Is Screenshot Time-tracking Common?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP












235















I am a freelance developer. When I work on projects for a client I tend to bill to the half-hour, which has been fine. Additionally, I do my best to track each type of thing "research", "coding", "lunch", "break", etc so the client can see an itemized version of my hourly. This seems to bring them some comfort.



Recently, I've had a few clients approach me but ask that I use screenshotting and/or keylogging on my home computer (which is also my work computer). Naturally, this makes me uncomfortable. The client thinks I am lazy. To me,



  1. the risk of exposing another clients work via (2) - software becomes unpatched leaving a giant hole in my system or a screenshot of a chat with another client

  2. security implications of installing nanny-software that is effectively a RAT

  3. the direct implication the client does not trust me

These issues really bother me.



Bringing up my portfolio of satisfied clients (who do not use tracking) does not seem persuasive. If you do not trust me, why would you take the time to hire me? I am not desperate for work.



I have been in the industry a number of years at this point. I have delivered a lot of software on time and on budget. I know when hours are "deserved" vs "I overshot this, I guess I'll give them some hours for free".



Is this type of requirement common? Should I just suck it up because it's work? It makes me very uncomfortable. It signals to me a "sweat shop" mentality driven by micromanaging metrics rather than getting good software at an agreed upon price. Do people request a video feed of their mechanic fixing their car? Do they request an itemized hourly report of the mechanic they paid a ton of money for? It seems like this problem is unique to software.










share|improve this question



















  • 30





    Are these government, government contractors, or otherwise regulated clients? I know the US Government has the right to show up at any contractor's place of work at any time to audit timecards: a friend who worked from home had an auditor show up at his house for an inspection. He had to show the current open entry corresponded to the engineering work he was doing on his screen. This extends to non-government work done by contractors (due to calculation of overhead).

    – user71659
    Feb 20 at 4:15







  • 21





    Strongly related: My customer wants me to record a video of how I develop his software product

    – Radu Murzea
    Feb 20 at 8:13






  • 2





    Comments are not for extended discussion; this conversation has been moved to chat.

    – Lilienthal
    Feb 20 at 12:45















235















I am a freelance developer. When I work on projects for a client I tend to bill to the half-hour, which has been fine. Additionally, I do my best to track each type of thing "research", "coding", "lunch", "break", etc so the client can see an itemized version of my hourly. This seems to bring them some comfort.



Recently, I've had a few clients approach me but ask that I use screenshotting and/or keylogging on my home computer (which is also my work computer). Naturally, this makes me uncomfortable. The client thinks I am lazy. To me,



  1. the risk of exposing another clients work via (2) - software becomes unpatched leaving a giant hole in my system or a screenshot of a chat with another client

  2. security implications of installing nanny-software that is effectively a RAT

  3. the direct implication the client does not trust me

These issues really bother me.



Bringing up my portfolio of satisfied clients (who do not use tracking) does not seem persuasive. If you do not trust me, why would you take the time to hire me? I am not desperate for work.



I have been in the industry a number of years at this point. I have delivered a lot of software on time and on budget. I know when hours are "deserved" vs "I overshot this, I guess I'll give them some hours for free".



Is this type of requirement common? Should I just suck it up because it's work? It makes me very uncomfortable. It signals to me a "sweat shop" mentality driven by micromanaging metrics rather than getting good software at an agreed upon price. Do people request a video feed of their mechanic fixing their car? Do they request an itemized hourly report of the mechanic they paid a ton of money for? It seems like this problem is unique to software.










share|improve this question



















  • 30





    Are these government, government contractors, or otherwise regulated clients? I know the US Government has the right to show up at any contractor's place of work at any time to audit timecards: a friend who worked from home had an auditor show up at his house for an inspection. He had to show the current open entry corresponded to the engineering work he was doing on his screen. This extends to non-government work done by contractors (due to calculation of overhead).

    – user71659
    Feb 20 at 4:15







  • 21





    Strongly related: My customer wants me to record a video of how I develop his software product

    – Radu Murzea
    Feb 20 at 8:13






  • 2





    Comments are not for extended discussion; this conversation has been moved to chat.

    – Lilienthal
    Feb 20 at 12:45













235












235








235


16






I am a freelance developer. When I work on projects for a client I tend to bill to the half-hour, which has been fine. Additionally, I do my best to track each type of thing "research", "coding", "lunch", "break", etc so the client can see an itemized version of my hourly. This seems to bring them some comfort.



Recently, I've had a few clients approach me but ask that I use screenshotting and/or keylogging on my home computer (which is also my work computer). Naturally, this makes me uncomfortable. The client thinks I am lazy. To me,



  1. the risk of exposing another clients work via (2) - software becomes unpatched leaving a giant hole in my system or a screenshot of a chat with another client

  2. security implications of installing nanny-software that is effectively a RAT

  3. the direct implication the client does not trust me

These issues really bother me.



Bringing up my portfolio of satisfied clients (who do not use tracking) does not seem persuasive. If you do not trust me, why would you take the time to hire me? I am not desperate for work.



I have been in the industry a number of years at this point. I have delivered a lot of software on time and on budget. I know when hours are "deserved" vs "I overshot this, I guess I'll give them some hours for free".



Is this type of requirement common? Should I just suck it up because it's work? It makes me very uncomfortable. It signals to me a "sweat shop" mentality driven by micromanaging metrics rather than getting good software at an agreed upon price. Do people request a video feed of their mechanic fixing their car? Do they request an itemized hourly report of the mechanic they paid a ton of money for? It seems like this problem is unique to software.










share|improve this question
















I am a freelance developer. When I work on projects for a client I tend to bill to the half-hour, which has been fine. Additionally, I do my best to track each type of thing "research", "coding", "lunch", "break", etc so the client can see an itemized version of my hourly. This seems to bring them some comfort.



Recently, I've had a few clients approach me but ask that I use screenshotting and/or keylogging on my home computer (which is also my work computer). Naturally, this makes me uncomfortable. The client thinks I am lazy. To me,



  1. the risk of exposing another clients work via (2) - software becomes unpatched leaving a giant hole in my system or a screenshot of a chat with another client

  2. security implications of installing nanny-software that is effectively a RAT

  3. the direct implication the client does not trust me

These issues really bother me.



Bringing up my portfolio of satisfied clients (who do not use tracking) does not seem persuasive. If you do not trust me, why would you take the time to hire me? I am not desperate for work.



I have been in the industry a number of years at this point. I have delivered a lot of software on time and on budget. I know when hours are "deserved" vs "I overshot this, I guess I'll give them some hours for free".



Is this type of requirement common? Should I just suck it up because it's work? It makes me very uncomfortable. It signals to me a "sweat shop" mentality driven by micromanaging metrics rather than getting good software at an agreed upon price. Do people request a video feed of their mechanic fixing their car? Do they request an itemized hourly report of the mechanic they paid a ton of money for? It seems like this problem is unique to software.







software-industry freelancing






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Feb 20 at 13:11









Mister Positive

62.2k33205249




62.2k33205249










asked Feb 20 at 1:05









CL40CL40

875226




875226







  • 30





    Are these government, government contractors, or otherwise regulated clients? I know the US Government has the right to show up at any contractor's place of work at any time to audit timecards: a friend who worked from home had an auditor show up at his house for an inspection. He had to show the current open entry corresponded to the engineering work he was doing on his screen. This extends to non-government work done by contractors (due to calculation of overhead).

    – user71659
    Feb 20 at 4:15







  • 21





    Strongly related: My customer wants me to record a video of how I develop his software product

    – Radu Murzea
    Feb 20 at 8:13






  • 2





    Comments are not for extended discussion; this conversation has been moved to chat.

    – Lilienthal
    Feb 20 at 12:45












  • 30





    Are these government, government contractors, or otherwise regulated clients? I know the US Government has the right to show up at any contractor's place of work at any time to audit timecards: a friend who worked from home had an auditor show up at his house for an inspection. He had to show the current open entry corresponded to the engineering work he was doing on his screen. This extends to non-government work done by contractors (due to calculation of overhead).

    – user71659
    Feb 20 at 4:15







  • 21





    Strongly related: My customer wants me to record a video of how I develop his software product

    – Radu Murzea
    Feb 20 at 8:13






  • 2





    Comments are not for extended discussion; this conversation has been moved to chat.

    – Lilienthal
    Feb 20 at 12:45







30




30





Are these government, government contractors, or otherwise regulated clients? I know the US Government has the right to show up at any contractor's place of work at any time to audit timecards: a friend who worked from home had an auditor show up at his house for an inspection. He had to show the current open entry corresponded to the engineering work he was doing on his screen. This extends to non-government work done by contractors (due to calculation of overhead).

– user71659
Feb 20 at 4:15






Are these government, government contractors, or otherwise regulated clients? I know the US Government has the right to show up at any contractor's place of work at any time to audit timecards: a friend who worked from home had an auditor show up at his house for an inspection. He had to show the current open entry corresponded to the engineering work he was doing on his screen. This extends to non-government work done by contractors (due to calculation of overhead).

– user71659
Feb 20 at 4:15





21




21





Strongly related: My customer wants me to record a video of how I develop his software product

– Radu Murzea
Feb 20 at 8:13





Strongly related: My customer wants me to record a video of how I develop his software product

– Radu Murzea
Feb 20 at 8:13




2




2





Comments are not for extended discussion; this conversation has been moved to chat.

– Lilienthal
Feb 20 at 12:45





Comments are not for extended discussion; this conversation has been moved to chat.

– Lilienthal
Feb 20 at 12:45










16 Answers
16






active

oldest

votes


















467















Is this type of requirement common?




No it isn't. It's also a security issue and a sign of a problematic client. Unless you're desperate for the work I'd just refuse.



The major advantage of freelancing is that you pick your clients, your times and your conditions (these should always be clearly defined and agreed at the outset). If you allow a client to impinge on these you lose part of your advantage and your future negotiating status is lessened.






share|improve this answer




















  • 26





    Agreed. This is uncommon and unusual. I would not take on a client that had this as a requirement.

    – joeqwerty
    Feb 20 at 2:01






  • 144





    I agree and would even go stronger. They are already signaling that they are going to dispute OP's labor charges. Even if OP is desperate, it is still better to be idle than work for nothing.

    – emory
    Feb 20 at 3:49






  • 60





    I never understand why people would even want to hire someone they clearly don't trust.

    – Jörg W Mittag
    Feb 20 at 5:04






  • 31





    @JörgWMittag you get lots of weird stuff freelancing, sometimes it's people trying it on or establishing a pecking order, sometimes it's clients that have had bad experiences and haven't gotten over themselves. No real point trying to analyse the reasons, if you don't like the conditions refuse the job.

    – Kilisi
    Feb 20 at 5:07






  • 7





    I would even go as far as to call them out on it, making sure to let them know exactly why you are refusing them, and why any respectable freelancer would also refuse them. It's plain ignorance - some one thinks they know what they're talking about but has no clue - this needs calling out.

    – ESR
    Feb 20 at 16:48


















129















the risk of exposing another clients work via (2) - software becomes unpatched leaving a giant hole in my system or a screenshot of a chat with another client




This is why I will not use screen-logging software, and I do not know of a single free-lancer who will allow it on their computer.



You likely signed NDAs with your clients. Installing this software likely breaks the NDA



How to (possibly) salvage this situation - Explain The above reason to them, and suggest other ways to build trust with them. Something like




I can't install software like that because you could inadvertently see what I'm working on for other clients. That's a violation of their trust (and possible NDA), so I can't really budge on that. I have several references XYZ if you're worried about work ethic.







share|improve this answer























  • Just turn it back on the client and ask them to insure you for potentially breaking NDA. Probably needs, I dunno, $100 million or something depending on your clients.

    – Nelson
    Feb 21 at 0:33






  • 20





    If that's really your only concern you can always offer to do work for them on a device that they provide which can be set up however they want. If you actually just don't want to be monitored every minute of the day (which is a valid attitude, if harder to justify to the client) you need to know what you are going to say if they offer to provide you with whatever hardware you need on their terms.

    – Eric Nolan
    Feb 21 at 9:40






  • 4





    @nelson: Know what's worse than inadvertently breaking an NDA? Doing it in exchange for consideration (which client-paid insurance would be). That's industrial espionage and you would get out from under that cloud.

    – Ben Voigt
    Feb 22 at 4:40






  • 1





    @BenVoigt; No, that does not make sense. You're asking liability insurance for malfunctions in the screenshotting software. That is not at all consideration; you would never benefit from t.

    – MSalters
    Feb 22 at 13:01






  • 2





    @EricNolan fair enough, but they will get billed for all the time that it will take me to set everything up to my liking.

    – Davidmh
    Feb 22 at 14:08


















86














DO NOT LET ANYBODY SPY ON YOUR PROPERTY AND WORK!!



If you work on the clients premises, using their property and licenses then they have every right to keylog and screencapture.



But that's not the case!



I'm afraid you gave them ideas with your too detailed, itemized timesheets.



Why would you even do that?



You give an estimate and once you draw up a contract you name a more accurate amount of time and price.



Once milestones are reached or the job is finished you invoice and bill your tasks / time.



If it's very different to your estimate you better talked about whatever caused the price hike when it occurred and they better agreed to it.



If they insist, thank them for considering to work with you but respectfully decline out of security concerns.



Let me reiterate:



DO NOT LET ANYBODY SPY ON YOUR PROPERTY AND WORK!!






share|improve this answer




















  • 11





    with your too detailed itemized timesheets. It would appear I still have a lot to learn.

    – CL40
    Feb 20 at 1:26







  • 25





    Yeah, I would recommend categorizing your work only at a high level (i.e. research/planning, meetings, front-end, back-end, deployment, etc.) with a total per-category, and rounded to the hour. It's up to you how precisely you track your time internally, but sharing that detail treats your client like your manager and invites them to assume that authority.

    – HonoredMule
    Feb 20 at 4:00







  • 38





    If you work in a country with decent labor laws, even as a permanent employee, on their property, with their equipment keylogging, screenshotting or filming employees is a crime. It would not even be possible to get consent, if it's not required by the circumstances (for examples tellers in a bank will have to live with the fact that they are on the security tapes).

    – nvoigt
    Feb 20 at 6:52






  • 8





    "a business has no business in requesting timesheets from another business" Say what? It's routine in other industries, construction & lawyers to name but 2. If you challenged a lawyer and asked them for evidence that they'd worked the time they billed; they are required to provide it, or strike it from their bill. Your assertions are demonstrably false.

    – UKMonkey
    Feb 20 at 14:23







  • 6





    @UKMonkey timesheets are widespread to track employees.INTERNALLY. No business hands this kind of information out to third parties unless required by law or in support of the own company in legal proceedings.They're certainly not part of any invoice I've ever seen! The ACTUAL amount (not the billed) of time spent on a task is btw.a trade secret,reflecting the man hours spent, allowing retracing and guesstimating prices per hour per employee,even profit margins.A client could go window shopping with this figure.OP is not an employee as far as I understood, so not required to provide this info.

    – DigitalBlade969
    Feb 20 at 17:19



















22














This is pretty common.
UpWork requires screenshots for you to have escrow claims. Because of the popularity of UpWork it is safe to say this is a common practice. (HubStaff and various others operate similarly)



The Upwork client installs a program that takes a screenshot every 10 minutes and checks keyboard/mouse activity over each time slot to determine if you really were at the keyboard and approximately how active you were.



Personally I found it unpleasant at first but quickly got used to it. The clients rarely check it. It's mainly just that in the event of a dispute, the escrow mechanisms don't work without the paper trail of activity.



Note: the tracker is optional. If you don't use it then you have little chance of recovering funds as it is required for the escrow dispute resolution process.



Edit: I should add that I don't think software development is hourly work. Unless it's some kind of rote typing, most software development is about solving problems at all times of the day. I think it's more like art. You can't put Picasso in a room and say OK give me 2 paintings a day on a 9 to 5 shift, and we'll be monitoring your canvas. It's nonsense.






share|improve this answer




















  • 113





    Deleting my Upwork account now.

    – Dronz
    Feb 20 at 7:17






  • 79





    Did a mechanic really spend 2 days fixing my car? Did the lawyer spend all those billed hours on my case? None of these would allow me to keylog their systems or otherwise track their work.How in the world does this website think this is acceptable?! Though, judging by the extremely low, slave labor like offers on there, it doesn't surprise me. Oh and the fact that they get away with it, doesn't mean it is "VERY" common.Only if freelancers work on client site using client property.Otherwise it's two businesses engaging in contractual work.

    – DigitalBlade969
    Feb 20 at 8:10











  • Comments are not for extended discussion; this conversation has been moved to chat.

    – Jane S
    Feb 22 at 3:06






  • 2





    How do they know I haven't gone to the extra time and effort of finding/writing a program that will automate mouse-movements and keystrokes for me? I would actively seek out a client that was problematic, do the work really quick before goofing off for the rest of the time, safe in the knowledge that their very own system was proving that I was still hard at work.. Ned Kelly (the aussie bush-ranger) was variously accused of stealing horses until one day, he thought f*^%-it, I will steal horses. A relationship opened without trust is a worthless one.

    – enhzflep
    Feb 22 at 6:58











  • @enhzflep That's true. I think the challenge is how to build a platform like Upwork and be able to offer escrow services. What other mechanism apart from some kind of activity tracker is available? Your argument, while valid and important, applies to every software developer working in an open space office under visual supervision of a manager. In my opinion the primary reason that the herd flock to their offices instead of enjoying remote development is so that insecure management can deal with their trust issues on a daily level.

    – Sentinel
    Feb 22 at 10:00



















18














Others have given good answers whether or not this is normal (no!), but I wanted to give an example reaction. The tone should be confident, a kind of "take it or leave it" approach (which, IMO, this is):




Hi,



I have been in the industry a number of years. I have delivered a lot of software on time and on budget. I am aware of time management and perform as you may expect from a professional.



Asking me to use tracking software gives me the impression that you do not trust me and that won't help the project for either of us. If you want, I can give some testimonials of other clients about how it's like to work with me, but using tracking software has to be a hard no for me.



Please let me know whether you want to continue with this project, [ and here something positive depending on how much you would like this project ].







share|improve this answer




















  • 2





    I would add to the middle paragraph about how this is a security breach. +1

    – Kallmanation
    Feb 21 at 14:08






  • 9





    I've considered that, or the comparison with e.g. a car mechanic, but I came to the conclusion that that doesnt matter. It doesnt really matter that they understand, all they need to know is that it isn't an option. More text will only distract (at least, so was my conclusion).

    – Martijn
    Feb 21 at 14:20











  • That they asked is a red flag, so I'd inform them of why I'm declining to work for them as a courtesy, but it would be a hard no regardless of whether they changed their mind about the tracking.

    – trichoplax
    Feb 23 at 18:19


















16














Speaking to whether or not you should do this, I think you have your answer here.




I am not desperate for work.




One of the primary benefits of being a good freelance developer is the ability to choose your clients and work on your own terms. If you don't feel comfortable with this (and who would blame you), simply decline. Probably not someone you want to work with anyway.



It's important to remember that YOU are in charge of your business and responsible for how you do your work, how much you charge, etc. If you find yourself in a situation where you're struggling for clients or money, then by all means, reevaluate, but it doesn't sound like that's the case.



When done tactfully and with confidence, you will command respect and attract higher quality clients through a willingness to take control, dictate the process, or walk away when the situation calls for it.






share|improve this answer
































    11














    Dedicated devices



    Such a requirement isn't common, but it happens sometimes. One reason for highly monitored environments like this one is security controls, but security goes both ways - they don't want you to do unauthorized things, but you also don't want them to do unauthorized things with your data or, worse, data of your other clients.



    This means that if something like this is implemented, it's absolutely incompatible with the notion of "my home computer (which is also my work computer)" - if they do screenshot time tracking, then that must be done on a separate device that's dedicated to their project only, at least while their project is ongoing. E.g. start with a clean wiped machine, set up things for their project (including that time-tracking thing), use that machine only for that project and nothing else, and wipe the machine as soon as the project ends, which is a common part of NDAs if you work with sensitive data of that customer.



    If you're working on your home computer that contains data of other customers as well, then you can't meet such a requirement; you'd need to get a separate work machine, and you'd have to evaluate whether what they're paying you is adequate to justify that.






    share|improve this answer




















    • 7





      While I agree with the general premise of setting up a dedicated device I cannot upvote your answer because you suggest that burden should be placed on the freelancer; I am almost inclined to downvote it. I would have the client pay for the device and pay me hourly for all of the wasted hours of getting myself set up to work on their company device.

      – MonkeyZeus
      Feb 20 at 18:06






    • 1





      @MonkeyZeus it's a matter of convention whether that burden is reasonable or not, and that depends on the industry, and also on the field of your customers. For example, I'd expect that in web development the requirement to have an isolated device would be unreasonable, but in network penetration testing a similar requirement would be table stakes; the generally accepted "standard practices" are different there for obvious practical reasons. See also companies with strict "anti-BYOD" policies where contractors can work only on company systems. Of course, that hassle and time would be billable.

      – Peteris
      Feb 20 at 22:59












    • What @MonkeyZeus said. If the freelancer is going to do this for the client, all the costs of doing so must be built into the price the client is paying. And there are a lot of costs.

      – R..
      Feb 20 at 23:51











    • @MonkeyZeus And if I'd take that work at all, I'd add at least a 2x cost factor for feeling spied on and put under due stress to suppress the wish to circumvent their security nonsense. (If you have something truly security relevant, you develop it in-house on controlled hardware in a controlled environment).

      – Frank Hopkins
      Feb 21 at 22:40






    • 4





      @R. The only difficult part is, how do you verify you worked the hours you're billing them for setting up the isolated device with the spyware? ;-) Seriously, though, just saying "my charge for setting up a system you can spy on is $10k" maybe could be more effective than just saying "no", because then it looks like they're declining the cost rather than you're declining the condition. Plus I guess you can set that system up so you genuinely do clock out every time you move away from it, and hence be absolutely sure you aren't billing them while you're reading some other client's email.

      – Steve Jessop
      Feb 22 at 0:26



















    10














    There's an angle to this that I think you could take which hasn't been addressed:



    Instead of posturing why you don't do this because of the risk to OTHER clients or yourself...



    Explain why you don't do this because of the risks to the client requesting it



    Generally speaking, you always want to posture this in terms of the person requesting it, rather than yourself, and why the requestor "doesn't actually want this". Place the negatives, and the potential burdens, squarely on them and not yourself, and posture it as something you're not doing to better serve their interests in not doing it:



    "If I installed this type of software for every client, there would be the risk of a breach in my computer, and they might be able to read your proprietary data and code, which would be a security risk to you. I value you as a client, and I understand your concerns, and that's why as a professional this is simply something I do not allow, as a general rule to all my clients, for your own safety."



    Posture this as you doing them a favor and looking out for them by not doing this, ever, as a general rule. If they insist, offer them a solution that would make you comfortable but places all related costs on them, up to and including that they purchase related equipment for you, and they pay you for your time setting up the associated environment(s). If they're serious and have a serious concern, they will pay for it. If they're not (or if they're just being arbitrarily abusive) they'll move on to someone else, and you will be better off for it (since you've said you aren't desperate for this work).



    Contractor vs Employee



    Furthermore, another angle not covered here yet is that this degree of client involvement and interference into directing your work risks creating (in the US) a legally defined employee/employer relationship, rather than one of a contractor.



    If you are working as an employee of a contracting agency, this is not an issue (you are already in an employee relationship with someone in relation to the job in particular, and if your employer wants to let someone else they're contracting with direct you this much that's within your employer's purview: but it's also an onus on them to provide equipment and be liable for creating any related security risks as your employer). If you are working as a fully independent contractor (which is what I assume in this case, from tags and wording), this is a situation your clients should wish to avoid: they are commissioning work from you, not hiring you as an employee, and that distinction is actually important.



    Note that this is just a rough opinion, and if you have specific concerns you should hire a lawyer to look into specific situations (and also let me insert a generic "I am not a lawyer, nor am I your lawyer/etc" disclaimer).



    I would personally recommend that you be careful with how much you share with them, and posture it as a matter of professionalism that you are simply logging billable hours in relation to work product, versus detailing your day. Focus on what you got done in relation to a given set of billable hours, rather than on logging breaks/etc as such. There's a degree of oversharing which can set up the wrong expectations.



    This is someplace where when working as a fully independent contractor, I would, personally, take a page from how attorneys generally handle billable hours. Yes it includes things like "research" and the time spent doing that. No it does not (that I've ever seen or anywhere I've worked, having spent time in a law office) include things like "took a break". Document what you did, clock the time on it. That's what you bill the client. The rest is actually none of their business: they're paying for a result, they're not hiring you as an employee. (unless you come to a different mutual agreement to work as an employee for them)






    share|improve this answer




















    • 1





      "as a general rule to all my clients, for your own safety" -- for your comfort and convenience, you are not permitted to smoke in this area.

      – Steve Jessop
      Feb 22 at 0:31












    • @SteveJessop lol =) but really, as much as this can be a question of "spin", I feel like it's also one of resetting perspective/context into one that forces relevance to the person asking: make the client consider how THEY would feel if SOMEONE ELSE were the one making this request and it might impact them, and instead of trying to push something through while failing to value/appropriately consider the concerns of others, they may actually THINK about it in the way you need them to. Even outside of freelance contracting, I've found this to be a very useful tactic at work in general.

      – taswyn
      Feb 22 at 16:01


















    5














    No, this isn't a normal request. And from your own descriptions, I think you can improve your invoicing techniques. Clients don't care about your lunch breaks. All they care about is seeing what you did and how much it cost. Be clear, concise, and imagine you are the client reading the invoice. The goal should be, "Wow, look how much work was done in that little time!". Examples:



    Bad: "2.5 hours: fixing bugs, research"



    No one wants to pay for bug fixes and research! But they are happy to pay for "updates".



    Good: "2.5 hours: updating interfaces, adding low battery indicator, adding flux capacitor monitoring, additional database development"



    You don't need a ton of detail, just enough to show you've been busy and the hours are reasonable.






    share|improve this answer























    • If they agreed (or even better requested) a bug fix, then they're willing to pay for bugfixes. No need to say you spent the time "updating interfaces" when what you actually did was "fix that thing in the interface you've been complaining about for weeks". That said, I've heard that some novice clients require a bit of education to train them out of the notion that bugs are somehow "your mistakes" and hence must be fixed on your time. I mean, they are my mistakes, but the conclusion doesn't follow.

      – Steve Jessop
      Feb 22 at 0:35



















    4














    Your problem around this request is based on your setup. The reason there's a privacy concern is because you haven't split up your personal and work correctly; nor have you split your clients.



    By creating a single VM per client; you will at no point have any issue with cross contamination of key log data or personal data.



    There are many reasons why doing this is advantageous - such as limiting the impact of malware to your business, accidentally breaking NDA's and as you just found out, meeting strange requests from clients.



    Is it common practice? Well, I can't talk about freelancing, but most financial institutions use key loggers to protect themselves; often without the knowledge of the employees. It is worth highlighting that the collection of the data is legal; but the use of any passwords etc is not.
    The fact that they're asking for evidence that you're working the timesheet that you submit doesn't seem unreasonable; and if you have a better proposal on how you can present it then you can make a counter offer.



    As for the direct implication the client does not trust me; I disagree with this blanket statement. It might be that the person who's doing the outsourcing isn't trusted; or one of many other options; and even if it is true, so what? Would you trust someone's word without any evidence to back it up? It seems actually like they're taking a very reasonable stance by wanting evidence.



    You can always respond that you need to be paid in advance before delivery of the goods - which is also very reasonable.






    share|improve this answer




















    • 3





      I think this is how I would suggest doing it. A VM for each client solves a lot of these weird client specific problems.

      – Rich
      Feb 20 at 15:48






    • 8





      "A VM for each client" is extremily incomvenient 'cuz you need to duplicate your software and settings and synchronize any changes. Moving things between a VM and the host (e.g from/to your e-mail client) is also problematic. I wouldn't even consider it unless I'm working with things like state secrets -- and even that to rather insure myself (from accidental copying).

      – ivan_pozdeev
      Feb 20 at 16:28






    • 4





      I mulled over this idea, but the trust factor really bothered me more than most. As some of the other answers have suggested (and it makes sense) this is a client foreshadowing the future. Non-payment, withholding payment to force a new feature, common scummy slave driver tactics. To your point, this however mitigates some of the security risk (modern malware can escape VMs and it would be prudent to guess a professionally developed RAT has no problem doing this either).

      – CL40
      Feb 20 at 16:29






    • 3





      @ivan_pozdeev, there are multiple ways to address duplication, for instance, you can have a single VM with an additional virtual hard drive for each client's data (only mount one you're working with).

      – dbkk
      Feb 20 at 17:31






    • 2





      @paolo other than the other advantages listed.

      – UKMonkey
      Feb 21 at 0:02


















    4














    I personally would decline because of privacy concerns (both yours and other clients of yours).



    However, I would also propose an alternative. I would ask them to provide a similar machine that would have the screenshot tracking thing and that computer could solely be used for work related to the client that requested you install the screenshotting software.






    share|improve this answer


















    • 3





      This is certainly a good suggestion. I think I would rather fire the client than have the additional risk of them accusing me of breaking/stealing/etc their hardware. More to the point, mailing laptops back and forth is hairy business.

      – CL40
      Feb 20 at 16:32











    • Definitely not a favourable solution, but short of saying no and turning down business, this is as close as the OP can get to their client's wishes without sacrificing other clients' privacy

      – kolsyra
      Feb 20 at 19:20











    • Well, you can offer to buy it and re-bill them if you don't like the postal service, or to deal with the breaking/stealing accusations just flat charge them a setup fee and say you own the hardware but will not use it for any client other than them as long as they keep sending you work (as in, a small retainer or enough work per quarter to justify the space it occupies in your house). The more confident you are that they'll refuse any such terms, the closer this is to just saying no yourself.

      – Steve Jessop
      Feb 22 at 0:47



















    3














    I have never even heard of this concept, maybe its an Americanism, but in the UK ... never.



    However, I did it to myself a long time ago in an attempt to help me fill out my timesheets at the end of the week by installing a program that kept track of what program was active every few seconds. I found that, as a software developer, the 2 programs I used the most by far, and I mean over 50% of the time combined, were Firefox and Microsoft Word.



    Word is obvious, all those specs and documents, but Firefox's 2 main websites viewed were StackOverflow and MSDN (3rd FYI was Outlook.. don't you love corporate work environments!)



    So my problem quickly became how to tell what I was working on, if a significant amount of my time was spent reading stuff, even though it was work-related. I gave up as it was useless (if fun statistically).



    So unless they're just being paranoid that you're working (rather than judging you by results) then tell them you don't use it because its a waste of time.






    share|improve this answer


















    • 1





      I don't think this concept is uniquely American (I am American). Many sweat shop sites use this, and I suspect the client I am referring to commonly uses these.

      – CL40
      Feb 20 at 16:31












    • @CL40 ah well, that's why I've never heard of it - I don't use coding sweat shop sites! Others should do the same as me in this regard :-)

      – gbjbaanb
      Feb 22 at 23:02


















    2














    It's better to avoid uncomfortable clients.



    How to do this?



    Increasing your rate for them.



    If they have special requests like this, just double your rate.



    If they agree or not, in any case you gain.






    share|improve this answer




















    • 4





      This still does not solve the problem of security. Even if they offered to pay me 9x the rate they initially offered - is it worth risking another clients IP (and a legal battle over an NDA)? I guess it depends on how big "9x" is, but in general I'd say no.

      – CL40
      Feb 23 at 3:09











    • if rate is very very high, you can use separate laptop for this client

      – Alexan
      Feb 23 at 3:41


















    1














    My answer is similar to Peteris's but a bit further.



    While being monitored, it's foolish to not treat this workstation as known infected with spyware. It should be in a DMZ on your network (or have its access restricted to egress and nothing else).



    Knowing that someone doesn't trust me is annoying--I understand they don't necessarily know I'm trustworthy--but it's still difficult to not find this insulting.



    The only way I'd ever agree to a intrusion like this is if the expected pay would more than cover



    a) the cost of a workstation dedicated to the task, and



    b) the requisite hassle for setting it up as above, and



    c) being enough left over to justify the work at all.



    Even so, I'd likely consider a VM.



    Obviously there are other factors: How much do you need the work? How likely is this client to bring you future work--or refer other appealing clients?



    As for how common this is...I've never seen it, but that's my experience.






    share|improve this answer






























      1














      If you are in the UK, and claiming to be working as a contractor, HMRC (Her Majesty's Revenue and Customs) will have a field day. As a contractor, you get paid to do the work - there is no way you would let someone observe your work in so much detail unless you are an employee. So if they find out about this, it will cost you a ton of money.



      This is on top of all the arguments about security, privacy, possible exposure of other clients' data and so on.






      share|improve this answer






























        -1














        Screenshot time-tracking is not common. But if applied properly, it is beneficial for everyone.



        1. Such a request is normal only for their own devices.



        I have met such a behavior at clients and I can understand it. As far as it is happening only on their device dedicated for accessing their infrastructure, this is not a concern. For other cases, read further:



        I am always using tracking of my activities with benefit, but the recordings must remain internal.



        2. When working on my computer, the recording is mine, not theirs.



        During my software developer contracting period, I deliberately found and installed a tool which records window on top and screenshots. It gave me flexibility on addressing multiple projects and customers, switching between them without need of immediate writing down their hours, billing them accurately and auditing myself if I needed to additionally review my time spent. Moreover, if some work got lost due to editor instability, it was easy to restore it from screenshots. At that time, I would disclose the screenshots to the customer, but only during their personal presence in my office, with me controlling the computer and without video recording. That way they would be able to verify my billed periods and even if other screenshots would briefly appear on screen for 0.3 secs, I would not see it as a concern. If they would ask to have a few screenshots, I would redact them to remove unrelated information first.



        3. The recording can be fully disclosed only if made on their workstation.



        Applies to both freelancing and employment. Also in my case, during my current employment period, I continue to use this tool to give accurate billing for all projects. And here, I would give the entire track to my employer, even proactively (I mean, recording is my initiative, not their requirement) because on company's computer I have nothing to hide.






        share|improve this answer

























        • If voting down, I would appreciate if you explain the problems you found in the answer.

          – miroxlav
          Feb 22 at 15:25










        protected by Jane S Feb 20 at 20:59



        Thank you for your interest in this question.
        Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).



        Would you like to answer one of these unanswered questions instead?














        16 Answers
        16






        active

        oldest

        votes








        16 Answers
        16






        active

        oldest

        votes









        active

        oldest

        votes






        active

        oldest

        votes









        467















        Is this type of requirement common?




        No it isn't. It's also a security issue and a sign of a problematic client. Unless you're desperate for the work I'd just refuse.



        The major advantage of freelancing is that you pick your clients, your times and your conditions (these should always be clearly defined and agreed at the outset). If you allow a client to impinge on these you lose part of your advantage and your future negotiating status is lessened.






        share|improve this answer




















        • 26





          Agreed. This is uncommon and unusual. I would not take on a client that had this as a requirement.

          – joeqwerty
          Feb 20 at 2:01






        • 144





          I agree and would even go stronger. They are already signaling that they are going to dispute OP's labor charges. Even if OP is desperate, it is still better to be idle than work for nothing.

          – emory
          Feb 20 at 3:49






        • 60





          I never understand why people would even want to hire someone they clearly don't trust.

          – Jörg W Mittag
          Feb 20 at 5:04






        • 31





          @JörgWMittag you get lots of weird stuff freelancing, sometimes it's people trying it on or establishing a pecking order, sometimes it's clients that have had bad experiences and haven't gotten over themselves. No real point trying to analyse the reasons, if you don't like the conditions refuse the job.

          – Kilisi
          Feb 20 at 5:07






        • 7





          I would even go as far as to call them out on it, making sure to let them know exactly why you are refusing them, and why any respectable freelancer would also refuse them. It's plain ignorance - some one thinks they know what they're talking about but has no clue - this needs calling out.

          – ESR
          Feb 20 at 16:48















        467















        Is this type of requirement common?




        No it isn't. It's also a security issue and a sign of a problematic client. Unless you're desperate for the work I'd just refuse.



        The major advantage of freelancing is that you pick your clients, your times and your conditions (these should always be clearly defined and agreed at the outset). If you allow a client to impinge on these you lose part of your advantage and your future negotiating status is lessened.






        share|improve this answer




















        • 26





          Agreed. This is uncommon and unusual. I would not take on a client that had this as a requirement.

          – joeqwerty
          Feb 20 at 2:01






        • 144





          I agree and would even go stronger. They are already signaling that they are going to dispute OP's labor charges. Even if OP is desperate, it is still better to be idle than work for nothing.

          – emory
          Feb 20 at 3:49






        • 60





          I never understand why people would even want to hire someone they clearly don't trust.

          – Jörg W Mittag
          Feb 20 at 5:04






        • 31





          @JörgWMittag you get lots of weird stuff freelancing, sometimes it's people trying it on or establishing a pecking order, sometimes it's clients that have had bad experiences and haven't gotten over themselves. No real point trying to analyse the reasons, if you don't like the conditions refuse the job.

          – Kilisi
          Feb 20 at 5:07






        • 7





          I would even go as far as to call them out on it, making sure to let them know exactly why you are refusing them, and why any respectable freelancer would also refuse them. It's plain ignorance - some one thinks they know what they're talking about but has no clue - this needs calling out.

          – ESR
          Feb 20 at 16:48













        467












        467








        467








        Is this type of requirement common?




        No it isn't. It's also a security issue and a sign of a problematic client. Unless you're desperate for the work I'd just refuse.



        The major advantage of freelancing is that you pick your clients, your times and your conditions (these should always be clearly defined and agreed at the outset). If you allow a client to impinge on these you lose part of your advantage and your future negotiating status is lessened.






        share|improve this answer
















        Is this type of requirement common?




        No it isn't. It's also a security issue and a sign of a problematic client. Unless you're desperate for the work I'd just refuse.



        The major advantage of freelancing is that you pick your clients, your times and your conditions (these should always be clearly defined and agreed at the outset). If you allow a client to impinge on these you lose part of your advantage and your future negotiating status is lessened.







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Feb 20 at 1:23

























        answered Feb 20 at 1:16









        KilisiKilisi

        122k70268468




        122k70268468







        • 26





          Agreed. This is uncommon and unusual. I would not take on a client that had this as a requirement.

          – joeqwerty
          Feb 20 at 2:01






        • 144





          I agree and would even go stronger. They are already signaling that they are going to dispute OP's labor charges. Even if OP is desperate, it is still better to be idle than work for nothing.

          – emory
          Feb 20 at 3:49






        • 60





          I never understand why people would even want to hire someone they clearly don't trust.

          – Jörg W Mittag
          Feb 20 at 5:04






        • 31





          @JörgWMittag you get lots of weird stuff freelancing, sometimes it's people trying it on or establishing a pecking order, sometimes it's clients that have had bad experiences and haven't gotten over themselves. No real point trying to analyse the reasons, if you don't like the conditions refuse the job.

          – Kilisi
          Feb 20 at 5:07






        • 7





          I would even go as far as to call them out on it, making sure to let them know exactly why you are refusing them, and why any respectable freelancer would also refuse them. It's plain ignorance - some one thinks they know what they're talking about but has no clue - this needs calling out.

          – ESR
          Feb 20 at 16:48












        • 26





          Agreed. This is uncommon and unusual. I would not take on a client that had this as a requirement.

          – joeqwerty
          Feb 20 at 2:01






        • 144





          I agree and would even go stronger. They are already signaling that they are going to dispute OP's labor charges. Even if OP is desperate, it is still better to be idle than work for nothing.

          – emory
          Feb 20 at 3:49






        • 60





          I never understand why people would even want to hire someone they clearly don't trust.

          – Jörg W Mittag
          Feb 20 at 5:04






        • 31





          @JörgWMittag you get lots of weird stuff freelancing, sometimes it's people trying it on or establishing a pecking order, sometimes it's clients that have had bad experiences and haven't gotten over themselves. No real point trying to analyse the reasons, if you don't like the conditions refuse the job.

          – Kilisi
          Feb 20 at 5:07






        • 7





          I would even go as far as to call them out on it, making sure to let them know exactly why you are refusing them, and why any respectable freelancer would also refuse them. It's plain ignorance - some one thinks they know what they're talking about but has no clue - this needs calling out.

          – ESR
          Feb 20 at 16:48







        26




        26





        Agreed. This is uncommon and unusual. I would not take on a client that had this as a requirement.

        – joeqwerty
        Feb 20 at 2:01





        Agreed. This is uncommon and unusual. I would not take on a client that had this as a requirement.

        – joeqwerty
        Feb 20 at 2:01




        144




        144





        I agree and would even go stronger. They are already signaling that they are going to dispute OP's labor charges. Even if OP is desperate, it is still better to be idle than work for nothing.

        – emory
        Feb 20 at 3:49





        I agree and would even go stronger. They are already signaling that they are going to dispute OP's labor charges. Even if OP is desperate, it is still better to be idle than work for nothing.

        – emory
        Feb 20 at 3:49




        60




        60





        I never understand why people would even want to hire someone they clearly don't trust.

        – Jörg W Mittag
        Feb 20 at 5:04





        I never understand why people would even want to hire someone they clearly don't trust.

        – Jörg W Mittag
        Feb 20 at 5:04




        31




        31





        @JörgWMittag you get lots of weird stuff freelancing, sometimes it's people trying it on or establishing a pecking order, sometimes it's clients that have had bad experiences and haven't gotten over themselves. No real point trying to analyse the reasons, if you don't like the conditions refuse the job.

        – Kilisi
        Feb 20 at 5:07





        @JörgWMittag you get lots of weird stuff freelancing, sometimes it's people trying it on or establishing a pecking order, sometimes it's clients that have had bad experiences and haven't gotten over themselves. No real point trying to analyse the reasons, if you don't like the conditions refuse the job.

        – Kilisi
        Feb 20 at 5:07




        7




        7





        I would even go as far as to call them out on it, making sure to let them know exactly why you are refusing them, and why any respectable freelancer would also refuse them. It's plain ignorance - some one thinks they know what they're talking about but has no clue - this needs calling out.

        – ESR
        Feb 20 at 16:48





        I would even go as far as to call them out on it, making sure to let them know exactly why you are refusing them, and why any respectable freelancer would also refuse them. It's plain ignorance - some one thinks they know what they're talking about but has no clue - this needs calling out.

        – ESR
        Feb 20 at 16:48













        129















        the risk of exposing another clients work via (2) - software becomes unpatched leaving a giant hole in my system or a screenshot of a chat with another client




        This is why I will not use screen-logging software, and I do not know of a single free-lancer who will allow it on their computer.



        You likely signed NDAs with your clients. Installing this software likely breaks the NDA



        How to (possibly) salvage this situation - Explain The above reason to them, and suggest other ways to build trust with them. Something like




        I can't install software like that because you could inadvertently see what I'm working on for other clients. That's a violation of their trust (and possible NDA), so I can't really budge on that. I have several references XYZ if you're worried about work ethic.







        share|improve this answer























        • Just turn it back on the client and ask them to insure you for potentially breaking NDA. Probably needs, I dunno, $100 million or something depending on your clients.

          – Nelson
          Feb 21 at 0:33






        • 20





          If that's really your only concern you can always offer to do work for them on a device that they provide which can be set up however they want. If you actually just don't want to be monitored every minute of the day (which is a valid attitude, if harder to justify to the client) you need to know what you are going to say if they offer to provide you with whatever hardware you need on their terms.

          – Eric Nolan
          Feb 21 at 9:40






        • 4





          @nelson: Know what's worse than inadvertently breaking an NDA? Doing it in exchange for consideration (which client-paid insurance would be). That's industrial espionage and you would get out from under that cloud.

          – Ben Voigt
          Feb 22 at 4:40






        • 1





          @BenVoigt; No, that does not make sense. You're asking liability insurance for malfunctions in the screenshotting software. That is not at all consideration; you would never benefit from t.

          – MSalters
          Feb 22 at 13:01






        • 2





          @EricNolan fair enough, but they will get billed for all the time that it will take me to set everything up to my liking.

          – Davidmh
          Feb 22 at 14:08















        129















        the risk of exposing another clients work via (2) - software becomes unpatched leaving a giant hole in my system or a screenshot of a chat with another client




        This is why I will not use screen-logging software, and I do not know of a single free-lancer who will allow it on their computer.



        You likely signed NDAs with your clients. Installing this software likely breaks the NDA



        How to (possibly) salvage this situation - Explain The above reason to them, and suggest other ways to build trust with them. Something like




        I can't install software like that because you could inadvertently see what I'm working on for other clients. That's a violation of their trust (and possible NDA), so I can't really budge on that. I have several references XYZ if you're worried about work ethic.







        share|improve this answer























        • Just turn it back on the client and ask them to insure you for potentially breaking NDA. Probably needs, I dunno, $100 million or something depending on your clients.

          – Nelson
          Feb 21 at 0:33






        • 20





          If that's really your only concern you can always offer to do work for them on a device that they provide which can be set up however they want. If you actually just don't want to be monitored every minute of the day (which is a valid attitude, if harder to justify to the client) you need to know what you are going to say if they offer to provide you with whatever hardware you need on their terms.

          – Eric Nolan
          Feb 21 at 9:40






        • 4





          @nelson: Know what's worse than inadvertently breaking an NDA? Doing it in exchange for consideration (which client-paid insurance would be). That's industrial espionage and you would get out from under that cloud.

          – Ben Voigt
          Feb 22 at 4:40






        • 1





          @BenVoigt; No, that does not make sense. You're asking liability insurance for malfunctions in the screenshotting software. That is not at all consideration; you would never benefit from t.

          – MSalters
          Feb 22 at 13:01






        • 2





          @EricNolan fair enough, but they will get billed for all the time that it will take me to set everything up to my liking.

          – Davidmh
          Feb 22 at 14:08













        129












        129








        129








        the risk of exposing another clients work via (2) - software becomes unpatched leaving a giant hole in my system or a screenshot of a chat with another client




        This is why I will not use screen-logging software, and I do not know of a single free-lancer who will allow it on their computer.



        You likely signed NDAs with your clients. Installing this software likely breaks the NDA



        How to (possibly) salvage this situation - Explain The above reason to them, and suggest other ways to build trust with them. Something like




        I can't install software like that because you could inadvertently see what I'm working on for other clients. That's a violation of their trust (and possible NDA), so I can't really budge on that. I have several references XYZ if you're worried about work ethic.







        share|improve this answer














        the risk of exposing another clients work via (2) - software becomes unpatched leaving a giant hole in my system or a screenshot of a chat with another client




        This is why I will not use screen-logging software, and I do not know of a single free-lancer who will allow it on their computer.



        You likely signed NDAs with your clients. Installing this software likely breaks the NDA



        How to (possibly) salvage this situation - Explain The above reason to them, and suggest other ways to build trust with them. Something like




        I can't install software like that because you could inadvertently see what I'm working on for other clients. That's a violation of their trust (and possible NDA), so I can't really budge on that. I have several references XYZ if you're worried about work ethic.








        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Feb 20 at 1:28









        sevensevenssevensevens

        12.6k42844




        12.6k42844












        • Just turn it back on the client and ask them to insure you for potentially breaking NDA. Probably needs, I dunno, $100 million or something depending on your clients.

          – Nelson
          Feb 21 at 0:33






        • 20





          If that's really your only concern you can always offer to do work for them on a device that they provide which can be set up however they want. If you actually just don't want to be monitored every minute of the day (which is a valid attitude, if harder to justify to the client) you need to know what you are going to say if they offer to provide you with whatever hardware you need on their terms.

          – Eric Nolan
          Feb 21 at 9:40






        • 4





          @nelson: Know what's worse than inadvertently breaking an NDA? Doing it in exchange for consideration (which client-paid insurance would be). That's industrial espionage and you would get out from under that cloud.

          – Ben Voigt
          Feb 22 at 4:40






        • 1





          @BenVoigt; No, that does not make sense. You're asking liability insurance for malfunctions in the screenshotting software. That is not at all consideration; you would never benefit from t.

          – MSalters
          Feb 22 at 13:01






        • 2





          @EricNolan fair enough, but they will get billed for all the time that it will take me to set everything up to my liking.

          – Davidmh
          Feb 22 at 14:08

















        • Just turn it back on the client and ask them to insure you for potentially breaking NDA. Probably needs, I dunno, $100 million or something depending on your clients.

          – Nelson
          Feb 21 at 0:33






        • 20





          If that's really your only concern you can always offer to do work for them on a device that they provide which can be set up however they want. If you actually just don't want to be monitored every minute of the day (which is a valid attitude, if harder to justify to the client) you need to know what you are going to say if they offer to provide you with whatever hardware you need on their terms.

          – Eric Nolan
          Feb 21 at 9:40






        • 4





          @nelson: Know what's worse than inadvertently breaking an NDA? Doing it in exchange for consideration (which client-paid insurance would be). That's industrial espionage and you would get out from under that cloud.

          – Ben Voigt
          Feb 22 at 4:40






        • 1





          @BenVoigt; No, that does not make sense. You're asking liability insurance for malfunctions in the screenshotting software. That is not at all consideration; you would never benefit from t.

          – MSalters
          Feb 22 at 13:01






        • 2





          @EricNolan fair enough, but they will get billed for all the time that it will take me to set everything up to my liking.

          – Davidmh
          Feb 22 at 14:08
















        Just turn it back on the client and ask them to insure you for potentially breaking NDA. Probably needs, I dunno, $100 million or something depending on your clients.

        – Nelson
        Feb 21 at 0:33





        Just turn it back on the client and ask them to insure you for potentially breaking NDA. Probably needs, I dunno, $100 million or something depending on your clients.

        – Nelson
        Feb 21 at 0:33




        20




        20





        If that's really your only concern you can always offer to do work for them on a device that they provide which can be set up however they want. If you actually just don't want to be monitored every minute of the day (which is a valid attitude, if harder to justify to the client) you need to know what you are going to say if they offer to provide you with whatever hardware you need on their terms.

        – Eric Nolan
        Feb 21 at 9:40





        If that's really your only concern you can always offer to do work for them on a device that they provide which can be set up however they want. If you actually just don't want to be monitored every minute of the day (which is a valid attitude, if harder to justify to the client) you need to know what you are going to say if they offer to provide you with whatever hardware you need on their terms.

        – Eric Nolan
        Feb 21 at 9:40




        4




        4





        @nelson: Know what's worse than inadvertently breaking an NDA? Doing it in exchange for consideration (which client-paid insurance would be). That's industrial espionage and you would get out from under that cloud.

        – Ben Voigt
        Feb 22 at 4:40





        @nelson: Know what's worse than inadvertently breaking an NDA? Doing it in exchange for consideration (which client-paid insurance would be). That's industrial espionage and you would get out from under that cloud.

        – Ben Voigt
        Feb 22 at 4:40




        1




        1





        @BenVoigt; No, that does not make sense. You're asking liability insurance for malfunctions in the screenshotting software. That is not at all consideration; you would never benefit from t.

        – MSalters
        Feb 22 at 13:01





        @BenVoigt; No, that does not make sense. You're asking liability insurance for malfunctions in the screenshotting software. That is not at all consideration; you would never benefit from t.

        – MSalters
        Feb 22 at 13:01




        2




        2





        @EricNolan fair enough, but they will get billed for all the time that it will take me to set everything up to my liking.

        – Davidmh
        Feb 22 at 14:08





        @EricNolan fair enough, but they will get billed for all the time that it will take me to set everything up to my liking.

        – Davidmh
        Feb 22 at 14:08











        86














        DO NOT LET ANYBODY SPY ON YOUR PROPERTY AND WORK!!



        If you work on the clients premises, using their property and licenses then they have every right to keylog and screencapture.



        But that's not the case!



        I'm afraid you gave them ideas with your too detailed, itemized timesheets.



        Why would you even do that?



        You give an estimate and once you draw up a contract you name a more accurate amount of time and price.



        Once milestones are reached or the job is finished you invoice and bill your tasks / time.



        If it's very different to your estimate you better talked about whatever caused the price hike when it occurred and they better agreed to it.



        If they insist, thank them for considering to work with you but respectfully decline out of security concerns.



        Let me reiterate:



        DO NOT LET ANYBODY SPY ON YOUR PROPERTY AND WORK!!






        share|improve this answer




















        • 11





          with your too detailed itemized timesheets. It would appear I still have a lot to learn.

          – CL40
          Feb 20 at 1:26







        • 25





          Yeah, I would recommend categorizing your work only at a high level (i.e. research/planning, meetings, front-end, back-end, deployment, etc.) with a total per-category, and rounded to the hour. It's up to you how precisely you track your time internally, but sharing that detail treats your client like your manager and invites them to assume that authority.

          – HonoredMule
          Feb 20 at 4:00







        • 38





          If you work in a country with decent labor laws, even as a permanent employee, on their property, with their equipment keylogging, screenshotting or filming employees is a crime. It would not even be possible to get consent, if it's not required by the circumstances (for examples tellers in a bank will have to live with the fact that they are on the security tapes).

          – nvoigt
          Feb 20 at 6:52






        • 8





          "a business has no business in requesting timesheets from another business" Say what? It's routine in other industries, construction & lawyers to name but 2. If you challenged a lawyer and asked them for evidence that they'd worked the time they billed; they are required to provide it, or strike it from their bill. Your assertions are demonstrably false.

          – UKMonkey
          Feb 20 at 14:23







        • 6





          @UKMonkey timesheets are widespread to track employees.INTERNALLY. No business hands this kind of information out to third parties unless required by law or in support of the own company in legal proceedings.They're certainly not part of any invoice I've ever seen! The ACTUAL amount (not the billed) of time spent on a task is btw.a trade secret,reflecting the man hours spent, allowing retracing and guesstimating prices per hour per employee,even profit margins.A client could go window shopping with this figure.OP is not an employee as far as I understood, so not required to provide this info.

          – DigitalBlade969
          Feb 20 at 17:19
















        86














        DO NOT LET ANYBODY SPY ON YOUR PROPERTY AND WORK!!



        If you work on the clients premises, using their property and licenses then they have every right to keylog and screencapture.



        But that's not the case!



        I'm afraid you gave them ideas with your too detailed, itemized timesheets.



        Why would you even do that?



        You give an estimate and once you draw up a contract you name a more accurate amount of time and price.



        Once milestones are reached or the job is finished you invoice and bill your tasks / time.



        If it's very different to your estimate you better talked about whatever caused the price hike when it occurred and they better agreed to it.



        If they insist, thank them for considering to work with you but respectfully decline out of security concerns.



        Let me reiterate:



        DO NOT LET ANYBODY SPY ON YOUR PROPERTY AND WORK!!






        share|improve this answer




















        • 11





          with your too detailed itemized timesheets. It would appear I still have a lot to learn.

          – CL40
          Feb 20 at 1:26







        • 25





          Yeah, I would recommend categorizing your work only at a high level (i.e. research/planning, meetings, front-end, back-end, deployment, etc.) with a total per-category, and rounded to the hour. It's up to you how precisely you track your time internally, but sharing that detail treats your client like your manager and invites them to assume that authority.

          – HonoredMule
          Feb 20 at 4:00







        • 38





          If you work in a country with decent labor laws, even as a permanent employee, on their property, with their equipment keylogging, screenshotting or filming employees is a crime. It would not even be possible to get consent, if it's not required by the circumstances (for examples tellers in a bank will have to live with the fact that they are on the security tapes).

          – nvoigt
          Feb 20 at 6:52






        • 8





          "a business has no business in requesting timesheets from another business" Say what? It's routine in other industries, construction & lawyers to name but 2. If you challenged a lawyer and asked them for evidence that they'd worked the time they billed; they are required to provide it, or strike it from their bill. Your assertions are demonstrably false.

          – UKMonkey
          Feb 20 at 14:23







        • 6





          @UKMonkey timesheets are widespread to track employees.INTERNALLY. No business hands this kind of information out to third parties unless required by law or in support of the own company in legal proceedings.They're certainly not part of any invoice I've ever seen! The ACTUAL amount (not the billed) of time spent on a task is btw.a trade secret,reflecting the man hours spent, allowing retracing and guesstimating prices per hour per employee,even profit margins.A client could go window shopping with this figure.OP is not an employee as far as I understood, so not required to provide this info.

          – DigitalBlade969
          Feb 20 at 17:19














        86












        86








        86







        DO NOT LET ANYBODY SPY ON YOUR PROPERTY AND WORK!!



        If you work on the clients premises, using their property and licenses then they have every right to keylog and screencapture.



        But that's not the case!



        I'm afraid you gave them ideas with your too detailed, itemized timesheets.



        Why would you even do that?



        You give an estimate and once you draw up a contract you name a more accurate amount of time and price.



        Once milestones are reached or the job is finished you invoice and bill your tasks / time.



        If it's very different to your estimate you better talked about whatever caused the price hike when it occurred and they better agreed to it.



        If they insist, thank them for considering to work with you but respectfully decline out of security concerns.



        Let me reiterate:



        DO NOT LET ANYBODY SPY ON YOUR PROPERTY AND WORK!!






        share|improve this answer















        DO NOT LET ANYBODY SPY ON YOUR PROPERTY AND WORK!!



        If you work on the clients premises, using their property and licenses then they have every right to keylog and screencapture.



        But that's not the case!



        I'm afraid you gave them ideas with your too detailed, itemized timesheets.



        Why would you even do that?



        You give an estimate and once you draw up a contract you name a more accurate amount of time and price.



        Once milestones are reached or the job is finished you invoice and bill your tasks / time.



        If it's very different to your estimate you better talked about whatever caused the price hike when it occurred and they better agreed to it.



        If they insist, thank them for considering to work with you but respectfully decline out of security concerns.



        Let me reiterate:



        DO NOT LET ANYBODY SPY ON YOUR PROPERTY AND WORK!!







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Feb 20 at 7:51

























        answered Feb 20 at 1:25









        DigitalBlade969DigitalBlade969

        10.7k31236




        10.7k31236







        • 11





          with your too detailed itemized timesheets. It would appear I still have a lot to learn.

          – CL40
          Feb 20 at 1:26







        • 25





          Yeah, I would recommend categorizing your work only at a high level (i.e. research/planning, meetings, front-end, back-end, deployment, etc.) with a total per-category, and rounded to the hour. It's up to you how precisely you track your time internally, but sharing that detail treats your client like your manager and invites them to assume that authority.

          – HonoredMule
          Feb 20 at 4:00







        • 38





          If you work in a country with decent labor laws, even as a permanent employee, on their property, with their equipment keylogging, screenshotting or filming employees is a crime. It would not even be possible to get consent, if it's not required by the circumstances (for examples tellers in a bank will have to live with the fact that they are on the security tapes).

          – nvoigt
          Feb 20 at 6:52






        • 8





          "a business has no business in requesting timesheets from another business" Say what? It's routine in other industries, construction & lawyers to name but 2. If you challenged a lawyer and asked them for evidence that they'd worked the time they billed; they are required to provide it, or strike it from their bill. Your assertions are demonstrably false.

          – UKMonkey
          Feb 20 at 14:23







        • 6





          @UKMonkey timesheets are widespread to track employees.INTERNALLY. No business hands this kind of information out to third parties unless required by law or in support of the own company in legal proceedings.They're certainly not part of any invoice I've ever seen! The ACTUAL amount (not the billed) of time spent on a task is btw.a trade secret,reflecting the man hours spent, allowing retracing and guesstimating prices per hour per employee,even profit margins.A client could go window shopping with this figure.OP is not an employee as far as I understood, so not required to provide this info.

          – DigitalBlade969
          Feb 20 at 17:19













        • 11





          with your too detailed itemized timesheets. It would appear I still have a lot to learn.

          – CL40
          Feb 20 at 1:26







        • 25





          Yeah, I would recommend categorizing your work only at a high level (i.e. research/planning, meetings, front-end, back-end, deployment, etc.) with a total per-category, and rounded to the hour. It's up to you how precisely you track your time internally, but sharing that detail treats your client like your manager and invites them to assume that authority.

          – HonoredMule
          Feb 20 at 4:00







        • 38





          If you work in a country with decent labor laws, even as a permanent employee, on their property, with their equipment keylogging, screenshotting or filming employees is a crime. It would not even be possible to get consent, if it's not required by the circumstances (for examples tellers in a bank will have to live with the fact that they are on the security tapes).

          – nvoigt
          Feb 20 at 6:52






        • 8





          "a business has no business in requesting timesheets from another business" Say what? It's routine in other industries, construction & lawyers to name but 2. If you challenged a lawyer and asked them for evidence that they'd worked the time they billed; they are required to provide it, or strike it from their bill. Your assertions are demonstrably false.

          – UKMonkey
          Feb 20 at 14:23







        • 6





          @UKMonkey timesheets are widespread to track employees.INTERNALLY. No business hands this kind of information out to third parties unless required by law or in support of the own company in legal proceedings.They're certainly not part of any invoice I've ever seen! The ACTUAL amount (not the billed) of time spent on a task is btw.a trade secret,reflecting the man hours spent, allowing retracing and guesstimating prices per hour per employee,even profit margins.A client could go window shopping with this figure.OP is not an employee as far as I understood, so not required to provide this info.

          – DigitalBlade969
          Feb 20 at 17:19








        11




        11





        with your too detailed itemized timesheets. It would appear I still have a lot to learn.

        – CL40
        Feb 20 at 1:26






        with your too detailed itemized timesheets. It would appear I still have a lot to learn.

        – CL40
        Feb 20 at 1:26





        25




        25





        Yeah, I would recommend categorizing your work only at a high level (i.e. research/planning, meetings, front-end, back-end, deployment, etc.) with a total per-category, and rounded to the hour. It's up to you how precisely you track your time internally, but sharing that detail treats your client like your manager and invites them to assume that authority.

        – HonoredMule
        Feb 20 at 4:00






        Yeah, I would recommend categorizing your work only at a high level (i.e. research/planning, meetings, front-end, back-end, deployment, etc.) with a total per-category, and rounded to the hour. It's up to you how precisely you track your time internally, but sharing that detail treats your client like your manager and invites them to assume that authority.

        – HonoredMule
        Feb 20 at 4:00





        38




        38





        If you work in a country with decent labor laws, even as a permanent employee, on their property, with their equipment keylogging, screenshotting or filming employees is a crime. It would not even be possible to get consent, if it's not required by the circumstances (for examples tellers in a bank will have to live with the fact that they are on the security tapes).

        – nvoigt
        Feb 20 at 6:52





        If you work in a country with decent labor laws, even as a permanent employee, on their property, with their equipment keylogging, screenshotting or filming employees is a crime. It would not even be possible to get consent, if it's not required by the circumstances (for examples tellers in a bank will have to live with the fact that they are on the security tapes).

        – nvoigt
        Feb 20 at 6:52




        8




        8





        "a business has no business in requesting timesheets from another business" Say what? It's routine in other industries, construction & lawyers to name but 2. If you challenged a lawyer and asked them for evidence that they'd worked the time they billed; they are required to provide it, or strike it from their bill. Your assertions are demonstrably false.

        – UKMonkey
        Feb 20 at 14:23






        "a business has no business in requesting timesheets from another business" Say what? It's routine in other industries, construction & lawyers to name but 2. If you challenged a lawyer and asked them for evidence that they'd worked the time they billed; they are required to provide it, or strike it from their bill. Your assertions are demonstrably false.

        – UKMonkey
        Feb 20 at 14:23





        6




        6





        @UKMonkey timesheets are widespread to track employees.INTERNALLY. No business hands this kind of information out to third parties unless required by law or in support of the own company in legal proceedings.They're certainly not part of any invoice I've ever seen! The ACTUAL amount (not the billed) of time spent on a task is btw.a trade secret,reflecting the man hours spent, allowing retracing and guesstimating prices per hour per employee,even profit margins.A client could go window shopping with this figure.OP is not an employee as far as I understood, so not required to provide this info.

        – DigitalBlade969
        Feb 20 at 17:19






        @UKMonkey timesheets are widespread to track employees.INTERNALLY. No business hands this kind of information out to third parties unless required by law or in support of the own company in legal proceedings.They're certainly not part of any invoice I've ever seen! The ACTUAL amount (not the billed) of time spent on a task is btw.a trade secret,reflecting the man hours spent, allowing retracing and guesstimating prices per hour per employee,even profit margins.A client could go window shopping with this figure.OP is not an employee as far as I understood, so not required to provide this info.

        – DigitalBlade969
        Feb 20 at 17:19












        22














        This is pretty common.
        UpWork requires screenshots for you to have escrow claims. Because of the popularity of UpWork it is safe to say this is a common practice. (HubStaff and various others operate similarly)



        The Upwork client installs a program that takes a screenshot every 10 minutes and checks keyboard/mouse activity over each time slot to determine if you really were at the keyboard and approximately how active you were.



        Personally I found it unpleasant at first but quickly got used to it. The clients rarely check it. It's mainly just that in the event of a dispute, the escrow mechanisms don't work without the paper trail of activity.



        Note: the tracker is optional. If you don't use it then you have little chance of recovering funds as it is required for the escrow dispute resolution process.



        Edit: I should add that I don't think software development is hourly work. Unless it's some kind of rote typing, most software development is about solving problems at all times of the day. I think it's more like art. You can't put Picasso in a room and say OK give me 2 paintings a day on a 9 to 5 shift, and we'll be monitoring your canvas. It's nonsense.






        share|improve this answer




















        • 113





          Deleting my Upwork account now.

          – Dronz
          Feb 20 at 7:17






        • 79





          Did a mechanic really spend 2 days fixing my car? Did the lawyer spend all those billed hours on my case? None of these would allow me to keylog their systems or otherwise track their work.How in the world does this website think this is acceptable?! Though, judging by the extremely low, slave labor like offers on there, it doesn't surprise me. Oh and the fact that they get away with it, doesn't mean it is "VERY" common.Only if freelancers work on client site using client property.Otherwise it's two businesses engaging in contractual work.

          – DigitalBlade969
          Feb 20 at 8:10











        • Comments are not for extended discussion; this conversation has been moved to chat.

          – Jane S
          Feb 22 at 3:06






        • 2





          How do they know I haven't gone to the extra time and effort of finding/writing a program that will automate mouse-movements and keystrokes for me? I would actively seek out a client that was problematic, do the work really quick before goofing off for the rest of the time, safe in the knowledge that their very own system was proving that I was still hard at work.. Ned Kelly (the aussie bush-ranger) was variously accused of stealing horses until one day, he thought f*^%-it, I will steal horses. A relationship opened without trust is a worthless one.

          – enhzflep
          Feb 22 at 6:58











        • @enhzflep That's true. I think the challenge is how to build a platform like Upwork and be able to offer escrow services. What other mechanism apart from some kind of activity tracker is available? Your argument, while valid and important, applies to every software developer working in an open space office under visual supervision of a manager. In my opinion the primary reason that the herd flock to their offices instead of enjoying remote development is so that insecure management can deal with their trust issues on a daily level.

          – Sentinel
          Feb 22 at 10:00
















        22














        This is pretty common.
        UpWork requires screenshots for you to have escrow claims. Because of the popularity of UpWork it is safe to say this is a common practice. (HubStaff and various others operate similarly)



        The Upwork client installs a program that takes a screenshot every 10 minutes and checks keyboard/mouse activity over each time slot to determine if you really were at the keyboard and approximately how active you were.



        Personally I found it unpleasant at first but quickly got used to it. The clients rarely check it. It's mainly just that in the event of a dispute, the escrow mechanisms don't work without the paper trail of activity.



        Note: the tracker is optional. If you don't use it then you have little chance of recovering funds as it is required for the escrow dispute resolution process.



        Edit: I should add that I don't think software development is hourly work. Unless it's some kind of rote typing, most software development is about solving problems at all times of the day. I think it's more like art. You can't put Picasso in a room and say OK give me 2 paintings a day on a 9 to 5 shift, and we'll be monitoring your canvas. It's nonsense.






        share|improve this answer




















        • 113





          Deleting my Upwork account now.

          – Dronz
          Feb 20 at 7:17






        • 79





          Did a mechanic really spend 2 days fixing my car? Did the lawyer spend all those billed hours on my case? None of these would allow me to keylog their systems or otherwise track their work.How in the world does this website think this is acceptable?! Though, judging by the extremely low, slave labor like offers on there, it doesn't surprise me. Oh and the fact that they get away with it, doesn't mean it is "VERY" common.Only if freelancers work on client site using client property.Otherwise it's two businesses engaging in contractual work.

          – DigitalBlade969
          Feb 20 at 8:10











        • Comments are not for extended discussion; this conversation has been moved to chat.

          – Jane S
          Feb 22 at 3:06






        • 2





          How do they know I haven't gone to the extra time and effort of finding/writing a program that will automate mouse-movements and keystrokes for me? I would actively seek out a client that was problematic, do the work really quick before goofing off for the rest of the time, safe in the knowledge that their very own system was proving that I was still hard at work.. Ned Kelly (the aussie bush-ranger) was variously accused of stealing horses until one day, he thought f*^%-it, I will steal horses. A relationship opened without trust is a worthless one.

          – enhzflep
          Feb 22 at 6:58











        • @enhzflep That's true. I think the challenge is how to build a platform like Upwork and be able to offer escrow services. What other mechanism apart from some kind of activity tracker is available? Your argument, while valid and important, applies to every software developer working in an open space office under visual supervision of a manager. In my opinion the primary reason that the herd flock to their offices instead of enjoying remote development is so that insecure management can deal with their trust issues on a daily level.

          – Sentinel
          Feb 22 at 10:00














        22












        22








        22







        This is pretty common.
        UpWork requires screenshots for you to have escrow claims. Because of the popularity of UpWork it is safe to say this is a common practice. (HubStaff and various others operate similarly)



        The Upwork client installs a program that takes a screenshot every 10 minutes and checks keyboard/mouse activity over each time slot to determine if you really were at the keyboard and approximately how active you were.



        Personally I found it unpleasant at first but quickly got used to it. The clients rarely check it. It's mainly just that in the event of a dispute, the escrow mechanisms don't work without the paper trail of activity.



        Note: the tracker is optional. If you don't use it then you have little chance of recovering funds as it is required for the escrow dispute resolution process.



        Edit: I should add that I don't think software development is hourly work. Unless it's some kind of rote typing, most software development is about solving problems at all times of the day. I think it's more like art. You can't put Picasso in a room and say OK give me 2 paintings a day on a 9 to 5 shift, and we'll be monitoring your canvas. It's nonsense.






        share|improve this answer















        This is pretty common.
        UpWork requires screenshots for you to have escrow claims. Because of the popularity of UpWork it is safe to say this is a common practice. (HubStaff and various others operate similarly)



        The Upwork client installs a program that takes a screenshot every 10 minutes and checks keyboard/mouse activity over each time slot to determine if you really were at the keyboard and approximately how active you were.



        Personally I found it unpleasant at first but quickly got used to it. The clients rarely check it. It's mainly just that in the event of a dispute, the escrow mechanisms don't work without the paper trail of activity.



        Note: the tracker is optional. If you don't use it then you have little chance of recovering funds as it is required for the escrow dispute resolution process.



        Edit: I should add that I don't think software development is hourly work. Unless it's some kind of rote typing, most software development is about solving problems at all times of the day. I think it's more like art. You can't put Picasso in a room and say OK give me 2 paintings a day on a 9 to 5 shift, and we'll be monitoring your canvas. It's nonsense.







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Feb 21 at 8:43

























        answered Feb 20 at 6:17









        SentinelSentinel

        2,0482517




        2,0482517







        • 113





          Deleting my Upwork account now.

          – Dronz
          Feb 20 at 7:17






        • 79





          Did a mechanic really spend 2 days fixing my car? Did the lawyer spend all those billed hours on my case? None of these would allow me to keylog their systems or otherwise track their work.How in the world does this website think this is acceptable?! Though, judging by the extremely low, slave labor like offers on there, it doesn't surprise me. Oh and the fact that they get away with it, doesn't mean it is "VERY" common.Only if freelancers work on client site using client property.Otherwise it's two businesses engaging in contractual work.

          – DigitalBlade969
          Feb 20 at 8:10











        • Comments are not for extended discussion; this conversation has been moved to chat.

          – Jane S
          Feb 22 at 3:06






        • 2





          How do they know I haven't gone to the extra time and effort of finding/writing a program that will automate mouse-movements and keystrokes for me? I would actively seek out a client that was problematic, do the work really quick before goofing off for the rest of the time, safe in the knowledge that their very own system was proving that I was still hard at work.. Ned Kelly (the aussie bush-ranger) was variously accused of stealing horses until one day, he thought f*^%-it, I will steal horses. A relationship opened without trust is a worthless one.

          – enhzflep
          Feb 22 at 6:58











        • @enhzflep That's true. I think the challenge is how to build a platform like Upwork and be able to offer escrow services. What other mechanism apart from some kind of activity tracker is available? Your argument, while valid and important, applies to every software developer working in an open space office under visual supervision of a manager. In my opinion the primary reason that the herd flock to their offices instead of enjoying remote development is so that insecure management can deal with their trust issues on a daily level.

          – Sentinel
          Feb 22 at 10:00













        • 113





          Deleting my Upwork account now.

          – Dronz
          Feb 20 at 7:17






        • 79





          Did a mechanic really spend 2 days fixing my car? Did the lawyer spend all those billed hours on my case? None of these would allow me to keylog their systems or otherwise track their work.How in the world does this website think this is acceptable?! Though, judging by the extremely low, slave labor like offers on there, it doesn't surprise me. Oh and the fact that they get away with it, doesn't mean it is "VERY" common.Only if freelancers work on client site using client property.Otherwise it's two businesses engaging in contractual work.

          – DigitalBlade969
          Feb 20 at 8:10











        • Comments are not for extended discussion; this conversation has been moved to chat.

          – Jane S
          Feb 22 at 3:06






        • 2





          How do they know I haven't gone to the extra time and effort of finding/writing a program that will automate mouse-movements and keystrokes for me? I would actively seek out a client that was problematic, do the work really quick before goofing off for the rest of the time, safe in the knowledge that their very own system was proving that I was still hard at work.. Ned Kelly (the aussie bush-ranger) was variously accused of stealing horses until one day, he thought f*^%-it, I will steal horses. A relationship opened without trust is a worthless one.

          – enhzflep
          Feb 22 at 6:58











        • @enhzflep That's true. I think the challenge is how to build a platform like Upwork and be able to offer escrow services. What other mechanism apart from some kind of activity tracker is available? Your argument, while valid and important, applies to every software developer working in an open space office under visual supervision of a manager. In my opinion the primary reason that the herd flock to their offices instead of enjoying remote development is so that insecure management can deal with their trust issues on a daily level.

          – Sentinel
          Feb 22 at 10:00








        113




        113





        Deleting my Upwork account now.

        – Dronz
        Feb 20 at 7:17





        Deleting my Upwork account now.

        – Dronz
        Feb 20 at 7:17




        79




        79





        Did a mechanic really spend 2 days fixing my car? Did the lawyer spend all those billed hours on my case? None of these would allow me to keylog their systems or otherwise track their work.How in the world does this website think this is acceptable?! Though, judging by the extremely low, slave labor like offers on there, it doesn't surprise me. Oh and the fact that they get away with it, doesn't mean it is "VERY" common.Only if freelancers work on client site using client property.Otherwise it's two businesses engaging in contractual work.

        – DigitalBlade969
        Feb 20 at 8:10





        Did a mechanic really spend 2 days fixing my car? Did the lawyer spend all those billed hours on my case? None of these would allow me to keylog their systems or otherwise track their work.How in the world does this website think this is acceptable?! Though, judging by the extremely low, slave labor like offers on there, it doesn't surprise me. Oh and the fact that they get away with it, doesn't mean it is "VERY" common.Only if freelancers work on client site using client property.Otherwise it's two businesses engaging in contractual work.

        – DigitalBlade969
        Feb 20 at 8:10













        Comments are not for extended discussion; this conversation has been moved to chat.

        – Jane S
        Feb 22 at 3:06





        Comments are not for extended discussion; this conversation has been moved to chat.

        – Jane S
        Feb 22 at 3:06




        2




        2





        How do they know I haven't gone to the extra time and effort of finding/writing a program that will automate mouse-movements and keystrokes for me? I would actively seek out a client that was problematic, do the work really quick before goofing off for the rest of the time, safe in the knowledge that their very own system was proving that I was still hard at work.. Ned Kelly (the aussie bush-ranger) was variously accused of stealing horses until one day, he thought f*^%-it, I will steal horses. A relationship opened without trust is a worthless one.

        – enhzflep
        Feb 22 at 6:58





        How do they know I haven't gone to the extra time and effort of finding/writing a program that will automate mouse-movements and keystrokes for me? I would actively seek out a client that was problematic, do the work really quick before goofing off for the rest of the time, safe in the knowledge that their very own system was proving that I was still hard at work.. Ned Kelly (the aussie bush-ranger) was variously accused of stealing horses until one day, he thought f*^%-it, I will steal horses. A relationship opened without trust is a worthless one.

        – enhzflep
        Feb 22 at 6:58













        @enhzflep That's true. I think the challenge is how to build a platform like Upwork and be able to offer escrow services. What other mechanism apart from some kind of activity tracker is available? Your argument, while valid and important, applies to every software developer working in an open space office under visual supervision of a manager. In my opinion the primary reason that the herd flock to their offices instead of enjoying remote development is so that insecure management can deal with their trust issues on a daily level.

        – Sentinel
        Feb 22 at 10:00






        @enhzflep That's true. I think the challenge is how to build a platform like Upwork and be able to offer escrow services. What other mechanism apart from some kind of activity tracker is available? Your argument, while valid and important, applies to every software developer working in an open space office under visual supervision of a manager. In my opinion the primary reason that the herd flock to their offices instead of enjoying remote development is so that insecure management can deal with their trust issues on a daily level.

        – Sentinel
        Feb 22 at 10:00












        18














        Others have given good answers whether or not this is normal (no!), but I wanted to give an example reaction. The tone should be confident, a kind of "take it or leave it" approach (which, IMO, this is):




        Hi,



        I have been in the industry a number of years. I have delivered a lot of software on time and on budget. I am aware of time management and perform as you may expect from a professional.



        Asking me to use tracking software gives me the impression that you do not trust me and that won't help the project for either of us. If you want, I can give some testimonials of other clients about how it's like to work with me, but using tracking software has to be a hard no for me.



        Please let me know whether you want to continue with this project, [ and here something positive depending on how much you would like this project ].







        share|improve this answer




















        • 2





          I would add to the middle paragraph about how this is a security breach. +1

          – Kallmanation
          Feb 21 at 14:08






        • 9





          I've considered that, or the comparison with e.g. a car mechanic, but I came to the conclusion that that doesnt matter. It doesnt really matter that they understand, all they need to know is that it isn't an option. More text will only distract (at least, so was my conclusion).

          – Martijn
          Feb 21 at 14:20











        • That they asked is a red flag, so I'd inform them of why I'm declining to work for them as a courtesy, but it would be a hard no regardless of whether they changed their mind about the tracking.

          – trichoplax
          Feb 23 at 18:19















        18














        Others have given good answers whether or not this is normal (no!), but I wanted to give an example reaction. The tone should be confident, a kind of "take it or leave it" approach (which, IMO, this is):




        Hi,



        I have been in the industry a number of years. I have delivered a lot of software on time and on budget. I am aware of time management and perform as you may expect from a professional.



        Asking me to use tracking software gives me the impression that you do not trust me and that won't help the project for either of us. If you want, I can give some testimonials of other clients about how it's like to work with me, but using tracking software has to be a hard no for me.



        Please let me know whether you want to continue with this project, [ and here something positive depending on how much you would like this project ].







        share|improve this answer




















        • 2





          I would add to the middle paragraph about how this is a security breach. +1

          – Kallmanation
          Feb 21 at 14:08






        • 9





          I've considered that, or the comparison with e.g. a car mechanic, but I came to the conclusion that that doesnt matter. It doesnt really matter that they understand, all they need to know is that it isn't an option. More text will only distract (at least, so was my conclusion).

          – Martijn
          Feb 21 at 14:20











        • That they asked is a red flag, so I'd inform them of why I'm declining to work for them as a courtesy, but it would be a hard no regardless of whether they changed their mind about the tracking.

          – trichoplax
          Feb 23 at 18:19













        18












        18








        18







        Others have given good answers whether or not this is normal (no!), but I wanted to give an example reaction. The tone should be confident, a kind of "take it or leave it" approach (which, IMO, this is):




        Hi,



        I have been in the industry a number of years. I have delivered a lot of software on time and on budget. I am aware of time management and perform as you may expect from a professional.



        Asking me to use tracking software gives me the impression that you do not trust me and that won't help the project for either of us. If you want, I can give some testimonials of other clients about how it's like to work with me, but using tracking software has to be a hard no for me.



        Please let me know whether you want to continue with this project, [ and here something positive depending on how much you would like this project ].







        share|improve this answer















        Others have given good answers whether or not this is normal (no!), but I wanted to give an example reaction. The tone should be confident, a kind of "take it or leave it" approach (which, IMO, this is):




        Hi,



        I have been in the industry a number of years. I have delivered a lot of software on time and on budget. I am aware of time management and perform as you may expect from a professional.



        Asking me to use tracking software gives me the impression that you do not trust me and that won't help the project for either of us. If you want, I can give some testimonials of other clients about how it's like to work with me, but using tracking software has to be a hard no for me.



        Please let me know whether you want to continue with this project, [ and here something positive depending on how much you would like this project ].








        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Feb 20 at 11:05









        avazula

        6942616




        6942616










        answered Feb 20 at 8:51









        MartijnMartijn

        2,3861827




        2,3861827







        • 2





          I would add to the middle paragraph about how this is a security breach. +1

          – Kallmanation
          Feb 21 at 14:08






        • 9





          I've considered that, or the comparison with e.g. a car mechanic, but I came to the conclusion that that doesnt matter. It doesnt really matter that they understand, all they need to know is that it isn't an option. More text will only distract (at least, so was my conclusion).

          – Martijn
          Feb 21 at 14:20











        • That they asked is a red flag, so I'd inform them of why I'm declining to work for them as a courtesy, but it would be a hard no regardless of whether they changed their mind about the tracking.

          – trichoplax
          Feb 23 at 18:19












        • 2





          I would add to the middle paragraph about how this is a security breach. +1

          – Kallmanation
          Feb 21 at 14:08






        • 9





          I've considered that, or the comparison with e.g. a car mechanic, but I came to the conclusion that that doesnt matter. It doesnt really matter that they understand, all they need to know is that it isn't an option. More text will only distract (at least, so was my conclusion).

          – Martijn
          Feb 21 at 14:20











        • That they asked is a red flag, so I'd inform them of why I'm declining to work for them as a courtesy, but it would be a hard no regardless of whether they changed their mind about the tracking.

          – trichoplax
          Feb 23 at 18:19







        2




        2





        I would add to the middle paragraph about how this is a security breach. +1

        – Kallmanation
        Feb 21 at 14:08





        I would add to the middle paragraph about how this is a security breach. +1

        – Kallmanation
        Feb 21 at 14:08




        9




        9





        I've considered that, or the comparison with e.g. a car mechanic, but I came to the conclusion that that doesnt matter. It doesnt really matter that they understand, all they need to know is that it isn't an option. More text will only distract (at least, so was my conclusion).

        – Martijn
        Feb 21 at 14:20





        I've considered that, or the comparison with e.g. a car mechanic, but I came to the conclusion that that doesnt matter. It doesnt really matter that they understand, all they need to know is that it isn't an option. More text will only distract (at least, so was my conclusion).

        – Martijn
        Feb 21 at 14:20













        That they asked is a red flag, so I'd inform them of why I'm declining to work for them as a courtesy, but it would be a hard no regardless of whether they changed their mind about the tracking.

        – trichoplax
        Feb 23 at 18:19





        That they asked is a red flag, so I'd inform them of why I'm declining to work for them as a courtesy, but it would be a hard no regardless of whether they changed their mind about the tracking.

        – trichoplax
        Feb 23 at 18:19











        16














        Speaking to whether or not you should do this, I think you have your answer here.




        I am not desperate for work.




        One of the primary benefits of being a good freelance developer is the ability to choose your clients and work on your own terms. If you don't feel comfortable with this (and who would blame you), simply decline. Probably not someone you want to work with anyway.



        It's important to remember that YOU are in charge of your business and responsible for how you do your work, how much you charge, etc. If you find yourself in a situation where you're struggling for clients or money, then by all means, reevaluate, but it doesn't sound like that's the case.



        When done tactfully and with confidence, you will command respect and attract higher quality clients through a willingness to take control, dictate the process, or walk away when the situation calls for it.






        share|improve this answer





























          16














          Speaking to whether or not you should do this, I think you have your answer here.




          I am not desperate for work.




          One of the primary benefits of being a good freelance developer is the ability to choose your clients and work on your own terms. If you don't feel comfortable with this (and who would blame you), simply decline. Probably not someone you want to work with anyway.



          It's important to remember that YOU are in charge of your business and responsible for how you do your work, how much you charge, etc. If you find yourself in a situation where you're struggling for clients or money, then by all means, reevaluate, but it doesn't sound like that's the case.



          When done tactfully and with confidence, you will command respect and attract higher quality clients through a willingness to take control, dictate the process, or walk away when the situation calls for it.






          share|improve this answer



























            16












            16








            16







            Speaking to whether or not you should do this, I think you have your answer here.




            I am not desperate for work.




            One of the primary benefits of being a good freelance developer is the ability to choose your clients and work on your own terms. If you don't feel comfortable with this (and who would blame you), simply decline. Probably not someone you want to work with anyway.



            It's important to remember that YOU are in charge of your business and responsible for how you do your work, how much you charge, etc. If you find yourself in a situation where you're struggling for clients or money, then by all means, reevaluate, but it doesn't sound like that's the case.



            When done tactfully and with confidence, you will command respect and attract higher quality clients through a willingness to take control, dictate the process, or walk away when the situation calls for it.






            share|improve this answer















            Speaking to whether or not you should do this, I think you have your answer here.




            I am not desperate for work.




            One of the primary benefits of being a good freelance developer is the ability to choose your clients and work on your own terms. If you don't feel comfortable with this (and who would blame you), simply decline. Probably not someone you want to work with anyway.



            It's important to remember that YOU are in charge of your business and responsible for how you do your work, how much you charge, etc. If you find yourself in a situation where you're struggling for clients or money, then by all means, reevaluate, but it doesn't sound like that's the case.



            When done tactfully and with confidence, you will command respect and attract higher quality clients through a willingness to take control, dictate the process, or walk away when the situation calls for it.







            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited Feb 20 at 14:59

























            answered Feb 20 at 14:40









            aw04aw04

            92029




            92029





















                11














                Dedicated devices



                Such a requirement isn't common, but it happens sometimes. One reason for highly monitored environments like this one is security controls, but security goes both ways - they don't want you to do unauthorized things, but you also don't want them to do unauthorized things with your data or, worse, data of your other clients.



                This means that if something like this is implemented, it's absolutely incompatible with the notion of "my home computer (which is also my work computer)" - if they do screenshot time tracking, then that must be done on a separate device that's dedicated to their project only, at least while their project is ongoing. E.g. start with a clean wiped machine, set up things for their project (including that time-tracking thing), use that machine only for that project and nothing else, and wipe the machine as soon as the project ends, which is a common part of NDAs if you work with sensitive data of that customer.



                If you're working on your home computer that contains data of other customers as well, then you can't meet such a requirement; you'd need to get a separate work machine, and you'd have to evaluate whether what they're paying you is adequate to justify that.






                share|improve this answer




















                • 7





                  While I agree with the general premise of setting up a dedicated device I cannot upvote your answer because you suggest that burden should be placed on the freelancer; I am almost inclined to downvote it. I would have the client pay for the device and pay me hourly for all of the wasted hours of getting myself set up to work on their company device.

                  – MonkeyZeus
                  Feb 20 at 18:06






                • 1





                  @MonkeyZeus it's a matter of convention whether that burden is reasonable or not, and that depends on the industry, and also on the field of your customers. For example, I'd expect that in web development the requirement to have an isolated device would be unreasonable, but in network penetration testing a similar requirement would be table stakes; the generally accepted "standard practices" are different there for obvious practical reasons. See also companies with strict "anti-BYOD" policies where contractors can work only on company systems. Of course, that hassle and time would be billable.

                  – Peteris
                  Feb 20 at 22:59












                • What @MonkeyZeus said. If the freelancer is going to do this for the client, all the costs of doing so must be built into the price the client is paying. And there are a lot of costs.

                  – R..
                  Feb 20 at 23:51











                • @MonkeyZeus And if I'd take that work at all, I'd add at least a 2x cost factor for feeling spied on and put under due stress to suppress the wish to circumvent their security nonsense. (If you have something truly security relevant, you develop it in-house on controlled hardware in a controlled environment).

                  – Frank Hopkins
                  Feb 21 at 22:40






                • 4





                  @R. The only difficult part is, how do you verify you worked the hours you're billing them for setting up the isolated device with the spyware? ;-) Seriously, though, just saying "my charge for setting up a system you can spy on is $10k" maybe could be more effective than just saying "no", because then it looks like they're declining the cost rather than you're declining the condition. Plus I guess you can set that system up so you genuinely do clock out every time you move away from it, and hence be absolutely sure you aren't billing them while you're reading some other client's email.

                  – Steve Jessop
                  Feb 22 at 0:26
















                11














                Dedicated devices



                Such a requirement isn't common, but it happens sometimes. One reason for highly monitored environments like this one is security controls, but security goes both ways - they don't want you to do unauthorized things, but you also don't want them to do unauthorized things with your data or, worse, data of your other clients.



                This means that if something like this is implemented, it's absolutely incompatible with the notion of "my home computer (which is also my work computer)" - if they do screenshot time tracking, then that must be done on a separate device that's dedicated to their project only, at least while their project is ongoing. E.g. start with a clean wiped machine, set up things for their project (including that time-tracking thing), use that machine only for that project and nothing else, and wipe the machine as soon as the project ends, which is a common part of NDAs if you work with sensitive data of that customer.



                If you're working on your home computer that contains data of other customers as well, then you can't meet such a requirement; you'd need to get a separate work machine, and you'd have to evaluate whether what they're paying you is adequate to justify that.






                share|improve this answer




















                • 7





                  While I agree with the general premise of setting up a dedicated device I cannot upvote your answer because you suggest that burden should be placed on the freelancer; I am almost inclined to downvote it. I would have the client pay for the device and pay me hourly for all of the wasted hours of getting myself set up to work on their company device.

                  – MonkeyZeus
                  Feb 20 at 18:06






                • 1





                  @MonkeyZeus it's a matter of convention whether that burden is reasonable or not, and that depends on the industry, and also on the field of your customers. For example, I'd expect that in web development the requirement to have an isolated device would be unreasonable, but in network penetration testing a similar requirement would be table stakes; the generally accepted "standard practices" are different there for obvious practical reasons. See also companies with strict "anti-BYOD" policies where contractors can work only on company systems. Of course, that hassle and time would be billable.

                  – Peteris
                  Feb 20 at 22:59












                • What @MonkeyZeus said. If the freelancer is going to do this for the client, all the costs of doing so must be built into the price the client is paying. And there are a lot of costs.

                  – R..
                  Feb 20 at 23:51











                • @MonkeyZeus And if I'd take that work at all, I'd add at least a 2x cost factor for feeling spied on and put under due stress to suppress the wish to circumvent their security nonsense. (If you have something truly security relevant, you develop it in-house on controlled hardware in a controlled environment).

                  – Frank Hopkins
                  Feb 21 at 22:40






                • 4





                  @R. The only difficult part is, how do you verify you worked the hours you're billing them for setting up the isolated device with the spyware? ;-) Seriously, though, just saying "my charge for setting up a system you can spy on is $10k" maybe could be more effective than just saying "no", because then it looks like they're declining the cost rather than you're declining the condition. Plus I guess you can set that system up so you genuinely do clock out every time you move away from it, and hence be absolutely sure you aren't billing them while you're reading some other client's email.

                  – Steve Jessop
                  Feb 22 at 0:26














                11












                11








                11







                Dedicated devices



                Such a requirement isn't common, but it happens sometimes. One reason for highly monitored environments like this one is security controls, but security goes both ways - they don't want you to do unauthorized things, but you also don't want them to do unauthorized things with your data or, worse, data of your other clients.



                This means that if something like this is implemented, it's absolutely incompatible with the notion of "my home computer (which is also my work computer)" - if they do screenshot time tracking, then that must be done on a separate device that's dedicated to their project only, at least while their project is ongoing. E.g. start with a clean wiped machine, set up things for their project (including that time-tracking thing), use that machine only for that project and nothing else, and wipe the machine as soon as the project ends, which is a common part of NDAs if you work with sensitive data of that customer.



                If you're working on your home computer that contains data of other customers as well, then you can't meet such a requirement; you'd need to get a separate work machine, and you'd have to evaluate whether what they're paying you is adequate to justify that.






                share|improve this answer















                Dedicated devices



                Such a requirement isn't common, but it happens sometimes. One reason for highly monitored environments like this one is security controls, but security goes both ways - they don't want you to do unauthorized things, but you also don't want them to do unauthorized things with your data or, worse, data of your other clients.



                This means that if something like this is implemented, it's absolutely incompatible with the notion of "my home computer (which is also my work computer)" - if they do screenshot time tracking, then that must be done on a separate device that's dedicated to their project only, at least while their project is ongoing. E.g. start with a clean wiped machine, set up things for their project (including that time-tracking thing), use that machine only for that project and nothing else, and wipe the machine as soon as the project ends, which is a common part of NDAs if you work with sensitive data of that customer.



                If you're working on your home computer that contains data of other customers as well, then you can't meet such a requirement; you'd need to get a separate work machine, and you'd have to evaluate whether what they're paying you is adequate to justify that.







                share|improve this answer














                share|improve this answer



                share|improve this answer








                edited Feb 20 at 11:59

























                answered Feb 20 at 10:03









                PeterisPeteris

                1,2651219




                1,2651219







                • 7





                  While I agree with the general premise of setting up a dedicated device I cannot upvote your answer because you suggest that burden should be placed on the freelancer; I am almost inclined to downvote it. I would have the client pay for the device and pay me hourly for all of the wasted hours of getting myself set up to work on their company device.

                  – MonkeyZeus
                  Feb 20 at 18:06






                • 1





                  @MonkeyZeus it's a matter of convention whether that burden is reasonable or not, and that depends on the industry, and also on the field of your customers. For example, I'd expect that in web development the requirement to have an isolated device would be unreasonable, but in network penetration testing a similar requirement would be table stakes; the generally accepted "standard practices" are different there for obvious practical reasons. See also companies with strict "anti-BYOD" policies where contractors can work only on company systems. Of course, that hassle and time would be billable.

                  – Peteris
                  Feb 20 at 22:59












                • What @MonkeyZeus said. If the freelancer is going to do this for the client, all the costs of doing so must be built into the price the client is paying. And there are a lot of costs.

                  – R..
                  Feb 20 at 23:51











                • @MonkeyZeus And if I'd take that work at all, I'd add at least a 2x cost factor for feeling spied on and put under due stress to suppress the wish to circumvent their security nonsense. (If you have something truly security relevant, you develop it in-house on controlled hardware in a controlled environment).

                  – Frank Hopkins
                  Feb 21 at 22:40






                • 4





                  @R. The only difficult part is, how do you verify you worked the hours you're billing them for setting up the isolated device with the spyware? ;-) Seriously, though, just saying "my charge for setting up a system you can spy on is $10k" maybe could be more effective than just saying "no", because then it looks like they're declining the cost rather than you're declining the condition. Plus I guess you can set that system up so you genuinely do clock out every time you move away from it, and hence be absolutely sure you aren't billing them while you're reading some other client's email.

                  – Steve Jessop
                  Feb 22 at 0:26













                • 7





                  While I agree with the general premise of setting up a dedicated device I cannot upvote your answer because you suggest that burden should be placed on the freelancer; I am almost inclined to downvote it. I would have the client pay for the device and pay me hourly for all of the wasted hours of getting myself set up to work on their company device.

                  – MonkeyZeus
                  Feb 20 at 18:06






                • 1





                  @MonkeyZeus it's a matter of convention whether that burden is reasonable or not, and that depends on the industry, and also on the field of your customers. For example, I'd expect that in web development the requirement to have an isolated device would be unreasonable, but in network penetration testing a similar requirement would be table stakes; the generally accepted "standard practices" are different there for obvious practical reasons. See also companies with strict "anti-BYOD" policies where contractors can work only on company systems. Of course, that hassle and time would be billable.

                  – Peteris
                  Feb 20 at 22:59












                • What @MonkeyZeus said. If the freelancer is going to do this for the client, all the costs of doing so must be built into the price the client is paying. And there are a lot of costs.

                  – R..
                  Feb 20 at 23:51











                • @MonkeyZeus And if I'd take that work at all, I'd add at least a 2x cost factor for feeling spied on and put under due stress to suppress the wish to circumvent their security nonsense. (If you have something truly security relevant, you develop it in-house on controlled hardware in a controlled environment).

                  – Frank Hopkins
                  Feb 21 at 22:40






                • 4





                  @R. The only difficult part is, how do you verify you worked the hours you're billing them for setting up the isolated device with the spyware? ;-) Seriously, though, just saying "my charge for setting up a system you can spy on is $10k" maybe could be more effective than just saying "no", because then it looks like they're declining the cost rather than you're declining the condition. Plus I guess you can set that system up so you genuinely do clock out every time you move away from it, and hence be absolutely sure you aren't billing them while you're reading some other client's email.

                  – Steve Jessop
                  Feb 22 at 0:26








                7




                7





                While I agree with the general premise of setting up a dedicated device I cannot upvote your answer because you suggest that burden should be placed on the freelancer; I am almost inclined to downvote it. I would have the client pay for the device and pay me hourly for all of the wasted hours of getting myself set up to work on their company device.

                – MonkeyZeus
                Feb 20 at 18:06





                While I agree with the general premise of setting up a dedicated device I cannot upvote your answer because you suggest that burden should be placed on the freelancer; I am almost inclined to downvote it. I would have the client pay for the device and pay me hourly for all of the wasted hours of getting myself set up to work on their company device.

                – MonkeyZeus
                Feb 20 at 18:06




                1




                1





                @MonkeyZeus it's a matter of convention whether that burden is reasonable or not, and that depends on the industry, and also on the field of your customers. For example, I'd expect that in web development the requirement to have an isolated device would be unreasonable, but in network penetration testing a similar requirement would be table stakes; the generally accepted "standard practices" are different there for obvious practical reasons. See also companies with strict "anti-BYOD" policies where contractors can work only on company systems. Of course, that hassle and time would be billable.

                – Peteris
                Feb 20 at 22:59






                @MonkeyZeus it's a matter of convention whether that burden is reasonable or not, and that depends on the industry, and also on the field of your customers. For example, I'd expect that in web development the requirement to have an isolated device would be unreasonable, but in network penetration testing a similar requirement would be table stakes; the generally accepted "standard practices" are different there for obvious practical reasons. See also companies with strict "anti-BYOD" policies where contractors can work only on company systems. Of course, that hassle and time would be billable.

                – Peteris
                Feb 20 at 22:59














                What @MonkeyZeus said. If the freelancer is going to do this for the client, all the costs of doing so must be built into the price the client is paying. And there are a lot of costs.

                – R..
                Feb 20 at 23:51





                What @MonkeyZeus said. If the freelancer is going to do this for the client, all the costs of doing so must be built into the price the client is paying. And there are a lot of costs.

                – R..
                Feb 20 at 23:51













                @MonkeyZeus And if I'd take that work at all, I'd add at least a 2x cost factor for feeling spied on and put under due stress to suppress the wish to circumvent their security nonsense. (If you have something truly security relevant, you develop it in-house on controlled hardware in a controlled environment).

                – Frank Hopkins
                Feb 21 at 22:40





                @MonkeyZeus And if I'd take that work at all, I'd add at least a 2x cost factor for feeling spied on and put under due stress to suppress the wish to circumvent their security nonsense. (If you have something truly security relevant, you develop it in-house on controlled hardware in a controlled environment).

                – Frank Hopkins
                Feb 21 at 22:40




                4




                4





                @R. The only difficult part is, how do you verify you worked the hours you're billing them for setting up the isolated device with the spyware? ;-) Seriously, though, just saying "my charge for setting up a system you can spy on is $10k" maybe could be more effective than just saying "no", because then it looks like they're declining the cost rather than you're declining the condition. Plus I guess you can set that system up so you genuinely do clock out every time you move away from it, and hence be absolutely sure you aren't billing them while you're reading some other client's email.

                – Steve Jessop
                Feb 22 at 0:26






                @R. The only difficult part is, how do you verify you worked the hours you're billing them for setting up the isolated device with the spyware? ;-) Seriously, though, just saying "my charge for setting up a system you can spy on is $10k" maybe could be more effective than just saying "no", because then it looks like they're declining the cost rather than you're declining the condition. Plus I guess you can set that system up so you genuinely do clock out every time you move away from it, and hence be absolutely sure you aren't billing them while you're reading some other client's email.

                – Steve Jessop
                Feb 22 at 0:26












                10














                There's an angle to this that I think you could take which hasn't been addressed:



                Instead of posturing why you don't do this because of the risk to OTHER clients or yourself...



                Explain why you don't do this because of the risks to the client requesting it



                Generally speaking, you always want to posture this in terms of the person requesting it, rather than yourself, and why the requestor "doesn't actually want this". Place the negatives, and the potential burdens, squarely on them and not yourself, and posture it as something you're not doing to better serve their interests in not doing it:



                "If I installed this type of software for every client, there would be the risk of a breach in my computer, and they might be able to read your proprietary data and code, which would be a security risk to you. I value you as a client, and I understand your concerns, and that's why as a professional this is simply something I do not allow, as a general rule to all my clients, for your own safety."



                Posture this as you doing them a favor and looking out for them by not doing this, ever, as a general rule. If they insist, offer them a solution that would make you comfortable but places all related costs on them, up to and including that they purchase related equipment for you, and they pay you for your time setting up the associated environment(s). If they're serious and have a serious concern, they will pay for it. If they're not (or if they're just being arbitrarily abusive) they'll move on to someone else, and you will be better off for it (since you've said you aren't desperate for this work).



                Contractor vs Employee



                Furthermore, another angle not covered here yet is that this degree of client involvement and interference into directing your work risks creating (in the US) a legally defined employee/employer relationship, rather than one of a contractor.



                If you are working as an employee of a contracting agency, this is not an issue (you are already in an employee relationship with someone in relation to the job in particular, and if your employer wants to let someone else they're contracting with direct you this much that's within your employer's purview: but it's also an onus on them to provide equipment and be liable for creating any related security risks as your employer). If you are working as a fully independent contractor (which is what I assume in this case, from tags and wording), this is a situation your clients should wish to avoid: they are commissioning work from you, not hiring you as an employee, and that distinction is actually important.



                Note that this is just a rough opinion, and if you have specific concerns you should hire a lawyer to look into specific situations (and also let me insert a generic "I am not a lawyer, nor am I your lawyer/etc" disclaimer).



                I would personally recommend that you be careful with how much you share with them, and posture it as a matter of professionalism that you are simply logging billable hours in relation to work product, versus detailing your day. Focus on what you got done in relation to a given set of billable hours, rather than on logging breaks/etc as such. There's a degree of oversharing which can set up the wrong expectations.



                This is someplace where when working as a fully independent contractor, I would, personally, take a page from how attorneys generally handle billable hours. Yes it includes things like "research" and the time spent doing that. No it does not (that I've ever seen or anywhere I've worked, having spent time in a law office) include things like "took a break". Document what you did, clock the time on it. That's what you bill the client. The rest is actually none of their business: they're paying for a result, they're not hiring you as an employee. (unless you come to a different mutual agreement to work as an employee for them)






                share|improve this answer




















                • 1





                  "as a general rule to all my clients, for your own safety" -- for your comfort and convenience, you are not permitted to smoke in this area.

                  – Steve Jessop
                  Feb 22 at 0:31












                • @SteveJessop lol =) but really, as much as this can be a question of "spin", I feel like it's also one of resetting perspective/context into one that forces relevance to the person asking: make the client consider how THEY would feel if SOMEONE ELSE were the one making this request and it might impact them, and instead of trying to push something through while failing to value/appropriately consider the concerns of others, they may actually THINK about it in the way you need them to. Even outside of freelance contracting, I've found this to be a very useful tactic at work in general.

                  – taswyn
                  Feb 22 at 16:01















                10














                There's an angle to this that I think you could take which hasn't been addressed:



                Instead of posturing why you don't do this because of the risk to OTHER clients or yourself...



                Explain why you don't do this because of the risks to the client requesting it



                Generally speaking, you always want to posture this in terms of the person requesting it, rather than yourself, and why the requestor "doesn't actually want this". Place the negatives, and the potential burdens, squarely on them and not yourself, and posture it as something you're not doing to better serve their interests in not doing it:



                "If I installed this type of software for every client, there would be the risk of a breach in my computer, and they might be able to read your proprietary data and code, which would be a security risk to you. I value you as a client, and I understand your concerns, and that's why as a professional this is simply something I do not allow, as a general rule to all my clients, for your own safety."



                Posture this as you doing them a favor and looking out for them by not doing this, ever, as a general rule. If they insist, offer them a solution that would make you comfortable but places all related costs on them, up to and including that they purchase related equipment for you, and they pay you for your time setting up the associated environment(s). If they're serious and have a serious concern, they will pay for it. If they're not (or if they're just being arbitrarily abusive) they'll move on to someone else, and you will be better off for it (since you've said you aren't desperate for this work).



                Contractor vs Employee



                Furthermore, another angle not covered here yet is that this degree of client involvement and interference into directing your work risks creating (in the US) a legally defined employee/employer relationship, rather than one of a contractor.



                If you are working as an employee of a contracting agency, this is not an issue (you are already in an employee relationship with someone in relation to the job in particular, and if your employer wants to let someone else they're contracting with direct you this much that's within your employer's purview: but it's also an onus on them to provide equipment and be liable for creating any related security risks as your employer). If you are working as a fully independent contractor (which is what I assume in this case, from tags and wording), this is a situation your clients should wish to avoid: they are commissioning work from you, not hiring you as an employee, and that distinction is actually important.



                Note that this is just a rough opinion, and if you have specific concerns you should hire a lawyer to look into specific situations (and also let me insert a generic "I am not a lawyer, nor am I your lawyer/etc" disclaimer).



                I would personally recommend that you be careful with how much you share with them, and posture it as a matter of professionalism that you are simply logging billable hours in relation to work product, versus detailing your day. Focus on what you got done in relation to a given set of billable hours, rather than on logging breaks/etc as such. There's a degree of oversharing which can set up the wrong expectations.



                This is someplace where when working as a fully independent contractor, I would, personally, take a page from how attorneys generally handle billable hours. Yes it includes things like "research" and the time spent doing that. No it does not (that I've ever seen or anywhere I've worked, having spent time in a law office) include things like "took a break". Document what you did, clock the time on it. That's what you bill the client. The rest is actually none of their business: they're paying for a result, they're not hiring you as an employee. (unless you come to a different mutual agreement to work as an employee for them)






                share|improve this answer




















                • 1





                  "as a general rule to all my clients, for your own safety" -- for your comfort and convenience, you are not permitted to smoke in this area.

                  – Steve Jessop
                  Feb 22 at 0:31












                • @SteveJessop lol =) but really, as much as this can be a question of "spin", I feel like it's also one of resetting perspective/context into one that forces relevance to the person asking: make the client consider how THEY would feel if SOMEONE ELSE were the one making this request and it might impact them, and instead of trying to push something through while failing to value/appropriately consider the concerns of others, they may actually THINK about it in the way you need them to. Even outside of freelance contracting, I've found this to be a very useful tactic at work in general.

                  – taswyn
                  Feb 22 at 16:01













                10












                10








                10







                There's an angle to this that I think you could take which hasn't been addressed:



                Instead of posturing why you don't do this because of the risk to OTHER clients or yourself...



                Explain why you don't do this because of the risks to the client requesting it



                Generally speaking, you always want to posture this in terms of the person requesting it, rather than yourself, and why the requestor "doesn't actually want this". Place the negatives, and the potential burdens, squarely on them and not yourself, and posture it as something you're not doing to better serve their interests in not doing it:



                "If I installed this type of software for every client, there would be the risk of a breach in my computer, and they might be able to read your proprietary data and code, which would be a security risk to you. I value you as a client, and I understand your concerns, and that's why as a professional this is simply something I do not allow, as a general rule to all my clients, for your own safety."



                Posture this as you doing them a favor and looking out for them by not doing this, ever, as a general rule. If they insist, offer them a solution that would make you comfortable but places all related costs on them, up to and including that they purchase related equipment for you, and they pay you for your time setting up the associated environment(s). If they're serious and have a serious concern, they will pay for it. If they're not (or if they're just being arbitrarily abusive) they'll move on to someone else, and you will be better off for it (since you've said you aren't desperate for this work).



                Contractor vs Employee



                Furthermore, another angle not covered here yet is that this degree of client involvement and interference into directing your work risks creating (in the US) a legally defined employee/employer relationship, rather than one of a contractor.



                If you are working as an employee of a contracting agency, this is not an issue (you are already in an employee relationship with someone in relation to the job in particular, and if your employer wants to let someone else they're contracting with direct you this much that's within your employer's purview: but it's also an onus on them to provide equipment and be liable for creating any related security risks as your employer). If you are working as a fully independent contractor (which is what I assume in this case, from tags and wording), this is a situation your clients should wish to avoid: they are commissioning work from you, not hiring you as an employee, and that distinction is actually important.



                Note that this is just a rough opinion, and if you have specific concerns you should hire a lawyer to look into specific situations (and also let me insert a generic "I am not a lawyer, nor am I your lawyer/etc" disclaimer).



                I would personally recommend that you be careful with how much you share with them, and posture it as a matter of professionalism that you are simply logging billable hours in relation to work product, versus detailing your day. Focus on what you got done in relation to a given set of billable hours, rather than on logging breaks/etc as such. There's a degree of oversharing which can set up the wrong expectations.



                This is someplace where when working as a fully independent contractor, I would, personally, take a page from how attorneys generally handle billable hours. Yes it includes things like "research" and the time spent doing that. No it does not (that I've ever seen or anywhere I've worked, having spent time in a law office) include things like "took a break". Document what you did, clock the time on it. That's what you bill the client. The rest is actually none of their business: they're paying for a result, they're not hiring you as an employee. (unless you come to a different mutual agreement to work as an employee for them)






                share|improve this answer















                There's an angle to this that I think you could take which hasn't been addressed:



                Instead of posturing why you don't do this because of the risk to OTHER clients or yourself...



                Explain why you don't do this because of the risks to the client requesting it



                Generally speaking, you always want to posture this in terms of the person requesting it, rather than yourself, and why the requestor "doesn't actually want this". Place the negatives, and the potential burdens, squarely on them and not yourself, and posture it as something you're not doing to better serve their interests in not doing it:



                "If I installed this type of software for every client, there would be the risk of a breach in my computer, and they might be able to read your proprietary data and code, which would be a security risk to you. I value you as a client, and I understand your concerns, and that's why as a professional this is simply something I do not allow, as a general rule to all my clients, for your own safety."



                Posture this as you doing them a favor and looking out for them by not doing this, ever, as a general rule. If they insist, offer them a solution that would make you comfortable but places all related costs on them, up to and including that they purchase related equipment for you, and they pay you for your time setting up the associated environment(s). If they're serious and have a serious concern, they will pay for it. If they're not (or if they're just being arbitrarily abusive) they'll move on to someone else, and you will be better off for it (since you've said you aren't desperate for this work).



                Contractor vs Employee



                Furthermore, another angle not covered here yet is that this degree of client involvement and interference into directing your work risks creating (in the US) a legally defined employee/employer relationship, rather than one of a contractor.



                If you are working as an employee of a contracting agency, this is not an issue (you are already in an employee relationship with someone in relation to the job in particular, and if your employer wants to let someone else they're contracting with direct you this much that's within your employer's purview: but it's also an onus on them to provide equipment and be liable for creating any related security risks as your employer). If you are working as a fully independent contractor (which is what I assume in this case, from tags and wording), this is a situation your clients should wish to avoid: they are commissioning work from you, not hiring you as an employee, and that distinction is actually important.



                Note that this is just a rough opinion, and if you have specific concerns you should hire a lawyer to look into specific situations (and also let me insert a generic "I am not a lawyer, nor am I your lawyer/etc" disclaimer).



                I would personally recommend that you be careful with how much you share with them, and posture it as a matter of professionalism that you are simply logging billable hours in relation to work product, versus detailing your day. Focus on what you got done in relation to a given set of billable hours, rather than on logging breaks/etc as such. There's a degree of oversharing which can set up the wrong expectations.



                This is someplace where when working as a fully independent contractor, I would, personally, take a page from how attorneys generally handle billable hours. Yes it includes things like "research" and the time spent doing that. No it does not (that I've ever seen or anywhere I've worked, having spent time in a law office) include things like "took a break". Document what you did, clock the time on it. That's what you bill the client. The rest is actually none of their business: they're paying for a result, they're not hiring you as an employee. (unless you come to a different mutual agreement to work as an employee for them)







                share|improve this answer














                share|improve this answer



                share|improve this answer








                edited Feb 20 at 23:37

























                answered Feb 20 at 23:32









                taswyntaswyn

                59728




                59728







                • 1





                  "as a general rule to all my clients, for your own safety" -- for your comfort and convenience, you are not permitted to smoke in this area.

                  – Steve Jessop
                  Feb 22 at 0:31












                • @SteveJessop lol =) but really, as much as this can be a question of "spin", I feel like it's also one of resetting perspective/context into one that forces relevance to the person asking: make the client consider how THEY would feel if SOMEONE ELSE were the one making this request and it might impact them, and instead of trying to push something through while failing to value/appropriately consider the concerns of others, they may actually THINK about it in the way you need them to. Even outside of freelance contracting, I've found this to be a very useful tactic at work in general.

                  – taswyn
                  Feb 22 at 16:01












                • 1





                  "as a general rule to all my clients, for your own safety" -- for your comfort and convenience, you are not permitted to smoke in this area.

                  – Steve Jessop
                  Feb 22 at 0:31












                • @SteveJessop lol =) but really, as much as this can be a question of "spin", I feel like it's also one of resetting perspective/context into one that forces relevance to the person asking: make the client consider how THEY would feel if SOMEONE ELSE were the one making this request and it might impact them, and instead of trying to push something through while failing to value/appropriately consider the concerns of others, they may actually THINK about it in the way you need them to. Even outside of freelance contracting, I've found this to be a very useful tactic at work in general.

                  – taswyn
                  Feb 22 at 16:01







                1




                1





                "as a general rule to all my clients, for your own safety" -- for your comfort and convenience, you are not permitted to smoke in this area.

                – Steve Jessop
                Feb 22 at 0:31






                "as a general rule to all my clients, for your own safety" -- for your comfort and convenience, you are not permitted to smoke in this area.

                – Steve Jessop
                Feb 22 at 0:31














                @SteveJessop lol =) but really, as much as this can be a question of "spin", I feel like it's also one of resetting perspective/context into one that forces relevance to the person asking: make the client consider how THEY would feel if SOMEONE ELSE were the one making this request and it might impact them, and instead of trying to push something through while failing to value/appropriately consider the concerns of others, they may actually THINK about it in the way you need them to. Even outside of freelance contracting, I've found this to be a very useful tactic at work in general.

                – taswyn
                Feb 22 at 16:01





                @SteveJessop lol =) but really, as much as this can be a question of "spin", I feel like it's also one of resetting perspective/context into one that forces relevance to the person asking: make the client consider how THEY would feel if SOMEONE ELSE were the one making this request and it might impact them, and instead of trying to push something through while failing to value/appropriately consider the concerns of others, they may actually THINK about it in the way you need them to. Even outside of freelance contracting, I've found this to be a very useful tactic at work in general.

                – taswyn
                Feb 22 at 16:01











                5














                No, this isn't a normal request. And from your own descriptions, I think you can improve your invoicing techniques. Clients don't care about your lunch breaks. All they care about is seeing what you did and how much it cost. Be clear, concise, and imagine you are the client reading the invoice. The goal should be, "Wow, look how much work was done in that little time!". Examples:



                Bad: "2.5 hours: fixing bugs, research"



                No one wants to pay for bug fixes and research! But they are happy to pay for "updates".



                Good: "2.5 hours: updating interfaces, adding low battery indicator, adding flux capacitor monitoring, additional database development"



                You don't need a ton of detail, just enough to show you've been busy and the hours are reasonable.






                share|improve this answer























                • If they agreed (or even better requested) a bug fix, then they're willing to pay for bugfixes. No need to say you spent the time "updating interfaces" when what you actually did was "fix that thing in the interface you've been complaining about for weeks". That said, I've heard that some novice clients require a bit of education to train them out of the notion that bugs are somehow "your mistakes" and hence must be fixed on your time. I mean, they are my mistakes, but the conclusion doesn't follow.

                  – Steve Jessop
                  Feb 22 at 0:35
















                5














                No, this isn't a normal request. And from your own descriptions, I think you can improve your invoicing techniques. Clients don't care about your lunch breaks. All they care about is seeing what you did and how much it cost. Be clear, concise, and imagine you are the client reading the invoice. The goal should be, "Wow, look how much work was done in that little time!". Examples:



                Bad: "2.5 hours: fixing bugs, research"



                No one wants to pay for bug fixes and research! But they are happy to pay for "updates".



                Good: "2.5 hours: updating interfaces, adding low battery indicator, adding flux capacitor monitoring, additional database development"



                You don't need a ton of detail, just enough to show you've been busy and the hours are reasonable.






                share|improve this answer























                • If they agreed (or even better requested) a bug fix, then they're willing to pay for bugfixes. No need to say you spent the time "updating interfaces" when what you actually did was "fix that thing in the interface you've been complaining about for weeks". That said, I've heard that some novice clients require a bit of education to train them out of the notion that bugs are somehow "your mistakes" and hence must be fixed on your time. I mean, they are my mistakes, but the conclusion doesn't follow.

                  – Steve Jessop
                  Feb 22 at 0:35














                5












                5








                5







                No, this isn't a normal request. And from your own descriptions, I think you can improve your invoicing techniques. Clients don't care about your lunch breaks. All they care about is seeing what you did and how much it cost. Be clear, concise, and imagine you are the client reading the invoice. The goal should be, "Wow, look how much work was done in that little time!". Examples:



                Bad: "2.5 hours: fixing bugs, research"



                No one wants to pay for bug fixes and research! But they are happy to pay for "updates".



                Good: "2.5 hours: updating interfaces, adding low battery indicator, adding flux capacitor monitoring, additional database development"



                You don't need a ton of detail, just enough to show you've been busy and the hours are reasonable.






                share|improve this answer













                No, this isn't a normal request. And from your own descriptions, I think you can improve your invoicing techniques. Clients don't care about your lunch breaks. All they care about is seeing what you did and how much it cost. Be clear, concise, and imagine you are the client reading the invoice. The goal should be, "Wow, look how much work was done in that little time!". Examples:



                Bad: "2.5 hours: fixing bugs, research"



                No one wants to pay for bug fixes and research! But they are happy to pay for "updates".



                Good: "2.5 hours: updating interfaces, adding low battery indicator, adding flux capacitor monitoring, additional database development"



                You don't need a ton of detail, just enough to show you've been busy and the hours are reasonable.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Feb 20 at 18:19









                RockyRocky

                1,13469




                1,13469












                • If they agreed (or even better requested) a bug fix, then they're willing to pay for bugfixes. No need to say you spent the time "updating interfaces" when what you actually did was "fix that thing in the interface you've been complaining about for weeks". That said, I've heard that some novice clients require a bit of education to train them out of the notion that bugs are somehow "your mistakes" and hence must be fixed on your time. I mean, they are my mistakes, but the conclusion doesn't follow.

                  – Steve Jessop
                  Feb 22 at 0:35


















                • If they agreed (or even better requested) a bug fix, then they're willing to pay for bugfixes. No need to say you spent the time "updating interfaces" when what you actually did was "fix that thing in the interface you've been complaining about for weeks". That said, I've heard that some novice clients require a bit of education to train them out of the notion that bugs are somehow "your mistakes" and hence must be fixed on your time. I mean, they are my mistakes, but the conclusion doesn't follow.

                  – Steve Jessop
                  Feb 22 at 0:35

















                If they agreed (or even better requested) a bug fix, then they're willing to pay for bugfixes. No need to say you spent the time "updating interfaces" when what you actually did was "fix that thing in the interface you've been complaining about for weeks". That said, I've heard that some novice clients require a bit of education to train them out of the notion that bugs are somehow "your mistakes" and hence must be fixed on your time. I mean, they are my mistakes, but the conclusion doesn't follow.

                – Steve Jessop
                Feb 22 at 0:35






                If they agreed (or even better requested) a bug fix, then they're willing to pay for bugfixes. No need to say you spent the time "updating interfaces" when what you actually did was "fix that thing in the interface you've been complaining about for weeks". That said, I've heard that some novice clients require a bit of education to train them out of the notion that bugs are somehow "your mistakes" and hence must be fixed on your time. I mean, they are my mistakes, but the conclusion doesn't follow.

                – Steve Jessop
                Feb 22 at 0:35












                4














                Your problem around this request is based on your setup. The reason there's a privacy concern is because you haven't split up your personal and work correctly; nor have you split your clients.



                By creating a single VM per client; you will at no point have any issue with cross contamination of key log data or personal data.



                There are many reasons why doing this is advantageous - such as limiting the impact of malware to your business, accidentally breaking NDA's and as you just found out, meeting strange requests from clients.



                Is it common practice? Well, I can't talk about freelancing, but most financial institutions use key loggers to protect themselves; often without the knowledge of the employees. It is worth highlighting that the collection of the data is legal; but the use of any passwords etc is not.
                The fact that they're asking for evidence that you're working the timesheet that you submit doesn't seem unreasonable; and if you have a better proposal on how you can present it then you can make a counter offer.



                As for the direct implication the client does not trust me; I disagree with this blanket statement. It might be that the person who's doing the outsourcing isn't trusted; or one of many other options; and even if it is true, so what? Would you trust someone's word without any evidence to back it up? It seems actually like they're taking a very reasonable stance by wanting evidence.



                You can always respond that you need to be paid in advance before delivery of the goods - which is also very reasonable.






                share|improve this answer




















                • 3





                  I think this is how I would suggest doing it. A VM for each client solves a lot of these weird client specific problems.

                  – Rich
                  Feb 20 at 15:48






                • 8





                  "A VM for each client" is extremily incomvenient 'cuz you need to duplicate your software and settings and synchronize any changes. Moving things between a VM and the host (e.g from/to your e-mail client) is also problematic. I wouldn't even consider it unless I'm working with things like state secrets -- and even that to rather insure myself (from accidental copying).

                  – ivan_pozdeev
                  Feb 20 at 16:28






                • 4





                  I mulled over this idea, but the trust factor really bothered me more than most. As some of the other answers have suggested (and it makes sense) this is a client foreshadowing the future. Non-payment, withholding payment to force a new feature, common scummy slave driver tactics. To your point, this however mitigates some of the security risk (modern malware can escape VMs and it would be prudent to guess a professionally developed RAT has no problem doing this either).

                  – CL40
                  Feb 20 at 16:29






                • 3





                  @ivan_pozdeev, there are multiple ways to address duplication, for instance, you can have a single VM with an additional virtual hard drive for each client's data (only mount one you're working with).

                  – dbkk
                  Feb 20 at 17:31






                • 2





                  @paolo other than the other advantages listed.

                  – UKMonkey
                  Feb 21 at 0:02















                4














                Your problem around this request is based on your setup. The reason there's a privacy concern is because you haven't split up your personal and work correctly; nor have you split your clients.



                By creating a single VM per client; you will at no point have any issue with cross contamination of key log data or personal data.



                There are many reasons why doing this is advantageous - such as limiting the impact of malware to your business, accidentally breaking NDA's and as you just found out, meeting strange requests from clients.



                Is it common practice? Well, I can't talk about freelancing, but most financial institutions use key loggers to protect themselves; often without the knowledge of the employees. It is worth highlighting that the collection of the data is legal; but the use of any passwords etc is not.
                The fact that they're asking for evidence that you're working the timesheet that you submit doesn't seem unreasonable; and if you have a better proposal on how you can present it then you can make a counter offer.



                As for the direct implication the client does not trust me; I disagree with this blanket statement. It might be that the person who's doing the outsourcing isn't trusted; or one of many other options; and even if it is true, so what? Would you trust someone's word without any evidence to back it up? It seems actually like they're taking a very reasonable stance by wanting evidence.



                You can always respond that you need to be paid in advance before delivery of the goods - which is also very reasonable.






                share|improve this answer




















                • 3





                  I think this is how I would suggest doing it. A VM for each client solves a lot of these weird client specific problems.

                  – Rich
                  Feb 20 at 15:48






                • 8





                  "A VM for each client" is extremily incomvenient 'cuz you need to duplicate your software and settings and synchronize any changes. Moving things between a VM and the host (e.g from/to your e-mail client) is also problematic. I wouldn't even consider it unless I'm working with things like state secrets -- and even that to rather insure myself (from accidental copying).

                  – ivan_pozdeev
                  Feb 20 at 16:28






                • 4





                  I mulled over this idea, but the trust factor really bothered me more than most. As some of the other answers have suggested (and it makes sense) this is a client foreshadowing the future. Non-payment, withholding payment to force a new feature, common scummy slave driver tactics. To your point, this however mitigates some of the security risk (modern malware can escape VMs and it would be prudent to guess a professionally developed RAT has no problem doing this either).

                  – CL40
                  Feb 20 at 16:29






                • 3





                  @ivan_pozdeev, there are multiple ways to address duplication, for instance, you can have a single VM with an additional virtual hard drive for each client's data (only mount one you're working with).

                  – dbkk
                  Feb 20 at 17:31






                • 2





                  @paolo other than the other advantages listed.

                  – UKMonkey
                  Feb 21 at 0:02













                4












                4








                4







                Your problem around this request is based on your setup. The reason there's a privacy concern is because you haven't split up your personal and work correctly; nor have you split your clients.



                By creating a single VM per client; you will at no point have any issue with cross contamination of key log data or personal data.



                There are many reasons why doing this is advantageous - such as limiting the impact of malware to your business, accidentally breaking NDA's and as you just found out, meeting strange requests from clients.



                Is it common practice? Well, I can't talk about freelancing, but most financial institutions use key loggers to protect themselves; often without the knowledge of the employees. It is worth highlighting that the collection of the data is legal; but the use of any passwords etc is not.
                The fact that they're asking for evidence that you're working the timesheet that you submit doesn't seem unreasonable; and if you have a better proposal on how you can present it then you can make a counter offer.



                As for the direct implication the client does not trust me; I disagree with this blanket statement. It might be that the person who's doing the outsourcing isn't trusted; or one of many other options; and even if it is true, so what? Would you trust someone's word without any evidence to back it up? It seems actually like they're taking a very reasonable stance by wanting evidence.



                You can always respond that you need to be paid in advance before delivery of the goods - which is also very reasonable.






                share|improve this answer















                Your problem around this request is based on your setup. The reason there's a privacy concern is because you haven't split up your personal and work correctly; nor have you split your clients.



                By creating a single VM per client; you will at no point have any issue with cross contamination of key log data or personal data.



                There are many reasons why doing this is advantageous - such as limiting the impact of malware to your business, accidentally breaking NDA's and as you just found out, meeting strange requests from clients.



                Is it common practice? Well, I can't talk about freelancing, but most financial institutions use key loggers to protect themselves; often without the knowledge of the employees. It is worth highlighting that the collection of the data is legal; but the use of any passwords etc is not.
                The fact that they're asking for evidence that you're working the timesheet that you submit doesn't seem unreasonable; and if you have a better proposal on how you can present it then you can make a counter offer.



                As for the direct implication the client does not trust me; I disagree with this blanket statement. It might be that the person who's doing the outsourcing isn't trusted; or one of many other options; and even if it is true, so what? Would you trust someone's word without any evidence to back it up? It seems actually like they're taking a very reasonable stance by wanting evidence.



                You can always respond that you need to be paid in advance before delivery of the goods - which is also very reasonable.







                share|improve this answer














                share|improve this answer



                share|improve this answer








                edited Feb 20 at 13:04

























                answered Feb 20 at 11:47









                UKMonkeyUKMonkey

                2,517616




                2,517616







                • 3





                  I think this is how I would suggest doing it. A VM for each client solves a lot of these weird client specific problems.

                  – Rich
                  Feb 20 at 15:48






                • 8





                  "A VM for each client" is extremily incomvenient 'cuz you need to duplicate your software and settings and synchronize any changes. Moving things between a VM and the host (e.g from/to your e-mail client) is also problematic. I wouldn't even consider it unless I'm working with things like state secrets -- and even that to rather insure myself (from accidental copying).

                  – ivan_pozdeev
                  Feb 20 at 16:28






                • 4





                  I mulled over this idea, but the trust factor really bothered me more than most. As some of the other answers have suggested (and it makes sense) this is a client foreshadowing the future. Non-payment, withholding payment to force a new feature, common scummy slave driver tactics. To your point, this however mitigates some of the security risk (modern malware can escape VMs and it would be prudent to guess a professionally developed RAT has no problem doing this either).

                  – CL40
                  Feb 20 at 16:29






                • 3





                  @ivan_pozdeev, there are multiple ways to address duplication, for instance, you can have a single VM with an additional virtual hard drive for each client's data (only mount one you're working with).

                  – dbkk
                  Feb 20 at 17:31






                • 2





                  @paolo other than the other advantages listed.

                  – UKMonkey
                  Feb 21 at 0:02












                • 3





                  I think this is how I would suggest doing it. A VM for each client solves a lot of these weird client specific problems.

                  – Rich
                  Feb 20 at 15:48






                • 8





                  "A VM for each client" is extremily incomvenient 'cuz you need to duplicate your software and settings and synchronize any changes. Moving things between a VM and the host (e.g from/to your e-mail client) is also problematic. I wouldn't even consider it unless I'm working with things like state secrets -- and even that to rather insure myself (from accidental copying).

                  – ivan_pozdeev
                  Feb 20 at 16:28






                • 4





                  I mulled over this idea, but the trust factor really bothered me more than most. As some of the other answers have suggested (and it makes sense) this is a client foreshadowing the future. Non-payment, withholding payment to force a new feature, common scummy slave driver tactics. To your point, this however mitigates some of the security risk (modern malware can escape VMs and it would be prudent to guess a professionally developed RAT has no problem doing this either).

                  – CL40
                  Feb 20 at 16:29






                • 3





                  @ivan_pozdeev, there are multiple ways to address duplication, for instance, you can have a single VM with an additional virtual hard drive for each client's data (only mount one you're working with).

                  – dbkk
                  Feb 20 at 17:31






                • 2





                  @paolo other than the other advantages listed.

                  – UKMonkey
                  Feb 21 at 0:02







                3




                3





                I think this is how I would suggest doing it. A VM for each client solves a lot of these weird client specific problems.

                – Rich
                Feb 20 at 15:48





                I think this is how I would suggest doing it. A VM for each client solves a lot of these weird client specific problems.

                – Rich
                Feb 20 at 15:48




                8




                8





                "A VM for each client" is extremily incomvenient 'cuz you need to duplicate your software and settings and synchronize any changes. Moving things between a VM and the host (e.g from/to your e-mail client) is also problematic. I wouldn't even consider it unless I'm working with things like state secrets -- and even that to rather insure myself (from accidental copying).

                – ivan_pozdeev
                Feb 20 at 16:28





                "A VM for each client" is extremily incomvenient 'cuz you need to duplicate your software and settings and synchronize any changes. Moving things between a VM and the host (e.g from/to your e-mail client) is also problematic. I wouldn't even consider it unless I'm working with things like state secrets -- and even that to rather insure myself (from accidental copying).

                – ivan_pozdeev
                Feb 20 at 16:28




                4




                4





                I mulled over this idea, but the trust factor really bothered me more than most. As some of the other answers have suggested (and it makes sense) this is a client foreshadowing the future. Non-payment, withholding payment to force a new feature, common scummy slave driver tactics. To your point, this however mitigates some of the security risk (modern malware can escape VMs and it would be prudent to guess a professionally developed RAT has no problem doing this either).

                – CL40
                Feb 20 at 16:29





                I mulled over this idea, but the trust factor really bothered me more than most. As some of the other answers have suggested (and it makes sense) this is a client foreshadowing the future. Non-payment, withholding payment to force a new feature, common scummy slave driver tactics. To your point, this however mitigates some of the security risk (modern malware can escape VMs and it would be prudent to guess a professionally developed RAT has no problem doing this either).

                – CL40
                Feb 20 at 16:29




                3




                3





                @ivan_pozdeev, there are multiple ways to address duplication, for instance, you can have a single VM with an additional virtual hard drive for each client's data (only mount one you're working with).

                – dbkk
                Feb 20 at 17:31





                @ivan_pozdeev, there are multiple ways to address duplication, for instance, you can have a single VM with an additional virtual hard drive for each client's data (only mount one you're working with).

                – dbkk
                Feb 20 at 17:31




                2




                2





                @paolo other than the other advantages listed.

                – UKMonkey
                Feb 21 at 0:02





                @paolo other than the other advantages listed.

                – UKMonkey
                Feb 21 at 0:02











                4














                I personally would decline because of privacy concerns (both yours and other clients of yours).



                However, I would also propose an alternative. I would ask them to provide a similar machine that would have the screenshot tracking thing and that computer could solely be used for work related to the client that requested you install the screenshotting software.






                share|improve this answer


















                • 3





                  This is certainly a good suggestion. I think I would rather fire the client than have the additional risk of them accusing me of breaking/stealing/etc their hardware. More to the point, mailing laptops back and forth is hairy business.

                  – CL40
                  Feb 20 at 16:32











                • Definitely not a favourable solution, but short of saying no and turning down business, this is as close as the OP can get to their client's wishes without sacrificing other clients' privacy

                  – kolsyra
                  Feb 20 at 19:20











                • Well, you can offer to buy it and re-bill them if you don't like the postal service, or to deal with the breaking/stealing accusations just flat charge them a setup fee and say you own the hardware but will not use it for any client other than them as long as they keep sending you work (as in, a small retainer or enough work per quarter to justify the space it occupies in your house). The more confident you are that they'll refuse any such terms, the closer this is to just saying no yourself.

                  – Steve Jessop
                  Feb 22 at 0:47
















                4














                I personally would decline because of privacy concerns (both yours and other clients of yours).



                However, I would also propose an alternative. I would ask them to provide a similar machine that would have the screenshot tracking thing and that computer could solely be used for work related to the client that requested you install the screenshotting software.






                share|improve this answer


















                • 3





                  This is certainly a good suggestion. I think I would rather fire the client than have the additional risk of them accusing me of breaking/stealing/etc their hardware. More to the point, mailing laptops back and forth is hairy business.

                  – CL40
                  Feb 20 at 16:32











                • Definitely not a favourable solution, but short of saying no and turning down business, this is as close as the OP can get to their client's wishes without sacrificing other clients' privacy

                  – kolsyra
                  Feb 20 at 19:20











                • Well, you can offer to buy it and re-bill them if you don't like the postal service, or to deal with the breaking/stealing accusations just flat charge them a setup fee and say you own the hardware but will not use it for any client other than them as long as they keep sending you work (as in, a small retainer or enough work per quarter to justify the space it occupies in your house). The more confident you are that they'll refuse any such terms, the closer this is to just saying no yourself.

                  – Steve Jessop
                  Feb 22 at 0:47














                4












                4








                4







                I personally would decline because of privacy concerns (both yours and other clients of yours).



                However, I would also propose an alternative. I would ask them to provide a similar machine that would have the screenshot tracking thing and that computer could solely be used for work related to the client that requested you install the screenshotting software.






                share|improve this answer













                I personally would decline because of privacy concerns (both yours and other clients of yours).



                However, I would also propose an alternative. I would ask them to provide a similar machine that would have the screenshot tracking thing and that computer could solely be used for work related to the client that requested you install the screenshotting software.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Feb 20 at 13:53









                kolsyrakolsyra

                1,286912




                1,286912







                • 3





                  This is certainly a good suggestion. I think I would rather fire the client than have the additional risk of them accusing me of breaking/stealing/etc their hardware. More to the point, mailing laptops back and forth is hairy business.

                  – CL40
                  Feb 20 at 16:32











                • Definitely not a favourable solution, but short of saying no and turning down business, this is as close as the OP can get to their client's wishes without sacrificing other clients' privacy

                  – kolsyra
                  Feb 20 at 19:20











                • Well, you can offer to buy it and re-bill them if you don't like the postal service, or to deal with the breaking/stealing accusations just flat charge them a setup fee and say you own the hardware but will not use it for any client other than them as long as they keep sending you work (as in, a small retainer or enough work per quarter to justify the space it occupies in your house). The more confident you are that they'll refuse any such terms, the closer this is to just saying no yourself.

                  – Steve Jessop
                  Feb 22 at 0:47













                • 3





                  This is certainly a good suggestion. I think I would rather fire the client than have the additional risk of them accusing me of breaking/stealing/etc their hardware. More to the point, mailing laptops back and forth is hairy business.

                  – CL40
                  Feb 20 at 16:32











                • Definitely not a favourable solution, but short of saying no and turning down business, this is as close as the OP can get to their client's wishes without sacrificing other clients' privacy

                  – kolsyra
                  Feb 20 at 19:20











                • Well, you can offer to buy it and re-bill them if you don't like the postal service, or to deal with the breaking/stealing accusations just flat charge them a setup fee and say you own the hardware but will not use it for any client other than them as long as they keep sending you work (as in, a small retainer or enough work per quarter to justify the space it occupies in your house). The more confident you are that they'll refuse any such terms, the closer this is to just saying no yourself.

                  – Steve Jessop
                  Feb 22 at 0:47








                3




                3





                This is certainly a good suggestion. I think I would rather fire the client than have the additional risk of them accusing me of breaking/stealing/etc their hardware. More to the point, mailing laptops back and forth is hairy business.

                – CL40
                Feb 20 at 16:32





                This is certainly a good suggestion. I think I would rather fire the client than have the additional risk of them accusing me of breaking/stealing/etc their hardware. More to the point, mailing laptops back and forth is hairy business.

                – CL40
                Feb 20 at 16:32













                Definitely not a favourable solution, but short of saying no and turning down business, this is as close as the OP can get to their client's wishes without sacrificing other clients' privacy

                – kolsyra
                Feb 20 at 19:20





                Definitely not a favourable solution, but short of saying no and turning down business, this is as close as the OP can get to their client's wishes without sacrificing other clients' privacy

                – kolsyra
                Feb 20 at 19:20













                Well, you can offer to buy it and re-bill them if you don't like the postal service, or to deal with the breaking/stealing accusations just flat charge them a setup fee and say you own the hardware but will not use it for any client other than them as long as they keep sending you work (as in, a small retainer or enough work per quarter to justify the space it occupies in your house). The more confident you are that they'll refuse any such terms, the closer this is to just saying no yourself.

                – Steve Jessop
                Feb 22 at 0:47






                Well, you can offer to buy it and re-bill them if you don't like the postal service, or to deal with the breaking/stealing accusations just flat charge them a setup fee and say you own the hardware but will not use it for any client other than them as long as they keep sending you work (as in, a small retainer or enough work per quarter to justify the space it occupies in your house). The more confident you are that they'll refuse any such terms, the closer this is to just saying no yourself.

                – Steve Jessop
                Feb 22 at 0:47












                3














                I have never even heard of this concept, maybe its an Americanism, but in the UK ... never.



                However, I did it to myself a long time ago in an attempt to help me fill out my timesheets at the end of the week by installing a program that kept track of what program was active every few seconds. I found that, as a software developer, the 2 programs I used the most by far, and I mean over 50% of the time combined, were Firefox and Microsoft Word.



                Word is obvious, all those specs and documents, but Firefox's 2 main websites viewed were StackOverflow and MSDN (3rd FYI was Outlook.. don't you love corporate work environments!)



                So my problem quickly became how to tell what I was working on, if a significant amount of my time was spent reading stuff, even though it was work-related. I gave up as it was useless (if fun statistically).



                So unless they're just being paranoid that you're working (rather than judging you by results) then tell them you don't use it because its a waste of time.






                share|improve this answer


















                • 1





                  I don't think this concept is uniquely American (I am American). Many sweat shop sites use this, and I suspect the client I am referring to commonly uses these.

                  – CL40
                  Feb 20 at 16:31












                • @CL40 ah well, that's why I've never heard of it - I don't use coding sweat shop sites! Others should do the same as me in this regard :-)

                  – gbjbaanb
                  Feb 22 at 23:02















                3














                I have never even heard of this concept, maybe its an Americanism, but in the UK ... never.



                However, I did it to myself a long time ago in an attempt to help me fill out my timesheets at the end of the week by installing a program that kept track of what program was active every few seconds. I found that, as a software developer, the 2 programs I used the most by far, and I mean over 50% of the time combined, were Firefox and Microsoft Word.



                Word is obvious, all those specs and documents, but Firefox's 2 main websites viewed were StackOverflow and MSDN (3rd FYI was Outlook.. don't you love corporate work environments!)



                So my problem quickly became how to tell what I was working on, if a significant amount of my time was spent reading stuff, even though it was work-related. I gave up as it was useless (if fun statistically).



                So unless they're just being paranoid that you're working (rather than judging you by results) then tell them you don't use it because its a waste of time.






                share|improve this answer


















                • 1





                  I don't think this concept is uniquely American (I am American). Many sweat shop sites use this, and I suspect the client I am referring to commonly uses these.

                  – CL40
                  Feb 20 at 16:31












                • @CL40 ah well, that's why I've never heard of it - I don't use coding sweat shop sites! Others should do the same as me in this regard :-)

                  – gbjbaanb
                  Feb 22 at 23:02













                3












                3








                3







                I have never even heard of this concept, maybe its an Americanism, but in the UK ... never.



                However, I did it to myself a long time ago in an attempt to help me fill out my timesheets at the end of the week by installing a program that kept track of what program was active every few seconds. I found that, as a software developer, the 2 programs I used the most by far, and I mean over 50% of the time combined, were Firefox and Microsoft Word.



                Word is obvious, all those specs and documents, but Firefox's 2 main websites viewed were StackOverflow and MSDN (3rd FYI was Outlook.. don't you love corporate work environments!)



                So my problem quickly became how to tell what I was working on, if a significant amount of my time was spent reading stuff, even though it was work-related. I gave up as it was useless (if fun statistically).



                So unless they're just being paranoid that you're working (rather than judging you by results) then tell them you don't use it because its a waste of time.






                share|improve this answer













                I have never even heard of this concept, maybe its an Americanism, but in the UK ... never.



                However, I did it to myself a long time ago in an attempt to help me fill out my timesheets at the end of the week by installing a program that kept track of what program was active every few seconds. I found that, as a software developer, the 2 programs I used the most by far, and I mean over 50% of the time combined, were Firefox and Microsoft Word.



                Word is obvious, all those specs and documents, but Firefox's 2 main websites viewed were StackOverflow and MSDN (3rd FYI was Outlook.. don't you love corporate work environments!)



                So my problem quickly became how to tell what I was working on, if a significant amount of my time was spent reading stuff, even though it was work-related. I gave up as it was useless (if fun statistically).



                So unless they're just being paranoid that you're working (rather than judging you by results) then tell them you don't use it because its a waste of time.







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Feb 20 at 16:18









                gbjbaanbgbjbaanb

                2,4201119




                2,4201119







                • 1





                  I don't think this concept is uniquely American (I am American). Many sweat shop sites use this, and I suspect the client I am referring to commonly uses these.

                  – CL40
                  Feb 20 at 16:31












                • @CL40 ah well, that's why I've never heard of it - I don't use coding sweat shop sites! Others should do the same as me in this regard :-)

                  – gbjbaanb
                  Feb 22 at 23:02












                • 1





                  I don't think this concept is uniquely American (I am American). Many sweat shop sites use this, and I suspect the client I am referring to commonly uses these.

                  – CL40
                  Feb 20 at 16:31












                • @CL40 ah well, that's why I've never heard of it - I don't use coding sweat shop sites! Others should do the same as me in this regard :-)

                  – gbjbaanb
                  Feb 22 at 23:02







                1




                1





                I don't think this concept is uniquely American (I am American). Many sweat shop sites use this, and I suspect the client I am referring to commonly uses these.

                – CL40
                Feb 20 at 16:31






                I don't think this concept is uniquely American (I am American). Many sweat shop sites use this, and I suspect the client I am referring to commonly uses these.

                – CL40
                Feb 20 at 16:31














                @CL40 ah well, that's why I've never heard of it - I don't use coding sweat shop sites! Others should do the same as me in this regard :-)

                – gbjbaanb
                Feb 22 at 23:02





                @CL40 ah well, that's why I've never heard of it - I don't use coding sweat shop sites! Others should do the same as me in this regard :-)

                – gbjbaanb
                Feb 22 at 23:02











                2














                It's better to avoid uncomfortable clients.



                How to do this?



                Increasing your rate for them.



                If they have special requests like this, just double your rate.



                If they agree or not, in any case you gain.






                share|improve this answer




















                • 4





                  This still does not solve the problem of security. Even if they offered to pay me 9x the rate they initially offered - is it worth risking another clients IP (and a legal battle over an NDA)? I guess it depends on how big "9x" is, but in general I'd say no.

                  – CL40
                  Feb 23 at 3:09











                • if rate is very very high, you can use separate laptop for this client

                  – Alexan
                  Feb 23 at 3:41















                2














                It's better to avoid uncomfortable clients.



                How to do this?



                Increasing your rate for them.



                If they have special requests like this, just double your rate.



                If they agree or not, in any case you gain.






                share|improve this answer




















                • 4





                  This still does not solve the problem of security. Even if they offered to pay me 9x the rate they initially offered - is it worth risking another clients IP (and a legal battle over an NDA)? I guess it depends on how big "9x" is, but in general I'd say no.

                  – CL40
                  Feb 23 at 3:09











                • if rate is very very high, you can use separate laptop for this client

                  – Alexan
                  Feb 23 at 3:41













                2












                2








                2







                It's better to avoid uncomfortable clients.



                How to do this?



                Increasing your rate for them.



                If they have special requests like this, just double your rate.



                If they agree or not, in any case you gain.






                share|improve this answer















                It's better to avoid uncomfortable clients.



                How to do this?



                Increasing your rate for them.



                If they have special requests like this, just double your rate.



                If they agree or not, in any case you gain.







                share|improve this answer














                share|improve this answer



                share|improve this answer








                edited Feb 22 at 23:55

























                answered Feb 22 at 16:21









                AlexanAlexan

                265311




                265311







                • 4





                  This still does not solve the problem of security. Even if they offered to pay me 9x the rate they initially offered - is it worth risking another clients IP (and a legal battle over an NDA)? I guess it depends on how big "9x" is, but in general I'd say no.

                  – CL40
                  Feb 23 at 3:09











                • if rate is very very high, you can use separate laptop for this client

                  – Alexan
                  Feb 23 at 3:41












                • 4





                  This still does not solve the problem of security. Even if they offered to pay me 9x the rate they initially offered - is it worth risking another clients IP (and a legal battle over an NDA)? I guess it depends on how big "9x" is, but in general I'd say no.

                  – CL40
                  Feb 23 at 3:09











                • if rate is very very high, you can use separate laptop for this client

                  – Alexan
                  Feb 23 at 3:41







                4




                4





                This still does not solve the problem of security. Even if they offered to pay me 9x the rate they initially offered - is it worth risking another clients IP (and a legal battle over an NDA)? I guess it depends on how big "9x" is, but in general I'd say no.

                – CL40
                Feb 23 at 3:09





                This still does not solve the problem of security. Even if they offered to pay me 9x the rate they initially offered - is it worth risking another clients IP (and a legal battle over an NDA)? I guess it depends on how big "9x" is, but in general I'd say no.

                – CL40
                Feb 23 at 3:09













                if rate is very very high, you can use separate laptop for this client

                – Alexan
                Feb 23 at 3:41





                if rate is very very high, you can use separate laptop for this client

                – Alexan
                Feb 23 at 3:41











                1














                My answer is similar to Peteris's but a bit further.



                While being monitored, it's foolish to not treat this workstation as known infected with spyware. It should be in a DMZ on your network (or have its access restricted to egress and nothing else).



                Knowing that someone doesn't trust me is annoying--I understand they don't necessarily know I'm trustworthy--but it's still difficult to not find this insulting.



                The only way I'd ever agree to a intrusion like this is if the expected pay would more than cover



                a) the cost of a workstation dedicated to the task, and



                b) the requisite hassle for setting it up as above, and



                c) being enough left over to justify the work at all.



                Even so, I'd likely consider a VM.



                Obviously there are other factors: How much do you need the work? How likely is this client to bring you future work--or refer other appealing clients?



                As for how common this is...I've never seen it, but that's my experience.






                share|improve this answer



























                  1














                  My answer is similar to Peteris's but a bit further.



                  While being monitored, it's foolish to not treat this workstation as known infected with spyware. It should be in a DMZ on your network (or have its access restricted to egress and nothing else).



                  Knowing that someone doesn't trust me is annoying--I understand they don't necessarily know I'm trustworthy--but it's still difficult to not find this insulting.



                  The only way I'd ever agree to a intrusion like this is if the expected pay would more than cover



                  a) the cost of a workstation dedicated to the task, and



                  b) the requisite hassle for setting it up as above, and



                  c) being enough left over to justify the work at all.



                  Even so, I'd likely consider a VM.



                  Obviously there are other factors: How much do you need the work? How likely is this client to bring you future work--or refer other appealing clients?



                  As for how common this is...I've never seen it, but that's my experience.






                  share|improve this answer

























                    1












                    1








                    1







                    My answer is similar to Peteris's but a bit further.



                    While being monitored, it's foolish to not treat this workstation as known infected with spyware. It should be in a DMZ on your network (or have its access restricted to egress and nothing else).



                    Knowing that someone doesn't trust me is annoying--I understand they don't necessarily know I'm trustworthy--but it's still difficult to not find this insulting.



                    The only way I'd ever agree to a intrusion like this is if the expected pay would more than cover



                    a) the cost of a workstation dedicated to the task, and



                    b) the requisite hassle for setting it up as above, and



                    c) being enough left over to justify the work at all.



                    Even so, I'd likely consider a VM.



                    Obviously there are other factors: How much do you need the work? How likely is this client to bring you future work--or refer other appealing clients?



                    As for how common this is...I've never seen it, but that's my experience.






                    share|improve this answer













                    My answer is similar to Peteris's but a bit further.



                    While being monitored, it's foolish to not treat this workstation as known infected with spyware. It should be in a DMZ on your network (or have its access restricted to egress and nothing else).



                    Knowing that someone doesn't trust me is annoying--I understand they don't necessarily know I'm trustworthy--but it's still difficult to not find this insulting.



                    The only way I'd ever agree to a intrusion like this is if the expected pay would more than cover



                    a) the cost of a workstation dedicated to the task, and



                    b) the requisite hassle for setting it up as above, and



                    c) being enough left over to justify the work at all.



                    Even so, I'd likely consider a VM.



                    Obviously there are other factors: How much do you need the work? How likely is this client to bring you future work--or refer other appealing clients?



                    As for how common this is...I've never seen it, but that's my experience.







                    share|improve this answer












                    share|improve this answer



                    share|improve this answer










                    answered Feb 20 at 20:16









                    zedmelonzedmelon

                    212




                    212





















                        1














                        If you are in the UK, and claiming to be working as a contractor, HMRC (Her Majesty's Revenue and Customs) will have a field day. As a contractor, you get paid to do the work - there is no way you would let someone observe your work in so much detail unless you are an employee. So if they find out about this, it will cost you a ton of money.



                        This is on top of all the arguments about security, privacy, possible exposure of other clients' data and so on.






                        share|improve this answer



























                          1














                          If you are in the UK, and claiming to be working as a contractor, HMRC (Her Majesty's Revenue and Customs) will have a field day. As a contractor, you get paid to do the work - there is no way you would let someone observe your work in so much detail unless you are an employee. So if they find out about this, it will cost you a ton of money.



                          This is on top of all the arguments about security, privacy, possible exposure of other clients' data and so on.






                          share|improve this answer

























                            1












                            1








                            1







                            If you are in the UK, and claiming to be working as a contractor, HMRC (Her Majesty's Revenue and Customs) will have a field day. As a contractor, you get paid to do the work - there is no way you would let someone observe your work in so much detail unless you are an employee. So if they find out about this, it will cost you a ton of money.



                            This is on top of all the arguments about security, privacy, possible exposure of other clients' data and so on.






                            share|improve this answer













                            If you are in the UK, and claiming to be working as a contractor, HMRC (Her Majesty's Revenue and Customs) will have a field day. As a contractor, you get paid to do the work - there is no way you would let someone observe your work in so much detail unless you are an employee. So if they find out about this, it will cost you a ton of money.



                            This is on top of all the arguments about security, privacy, possible exposure of other clients' data and so on.







                            share|improve this answer












                            share|improve this answer



                            share|improve this answer










                            answered Feb 20 at 23:25









                            gnasher729gnasher729

                            89.3k40157280




                            89.3k40157280





















                                -1














                                Screenshot time-tracking is not common. But if applied properly, it is beneficial for everyone.



                                1. Such a request is normal only for their own devices.



                                I have met such a behavior at clients and I can understand it. As far as it is happening only on their device dedicated for accessing their infrastructure, this is not a concern. For other cases, read further:



                                I am always using tracking of my activities with benefit, but the recordings must remain internal.



                                2. When working on my computer, the recording is mine, not theirs.



                                During my software developer contracting period, I deliberately found and installed a tool which records window on top and screenshots. It gave me flexibility on addressing multiple projects and customers, switching between them without need of immediate writing down their hours, billing them accurately and auditing myself if I needed to additionally review my time spent. Moreover, if some work got lost due to editor instability, it was easy to restore it from screenshots. At that time, I would disclose the screenshots to the customer, but only during their personal presence in my office, with me controlling the computer and without video recording. That way they would be able to verify my billed periods and even if other screenshots would briefly appear on screen for 0.3 secs, I would not see it as a concern. If they would ask to have a few screenshots, I would redact them to remove unrelated information first.



                                3. The recording can be fully disclosed only if made on their workstation.



                                Applies to both freelancing and employment. Also in my case, during my current employment period, I continue to use this tool to give accurate billing for all projects. And here, I would give the entire track to my employer, even proactively (I mean, recording is my initiative, not their requirement) because on company's computer I have nothing to hide.






                                share|improve this answer

























                                • If voting down, I would appreciate if you explain the problems you found in the answer.

                                  – miroxlav
                                  Feb 22 at 15:25
















                                -1














                                Screenshot time-tracking is not common. But if applied properly, it is beneficial for everyone.



                                1. Such a request is normal only for their own devices.



                                I have met such a behavior at clients and I can understand it. As far as it is happening only on their device dedicated for accessing their infrastructure, this is not a concern. For other cases, read further:



                                I am always using tracking of my activities with benefit, but the recordings must remain internal.



                                2. When working on my computer, the recording is mine, not theirs.



                                During my software developer contracting period, I deliberately found and installed a tool which records window on top and screenshots. It gave me flexibility on addressing multiple projects and customers, switching between them without need of immediate writing down their hours, billing them accurately and auditing myself if I needed to additionally review my time spent. Moreover, if some work got lost due to editor instability, it was easy to restore it from screenshots. At that time, I would disclose the screenshots to the customer, but only during their personal presence in my office, with me controlling the computer and without video recording. That way they would be able to verify my billed periods and even if other screenshots would briefly appear on screen for 0.3 secs, I would not see it as a concern. If they would ask to have a few screenshots, I would redact them to remove unrelated information first.



                                3. The recording can be fully disclosed only if made on their workstation.



                                Applies to both freelancing and employment. Also in my case, during my current employment period, I continue to use this tool to give accurate billing for all projects. And here, I would give the entire track to my employer, even proactively (I mean, recording is my initiative, not their requirement) because on company's computer I have nothing to hide.






                                share|improve this answer

























                                • If voting down, I would appreciate if you explain the problems you found in the answer.

                                  – miroxlav
                                  Feb 22 at 15:25














                                -1












                                -1








                                -1







                                Screenshot time-tracking is not common. But if applied properly, it is beneficial for everyone.



                                1. Such a request is normal only for their own devices.



                                I have met such a behavior at clients and I can understand it. As far as it is happening only on their device dedicated for accessing their infrastructure, this is not a concern. For other cases, read further:



                                I am always using tracking of my activities with benefit, but the recordings must remain internal.



                                2. When working on my computer, the recording is mine, not theirs.



                                During my software developer contracting period, I deliberately found and installed a tool which records window on top and screenshots. It gave me flexibility on addressing multiple projects and customers, switching between them without need of immediate writing down their hours, billing them accurately and auditing myself if I needed to additionally review my time spent. Moreover, if some work got lost due to editor instability, it was easy to restore it from screenshots. At that time, I would disclose the screenshots to the customer, but only during their personal presence in my office, with me controlling the computer and without video recording. That way they would be able to verify my billed periods and even if other screenshots would briefly appear on screen for 0.3 secs, I would not see it as a concern. If they would ask to have a few screenshots, I would redact them to remove unrelated information first.



                                3. The recording can be fully disclosed only if made on their workstation.



                                Applies to both freelancing and employment. Also in my case, during my current employment period, I continue to use this tool to give accurate billing for all projects. And here, I would give the entire track to my employer, even proactively (I mean, recording is my initiative, not their requirement) because on company's computer I have nothing to hide.






                                share|improve this answer















                                Screenshot time-tracking is not common. But if applied properly, it is beneficial for everyone.



                                1. Such a request is normal only for their own devices.



                                I have met such a behavior at clients and I can understand it. As far as it is happening only on their device dedicated for accessing their infrastructure, this is not a concern. For other cases, read further:



                                I am always using tracking of my activities with benefit, but the recordings must remain internal.



                                2. When working on my computer, the recording is mine, not theirs.



                                During my software developer contracting period, I deliberately found and installed a tool which records window on top and screenshots. It gave me flexibility on addressing multiple projects and customers, switching between them without need of immediate writing down their hours, billing them accurately and auditing myself if I needed to additionally review my time spent. Moreover, if some work got lost due to editor instability, it was easy to restore it from screenshots. At that time, I would disclose the screenshots to the customer, but only during their personal presence in my office, with me controlling the computer and without video recording. That way they would be able to verify my billed periods and even if other screenshots would briefly appear on screen for 0.3 secs, I would not see it as a concern. If they would ask to have a few screenshots, I would redact them to remove unrelated information first.



                                3. The recording can be fully disclosed only if made on their workstation.



                                Applies to both freelancing and employment. Also in my case, during my current employment period, I continue to use this tool to give accurate billing for all projects. And here, I would give the entire track to my employer, even proactively (I mean, recording is my initiative, not their requirement) because on company's computer I have nothing to hide.







                                share|improve this answer














                                share|improve this answer



                                share|improve this answer








                                edited Feb 21 at 9:28

























                                answered Feb 21 at 8:50









                                miroxlavmiroxlav

                                1,039912




                                1,039912












                                • If voting down, I would appreciate if you explain the problems you found in the answer.

                                  – miroxlav
                                  Feb 22 at 15:25


















                                • If voting down, I would appreciate if you explain the problems you found in the answer.

                                  – miroxlav
                                  Feb 22 at 15:25

















                                If voting down, I would appreciate if you explain the problems you found in the answer.

                                – miroxlav
                                Feb 22 at 15:25






                                If voting down, I would appreciate if you explain the problems you found in the answer.

                                – miroxlav
                                Feb 22 at 15:25






                                protected by Jane S Feb 20 at 20:59



                                Thank you for your interest in this question.
                                Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).



                                Would you like to answer one of these unanswered questions instead?


                                Popular posts from this blog

                                How to check contact read email or not when send email to Individual?

                                Displaying single band from multi-band raster using QGIS

                                How many registers does an x86_64 CPU actually have?