Well I see what you guys are saying about creating a corporate certificate, but can't a user view what certificates are trusted in the IE or FF browser? I know most users don't pour over their browser settings so this could work for most, but I'm thinking that if the technique was used it could be discovered pretty easily by looking at browser settings?

Also someone else posted that key loggers, while possible, are in practice rarely used?

I also agree with the point that a miner policy infraction in practice is often used to fire someone instead of the real reason. For instance, the person violates a miner provision of the companys computer use or telecommunications policy, and the company uses that to fire them just because they don't like the person or there is some other issue. In contrast, the company allows 99% of others to use the computer or telephone in the same way as the person who got fired. E.g. they only bring out the policy in very selective ways in order to fire someone.

I remember something from labor law class, but I think it only applys to union shops. Lets say Al supervises Brian, Chris, and Don. Lets say for a long time Chris and Don take a 3 hour lunch each day, even though hypothetically the company allows a 30 minute lunch break. Al lets this go unchallenged. Then some issue comes up where Al wants to get rid of Don. From what I remember, he can't just get rid of, fire, Don because
don is taking the 3 hour lunches, because he allows or allowed the misconduct from others. E.g. he can't just hit Don with the rules, but let Brian, Chris, and himself avoid the rules. But again I think it just had to do with union shops. From what I remember, no such limit in a nonunion shop?