Moving beyond merely monitoring employees' Internet use, many of the nation's largest companies are quietly assembling teams of computer investigators who specialize in covertly copying employees' hard drives and combing them for evidence of workplace wrongdoing.
These high-tech investigators employ tools and techniques that originally were devised for law enforcement to catch criminals but that are now spreading rapidly in the private sector at Microsoft, Disney, Boeing, Motorola, Fluor, Caterpillar and dozens of other major companies.
The development, little known outside the narrow community of corporate security experts, is sure to raise tensions over workplace privacy in an age when the lives of millions of workers are inextricably tied to their office computers.
Employers say that their rush into the field known as "computer forensics" is a matter of self-defense, that being able to retrieve computer evidence is essential to their ability to catch employees engaged in everything from spending too much time surfing the Internet to stealing company secrets.
"People don't always tell the truth about things," said Howard Schmidt, head of corporate security for Microsoft. Their computers, he said, usually do.
But others question the need of corporations to target unsuspecting employees with the same forensic technology that police agencies use to investigate criminals. Employees subject to such searches face a level of scrutiny they may never have imagined. Investigators acknowledge that searches of computer hard drives routinely turn up embarrassing details about workers' health problems, marital woes and financial difficulties.
"Pardon me for being a cynic," said Lewis Maltby, president of the National Work Rights Institute in New Jersey, "but I don't have total confidence in internal security teams to protect my privacy."
Forensic work is a mix of daring and digital excavation. Investigators often sneak out late at night or use various ruses to obtain "mirror" copies of employees' hard drives. Then they pore over the computers' contents in excruciating detail, searching caches that few users even know about and resurrecting deleted files.
A recent search at one of Southern California's largest assembly plants unfolded in typical fashion.
The investigator waited until midnight on a Sunday, when the plant was empty, its machinery motionless and thousands of computers had slipped into screen-saver slumber.
