Duh, Don't Leave A Thumb Drive With Child Porn Plugged Into A Shared Computer
from the plain-view dept
Jim submitted this story about a paramedic who left a thumb drive containing child pornography plugged into a shared computer. A coworker later found the files on the thumb drive, and the owner of the drive was brought up on charges for the offending files.Obviously child pornography is a serious crime and needs to be stopped; that's not the issue that is in question here. As law professor Orin Kerr points, out, the concern here is whether or not looking through the contents of an inadvertently plugged in thumb drive constitutes an unreasonable search and seizure and a violation of our fourth amendment rights. In this case, United States v. Durdley, the district court ruled that leaving a thumb drive in a shared computer removed an expectation of privacy since no extraordinary means were necessary to access those files:
Durdley's files were exposed to anyone who sat down at the computer station who used the traditional means for opening and viewing files (such as Windows Explorer and the My Computer icon). Johnson encountered the files without employing any special means or intruding into any area which Durdley could reasonably expect to remain private once he left the drive attached to the common-use computer. The Court concludes, therefore, that Mr. Durdley had no more reasonable expectation of privacy in the contents of the thumb drive once he attached it to the common-use computer than the defendant in King did in his drive once he attached it to the airbase network.Kerr disagrees with the ruling, and equates leaving a thumb drive plugged into a shared computer to leaving luggage in a bus terminal:
I think the social norm is that when you see a private person's thumb drive on a shared-use computer, it's understood that you're invading that person's privacy if you start clicking around to see what the files are. It's kind of like someone leaving their luggage in the waiting room of a bus station. If the owner leaves the luggage behind for some reason, no one would see that as a waiver of privacy rights in the luggage or an invitation to unzip the luggage and look around.It's hard to see how opening someone else's luggage is remotely close to looking at files on a thumb drive. Whereas luggage has clear physical boundaries, once a thumb drive is part of a file system, those barriers no longer exist. After all, when a thumb drive is plugged into a PC, it appears as a drive under "My Computer" and looks very similar to the other drives attached to the computer. So, if we really want a real-world analogy, a more appropriate one would be an open suitcase in a public bus station. Sure, while it's kind of nosy to peek inside, things in plain view have long been understood to not be protected under the fourth amendment.
So, the moral of the story is, if you have files you don't want people looking at, it's best to not leave your thumb drives plugged into shared computers. Even better, don't have illegal files in the first place.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: fourth amendment, privacy
Reader Comments
Subscribe: RSS
View by: Time | Thread
Because the files on the drive are accessible, but you have to navigate to them to actually see what's in there. The unzipped suitcase is accessible, but you have to open it to actually see what's there.
To be like an open suitcase, he would have had to open some files, and then walk away from the computer. Then you can see what's there without having to open the files, or the suitcase.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
I could easily put a thumb drive into anyone of my co-worker's computers (I work at a tech reseller, 100's of computers around) to get them fired, blackmail, etc. There are hundreds of them laying around. The same thing could happen to me.
Proving ownership should be the standard, not just discovering the evidence.
[ link to this | view in chronology ]
Re: Re:
If it is a plant, then his drive should come up clean. Now, I don't want to set off a "OMG guilty until innocent!!!" argument. They already have the guy, so it is reasonable for them to want to fully investigate his belongings to see if he is innocent or guilty.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Not an easy call...
There a are a few issues here, now often evidence discovered by a civilian even if the search would have been improper by law enforcement standards is still considered admirable as long as that person was not acting as an agent of said law enforcement, however because they were county employees that question gets a little muddy. On the other side of the equation is the fact that this was a work computer, with most employers you agree to the fact that those systems are NOT considered private in any way. Therefore when (presumably) his supervisor inspected what was being done with that machine, it was quite likely perfectly legitimate.
[ link to this | view in chronology ]
Re: Not an easy call...
No it isn't. Suppose that drive had been left by a more senior officer and contained confidential information about other employees outside the supervisors area of responsibility.
Alternatively, even if the owner is identified as an employee in the supervisor's area of responsibility there are all kinds of private information that could quite legitimately be there that it would be improper for the supervisor to access.
To my mind the situation is quite clear. You don't poke around in what isn't yours without permission from the owner - except in the cause of finding out who the owner is.
The suitcase analogy is somewhat flawed, however I would say that anything that is clearly visible (an open file or perhaps a top level directory listing - assuming that the drive name doesn't clearly identify the owner) is OK - but opening files or sub-directories is not - just like you wouldn't assume that the suitcase being open means that you can open up the washbag inside it.
[ link to this | view in chronology ]
Re: Re: Not an easy call...
Sorry, but you're mistaken here. The first thing one must do is recognize who owns the computer in question.
From this position, the owner certainly has full rights to view anything on their machine. In this regard to the article, any employee had every right to search the computer's open ports storing files.
If owners are concerned about issues like this, they would have prevented any need to attach additional storage for which the computer itself was not capable of providing on its own.
Now, had this been a computer at "Local Cafe", the line gets gray. Truth be told, most people will fish in files which don't belong to them, if not only out of curiosity (or possible identification) to return the thumb drive.
However, at this point, "Local Cafe" would be completely justified to re-attach the thumb drive to ensure their systems weren't compromised or additional files were not added. Owners should have this power (just as they have the power to block).
I concur, in part, with the moral. But the better moral would be "Don't be stupid to use a personal drive on public computer". The risks to the data increase if one is completely unaware how the computer is set up.
It blows my mind how people still remain PC illiterate despite them being commonplace for over 20 years now.
[ link to this | view in chronology ]
Re: Re: Re: Not an easy call...
Sometimes I get the sense that people do so intentionally to reduce responsibility. Contrast it with real world examples and it can seem stupid; if I don't post a letter properly it is my fault not the person who handles the mail.
Back to the story. While it would not make sense to do so, it is feasible for a computer to be set up to index files on all attached drives. Should that be seen as an unauthorised search? Many sane Windows admins do in fact mandate full scans on any attached media, would that be a violation also? You may even have an audit policy in place for particularly secure environments that tracks information about attached devices in case of an attack attempt.
From the over side, what is the difference between viewing your secure private email on a shared computer (reasonable expectation of privacy) and viewing information on an attached device? I would argue that you only have a reasonable expectation of privacy on the email because you have made attempts to secure it, any sane browser should not cache HTTPS sites by default because it is presumed that they are private. Had the information on the drive been encrypted then as long as it stays on the device I would say there would be reasonable expectation of privacy.
[ link to this | view in chronology ]
Re: Re: Not an easy call...
To my mind, the situation isn't nearly as clear.
When I attach my thumb drive to someone else's computer, it becomes a part of that machine. I expect that any process in that machine may access the data on my thumb drive. The drive becomes, in effect, public space as soon as I plug it into any machine that I don't own.
If I have information that is actually private (and I do -- business plans, etc.), then I encrypt it while it's on the drive.
[ link to this | view in chronology ]
I believe a better analogy would be a piece of paper left in the out tray of a printer. You would simply expect people to read it to find out who printed it so that it could be given to them.
[ link to this | view in chronology ]
Totally agree
But I disagree with the concept of the luggage in the bus terminal as not something that should be opened. If the luggage has no luggage tag, there is no way to figure out who owns it.
And many people have been told by airlines and travel experts to put their name, contact information, and destination in a piece of paper inside the luggage to help someone find them should the luggage be lost and the tag missing.
[ link to this | view in chronology ]
Re:
Good one. Thanks.
Yah, I used the bus station analogy since Kerr used it in his post analyzing the case, so I just modified his analogy a bit.
The shared printer analogy works particularly well because it makes the additional distinction between a "shared space" and a "public" place.
[ link to this | view in chronology ]
Anoyther case
If I leave it behind and a student searches through the files, finds and makes a copy of a "live" exam paper I would say the student has committed an academic misconduct.
My expectation would be that anyone finding the drive might look through the directory listing to see if there is a file that would help identify the owner - but beyond that it is a no-no.
[ link to this | view in chronology ]
A file that might identify the owner
Wouldn't it be logical and expected that a co-worker would open those files to see if they recognized any of the "kids".
Remember, it's a shared computer for a limited number of people who are affiliated with each other.
The co-worker could have the most benevolent of motives to look at the files.
And the owner of the thumb drive really has no expectation of privacy.
[ link to this | view in chronology ]
Re: A file that might identify the owner
I would like to point out to the University Lecturer that you knew the PC was public and you knew you were plugging your USB drive into said public PC. The consequences are yours. If you are so worried about it, encrypt your files (it's not that hard).
[ link to this | view in chronology ]
[ link to this | view in chronology ]
But let's say it's not wrong. Do you have a reasonable expectation of Microsoft not searching everything on your thumbdrive and sending that back to Redmond?
I just don't see where it stops. The suitcase is a valid analogy, you click a few buttons and it opens. The same is true of a flash drive. You can't see it, unless you click on it.
[ link to this | view in chronology ]
Re:
It is in "My Computer."
"You can't see it, unless you click on it"
If I do a search on the PC for ".jpg" I don't necessarily look at the source of the file before viewing AND the thumb drive will be included in the search and return results if they match the criteria.
[ link to this | view in chronology ]
Re: Re:
Also note that such search capabilities are typically disabled in publically accessible machines (they are at my University).
[ link to this | view in chronology ]
Re: Re: Re:
2)unless the computer is on the desk I'm not going to notice the thumbdrive unless I'm plugging my own in.
[ link to this | view in chronology ]
This is part of the reason that the DoD has banned thumb drives: they're too easy to lose or misplace and too often contain sensitive or even classified information.
[ link to this | view in chronology ]
Re:
Those same regs will tell you not to poke around in stuff that doesn't concern you.
[ link to this | view in chronology ]
Re: Re:
I don't get where people can ever believe anything you put onto a WORK COMPUTER is private. Seriously. You do not own the system. Yeah, you own the thumb drive, but you're using company equipment to access it. There goes your right to privacy.
[ link to this | view in chronology ]
Re: Re:
Since it is a shared machine it is reasonable to expect that any user might need to do a full search at any given time, and the search very well could return thumbnails of the images.
[ link to this | view in chronology ]
Re: #9
"CompanyX reserves the right to routinely audit systems usage for violations of the Computer and Systems Resources Acceptable Use Policy by authorized personnel, without advance notice to the user. Both activity and/or content may be monitored."
[ link to this | view in chronology ]
Re: Re: #9
is NOT the same thing as a random employee looking at files on someone else's thumbdrive - nowhere near.
[ link to this | view in chronology ]
Who put the content there?
Back to bus station, put something stolen that you don't want to be caught with into a pocket of an open case and wait to pick it up after customs.
Stool Pigeon
[ link to this | view in chronology ]
Not unlawful search...
Now "license check" road blocks on the street is an example of unlawful search.
[ link to this | view in chronology ]
Analogy
In the case of the thumbdrive - it could be argued that the perosn who finds it is reasonably expected to look at the files to try and determine ownership. Or at the leat - semi-polite to see if perhaps pictures can be found that could help return the dirve to the owner. If the person who found it saw who left the drive than they probably should have jsut pulled it and handed it to the owner. However, when people find electronic devices - picture files are the most common place to find clues concerning ownership - which would explain why the pictures were found so easily.
[ link to this | view in chronology ]
Seems to me the very reason it's admissible might be the best defense.
[ link to this | view in chronology ]
Viewing options in explorer
[ link to this | view in chronology ]
Computers at work
[ link to this | view in chronology ]
They'd open it up and look around for some kind of ID. If they then found child porn in that suit case and you returned to claim the case just at that moment. You'd be arrested and charged.
I'm not American and frankly don't give a monkeys about 4th amendment rights or whatever. This is a clear cut case of a paedophile being caught red handed and trying to use a convoluted technicality to worm his way out of charges and jail time with Bubba.
Why do courts tolerate this nonsense?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Better analogy
Nobody would question the right of the supervisor to look at the contents of the folder to find out who left it there.
They would question the sanity of the guy that would leave something like that lying around with his name on it...
[ link to this | view in chronology ]
Third Problem....
2. Found Child Porn
3. LAWYER TRYING TO DEFEND SOMEONE CONSUMING CHILD PORN!!!
[ link to this | view in chronology ]
Re: Third Problem....
Yawn.
[ link to this | view in chronology ]
Re: Third Problem....
You're right! Only certain criminals deserve the legal representation they are entitled to in our country!
I mean, c'mon! Do we REALLY need to defend these obviously guilty child porn consumers? Wouldn't our time be better served elsewhere? Child porn consumers don't deserve representation, and neither do rapists.
[ link to this | view in chronology ]
Re: Re: Third Problem....
[ link to this | view in chronology ]
Re: Third Problem....
[ link to this | view in chronology ]
Re: Third Problem....
[ link to this | view in chronology ]
Re: Third Problem....
[ link to this | view in chronology ]
it is more like
So what tiny paragraph can we write to make this seem legal, but really it is not.
A thumb drive is an open file, There is no expectation of privacy in Garbage. The list goes on and on.
Honestly we should just stop lying about what this country is about. Repeal the bill of rights and be done with it.
[ link to this | view in chronology ]
Re: it is more like
Please continue, so far you've listed two things and one of them is this story.
[ link to this | view in chronology ]
Re: Re: it is more like
I need to get some work done today, I will list more later if you want.
[ link to this | view in chronology ]
Re: Re: Re: it is more like
Thanks, that makes your point much more clear.
[ link to this | view in chronology ]
thumb drive
[ link to this | view in chronology ]
Re: thumb drive
Sigh....
[ link to this | view in chronology ]
pedo-files beware.
[ link to this | view in chronology ]
Amazing
Lou
www.r-u-being-logged.es.tc
[ link to this | view in chronology ]
[ link to this | view in chronology ]
the truth
now if its in his locker , guess what thats still public property granted to you to put your items in for safety reasons not privacy
this is truth
justice shall follow
your house your privacy
you at work NO Privacy
[ link to this | view in chronology ]
About thumb drives
2: As mentioned,encrypting a thumb drive is a straightforward and simple process.
[ link to this | view in chronology ]
Shared computer?
[ link to this | view in chronology ]
Fourth Amendment doesn't protect against private nosiness...
Based on the very brief description of this situation in the original post here, this was a private actor, not an agent of law enforcement, who found the child porn.
This pervert was caught because of his own carelessness, not because the governmetn obatined any evidence in an illegal manner.
Book 'im, Dan-o.
HM
[ link to this | view in chronology ]
[ link to this | view in chronology ]
New issue arrises
What say happens if I dislike a coworker and brought something illegal on a thumb drive copied files with his/her name on it and then handed it to police telling them i found it plugged into a shared computer at work.
how can you now prove who actually had the illegal files the bad citizen or the good one?
[ link to this | view in chronology ]
Re: New issue arrises
The logs in the computer may provide evidence (when was the drive plugged in? When were the files copied? Does the victim have an alibi during those times?)
But really, a thumb drive should be treated like a wallet -- very personal, easily tampered with, and to be treated with great caution. You don't leave them lying around. How hard would it be to slip contraband into your victim's wallet and calling the cops on them?
The ultra-cautious can also use whole disk encryption on their thumb drives, so nobody can write to them without knowing the password.
[ link to this | view in chronology ]
"So, the moral of the story is, if you have files you don't want people looking at, it's best to not leave your thumb drives plugged into shared computers. Even better, don't have illegal files in the first place. "
I think the real moral of the story is, if you have child porn AT ALL, you deserve bad things to happen to you.
[ link to this | view in chronology ]
Re:
I guess those law enforcement types who track such things should watch their backs then. Perhaps everyone who has watched the recent Wikileaks video should also be flogged, for consistency.
[ link to this | view in chronology ]
Location versus privacy
Just my thoughts…
[ link to this | view in chronology ]
[ link to this | view in chronology ]
kids!
[ link to this | view in chronology ]
Legal Issue
The 4th Amendment only protects against warrantless searches by the police (or by private citizens acting at the direction of the police). There's no 4th Amendment issue when a private citizen conducts the search all on their own.
If, for example, your next-door neighbor walked into your house, saw illegal drugs on the table, then reported it to the police, there would be no 4th Amendment violation. You might have a valid civil suit against him for invasion of privacy and trespass (and if you went to jail because of his actions, your damages would be substantial), but the evidence could still be used against you in your criminal trial.
[ link to this | view in chronology ]
read the ruling carfully, its all in the circumstances
1) since it was at the suspects work
2)plugged in
3)and readily accessible(meaning no encryption/password needed)
the suspect had given up his right to reasonable expectations of privacy.
[ link to this | view in chronology ]
[ link to this | view in chronology ]