FORT LAUDERDALE — A select group of city workers has been secretly using an Internet software program to monitor work computers, tracking the Internet activities of other workers, as well as those of city commissioners and the city attorney.
There is no indication of just how widespread the surveillance is, or what information has been collected to date, but some city commissioners and the city attorney were surprised to learn from the South Florida Times that their computer activities are being monitored.
“I suspected it. It goes with the current management style,” Commissioner Charlotte Rodstrom said. “For me personally, it really doesn’t matter because everything is public records, but it gives me pause because you never know what their motives may be or what they are doing with the information.’’
City Manager George Gretsas could not be reached for comment.
“The City routinely performs a comprehensive security analysis of the City's IT infrastructure and Internet access points. Part of the analysis includes a review of potential security risks and/or suspicious network activity,” city spokesman Chaz Adams said in an email to the South Florida Times. “Every employee and/or elected official is subject to the Websense internet blocking software.”
Police Department spokesman Sgt. Frank Sousa said the computer and Internet activities of city attorneys and the elected officials are subject to scrutiny, but he explained that the monitoring is done only on a random basis, and no one in particular is selected, targeted or singled out for monitoring.
“Everything except medical records,” Sousa said when asked if commissioners’ computer activities are also subjected to review along with other employees.
City Attorney Harry Stewart said he was surprised to learn that his computer is being monitored.
“I had no idea,’’ Stewart said. “I’m not averse to monitoring, but first off it’s totally inappropriate for staff to be monitoring the policy makers, period. I’ll certainly be asking some questions about this.’’
Stewart said he is concerned about employees having access to information involving pending legal matters, or even actions that could involve the very employee who may be monitoring email communications stored on computers.
“There is the issue of confidential attorney-client privilege, and I would be concerned about who is actually doing the monitoring and what type of security clearance they would have to access confidential information,” he said.
“I’m sure the monitoring is being done for good purposes,’’ Rodstrom said, “and I doubt if any commissioner has anything to hide, but we are still the elected officials, and exactly what staff is doing should be explained.’’
The revelations about the monitoring of elected officials’ computers came on the heels of the city’s decision to fire the police department’s webmaster, Steven Rocky Loiacono.
Loiacono was fired Aug. 11 after a two-month Internal Affairs investigation determined he was spending large amounts of time at work viewing explicit, pornographic websites. Loiacono was aware of the computer monitoring software, but he was unable to evade detection.
City personnel policies prohibit employees from using city equipment to view such materials on city time.
Those policies do not address the computer activities of the city attorney, city clerk or the city commission auditor, all of whom report directly to city commissioners.
“Well, the Internet presents many possibilities for employees to steal time, whether it’s viewing pornography or doing other things on city time, and it’s something most industries are dealing with,” Mayor Jim Naugle said. “I don’t have a city computer, so I’m not being monitored, but it would be unusual for an employee to be monitoring something their bosses [city commissioners] are doing.”
Commissioners Christine Teel, Carlton Moore, and Cindi Hutchinson did not respond to questions about the issue.
The surveillance capabilities are known only to a select few employees; mostly those who perform technology work in several departments.
Using the Websense Internet software program, which is manufactured by a San Diego, Ca. technology security firm, technology workers can also view, track and record websites visited from specific computers. The program can also record exactly how much time was spent on each site.
In addition to restricting access to certain websites, the special software also monitors email.
It is not clear when city workers made the decision to begin monitoring the computers of elected officials along with city employees. City commissioners, however, approved the program to monitor only employees, not themselves.
According to internal records, city commissioners first approved a multi-year agreement to subscribe to the Websense software program on July 2, 2002, from FishNet Security, a Kansas City, Mo., company, for $26,738 a year for three years.
On July 18, 2006, commissioners voted again to award another multi-year contract to the lowest bidder, Business Security Solutions, LLC, of Houston, Tx. to provide the software program subscription for three additional years, at a cost of $27,825.00 per year.
City commissioners approved each of those contracts unanimously. Backup documents provided to commissioners at the time stated the program would be used to monitor the activities of employees, and never mentioned that the elected officials themselves would also be subjected to the surveillance and Internet restrictions.
“This software controls access based on employee requirements to use the Internet for their job,” an internal memo provided to commissioners stated at the time. “The control prevents an employee from accidentally or intentionally reaching a site known to contain viruses, malicious software code or inappropriate content,” those documents state.
Former City Commissioner Tim Smith, who served two terms from 1997 to 2003, was among those who voted for the initial approval of the security software. But he said he never intended for it to monitor the computer activities of commissioners.
“I think this is insane, and we certainly were never told, or knew they would be checking up on us,’’ Smith said. “If I was still a commissioner, I’d be seriously concerned about it. Much of it’s just public information, but it doesn’t smell right for employees to be combing through the emails of the attorneys and policy makers.”
Although there is no indication that anything illegal or unethical has taken place, city managers have not explained what steps might be taken if an employee were to question the Internet activity of an attorney or city commissioner, or if such an incident had ever occurred.
Smith places the blame for the monitoring of commissioners on Gretsas, and is calling for a public discussion to determine exactly what information has been accessed, by whom, and for what purposes.
“We don’t know if any crime has been committed, but the current commissioners need to act on the information you have uncovered, and maybe they can bring in the [Florida] Attorney General’s Office, but the first thing is for them to discuss this publicly because just the thought of employees monitoring their computers is unacceptable,” Smith said.
He continued: “If this turns out to be true, this very well may be his [city manager George Gretsas] downfall, because if I was a commissioner and I found where the management was monitoring my work and communications with residents, someone would have some explaining to do.”
Photo: Charlotte Rodstrom