Conference 7.286::digital

    
    I agree that each person's salary details should be confidential.
    
    Personally, I am not particularly interested in what my colleagues are
    earning, but if I was and didn't know how to find out before, I
    certainly do now!
    
    How did you find out about this infobase? Has it got restricted access
    ie Payroll/Human Resources only?
    
    Dave

    re .0 - account name not matching EMF
    
    I would have loved to know the VTX protocols - my account name does not
    match the EMF so I couldn't use VTX to enroll. Maybe you could give
    Personnel's IM&T folks that info so they can use it for future
    enrollments?
    

    
    re .0  The "ease in which privacy can be breached"
    Most people (I truly believe) would not have thought to see what
    someone else was making.  However I feel your "information" would have
    been more responsibly sent to the people running that particular system
    so they could "kill the bug" than setting it out in a "public" forum
    where people who would never have considered "peaking" may just give it
    a shot to see what that ol' so an so that's been giving them a royal
    pain the neck for 2 years IS making.    Life is stressful enough here
    without making us all wonder who knows what paltry sums we all take
    home.   I'm not a particulary successful hacker on systems, I can
    barely run the darn notes without the buffer dumping me.... but your
    message makes my otherwise calm disposition burn.  Use your expertise
    to help your co-workers, not to tell the whole neighborhood that the
    underwear is out on the line to dry... come and looky see!
    lolly
    

	Dave:

	Thanks a lot for the info in .0.  Wow, you sure do pull in the
	big bucks!

		-- Cliff

But he deserves them!  After all, he's smart enough to figure it out and
tell everyone.

    So if someone is nasty and knows A, B, & C then they could probably
    change the insurance selection as well?

    Yes, Dave is a very smart guy, I worked with him in LKG, I think all
    Dave's over there are very smart, I dont know what it is about the
    name "Dave", but they have so many Dave's over there, It makes you wonder
    about it sometimes!
    
    /Nasser

    re: several
    
    We seem to be very good at designing systems for internal use that have
    little or no security, yet manage to make access difficult for many
    people.
    
    For example, when ELF V2 came out, if you changed your password, the
    new password was echoed on your screen.  I have no idea if that has
    ever been fixed.
    
    Given a little time, I could get PAKs for everything we make or sell
    and have them be traceable to someone other than myself.
    
    I'm glad that Dave has pointed out this problem.
    
    Bob

    PS.
    
    I've just been told that a call to the Mass Registry will allow me to
    get anybodys Mass Drivers License Number for a charge of a $5 search
    fee. I presume that since drivers licenses are public record that
    includes the date of birth as well. Unfortunately most people are silly
    enough to use their social security number as their drivers license
    number in Mass.
    
    So badge numbers from VTX and social security numbers/dates of birth
    from the Mass Registry. Way to go.
    
    For anybody who objects to me posting this here I say too bad. I
    maintain there is no suych thing as security through obscurity. In
    addition I've received some offline mail messages that indicate that
    this privacy issue was brought to the attention of the VTX infobase
    owners. The reply they got was essentially. "We don't consider this
    to be a problem, we consider the security good enough". Not an exact
    quote but good enough.
    
    Dave

If we worked for a government agency, chances are very good that our
salaries would part of the public record, posted on the bulletin board.
(Your mileage may vary, depending on the municipality/state/federal 
level.) When I was in Canada earlier this summer, one of the weekly
newspapers published all of the salaries of all of workers in the 
county. Quite a furor, but it brought to the fore problems regarding
salary information. 

Even in the private sector, we spend a lot more time worrying about 
protecting salary information than it's worth. We can sit in AIDS
awareness seminars, talking more easily about sexual practices than we
can talk about salaries, anywhere and anytime. As a result, salary 
becomes a secretive issue, which, in turn, can lead to favoritism and
other deceptive practices.

It's not worth my job to try to break into someone's disability account.
It's not even worth my glancing at someone's pay stub left on the desk.
(As an aside, I've read and heard that it's a violation of my employee
agreement to disclose my salary to another. I checked the Orange Book
and saw nothing of the sort, except the protections of Digital Personal
information.) And, I don't think that it's worth the company's time to
spend a lot of energy protecting salary information. I know that the 
commmitments for that protection are already in place and won't be
changed in this company in my lifetime. Still, with all the work we have
to do, I'd rather see another generation of VAX Notes shipped before I
see bomb-proof VTX applications for disability insurance. 

    RE .9 and drivers license number.
    
    You don't get to choose your number.  Mass requests it.

re .10 (privacy of salary info)

I too think that the DEC culture is rather excessive in promoting the
idea of salary as being highly confidential.  Nevertheless, it *is*
confidential, and that being the case, it should be up to the employee
to choose whether or not to divulge the information.   Personnel'll
tell you that an employee's salary is a secret -- I always used
to get sent out of the room when supervisors did salary planning
at staff meetings.

re .11  (Mass. licence numbers)

I was under the impression that, if you wanted, you could request
that the Mass. registry issue you with a unique-non-social-security
number for your licence.   Of course, they don't like you to do
that, and of course it takes extra time (length determined by
them, naturally) for them to issue you with a licence, but it
supposedly *is* possible.

Re "security by obscurity"

Well, you're right, but that still doesn't excuse this, at least in my opinion.

First, you find the bug.
Second, you report it to the responsible parties.
Third, you wait a reasonable amount of time for the responsible parties to 
implement the fix.
Fourth, if no fix is implemented in a reasonable time, then you post notes like
this.

That way, everyone gets their needs served.  Skipping straight down to the
"blabbing" phase without trying to be part of the solution shows more of a 
willingness to castigate those who made the error (either by omission or
neglect) than to see it through to getting done right.

Of course, I'd probably have been inclined to post .0 before doing anything
constructive, myself.

Sounds like they wised up.  There is a notice on our system that
VTX DISABILITY_US is unavailable until further notice.  It claims
network problems, but I suspect the real reason is the issue
mentioned in .0, since I have had no other network or VTX problems.

FF

I saw no emotions behind the counter. When asked my
SS number for my license, I stated I will not give them
my number for the license because is would be used as
identification. They simply issued me a S######## number
and that was that. 

Still cost me $70 though.

John I.

PS.. Good to have my Colorado license back. I felt embarrased
showing my Mass. license for the last year.

    re: .16
    
    I know all but one of the required pieces of information concerning my
    manager and I'm sure I could get the required piece the next time I'm
    over at her house.
    
    Bob

>            <<< Note 2073.14 by CSOA1::FOSTER "Hooked on Karaoke" >>>
>
>Sounds like they wised up.  There is a notice on our system that
>VTX DISABILITY_US is unavailable until further notice.  It claims
>network problems, but I suspect the real reason is the issue
>mentioned in .0, since I have had no other network or VTX problems.
>
>FF
    
     It's back, and unchanged. They didn't 'fix' a thing.
                                          Denny

    RE: .11
    
    >RE .9 and drivers license number.
    
    >You don't get to choose your number.  Mass requests it.
    
    My license number is not my Social Security number.  This did not cost
    me anything extra, nor was I hassled about it.
    
    As for the choice of first three digits of SS# in VTX, that is less
    secure than the last three digits because of the way numbers are
    assigned.  The first three numbers, I believe, are a geographic
    indicator of point of issuance.  I think if you knew somebody got their
    number in Boston, and knew the code for Boston, you would have their
    first three numbers.  The last four, however, are sequential.
    

This subject popped up first (or at least before DIGITAL) in CNOTES::ASKENET
(topic 3648) on the 25th.

...petri

    Many years ago I worked for English Electric, whenever they sent out a
    notification of a change in your salary you had to sign it and mail it
    back to them. This document had a cautionary message on it; "We trust
    that you are still keeping your salary confidential". This neatly
    ensured that they could have two people doing the same job at different
    rates.

    However one time I added a sentence to their message reading; "Don't
    worry mate, I'll not tell a soul, I'm just as ashamed as you are about the
    pittance I'm paid." I was summoned to head office and given a severe
    "talking to' by a superannuated seat warmer.
    
    Jamie.

Hmmm.  Take the number for the 25% elect weekly deduction, multiply by
13000, and you're within $65 of the annual salary.

(13000 = 1/.40*100*52)

Come on folks, this application is going to last til the end of the enrollment
period. Do any of you think that bitching about it here is actually going to
get somebodys attention? That is, somebody who will do something about it.
Look, if anyone of you want to get my s.s. #, go ahead spend the time and money
and request it from the Ma. registry of motor vehicles. Betcha you dont get it 
til after the enrollment period is over.

I think that had the issue not come up most, if not all of us wouldn't have even
been thinking about it. Now, maybe there are a few out there who are trying to 
find out what somebody else makes...

>	In addition I've received some offline mail messages that indicate that
>	this privacy issue was brought to the attention of the VTX infobase
>	owners. The reply they got was essentially. "We don't consider this
>	to be a problem, we consider the security good enough". 

	So, Dave, how much is the person who thinks that the security
	is good enough making, anyway?

					:-)

						Tom_K

    
    	Not sure if they changed this recently but you aren't allowed
    	to access the database from an account other than what your
    	last name is.  I tried entering through a system account and got
    	the following message:
    
    	**********
    
        As a security measure and business control, you must access this
        infobase from an account name that includes your LAST NAME as
    	it is on the US Employee Master File.
    
        If you are accessing this infobase from your personal account
    	(that is in your last name) and are still getting this screen, please
        send an E-mail message to GRIMLY::BEN_SRV and include the
    	following:
        
        (ALL-IN-1 users send to BEN_SRV@GRIMLY@VMSMAIL)
    
                    - Your full name
                    - Your badge number
                    - A phone number you can be reached at
    
        You can also fill out the form included in your Disability Package
    	if this system does not work for you.
    
            Regardless of which you choose, your enrollment MUST be
    	completed by September 11 or you will be defaulted to the company core
    	coverage.
    
        Thank you.
                                                                 
    	*********
    
    	It's not smart enough though to differentiate between two different
    	people with the same last name.  I was able to access my wife's
    	information with no problem (same account names, different nodes).
    
    
    	Steve

Yeah, but this is the "workstation" age (in DEC; elsewhere it's the "PC"
age).  You can have any account name you want.

re: .26, Steve

>    	It's not smart enough though to differentiate between two different
>    	people with the same last name.  I was able to access my wife's
>    	information with no problem (same account names, different nodes).

You've gotta be kidding! I wasn't worried too much about anybody bothering
to try to find out how much I make, but this means that this silly system
would allow my ex- to get in and screw around with my coverage!

Most likely some "DIGITAL MIS Analysts Guide to VTX Applications Style Manual"
somewhere which suggested that this security "was good enough".

Who do I sue?

-Jack

    Re .26
    
    That's why I said in .0 "and access to a workstation". I didn't say
    explicitly that you needed to create an account with an appropriate
    name. I left that as an exercise for the reader to work out.
    But as I said I think if you screw around with the VTX protocols ie do
    your own client you can fake out the username. Somebody told me it was
    carried in the protocol rather than the server picking up from the
    DECnet NCB which is what it should do.
    
    Dave

    
    There's great security to protect you.  If someone goes into this
    system (or any other account) and pretends to be you they can (and
    will) be fired.  I have heard of this being done, heck it used to be
    one of the few ways to get fired!
    
    Jon
    

    Re .30
    
    Get real. Do you think anybody that actually wanted to find out
    somebody elses salary would allow the access to be tracked to them
    personally? Anybody that was dumb enough to enable the back tracking to
    be done should probably be fired for incompetence anyway.
    
    Dave

Re ...last several

  Thanks for a reminder that I had to go in and check this out...i.e. make a
   selection.   Trouble is, on my workstation I began this process at 7:10 P.M.
   I am quite certain my node was not the busy one, as I got excellent rsp. time
    in all active windows other than the particular DECterm vtx session.

   Screen painting in 3 installments, took an average of 48 seconds response time.
   I mean by that....1/3 of the verbiage showed up then wait .....next third...
   wait...through all the screens.

   I am just about ready to enter the 2 option that exits the process ...
    43 MINUTES later.

   The new security feature is to slow down the system to VAX 730 speed  so 
   the culprit who tries to sneek in will  be TSFO'ed before getting anyone's
   numbers!!!  

          O O
           ^
          \_/

    No, it's just that the server is busy serving everyone
    who's read this note and have decided to find out a few
    interesting salaries.

Ummm, I'd like to question the premise here...
The security mechanism looks like it was lifted whole from the PAK
system.  That system does, indeed ask for N pieces of information to identify
you.  Basic info first as in badge number and name, and then oddball stuff
as in date of birth.

However, in my experience, the items in the second class are randomly chosen
from a larger pool.  i.e. one time I'll be asked for  birth day and site code
another time, it is seniority month and  DTN, etc.

Still not by any means an ironclad security setup (how would YOU implement a
totally-secure system for 100,000 +- users in a month or so?)
but the amount of info you need is larger than just name/badge/DOB.

Kevin

    RE:  .0
    
    You really bugged by this?
    
    Get a list of all digital VP's/officers.  Do your 13000*X bit on them.
    Post the results here.  Copy Charlie Matco, DATAMATION, etc.
    
    thomas
    
    (Yes, but just what are trhese balls MADE of?)

>   <<< Note 2073.34 by GUIDUK::FARLEE "Insufficient Virtual...um...er..." >>>
>                     -< So what's YOUR idea for security? >-

The basenote refers to "DISABILITY_US" and a strange thing I've never
had called a "social security number". Clearly, this system is only
for those folks over there in the US.

>Still not by any means an ironclad security setup (how would YOU implement a
>totally-secure system for 100,000 +- users in a month or so?)
>but the amount of info you need is larger than just name/badge/DOB.

Look! Another person who thinks the whole of Digital works in the US!
At least this one's honest enough to admit it.....

Craig

    re .-1
    
    Well, I thought *other* countries had data privacy laws
    which prevented this sort of thing...

  When I read .0, my first thought was that he should not have told the "world"
about this security gap. Now I have mixed feelings, because this discussion has
raised some things the developers of the VTX DISABILITY_US system probably
didn't think of, but may hear of as a result of the discussion. Such as the 
issue of a divorced couple who both work at Digital.
  The VTX DISABILITY_US system will go away in 2 weeks, but on-line enrollment
is going to get more common for all sorts of things. So the security issue
should be worked. Another issue is non-standard usernames. It is common prac-
tice for people with long or unusual names to have a username that doesn't in-
clude their full last name. People in this situation will be increasingly in-
convenienced in the future as they have to use paper enrollments for various
things while most others enroll on-line. It may be 5 years before this is a
noticeable inconvenience, but I see it coming. In the long run, the VTX folks
may have to develop a secure enrollment procedure that doesn't reference the
account username at all. I don't see how it can be done, unless VMS is revised
somehow to accommodate it.

    I hate to appear positive about anything, but I really like
    this system.

    A few months ago, I tried to change from one hmo location to
    another (within the same hmo). To do this, you need to fill
    out a form that requests fifty things, all of which digital
    already knows.  I thought this was pretty stupid, and just
    submitted a copy of my previous form with one change on it.

    Of course this was not acceptable to the psa juggernaut, who
    promptly sent the form back, and told me they couldn't
    process the form unless it was completed in full. This
    escalated to the PSA's manager, who despite two specific
    requests to meet with me about it refused. (So much for the
    open door policy.)  Apparently, it's not her job to provide
    service.

    Eventually my personnel consultant took care of it --
    probably by filling out the damn form himself  People will go
    to extremes to get rid of me...

    But anyway, this system is great.  If the security isn't good
    enough, enhance it.   It certainly won't be the first digital
    software product that required a point release to be usable.

    Should information about security problems be discussed publicly or
    not?  The answer to this question was known about one hundred and forty
    years ago by Charles Tomlinson, who wrote in his _Rudimentary Treatise
    on the Construction of Locks_:
    
         A commercial, and in some respects a social, doubt has been
         started within the last year or two, whether or not it is
         right to discuss so openly the security or insecurity of
         locks.  Many well-meaning persons suppose that the discussion
         respecting the means for baffling the supposed safety of
         locks offers a premium for dishonesty, by showing others how
         to be dishonest.  This is a fallacy.  Rogues are very keen in
         their profession, and already know much more than we can
         teach them respecting their several kinds of roguery.  Rogues
         knew a good deal about lockpicking long before locksmiths
         discussed it among themselves, as they have lately done.  If
         a lock -- let it have been made in whatever country, or by
         whatever maker -- is not so inviolable as it has hitherto
         been deemed to be, surely it is in the interest of *honest*
         persons to know this fact, because the *dishonest* are
         tolerably certain to be the first to apply the knowledge
         practically; and the spread of knowledge is necessary to give
         fair play to those who might suffer by ignorance.  It cannot
         be too earnestly urged, that an acquaintance with real facts
         will, in the end, be better for all parties.  Some time ago,
         when the reading public was alarmed at being told how London
         milk is adulterated, timid persons deprecated the exposure,
         on the plea that it would give instructions in the art of
         adulterating milk; a vain fear -- milkmen knew all about it
         before, whether they practiced it or not; and the exposure
         only taught purchasers the necessity of a little scrutiny and
         caution, leaving them to obey this necessity or not, as they
         pleased. . . .  The unscrupulous have the command of much of
         this kind of knowledge without our aid; and there is moral
         and commercial justice in placing on their guard those who
         might possibly suffer therefrom.  We employ these stray
         expressions concerning adulteration, debasement, roguery, and
         so forth, simply as a mode of illustrating a principle -- the
         advantage of publicity.  In respect to lock-making, there can
         scarcely be such a thing as dishonesty of intention:  the
         inventor produces a lock which he honestly thinks will
         possess such and such qualities; and he declares his belief
         to the world.  If others differ from him in opinion
         concerning those qualities, it is open to them to say so; and
         the discussion, truthfully conducted, must lead to public
         advantage:  the discussion stimulates curiosity, and
         curiosity stimulates invention.  Nothing but a partial and
         limited view of the question could lead to the opinion that
         harm can result:  if there be harm, it will be much more than
         counterbalanced by good.
    
    
    				-- edp

    Re .34:
    
    > However, in my experience, the items in the second class are randomly
    > chosen from a larger pool.  i.e. one time I'll be asked for  birth day
    > and site code another time, it is seniority month and  DTN, etc.

    > Still not by any means an ironclad security setup (how would YOU
    > implement a totally-secure system for 100,000 +- users in a month or
    > so?) but the amount of info you need is larger than just
    > name/badge/DOB.
    
    Actually, you can just try a few times until you are asked for some
    information you do know.  Hence, it is not necessary to know all, or
    even most, of the things that might be asked.
    
    Our asinine voice-mail system has a 10-digit password.  That's a
    million combinations more than the access to my bank account.  If our
    stupid voice-mail is so important that it needs that kind of security,
    why isn't Digital issuing us at least 4-digit PINs for access to our
    stock, disability, and salary information?
    
    
    				-- edp

>    Our asinine voice-mail system has a 10-digit password.

If you're on VOICE:mail at ZKO, it's actually 8 digits.

>    why isn't Digital issuing us at least 4-digit PINs for access to our
>    stock, disability, and salary information?

I believe IS uses a 4 digit PIN.  Were you referring to something else
when you mentioned stock?

I vote we all voluntarily post our salaries here.  That would kill two birds with one
stone;  1) it would solve the security problem raised in .0;  2) We'd have all the
information Management has when Salary Planning is done.

Now, that's what I call empowerment.  :>)

Dennis

    Pretty interesting tactic.. decrying a security loophole whilst
    simultaneously publishing how to exloit said loophole.  A curious
    expression of concern.
    
    karl

    In yesterday's mail, I received information on Digital's new
    Payiiiiiiiiiiiiiiiiiieeeeeeeeeeeeeeeeee Phone.

    Now, with a touch tone phone, a badge number and a 4-digit
    PIN, one can inquire about payroll information, and change
    deduction and direct deposit information.   You can also
    find your net and gross pay.

    I'm pleased to see that EDP's comments on the voice:mail
    password length being cumbersome were taken to heart.

    I think I can guess how this happened.  The person
    implementing it explained it to some managers.  And
    they, being, well...managers, were stymied.  Therefore
    it must be secure.

    If you lock screen doors, stop reading here.

    It wouldn't take a genius to fire up a pc, and program it to
    dial repeatedly, testing the 10000 possible PINs.   For a
    how-to video, either sign up for the time-life hacker series,
    or rent WARGAMES.

    	- Lee Lindquist

    Re .42:
    
    The Investor Services phone system requires a PIN; the VTX interface
    does not.  And it even has a field for you to change the address!
    
    
    Re .44:
    
    See response .40.                 
    
    
    				-- edp

           <<< HUMANE::DISK$DIGITAL:[NOTES$LIBRARY]DIGITAL.NOTE;1 >>>
                          -< The DEC way of working >-
================================================================================
Note 2073.43     I consider my salary to be private information         43 of 45
CSC32::D_SLOUGH "Buddy Can You Paradigm"              7 lines  31-AUG-1992 19:31
        -< Let's post our salaries here and save everybody the trouble >-
--------------------------------------------------------------------------------
    I vote we all voluntarily post our salaries here.  That would kill two
    birds with one stone;  1) it would solve the security problem raised in
    .0;  2) We'd have all the information Management has when Salary
    Planning is done.

    Now, that's what I call empowerment.  :>)

    Dennis
    

    RE: .43
    
    >I vote we all voluntarily post our salaries here.  
    
    My salary is 22.4 times what it was when I started working for a
    living.
    

Re: .47	 Sorry 'bout that.
Re: .48  Most Excellent! I can't say where I stand relative
         to my first job, but I know I'm -4% in real terms
         compared to the one I had 6 years ago, BD,
         (Before DEC).  Alas, I took a slight detour.

D's Keys

Re .48: Gee, either you started really low (Mcdonald's?) or you are doing alot 
        better than me, I'm only make about 10X what I was making when I first
        started my career.

Jim

    Just to add some perspective, I've been working for 24 years and am now
    earning about 6.5X my start.
    
    John
    

    Hmm. I'm on more than 40 times my original salary from 1972.
    
    Mind you I was paid very little in those days....being so young. :-)

    re .-1
    
    Andy, in 1972 the minimum wage was $3.25.  Are you implying you are
    making in excess of $250K annually or that you worked for something
    around $4 per day?  Or perhaps you only worked in the summer and
    counted that as your annual income.  I doubt that many that worked a 40
    hour week in 1970 are making 15X their starting salary.
    
    just-my-opinion
    
    John
    

    When I got my first job in '71, the U.S. minimum wage was $1.65
    not $3.00+.  'Sides, I think Andy is in the U.K, right?

	Mike

       Well, I made $2.25/hr in 1969!
                                  Denny

    I was making .95 an hour in 1965. It was at Benson's Wild Animal Farm
    in Hudson NH. A now-closed zoo that the state has just taken possession
    of said property.
    
    THey got around minimum wage by (1) having us work only 29 hours a
    week, (2) we were high school students nd only entitled to 75% of
    minimum wage under law, (3) they were listed as a farm and not a zoo,
    so we got farm labor wages, and (4) they never had more than 9
    amusements. 10 or more was an amusement park and required minimum wage.
    I ended up making $1.25 an hour by my senior year. I made more money
    walking around with a pick and basket picking up papers there and
    finding the loose change that folks dropped. Once a month 2 or 3 of us
    would clean out under the merry-go-round platform nd come away with
    about $100 in change apiece. 
    
    AAAAHHHHH for the good old days. :-)
    
    Phil

re .57:

From one zoo to another?

    I guess it all depends on where, when, at what.
    
    My first "full time" job was in Uncle Sam's Air Farce, circa 1963 at
    about 80 dollars a month plus room (an 80 man open bay barracks) and
    grub (yeah I think it tasted like grubs).
    
    In 1970, tired of airplanes falling out of the sky with me in 'em, 
    I became a civilian and went to work at RCA as an Engineering
    Specialist @ 116 per week and that was WAY above minimum wage for the
    time.
    
    I *** THINK *** I make somewhat more than that now but then at that
    time my apartment cost less than 150 a month and my 70 Ford cost less
    then 4K and gas was 29 cents a gallon.
    
    It's all relative.
    /mj
    

    right, adjusted for inflation my current salary is not all that great. 
    In fact after the inflation of the 70's many people are lucky to be
    able to have maintained a comparable wage.  In fact they may be kidding
    themselves thinking they earn more now than then by the fact that they
    now have two wages in their household that they rely on.

    Well let's see, back in 1966 I had just enlisted in the US Army  and
    was making $96.00 a month. Divide $96 by 4 weeks = $24 and divide that
    by 40hours = $0.60 per hour. ( They usually had us work half a day on
    saturday, but that was for free, no comp time or OT.)(:-))
    
    Now, you could multiply $.60 by a fairly large number and still be
    making a resonable salary today. ?? &:-)
    
    I did save about $300 a month in Viet Nam to pay cash for a '69 GTO.
    Price::$3182.00 (I was single them!)
    
    BTW, my 1st "real" job paid $95 a week in 1969 with no bennys!
    
    sorry for the ratholes!
    
    Bill
    

    re: 61
    
    >I did save about $300 a month in Viet Nam to pay cash for a '69 GTO.
    >Price::$3182.00 (I was single them!)
    
    Way to go! How'd you get such a good deal? I paid $3460 for my '67 GTO
    new (on the street). I still have it and it's appraised at $10,500.

    In 1973, I started work as an operator at Felixstowe Dock, in the UK. I
    earnt �16 a week, working a three-shift system covering 40hrs. It's
    difficult to be precise, but current exchange rates are $2-�1 so that's
    $32 a week, $.80 an hour. Computing was a 'glamour' job then, in the
    UK, and extremely difficult to get into. One could get in by
    out-performing averyone else on an aptitude test back then, which is
    exactly what I did.
    
    I earned twice as much as all my mates who left school at the same
    time, ie. those who also declined tertiary education. I have no idea
    what the exchange rate was in June 1973...
    
    I now earn *considerably* more than that (thank goodness!).
    
    Laurie.

    Starting as an apprentice in 1957 I worked a 45 hour week for the
    princely sum of �3, per week. Fortunately I have had several increases
    since then.

    Jamie.

    Please stop with the "I made less than you" stories and stick to the
    subject of this topic.
    
    Thanks,
    
    Bob - Co-moderator DIGITAL

    RE: .50
    
>Re .48: Gee, either you started really low (Mcdonald's?) or you are doing alot 
>        better than me, I'm only make about 10X what I was making when I first
>        started my career.
    
    When I started, there WAS no McDonald's.
    

    RE: .65
    
    The ""I made less than you" stories" are more interesting to read than
    the "subject of this topic."
    
    IMHO!
    

    RE .67
    
    I agree. It is interesting to some what some folks did in their younger
    days. My first job back in the 50's was being a caddie at a 9 hold golf
    course. The pay was $0.50 per 9 holes. So if you happen to get in 18
    holes in the AM and 18 holes in the PM you usually made about $2.00 per
    day plus a tip of about a buck.
    
    Of course to be able to have the right to be a caddy you had to do some
    of the grunt work around the course @ $0.00. Such things as picking up
    trash, sweeping the morning dew off the greens, raking the sand traps
    etc.

    When I were a lad, I used to lick the road clean, er, sorry, wrong
    topic.
    
    Yes, I'm in the UK and when I started working - in a mens clothing store
    - I was on 16 quid a week for 45 hours work.
    
    We've all passed a lot of water since THOSE days.
    
    Incidentally, I agree about inflation knocking all comparisons into a
    cocked hat.
    
    /andy

    
    	First job was in 62 for $.75/hr. Started a t DEC in '67 at $3.10/hr
    re .61 Good deal on your 69 GTO, my 69 GTO cost me $3600.00 and I
    considered it money well spent. Best car I ever owned. 
    
    ed

    And I used to walk 5 miles to school, up hill, both ways ...
    

    >  And I used to walk 5 miles to school, up hill, both ways ...

    but exorcise me, are you pulling our feet here or what!

    if you go up hill one way to school, then you must come down hill coming
    back home !

    you think we are all sleep in here or what? 
    we are all bright and early in here, and very vigilantes awake too.

    thank you,
    /Nasser
    I spelled checked

    Nope, I had the same problem, walked uphill going to school and
    uphill going from school:
    
    
    			*
    		      *	   *
    		*		*
    home				school
    
    /s/ Jim Williams
    

    Re: .-1
    
    Furthermore, you walked downhill going to school and downhill
    going from school.
    
    (There are two more combinations which are also both true.)

Geez,
I didn't know that ratholes had this many branches and paths.
Maybe we should declare this topic a rat-condo.

    
    Vermin-it, I thought I could resist replying, but I couldn't.  I love 
    hearing histories.

    I started working as a babysitter in ~1966 and made .50/hour.  My 
    first real, part-time job earned me .96/hour and tips.  My first real,
    full-time job earned me $85/week gross, $62.something net.  The rent 
    on my large, two-room apartment was $80/month including heat.  I 
    forget what the electricity cost and I remember an $85 phone bill that
    had me holding my head, wondering how I was going to pay for it.  My 
    wage and tax statement for 1979, the year I was discharged from the 
    Air Force as a Sergeant, I grossed $6,739.43; this included some 
    unknown extra benefit because I had a dependent spouse.  I was 
    discharged at the end of November and probably had a month's worth of 
    vacation to sell back, so I made somewhere around $600 +- $25/month.  
    I paid about $135/month rent (for another two-room apartment apart 
    from my soon-to-be-exhusband), including heat/hot water, and the 
    electricity was incredibly cheap.  I'm doing better, but not 
    pheonomenally so.

    Cq
        

Why are people so keen to talk about what they were earning in the 60's and
70's but not in the late 80's or even today? Are you ashamed of what you earn?

I started work at Digital straight from University in 1987 on �9,500. This
was the going rate for graduates then. I wonder how it compares with the US...
My salary has approximately doubled in 5 years.

Craig.

    Craig
    	first if you read my notes and can do math, you'll come up near my
    current salary. Secondly the culture in the US is such that salaries
    are almost more private than the colour of your underwear.Indeed there
    are some folk in the US who think that disclosure is a sackable
    offence.
    
    /andy

    RE:
    
     <<< Note 2073.72 by STAR::ABBASI 
    
    ��  ...but exorcise me, are you pulling our feet here or what!
               ^^^^^^^^ ^^
    
    Heaven knows I've tried, Nasser, I've tried.
    
    
    Popeye
    

    I, for one, am devastatingly ashamed of my salary and with attempting
    to provide for a family makes it all the more depressing.  I'm sick of
    the "I've got mine" club.
    
    We work so hard- for what? to die young.
    
    I am NOT any better off than I was 4 years ago, let alone 20 years.
    
    Reg.

    I believe, unless you are an elected official and we pay for your
    salary with our tax dollars, that all of our personal salaries are
    private and privileged information.  I know at every place that I
    worked that I was told "Your salary is confidential...your disclosure
    of such information could be grounds for dismissal" or words to that
    affect.  I can remember two instances of people being fired for
    disclosure (not at DEC).
    
    Maybe it's the American culture, but I learned from working in the
    banking industry that people's private financial affairs are sacred and
    as an employee we had to be discreet.
     
    
    Ron

	I concider my salary to be private. But to me that means no one else
	should reveal it. I don't quite understand why *I* can't reveal it.
	I once worked at a company were virtually everyone knew everyone's
	salary. It seemed to be a good check and balance because it forced
	management to pay people what they were actually worth. This doesn't
	always mean they get paid what they want BTW. 

	If you know what someone makes and think you should making the same or
	more you manager is pretty much forced to explain why you are wrong. It
	makes it much harder for managers to play favorites. Digital's policy 
	is in place to protect managers not employees.

			Alfred

    There are companies where the salaries are not only known, but peers
    have say in how much one gets paid.  (This I heard, what, about 4
    months ago on NPR radio.)  The results?  Higher morale, greater worker
    satisfaction and, get this, lower overall salaries.  Keeping salaries
    confidential is, IMO, not done to save any money.  It's done to make
    it easier for management to control the workers.  The question is, does
    management really want or need this control, or is it better to share
    the responsibility with the workers.
    
    As for me, I don't really care who knows my salary.  But, I am
    generally quiet about it because I sense that management doesn't want
    the information out.  And, I figure they are quiet about it because of
    Digital policy, such as the policy to not grant unlimited access to
    employees concerning information about salary ranges for job codes.
    
    Steve

    
    Keeping salary information quiet benefits management.  If 
    salary information were widely known, the first thing management
    would be dealing with is whining and complaining about who's paid
    too much or too little.
    
    Steve
    

.82
             -< why should you be fired for telling your salary? >-

	I concider my salary to be private. But to me that means no one else
	should reveal it. I don't quite understand why *I* can't reveal it.
	I once worked at a company were virtually everyone knew everyone's
	salary. It seemed to be a good check and balance because it forced
	management to pay people what they were actually worth. This doesn't
	always mean they get paid what they want BTW. 

	If you know what someone makes and think you should making the same or
	more you manager is pretty much forced to explain why you are wrong. It
>>	makes it much harder for managers to play favorites. Digital's policy 
>>	is in place to protect managers not employees.

			Alfred

What is Digital's policy that you speak of here?  I know of no Policy that
would prohibit you from publicising your salary.  

    I know of no such policy either, and I am one of those people this
    policy is supposed to be in place to protect - wouldn't you know it,
    left in the dark again.  This must be one of those secret policies that
    they don't even put in the P&P Orange book.

	It may very well be that there is no policy about telling others
	what you make. But I've been told not to tell anyone in strong enough
	words over the years that I would not say anything.

			Alfred

    Alfred,
    
    You should know better then to believe what they tell you ... In any
    case, next time the subject comes up, ask for a reference in P&P and
    see what reaction you get.  To my limited knowledge, no such policy 
    exists.
    
    Chuck

                               Employee Privacy


POLICY

Digital recognizes its obligation to treat employee information in
a confidential manner.  The Company also recognizes its obligation
to inform employees of the existence of employee information
collected and maintained as it pertains to them.  Employees may
examine and supply additional information to clarify, correct or
amend such information, in accordance with this policy.

The responsibility for protecting the privacy of employee informa-
tion resides with managers, the Personnel Department, and individ-
uals who, in the course of their normal business, have access to
such information such as members of the Law Department, etc.  Only
information authorized by Digital's personnel policies and
procedures, or necessary for informed employment decisions may be
included in employee files and records.  This protection applies to
physical files, data bases, computer-generated printouts, notes,
resumes, corrective action documentation, records of verbal
communications, and any other personal information about an
employee which is maintained by Digital managers or supervisors in
carrying out their jobs.  Individuals who insert materials into
these files and records are expected to review the information to
ensure it is appropriate prior to inclusion.

PRACTICE

General Provisions

     o Information on an employee should be collected, used and
       retained only where a legitimate business or legal need
       exists.  Such information should be retained in filing
       systems authorized by policy, mandated by the needs of the
       Company or accepted in standard Company practice, i.e.,
       Personnel files, manager's files, medical files, benefits
       files, etc.

     o Every effort should be made to maintain employee information
       in a secure, accurate and current state.


                        Digital Equipment Corporation

 (B)0lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwqqqqqqqqqqqqqqqqqqqqqqqqk
x                      PERSONNEL                      x Section 6.18           x
x                                                     x Page  2 of 8           x
x               POLICIES AND PROCEDURES               x Effective 04-NOV-91    x
mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqvqqqqqqqqqqqqqqqqqqqqqqqqj

                               Employee Privacy


     o Employees should be made aware of what information is
       collected and retained in files kept in their name or which
       is utilized in making employment decisions which affect the
       individual.  Employees should be given the opportunity to
       see this information if they wish under the guidelines
       below.  Employees may amend or correct information contained
       in their files by inserting a separate document.  Documents
       disputed by the employee should remain in the file unless
       they are clearly inaccurate or inappropriate.  Employees as
       well as managers have the responsibility to keep this
       information current and accurate.

     o All information in an employee file may be copied upon the
       employee's request.  Former employees may also obtain a copy
       of their employee file on request.

     o The disclosure of employee information should be strictly in
       accordance with the provisions stated below under
       "Disclosure of Employee Information."

     o Access to and use of employee information should be directly
       related to the decision being made.

     o In all cases employee information should only be kept if it
       is factual or opinion which is supported by data.
       Unsupported opinion or information which is not factual
       should not be a part of any file on an employee.

Disclosure of Employee Information

Internal Disclosure

   Types of Files:

     Employee Personnel Files:  Personnel files are the official
     Company record of the employment status of an employee and are
     generally kept in the Personnel Department while an employee
     is on active status.  Note:  For information on employee data
     kept in personnel files see Section 1.01 of the Personnel

                        Digital Equipment Corporation

 (B)0lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwqqqqqqqqqqqqqqqqqqqqqqqqk
x                      PERSONNEL                      x Section 6.18           x
x                                                     x Page  3 of 8           x
x               POLICIES AND PROCEDURES               x Effective 04-NOV-91    x
mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqvqqqqqqqqqqqqqqqqqqqqqqqqj

                               Employee Privacy


     Administrative Procedures Manual.  Access to an employee's
     file is limited to:

     o The employee in the company of either his/her manager(s) or
       personnel representative or both.  Copies of information in
       these files are available to the employee upon request.

     o An employee's immediate supervisor.

     o A manager, with the approval of the employee, who is
       actively considering an employee for a position in his/her
       organization.

     o Members of the Personnel Department, Law Department or
       Internal Audit Department who need to access this
       information to complete their assigned responsibilities.
       This provision is intended to provide access for local
       Personnel Departments to employee information for which they
       are responsible.  Release of employee information to other
       personnel organizations may occur only with the approval of
       the employee.

     o Members of the Corporate Security Department (with the
       approval of the Group Personnel Manager or designee
       responsible for the individual employee).

     o Individuals who can clearly demonstrate a "need to know"
       based on a business or legal requirement (with the approval
       of the Group Personnel Manager or designee responsible for
       the individual employee).

     Medical Files:  The Company maintains files on employees which
     contain medical information, i.e., an employee's preplacement
     physical examination, workers compensation claims, health
     progress notes, copies of communications with attending
     physicians, etc.

     Generally, employees may review the contents of their medical
     file with a member of the Health Services Department.  Because
     of the sensitive nature of the information involved, Health

                        Digital Equipment Corporation

 (B)0lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwqqqqqqqqqqqqqqqqqqqqqqqqk
x                      PERSONNEL                      x Section 6.18           x
x                                                     x Page  4 of 8           x
x               POLICIES AND PROCEDURES               x Effective 04-NOV-91    x
mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqvqqqqqqqqqqqqqqqqqqqqqqqqj

                               Employee Privacy


     Services may exercise discretion in disclosing medical files
     to employees.  Where appropriate they may refuse to disclose,
     release it only in summary form, or release only to the
     employee's attending physician, unless disclosure to the
     employee is mandated by state law.  Examples would be medical
     evaluations from outside health care professionals which were
     rendered in confidence or information which Digital's Health
     Services Department deem could detrimentally impact the
     employee if released.  Digital's Health Services Department
     may release any such information in a summary form or directly
     to the employee's attending physician as they deem
     appropriate.

     Employees may supply any information which they believe
     necessary to correct or amend any information contained in
     their medical file in a separate document.  This information
     will then become a permanent part of their medical file.

     Other than the employee, the only individuals who have access
     to an employee's medical file are the following:

     o Members of Health Services Department.

     o Occupational health and safety specialists and agents of the
       Company performing occupational health and safety studies,
       who can demonstrate a need to know the specific information
       in order to assure a safe and healthful workplace or to
       comply with the requirements of law.

     o Members of Digital's Law Department who can demonstrate a
       need to know.

     o Regulatory officials with mandated access to this information.

|    o Agents or vendors of the Company acting on Worker's Compensation;
|      Disability management or eligibility determinations; Unemployment
|      Compensation; outside litigation cases.


                        Digital Equipment Corporation

 (B)0lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwqqqqqqqqqqqqqqqqqqqqqqqqk
x                      PERSONNEL                      x Section 6.18           x
x                                                     x Page  5 of 8           x
x               POLICIES AND PROCEDURES               x Effective 04-NOV-91    x
mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqvqqqqqqqqqqqqqqqqqqqqqqqqj

                               Employee Privacy


     o Courts who have subpoenaed relevant information.  The
       validity of the subpoena requires the approval of Digital's
       Law Department.

     Managers and Personnel are not entitled to direct access to an
     employee medical record.  Personnel and Managers should be
     provided with medical conclusions and recommendations needed
     to accommodate work restrictions and manage the employee.
     This report should include a medical assessment of functional
     ability and specific medical needs related to job and
     workplace.  It will be based upon the employee medical record,
     but will not include diagnostic or other confidential medical
     details unless specifically authorized by the employee.

     Managers and Personnel are entitled to know whether the
     employee is capable of unrestricted work, restricted work with
     limitations, or is incapable of performing his/her usual work.

     Exposure Files:  The Company maintains exposure files for some
     employees with potential exposure to various chemical and
     physical agents.

     The information contained in these files consists of:

     o Workplace and personal monitoring data.

     o Biological monitoring data.

     o Hazard information contained in material safety data sheets.

     These files are maintained by the site occupational safety and
     health professionals.  Employees may have access to and copy
     information contained in their individual files.  Other access
     to exposure files follows the same procedures as listed under
     the Medical Files section of this policy.

     Managers/Supervisors Files:  For those managers and
     supervisors who elect to maintain employee files, information
     retained should include only that which is necessary to

                        Digital Equipment Corporation

 (B)0lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwqqqqqqqqqqqqqqqqqqqqqqqqk
x                      PERSONNEL                      x Section 6.18           x
x                                                     x Page  6 of 8           x
x               POLICIES AND PROCEDURES               x Effective 04-NOV-91    x
mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqvqqqqqqqqqqqqqqqqqqqqqqqqj

                               Employee Privacy


     properly evaluate their employees.  The contents of these
     files may include:

     o Reminders and notes regarding employee performance and
       conduct

     o Samples of the employee's written work

     o Other information which the manager needs for purposes of
       evaluation or salary action, e.g., memos to file on an
       employee in the corrective action process.

     Manager's files should not include hearsay, rumors,
     unconfirmed performance or conduct issues or any copies of
     inactive verbal or written warnings or other information
     inappropriate to consider in making employee decisions.

     Employees should have access to those items in a manager's
     file that are copied from the personnel file or that they have
     seen in the normal course of their employment.  Normally, a
     file kept by a manager on an employee should be destroyed when
     an employee is transferred to a new supervisor.

     Security Files:  Security files are established in the course
     of investigation of problems involving the security and
     well-being of the Company's business.  Employees' access to a
     security file is available at the discretion of Digital's
     Security Department.

|    Discipline Files:  Copies of inactive memos and warnings as
|    used under Digital's Corrective Action and Discipline Policy,
|    6.21, should be kept in a secure filing system, maintained by
|    Personnel.  Employees may access and copy these files to the
|    same extent as they access their personnel files.  Other than
|    the employee, access to Discipline files is limited to
|    Personnel Representatives and members of the Law Department
|    and the Security Department with a need to know.



                        Digital Equipment Corporation

 (B)0lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwqqqqqqqqqqqqqqqqqqqqqqqqk
x                      PERSONNEL                      x Section 6.18           x
x                                                     x Page  7 of 8           x
x               POLICIES AND PROCEDURES               x Effective 04-NOV-91    x
mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqvqqqqqqqqqqqqqqqqqqqqqqqqj

                               Employee Privacy


|    Drug and Alcohol Testing Files:  Employee testing records,
|    consent forms, and other documents pertaining to job required
|    Drug Testing Programs will be retained under the employee's
|    name in a secured filing system.  These files will be
|    maintained by a designated Testing Progam Manager for the
|    function or geography in which the employee works.  Access to
|    these files is limited to the employee, personnel
|    representatives, and members of Digital's Law and Medical
|    Departments, who have a demonstrated need to know.  However,
|    the results of a job required drug or alcohol test may be
|    disclosed to the tested employee's manager and Digital
|    customers with a demonstrated need to know so that he or she
|    can take appropriate employment action.

External Disclosure

Digital provides information to outside sources relating to present
and former employees in three situations only:

     o Without a written release the Company will only verify
       whether an individual is/was employed by Digital, the date
       of that employment and the last current position held as
       given by caller/writer.

     o The employee has approved (in writing) the verification/
       release of specific information.  In such cases the
       information will be released directly to the employee unless
       the information is being used to verify credit information
       (e.g., credit cards, mortgages, bank loans) in which case the
       information may be sent directly to the financial institution.

     o Digital is required by law to release the information.

     o Manager's files should not be released to outside sources.

     o Normally, requests for release of employee data to external
       sources are done through the local Personnel organization
       with the support of Payroll when necessary.  Individual
       managers should not release employee information in these
       circumstances.


                        Digital Equipment Corporation

 (B)0lqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwqqqqqqqqqqqqqqqqqqqqqqqqk
x                      PERSONNEL                      x Section 6.18           x
x                                                     x Page  8 of 8           x
x               POLICIES AND PROCEDURES               x Effective 04-NOV-91    x
mqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqvqqqqqqqqqqqqqqqqqqqqqqqqj

                               Employee Privacy


Notification:  An employee will be notified that access has been
granted to his/her employee file(s) under the following circum-
stances:

     o When an individual other than the employee's manager(s)/
       supervisor(s), Personnel Department or Law Department
       accesses the file.

     o When Corporate Security or the Internal Audit Department
       accesses the file to complete their assigned
       responsibilities.

     o When the Company is legally required to grant access to an
       outside agency conducting a review or investigation
       pertaining to an individual employee.

NOTE:  In the event that access to a file is granted to Corporate
       Security or Internal Audit in the course of an individual
       investigation and the notification of the employee would, in
       the opinion of the Group Personnel Manager (or designee) and
       Corporate Security, jeopardize the investigation, the
       employee will be notified after the investigation has been
       completed.  In all other cases the employee will be notified
       in advance.

Other Provisions

Violations of this policy will be subject to disciplinary action.
Employees who wish to discuss specific privacy issues should
consult with their Personnel Department and/or refer to the "Open
Door Policy" (Section 6.02) contained in this manual.








                        Digital Equipment Corporation

    re: .89
    
    What's your point?  I am familiar with that policy and I still do not
    read into it any condition that would allow a manager to discipline an
    employee for voluntarily releasing their salary information to their
    peers ... The DEC Personnel Policies and Procedures are full of a great
    deal of information and requires considerable review, but I guess I
    must be missing something here.   

    Re: .90
    
    Chuck, I think Mr. Simpson's note was an attempt to inject some data
    into an argument about Digital's privacy rules.  I don't think he was
    trying to make a point.

    re: .91
    
    Yep, about 400+ lines of data.  Unfortunately, no information was
    added.
    
    Bob - who read the whole thing :-(

    I also read it all.  It confirmed that Digital has no rules on an
    employee revealing his own salary.

    But it is common knowledge what range salaries are in DEC, I mean
    a senior Engineer has a range from x to y, a principle has a range
    from m to n etc..

    these things are known, and by knowing how long long one has been 
    around at a certain title , one can guess estimate their salary to within 
    +- few thousands.

    it is easy to find how long one was at certain title, just invite them
    for lunch and at the end insist to pay for the food, then immediately
    after , as you are leaving the restaurant premises just ask in an 
    innocent voice: "hey, buddy, when did you last get promoted?". 
    make sure you are smiling as you say that, and keep looking at the receipt 
    of the payment you just made as you are asking.

    you must do all this very causally and in a relaxed manner, else they'll 
    get suspect and refuse to answer the question, and you'll end up having 
    paid for lunch for nothing.

    hope this helps.
    thank you,
    /Nasser
    I spell checked.

    I think a more careful... ah... interpretation is in order.  I can see
    quite clearly how, since your peers are not in any of the lists of
    people authorised to view information on your employee file, you could
    be considered in breach of 6.18 by revealing information to them, even
    if it does belong to and is about you.

Perhaps there are no explicit rules re: divulging one's salary to a coworker,
but *why* would you be inclined to do so? What purpose would be served?

    re: .93
    
    >I also read it all.  It confirmed that Digital has no rules on an
    >employee revealing his own salary.
    
    Tom, you don't usually leave yourself open for something like this, so
    here goes...
    
    No. All it confirms is that particular section of P&P doesn't mention
    anything about employees revealing their salary.  You'd have to read
    the other zillion screens to make your determination. :-)
    
    Bob
    
    Bob
    

    So, you don't think it wrong that you reveal privileged information,
    such as salary information, protected by 6.18 to people not authorised
    by 6.18?

    Personally, I don't think it wrong if you want to share your salary
    information with anyone.  Your salary information is confidential to
    you and you should have the right to share it.  As far as official
    policy goes, I HAVE read all of the P&P Manual and have seen most
    (likely not all) of the updates and there is nothing in there that
    would prohibit an employee from voluntarily sharing their salary 
    information with anyone - I will add this proviso, "To the best of my 
    limited knowledge".  It would be another story if an employee was
    trying to find out someone else's salary - as clearly stated in the policy.
    
    For me, my salary information is no one else's business but my own and
    I would not choose to share this information with anyone.  I just hate
    to see things saying "managers say ..." or "my manager said ..." when
    it is not supported by policy or does not represent my position.
                                                                     

    re .99
    
>     o The disclosure of employee information should be strictly in
>       accordance with the provisions stated below under
>       "Disclosure of Employee Information."
    
    Unless your peers fall into one of the categories listed below they are
    *not* entitled to know, nor are you entitled to tell them.
    
>     Administrative Procedures Manual.  Access to an employee's
>     file is limited to:

>     o The employee in the company of either his/her manager(s) or
>       personnel representative or both.  Copies of information in
>       these files are available to the employee upon request.

>     o An employee's immediate supervisor.

>     o A manager, with the approval of the employee, who is
>       actively considering an employee for a position in his/her
>       organization.

>     o Members of the Personnel Department, Law Department or
>       Internal Audit Department who need to access this
>       information to complete their assigned responsibilities.
>       This provision is intended to provide access for local
>       Personnel Departments to employee information for which they
>       are responsible.  Release of employee information to other
>       personnel organizations may occur only with the approval of
>       the employee.

>     o Members of the Corporate Security Department (with the
>       approval of the Group Personnel Manager or designee
>       responsible for the individual employee).

>     o Individuals who can clearly demonstrate a "need to know"
>       based on a business or legal requirement (with the approval
>       of the Group Personnel Manager or designee responsible for
>       the individual employee).

    re: .100 and your previous
    
    My cost center and badge number are contained in the files you mention. 
    By your logic, I can't reveal that information to 'unauthorized'
    people, yet I do it all the time.  My badge number is obviously on my
    badge, which by corporate P&P I must wear at all times I'm in a Digital
    facility.
    
    Bob

    
    For that matter, so is my marital status and my level of education;
    are these now verboten lunchtime topics??
    

    Let's all be serious for a while.  For as long as we are Digital
    employees we are subject to its policies and procedures.  But, since it
    has always been legitimate for Digital managers to modify P&P to meet
    local conditions, the P&P mean nothing.  If your manager says "Don't",
    then don't.  Unless you want to do the open door thing.
    
    Dick

>     Administrative Procedures Manual.  Access to an employee's
>     file is limited to:

Gaining direct physical access to the employee's file, which is what they
are talking about in P&P, is entirely different than to be told information
by the employee his/herself.  It is a matter of "willful disclosure"

The example of marital status is a good one.  Current marital status is
kept in the employee's file but this does not restrict the employee from
divulging that information.  On the other hand, access to the file
is protected by the P&P rule so that if the employee wants to keep this
information secret, they can.

In my opinion, salary falls in the same category.

-steve-

    re: 100  That is your interprtation of what is says but IMO that is not
    how I interprete it.  I guess that would be left to our legal system if
    someone ever got terminated for telling someone their own salary
    information.
    
    Re:103  Modifying P&P to meet local conditions does not constitute
    whole sale authority to do what ever the heck you want despite the
    policies - which might not be an accurate intpretation of what you're
    saying but it is how I read it ... and I guess that is the jest of the
    matter.  Anyone can read something and interprete it differently. 
    Human Resources might be a place you can go to for an official
    interpretation if it is required, before the ODP is utilized.  That is
    the place I would start if I were overly concerned about this.
        

RE: .100

I too would have to "disagree" with your interpretation.

There are many pieces of information about ME in MY files within Digital, all
hopefully "protected" from inquiry by persons or groups not pointed out in the
P&P guide.  But much of that information came from ME or is information that
is known to ME.  I see no reason why you or I cannot discuss our own information
with others as we choose.

/Marty

    Also, everytime I go for a bank loan, car loan, refinance, etc etc,
    file tax returns, or whatever I usually have to give salary
    information. If Uncle Sam can be told, so can you.
    
    - John

    someone a few back hit one of the nails on the head as to DEC's
    problems:  (not directly quoted, but summarized) P&P interpretation is
    left up to the regional/locale/sight/group management to define as they
    wish.
    
    I just wish DEC would come out with some black and white P&P that no
    one can interpret as they see fit.
    
    Reg.

    <I just wish DEC would come out with some black and white P&P that no
    <one can interpret as they see fit.
    
    I agree.
    On the other hand "black and white P&P" would not be Policies and
    Procedures rather they would be 
    Rules and Regulations (i think)

RE: .100

The original reason for the policy quoted earlier and many more like it,
is very simple.  The company doesn't want to be sued!!  In the middle 
80's I worked for a company where managers and supervisors kept records
on employees and would forward them to the next manager that the person
got transfered to.  A law suit "somewhere" caused the company to put out
an offical notice that said, in effect, destroy all records that were
held by managers.  Why, because those records could be found and used
against the company during the discovery phase of a lawsuit.

So while there are other reasons that a company might want to keep a 
piece of information like salary out of the hands of the employees, it 
is the legal problems that cause policies like the one under discussion 
to be written.  You can release your personal information to whoever you 
want whenever you want because you are the "owner" of the information but
the comany can't because it doesn't own the info.  Disclaimers about not
being a lawyer apply to the above.

On one other point.  An earlier reply said that salaries are not generally
know in the US.  That is not true.  If you work under a union contract,
everyone in the union knows what each job pays.  If you are in the top
X positions on a public company, your salary and bonuses is public
knowledge.

Lee G.

RE:  <<< Note 2073.94 by STAR::ABBASI "Spell checking is a family value" >>>

>    a senior Engineer has a range from x to y, a principle has a range
>    from m to n etc..                            ^^^^^^^^^

>    I spell checked.

Further proof that a spell checker alone is insufficient...  :-)

-  David

    
    Someone asked why you'd want to share your salary details info with a
    co-worker. Turns out I did this today with a co-worker and we
    discovered that an allowance we are both eligible for was being
    underpaid in his case.
    
    This will be fixed with 18 months backpay.
    
    Seems like a good enough reason to me.
    
    /andy

re: .112

I disagree. I make sure that my affairs are in order as they pertain to my
employer (and everyone else, by the way), and he (your friend) has the same
responsibility, IMO. And was that *the reason* you two decided to share the
info? I don't really need to know, and it's none of my business, but I can't
imagine myself thinking, "Hmmm. I wonder if my federal withholding has been
calculated correctly. Maybe I should compare my stub with Joe's to see."

The reason I asked, and I'll probably take a lot of heat for this, was that I
see a world that's increasingly litigious, always watching for opportunities to
'get the other guy', and I see evidence of the same type of behavior in this
conference BY PEOPLE WHO ARE EMPLOYED BY THE GUY THEY WANT TO 'GET'! This makes
no sense to me.

You may have found an error in allowances, but it was coincidental. There can
be only one of three results of making such comparisons:

You'll feel underpaid
Your friend will feel underpaid
You'll both feel equally underpaid (somewhat tongue-in-cheek - sorry)

What good does that do Digital?  I say, take care of your own business, and
mind your own business.

Pete

    Amazing. CYA and to hell with the rest of the world? What an attitude.
    
    As to why my colleague and I shared info, it was purely a passing
    comment that led to the comparison.
    
    We weren't out to *get* anyone.
    
    andy

    I believe .114 missed the point of .113 unless I missed the implied
    friendly face.
    
    I agree with .113:  the US (and world) is going to total legislation 
    that will control your (personal) life.  I support the bill that would 
    require all (at least US) citizens to be responsible for their actions.  
    That's okay, I hear many laughing, but think about it: now we NEED a 
    LAW that assures an employee can take up to 12 weeks leave w/o pay and 
    their job will be held secure?  What's the matter, if one is responsible 
    enough to ask for the time, then one should be equally responsible to 
    work out the same deal with their employer.  (Off the track here, but 
    it's just one of the most recent ones that I'm sure most -key word- 
    people would know about).
    
    As for this sounding like it contradicts my other statement about
    absolute P&P to which I agree would be rules and regs, not really.
    Rules and regs would protect a company and instruct it's employees
    exactly how it expects them to perform and to inform them exactly of
    what they should expect to recieve in return.  Anyone that found
    anything to be worded vaguely (unless it was by popular opinion to be
    too vague), should take that issue up with the appropriate people
    and have it clarified for them.
    
    I'm just sick and tired of what's good for me and not right for you
    when it comes to benefits/payments/recognition/etc.  One reason why I
    applaud loudly the change to WC2 recieving equal sick time bennies as
    WC4, however I find it deceitful to think that someone believes that
    WC2 will now jump on the band wagon which is why they lumped this new
    feature in with LTD changes and increases (IMO). New question: does
    LTD payments help the company to pay STD? is there some kind of
    kickback?  Please answer in the appropriate topic and I'm sorry I asked
    it here.
    
    Reg.

    Aren't I just glad my home country is still run by the Government, and
    not lawyers.
    
    Laurie.

re: "CYA and to hell with the rest of the world? What an attitude."

That's not my attitude at all. Accepting responsibility for one's self is very
different from covering one's ass (or is that part of the problem, that the two
are becoming confused?), and respecting others' privacy (and expecting them to
respect mine) is (or was) *very* different from "to hell with the rest of the
world".

Pete

    
    Knowledge is power. Management, having given up the power inherent in
    decision-making by not making any decisions, is clinging desperately
    to the power created by hoarding knowledge. An absolute lock on
    information regarding salary planning is cited as an example.
    

    re: 118
    
    Come on, Bill ... isn't that statement a little parnoid.  If some
    managers are out there trying to control information, do not condemn us
    all.  Just challenge their statements and ask for policy related to it
    to back it up.  

    The author of .118 isn't paranoid at all.
    
    At IBM, I've heard said, sharing your salary with anyone is a firing
    offense.  The reason's simple:  If other people knew your salary, they
    could compare.  Management wouldn't hear about "hey, I'm overpaid" but
    they'd sure hear about people who are underpaid.
    
    Digital's dirty little secret:  Long-term employees are screwed.  I
    don't know my co-workers' salaries but managers have assured me that
    I'm making much less than others in my job code with equivalent or
    inferior records.  Why?  Because I joined over a decade ago, at a lower
    job code, and got some promotions.  Each time, I was brought up to at
    least _minimum_, and then got percentage raises.  Now being at bottom
    of grade means I get maybe 2% more than somebody in middle of grade,
    but it's about a 40% swing from top to bottom, so I never get above
    percentile 20 or so unless I don't get promoted for a long, long time. 
    New hires, on the other hand, often came in near midpoint.
    
    Hell, I don't want others without need-to-know to be told my salary
    without my consent.  But Andy's choice to share it is a valid one.  And
    I have a very very hard time with the Flat Earth Party Line about how
    the gummint shouldn't _mandate_ the company allow you to take unpaid
    family leave.  Digital's usually pretty good about it, though I suspect
    it's a site or manager's option in the US.  But as times get tighter, I
    can see some weenie in a suit decide that to be competitive, we have to
    act like Joe's Garage Computer Co. and deny any leave not mandated by
    law.  After all, Joe benefits from not granting leave, or he'd grant
    leave, right? so we have to treat our employees like scum to compete. 
    I do see some of that thinking lately.  The purpose of government rules
    in this regard is to "level the playing field" so that there is less of
    an incentive for companies to treat workers like slaves.

    Re .119:
    
    No, I've been asking myself the paranoia question for a long time, and
    this this case, I honestly don't think so.

    .119> Just challenge their statements...
    It's hard to challenge statements they don't make.
    
    The amount of money set aside for salary adjustments last year,
    expressed as a percentage of the then-current salary expense, seems to
    be a more closely guarded secret than the formula for Coca-Cola.

    It is only by asking many pointed and tightly worded questions that one
    finds that the overriding "theme" for last year's salary planning was
    not "pay for performance" but "equity".

    -----
    
    Why should I care about these things? In two prior salary adjustments
    I received n%, where n>m, where m was the corporate average salary
    adjustment, a piece of data available (although not readily) at the
    time.
    
    My latest salary adjustment was j%, where j = 0.3*n.
    
    My performance rating for these three adjustments was a solid 2.
    
    After lengthy dialogue and research, I am still unable to explain the
    difference in these salary adjustments. I cannot even answer this basic
    question: For better than average performance, did I receive a better
    than average adjustment? You can't even derive the satisfaction of saying
    j>x, if x is unknown.
    
    Without being able to demonstrate that my adjustment might not be in line
    with my performance, how can I begin to argue for change? I am powerless
    to do anything but walk away. Management has the knowledge; management
    has the power.
    
    -----
    
    I should point out, Chuck, that judging from our scant interaction, you
    seem to be one of the more open managers in this regard. I attribute this
    to your distance from GMA, and the thin, clean air of your locale.
    

     Unless Congress or the courts have repealed the National Labor
    Relations Act,companies that punish employees for discussing 
    their own salaries are in violation of Federal law.
     The NLRA was passed in the 30's in reaction to companies'
    union-busting tactics then in vogue.
     The right to discuss your own salary with whomever you like is
    (was?) considered part of the right to collective bargaining.
     
     I'm no lawyer,,and no great fan of unions,but I went through this
    stuff with my former employer 10 yrs ago. Companies get away with
    "policies" as long as no one challenges them .Keeping employees
    quiet about their salaries allows companies to have very different
    salaries for the same job.
    
    Doug  

    It's this way.  I am required by law to report my Digital earnings on
    line <whatever> of form 1040.  Can Digital possibly object if I show
    somebody my income taxes and all required forms, including the Digital
    W2?
    
    Am I violating PP&P by showing them to the IRS?  To my accountant? If
    the PP&P are interpreted to mean no Digit can reveal salary information
    to another, then EVERY Digit (including Bob Palmer and KO) is already
    in violation of PP&P, and that means no Digit is in violation when it
    gets to court.
    
    The PP&P don't have any exceptions for showing the salary info to the
    IRS or an accountant.

re Note 2073.123 by COOKIE::EGGERS:

>     The PP&P don't have any exceptions for showing the salary info to the
>     IRS or an accountant.
  
        Perhaps the P&P really should have a rule forbidding the
        fomenting of discontent in general (perhaps it already does).

        (Obviously, if there were such a rule, official management
        decisions would have to be excepted. :-)

        Bob

	You're telling me that I can't tell anyone information about 
	ME if I CHOOSE to, because it happens to be recorded by the 
	Digital personnel department... ?  Don't be silly!

	Cathy

	Cathy,

	Don't worry, the PP'Ps are talking about procedures around access to 
	your personnel files.


	This is entirely different from you giving anyone else information 
	about you.

	
	Heather

In my opinion, this really has nothing to do with whether or not the PP&P
manual discusses disclosure of salary information or not, nor does it have to
do with anyone's right to freedom of speech (which is apparently alive and
well!).

What it *has* to do with is whether or not discussing your salary with a
coworker is the 'right' thing to do.

Having been a manager, if I were asked if I were concerned about my colleagues
discussing their salaries, I would have said 'yes' and 'no'. Yes, because it's
my opinion that that is improper and unprofessional. No, because I always made
very sure that people who worked with me were paid equitably. If they had
discussed their relative salaries and one had approached me, I would have been
able to justify the apparent inequity. If I couldn't do that, then I hadn't
done my job. I wasn't afraid of people finding something out; that fear isn't
the basis for my position on this.

I guess where I'm coming from is what *I* consider to be basic adult behavior,
which can't always be justified or defined according to a policies manual.
Neither a policies manual nor the Constitution can force prudent, responsible,
and respectful behavior on those it seeks to influence.

Pete

>. Yes, because it's
>my opinion that that is improper and unprofessional.

>I guess where I'm coming from is what *I* consider to be basic adult behavior,
>which can't always be justified or defined according to a policies manual.
>Neither a policies manual nor the Constitution can force prudent, responsible,
>and respectful behavior on those it seeks to influence.

	I don't understand this, why is discussing salary improper and 
	unprofessional, or not responsible, or not respectful?

	Heather
	

    I once worked for a manager, outside DEC, in the UK, who believed
    strongly in everyone else knowing what everyone's salary was. Being
    unused to this, I asked him why this was. He replied that it meant that
    those who perform well were rewarded for it, and were able to measure
    that reward in a meaningful way, direct comparison. Naturally, it also
    meant that those who lagged behind in salary terms had incentive to
    examine themselves and their commitment, and more importantly, to deal
    with it appropriately.
    
    He was very happy with this, and was a good enough manager to know that
    this sometimes meant some painful conversations with employees who
    believed they were being unfairly treated. In my view, any manager who
    attempts to duck such conversations, shouldn't be a manager. I find
    myself erring towards the view that hiding salaries is of benefit only to
    'weak' managers, and positively detrimental to *any* company.
    
    Laurie.

re: .128 & .129
	
Heather,

Please don't take this the wrong way, but you don't *need* to understand it.
It's my opinion, based more on sentiment than on evidence. At times I wish I
could reconcile some of my opinions with fact, but I'm not an automaton (and I
don't wanna be).

Pete

>Please don't take this the wrong way, but you don't *need* to understand it.


	Fine, so you don't need to understand why I find it completely 
	proper, honest, above board, responsible, professional and respectful.

	Heather

    ...but those that you accuse in those terms *do* need to understand why
    you condemn them.
    
    /a

    re.130 Great anecdote. Wish it were that way here. 

Re: .126

	I realise the P&P wording refers to information in personnel	
	files, what I am saying is that ALL that information is about
	me and I KNOW what it is and why shouldn't I disclose it to
	ANYONE I want just because it also happens to be in my personnel 
	file.

	Obviously I would expect the P&P's to prevent me disclosing
	information in other people's files and vice versa.

	My previous employer also actively encouraged discussion among
	colleagues about salary.  As a sweeping generalism (don't ya
	love it!?) openess is less destructive than secrecy (which I 
	THOUGHT was the reason for the 	open door policy and sharing of 
	other information generally encouraged at Digital).

	Cathy