data of any particular kind; or

(c)a program or data held in any particular computer.

[F3(3)A person guilty of an offence under this section shall be liable—

(a)on summary conviction in England and Wales, to imprisonment for a term not exceeding 12 months or to a fine not exceeding the statutory maximum or to both;

(b)on summary conviction in Scotland, to imprisonment for a term not exceeding [F412] months or to a fine not exceeding the statutory maximum or to both;

(c)on conviction on indictment, to imprisonment for a term not exceeding two years or to a fine or to both.]

I don't think it does fall under that act but, even if it did, it would be up to the employer whether they chose to regard it as gross misconduct or not.

Just because something could potentially be gross misconduct doesn't mean the employer has to treat it that way.

I fail to see how the manager as breached any of the section one clauses. The computer was company property and he was entitled to access it.

Devongardener

Still not sure why the OP has accessed WhatsApp via an office PC as it involves downloading the app and using QR codes to set up, rather than use their own mobile.  That aside it definitely needs to be formally raised with HR as a grievance, whether or not they believe HR would side with their line manager. It is a form of bullying if other colleagues are making remarks about family photos.  I hope he’s changed all the passwords that were visible too. I’d suggest the OP reads their contract/staff handbook sections on IT use and bullying and harassment.

HampshireH

Aside of it being a bit odd to access WhatsApp on the computer and then forgetting to log out. Surely it would only have remained logged in if you had saved the password to the computer, otherwise when the browser closed or computer was turned off it would require logging back in.

Why don't you just have a conversation with your manager and ask if they are aware of anything. Or even better ask the guy directly who you suspect. But without being rude or accusatory.

Undervalued

HampshireH said:

Aside of it being a bit odd to access WhatsApp on the computer and then forgetting to log out. Surely it would only have remained logged in if you had saved the password to the computer, otherwise when the browser closed or computer was turned off it would require logging back in.

Why don't you just have a conversation with your manager and ask if they are aware of anything. Or even better ask the guy directly who you suspect. But without being rude or accusatory.

Doesn't work like that. You have to associate / pair it with a mobile phone by scanning a QR code on the computer from Settings within the WhatsApp app on the mobile. Once you have done that it is certainly capable of remaining logged in long term on the PC if you don't tell it otherwise.

As I said earlier, while the messages and calls may well be end to end encrypted, unless deleted they are totally exposed to anybody with access to a device used by any one of the participants. I think you can now set an expiry date to make a message you have sent disappear but quite how secure that is I don't know.

tevezratman

Exactly - A normal person would have just logged out but mentioned it 

Another thing I found out that on the work laptop and on the corporate network is that web.whatsapp.com is not blocked.
Surely if it was against company policy it would have been blacklisted. 

Saying that the machine in question was not on corporate network but connected EE WIFI Hotspot from my phone. We were also explicitly given the machines to use for personal use.

ThunderHoof

JReacher1 said:

This does not fall under the computer misuse act. The OP unfortunately gave the person access by not signing out of a shared computer. 

The person who read the messages has not done anything to get this access so is not in breach of the act.  

The person had access yes but it was unauthorised which falls under the remit according to case law.

Every time he accessed the app or opened a chat, he was securing access to data. Securing access does not mean "hacking".