As the New York Times reports the situation, it sounds like the crime HP may have committed is only around "pretexting".  Pretexting is a method of social engineering where the caller pretends to be the owner of a phone number and seeks to obtain phone records from the phone company.  I have no problem with investigating that type of crime because I believe that HP stepped over the line in investigating the personal records of employees and/or board members.

I do not have a problem with is a company conducting an internal security investigation when done through proper channels.  It looks like the Chairwoman, Patricia C. Dunn, went through the proper channels by getting both the head of HP security and general counsel involved in the investigation.  The thing people do not understand is that the company they work for owns the network, email, phones and voicemail.  The employee to which these items have been assigned to for company use, do not own them or the records they create.  The company does.