Court Says Employees Have No Expectation Of Privacy For Stuff On Company Owned Computers
from the well,-duh dept
A court ruling in New Jersey doesn't seem all that surprising, but may lead to more legal questions in the future. The case involved an employee who was stealing from his employer. The employee was eventually found guilty of the theft, but argued that the evidence used against him was gathered illegally, in that it was in a password protected file on his company-owned laptop. It's actually a little more confusing, as the guy actually claimed the laptop was his, but that turned out not to be true. He had originally purchased the computer using his employers credit card... but then still pretended the computer was his personal laptop. Yet, later, he "sold" the laptop to the company -- so realistically, the company had bought the laptop twice.So, then the legal question was whether or not the guy had a "reasonable expectation of privacy" for stuff stored on that laptop, especially in a password protected file. The court ruled no, that an employee does not have a reasonable expectation for privacy, and that, effectively, anything on the computer is fair game for the employer (even if it's password protected).
You can understand the reasoning there, as it makes sense that a company should feel free to go through the contents of a computer it owns. However, it does raise some other questions. Earlier this summer, we wrote about another case in which a company continued to read the personal email of a fired employee, because he had left his personal online email account logged in from the company-owned laptop. While that seems different, is it really that big a leap from data stored on the local hard drive, to data stored on a remote hard drive, accessed via a web browser? It does, however, start to become a much trickier question, especially as more data and apps move from the local laptop into the "cloud" and as work and life boundaries blur.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
What was he thinking
[ link to this | view in thread ]
Illusive
[ link to this | view in thread ]
Re: Illusive
[ link to this | view in thread ]
Honestly folks...
[ link to this | view in thread ]
Why didn't he wipe the system prior to turning it over to them?
[ link to this | view in thread ]
Re: Illusive
[ link to this | view in thread ]
One word...
Let them chew on that.
[ link to this | view in thread ]
Key loggers
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Key loggers
Well, a lot of people would check their account balances, make fund transfers, etc. during their lunch breaks at their desks over the phone using the automated touch-tone systems. Little did they know that the company wound up with records of their bank numbers, account numbers and the PINs to go along with them. The company was eventually bought out and reorganized numerous times. Who knows were all that information wound up. Anybody with access to a pay phone could have probably cleaned out those accounts very easily.
[ link to this | view in thread ]
Seriously?
By that respect any person committing... let's say any "real world" crime owns the data of their crime. Can he claim he owns copyright on what he said while committing the act, patent on his methods, or trademark if he's a serial offender? All BS aside, this isn't really worthy of techdirt.com. He committed a crime and left evidence in a place he didn't have ownership over. The lesson: if you feel compelled to be a thief, don't cry about how you own the evidence of your crime when it's created and stored somewhere you DON'T OWN. If he quit while storing important documents in a locked company filing cabinet, would anyone here have any issue with the company taking a pry-bar to the cabinet after he left and took the keys?
[ link to this | view in thread ]
Re: Re: Key loggers
[ link to this | view in thread ]
Re: Honestly folks...
[ link to this | view in thread ]
Re: One word...
Let them chew on that.
Hardware key logger. Gotcha covered.
[ link to this | view in thread ]
Does the company really have all the rights over the employee?
[ link to this | view in thread ]
Trial by Jury Solves This!
We don't need more laws, or more clarification of laws, we need jurors who're aware of their rights and are willing to vote their conscience, not just go along with the laws as presented by the "system".
Jury Nullification. Look it up.
[ link to this | view in thread ]
Why so surprised?
Here's a news flash for you, the internet IS public. Ok, you have things like email where you have entrusted another organization to keep your works out of other peoples eyes, but seriously, when you send information online it transfers through any number of servers that are guess what, not controlled by you.
Say what you want about how people should behave, but when you entrust things to travel through the hands of others, and trust them not to look, you've done so at your own risk. Any laws or TOS simply mitigate that risk.
If you make data publicly available, the only person you may blame a number of people who didn't protect you're privacy, but guess what, it's your privacy and ultimately you're responsibility. once you make information public, it's out there, and you can't pull it back.
[ link to this | view in thread ]
Re: Why so surprised?
True. Once again, never go out without being well armed. Preferably with automatic weapons. I recommend the AK-47 for its generally higher reliability in the hands of casual users.
If you go out in public, you're ultimately responsible for your own safety too.
[ link to this | view in thread ]
Working Tools
This is pretty relevant to weather or not my own equipment and tools ever become the property of the company if they are attached to the corporate network. I sure hope not.
[ link to this | view in thread ]
Who owns what?
Just because you plug your thumb drive into a company computer doesn't make it theirs. Data, on the other hand, gets much more vague. Was the data stored on company time and/or using company assets? If so, who owns the data? These are questions yet to be tested by the courts.
However these are not the questions raised in this case. To sacrifice an analogy, we all know that when you put your trash out at the curb you no longer hold any rights over it's contents. In this case he might as well have typed out his own evidence on a typewriter, put it in a shredder, and thrown it in the company's trash.
There is a distinction that needs to be made here. Let’s look at the facts. Long after he left he became suspected of embezzling and the company decided to access data stored on its property. Let’s look at the premise from the other side of the coin. This is no different than hiring a contractor into your house for maintenance. If you suspect he stole from you, then as the homeowner it is your right to allow the authorities into your property and search for any incriminating evidence the contractor may have left behind.
[ link to this | view in thread ]
Re: Re: One word...
[ link to this | view in thread ]
Ownership
Also, some companies lock down computers so much that you can not really do a whole lot. For example, the company I work for, I have no access to the HDD, USB, CD-ROM, I can't even change the clock on my desktop let alone connect a flash drive.
[ link to this | view in thread ]
Re: Key loggers
==========================================
Don't do your banking on company property. I realize that's over-simplifying it. I strongly believe in and advocate privacy rights, but when you're on your employers infrastructure you do not and should not have any right to privacy unless such is explicitly given to you.
So I guess the solution is one of:
1.) don't bank at work
2.) bank with your own laptop/cellphone at work
[ link to this | view in thread ]
Browser reading company cache
[ link to this | view in thread ]
Re: Working Tools
[ link to this | view in thread ]
I understand that there was a criminal investigation in this case. I don't doubt the guy was a scammer. But at no point was a warrant obtained to search the locked file, as is our Constitutional right.
[ link to this | view in thread ]
Re: Re: One word...
[ link to this | view in thread ]
Re: Re: Re: One word...
[ link to this | view in thread ]
At most, the company can look at the email headers that come up. Any clicking on anything on that account is illegal.
[ link to this | view in thread ]
Re: Does the company really have all the rights over the employee?
[ link to this | view in thread ]
Re: Ownership
No wonder.
[ link to this | view in thread ]
Extending ownership
"Any devices you attach to any company-supplied computers, becomes the property of the company."
If I was that guy, I'd have challenged the admissibility of the document in question. "Yer honour, that's not mine, I'm being framed by an evil collegue!"
It worked for this guy;
http://www.theregister.co.uk/2003/04/24/trojan_defence_clears_man/
[ link to this | view in thread ]
Re: Re: Working Tools
[ link to this | view in thread ]
This is the very same reason that companies only want you to use their computers and their software for company business, because it strengthens their ownership claims. A better case study would be where an employee was forced to buy a hardware asset, like a laptop, to do company business. There the employee would be able to make a claim that the employee not the employer owns the data.
For anyone that has spent more than a year or two in the working world knows that everything you do on a company computer or a company owned asset is considered owned by the company. The only ones arguing against that are students, those living in denial, and folks that simply like to argue a contrary position.
You want to see draconian get a job as an engineer or a scientist and read the NDA's and patent agreements you are forced to sign.
[ link to this | view in thread ]
Re: Re: Key loggers
[ link to this | view in thread ]
Re: Re: Key loggers
[ link to this | view in thread ]
Re: Re: Key loggers
I remember reading a story where an employer was found to have installed hidden video cameras connected to recorders in the ladies' toilet. The employer pointed out that he owned the toilets and never explicity told the employees that they had any "privacy" in the toilets. Yet a court found that it was reasonable for employees to expect so anyway. Some courts just don't "get it", do they?
[ link to this | view in thread ]
Re: Re: Does the company really have all the rights over the employee?
That would include your fingerprints and DNA because as soon as you touch it you are probably leaving copies of both behind on it. If you don't like that then you should wear a full haz-mat suit to work, eh?
[ link to this | view in thread ]
Re: Re: Does the company really have all the rights over the employee?
That would include your fingerprints and DNA because as soon as you touch it you are probably leaving copies of both behind on it. If you don't like that then you should wear a full haz-mat suit to work, eh?
(sorry for the double post, don't know how the first one got screwed up)
[ link to this | view in thread ]
Re: Re: Re: One word...
[ link to this | view in thread ]
Re: Re: Re: One word...
Are you thinking that they have to be external? If so, then you don't know much about them. They can be internal as well. And many companies put tamper-evident physical "security seals" on company computers, the breaking of which can be cause for termination. Now you know one of the reasons why they might like to do that. (Some "enterprise" computers also have "intrusion detection" switches and BIOS's won't even let a computer boot if the case has been opened until a special password is entered.)
[ link to this | view in thread ]
Re: One word...
[ link to this | view in thread ]
Re: Re: Re: Does the company really have all the rights over the employee?
[ link to this | view in thread ]
by Paul
[ link to this | view in thread ]
Re: Re: Re: Re: One word...
[ link to this | view in thread ]
Re: Re: Re: Re: Re: One word...
Resorting to profanity and name calling, eh? I guess once you've made such stupid statements you might as well. I mean, you don't really have much credibility left to loose anyway.
[ link to this | view in thread ]
Re: Re: Re: Re: Does the company really have all the rights over the employee?
What's your point?
I'm sorry, I thought it would be clear. The point is that if it is indeed true that any personal information you leave on a company machine becomes company property (which of course they can then sell or do with as they please) and you don't want them doing that with your fingerprints and DNA (very personal information) then there are few options to prevent that. But again, that's only if the original premise is true.
[ link to this | view in thread ]
Re:
That's a pretty broad statement. So you're saying that the court ruling about hidden cameras in company toilets no longer stands? Are you sure you're a licensed attorney?
[ link to this | view in thread ]
The company may own the laptop, but I'm pretty he certain that he owns the data,
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re: One word...
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Re: Re: One word...
Hey, you caught a typo! Congratulations! Is it your first? Did you get your picture taken with it? Too bad there isn't some way you could have it mounted and hung on your wall where you could sit and gaze at it for hours on end. Oh, and by the way, "Mom's" shouldn't be capitalized there.
[ link to this | view in thread ]
Re: Re: Re: Re: Re: Does the company really have all the rights over the employee?
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
Correct usage:
I'm going to call Mom tonight.
or
I was on top of your mom last night.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
You used capitalization correctly! /thread
Sorry about your mom. :(
[ link to this | view in thread ]
Re: Re: Re: Key loggers
secondly, just because you store information, you don't own it. If that were the case, we would all own the information on any webpage we see, because whatever server is freely giving the information to us
and lastly, my private phone line, I might own the cable within the confines of my property, but somebody else owns the part from my house to the central and so forth. Wouldn't whoever owns that, by your same reasoning, subsequently own any information I send over my phone line? Yet the law doesn't seem to agree with you on that one, now does it?
[ link to this | view in thread ]
Re: Re: Re: Key loggers
seems to me like it's mainly you who's confused
[ link to this | view in thread ]