Slashdot Mirror
Deleting Files is a Crime?
cemaco writes "A former employee of International Airport Centers, who is currently embroiled in a legal dispute with them, returned his company laptop as required. Hoping to find incriminating evidence, I.A.C. attempted to retrieve deleted information from the laptop in question with no success. This employee had beaten them to the punch. He had used 'secure delete' software, in order to make sure nothing could be recovered. He is now being charged with a violation of the Computer Fraud and Abuse Act."
Of course it is. Wasn't this law passed when Gmail went public? Why if google could get its way, you wouldn't delete shi.. oh wait... :)
So if he has the files, he's a criminal. But if he doesn't have the files, he's also a criminal? How is deliberate obstruction determined in a case like this?
Adolf Hitler, when challenged by some people, said "I don't need you, I have your children."
Effectively one could say the same thing about those in government who have usurped the rights of the people since the ink dried on the Constitution and Bill of Rights. "I don't need you, I have the laws." Worst of all, they have a lot of the children too, because the children don't care or will vigorously defend the right of the government to deny them their very own rights.
Ideally, a judge would, like the article's author, take one look at the charges and say, "whaaaaat?" just before throwing the whole silly thing out. Now three loops have decided returning the drive clean is a crime, unanimously.
Ok, there's the thought that work on the laptop would be of value (a project of some sort or list of contacts and estimates valueable to the next to occupy the position) to the employer and the employee violated some work ethic, by destroying company property, but that's now how it reads. More likely the computer would only contain things meaningful to the employee in the context of producting the actual end work.
Next there will probably be some poor person sued for throwing out old yellowed paper-work, which had been in the bottom drawer of a desk for 30 years, when retiring.
Does this mean each person must approach the company gestapo for approval to destroy or discard anything?
A laughable concept. IAC are a bully and the U.S. Court of Appeals for the 7th Circuit are out of their league regarding workplaces and technology.
oy, he erased 'is name from the company directory! someone could get seriously lost looking for a former employee's cubicle and come to great harm! put 'im in irons!
A feeling of having made the same mistake before: Deja Foobar
WTF?!?!?
"The term "damage" means any impairment to the integrity or availability of data, a program, a system, or information;" Whoa, better not install windows. But really, after I close the lid on my laptop it takes a few seconds for the system to come back to life when I open it, technically, the availability of data is impaired in those few seconds (well 30 if it's a compaq). Oh, whoa again! So if I'm watching a DVD and my brother steps in front of the screen and I can't see for a second, then my access to the "data" is "impaired". Huzzah! We're all going to jail! BONG!
Though I do understand the need to investigate say if something was illegal or criminal on the laptop but the guy saved the company a bit of money by erasing the data. To go to a data secure eraser company they would charge a fortune for the process involved. Though to go to the extent of using such methods to delete the data makes me wonder if he was hideing something.
Just like throwing contraband out of a moving car. Thing is, its a little trickier than that, because...you don't know what was there to delete in the first place.
The thing that's making them jump to conclusions is the fact that its one of those programs that rewrites random data many times so that its unrecoverable. Otherwise, the default for windows is for the file system to relist the space as free, without actually deleting it. The file only becomes unrecoverable on the rewrite.
I don't get it.
It's the *company's* information. Just as if you took out your file folders and TPS reports before you quit work and burned them, it's a violation of law.
If the laptop was classified as evidence in the case, chances are it wouldn't be in his possession. If it wasn't, then he didn't commit a crime.
On the other hand, if a document was issued classifying the harddrive as evidence before he deleted the contents of the drive, he did commit a crime.
Ideally, it should be as simple as that.
Interestingly, it appears to me that the ex-employee did the right thing.
i ndofmatthew.com
1.)He is protecting the privacy of whoever's data was on the computer.
2.)He is ensuring that the computer is free from viruses, worms, spy ware, etc (assuming he performed a total wipe).
If the company wanted evidence against their employee then they should have attained it before accusing him. To do so in reverse order, as they did, only allows the employee to cover his tracks. If anything I am disappointed in the way that the company handled their business and at the very minimum reflects on the "quality of employees" that they hire.
One more note: doesn't this sort of thing fall under the category of "entrapment."
Argggg, I'm getting frustrated.... and I don't know if I should blame stupidity or the lawyers... oh wait... aren't they the same?
Matthew Wong
http://www.themindofmatthew.com/">http://www.them
Destruction of evidence is a crime. Why do they need another law specifically for computers?
When you work somewhere what you obtain from that employer belongs to the employer until the employer relinquishes ownership to you.
/. if the guy had set fire to the corporate tower as he walked out the door. I think not. But, what he did was equally malicious.
Would this have even been posted on
Caution: Contents under pressure
Though to go to the extent of using such methods to delete the data makes me wonder if he was hideing something.
And you're on slashdot ? Better not install any GPG, PGP or any other encryption tool : you could have something to hide !
Now go sit in a corner, don't come back until you learned something.
Yes, sometimes deleting files should be a crime. If you're the only person with control of an important document owned by your company, and you intentionally delete the file knowing this, you should be held liable for the damage it causes. This is especially true if your company has a policy against doing this.
That said, in TFA, it says the contract specifically said that he was to return or destroy confidential data, so the above argument doesn't seem to apply in this case.
Of course, IANAL, and lawyers can make anything "apply" when they want to.
Here
If you can't be bothered to read that link, basically, San Diego's embroiled in a financial crisis that's being investigated by the FBI, and the recently-resigned city manager had a few thousand emails erased immediately after he stepped down which may POSSIBLY incriminate him or others in the muni government.
Of course, in that instance the email deletion is probably straight obstruction of justice, while this one is not involving any actual 'crime' other than possible breach of contract. But I figured it'd be food for thought.
And how will they prove that anything was erased?
We are required to wipe the drives when we leave with something like a hardware 3 pass low level uniquely random sequencer based on radioactive decay.
I got a little overboard there. I do not work in a secure environment. I believe this is for our privacy when we leave, or maybe it has to do with security for financial information, or maybe it has no reason, but it is a policy.
This guy got raped by the system before the real deal. Gotta love our freedoms!
If you want to conduct your business on someone else's laptop:
1. Boot using a Linux Live CD
2. Use a USB Key drive
If it does not leave any trace in the first place, you'll not need to erase anything.
Was he ordered to give back the laptop after he was involved legally with them, or before? If its after, then he could be charged with obstruction of justice or tampering with evidence. Anywho, how do they know he used a secure delete software unless the moron left the software installed on the system after he deleted the files.
Click Click Bloody Click PANCAKES!
Well, I always knew there was something fishy with miucrosofts recycle bin...
The security and integrity of the data cannot be left to an end user.
Why is there no backup or sync up? I find the company guilty. The simple way out of this is for the ex employee to say I was only intereted in deleting any personal data that may or may not have been on the computer and that, unless his job WAS IT, it is not his repsonsibility to defend the data.
The company has a vested interest in the data, if they did not understand that then hopefully they do now.
sorry, but he did nothing wrong that can prove him guilty of any crime if this was simply a wipe of "his" laptop.
Now if this was data on a server, then yes, he is guilty
I can't find it now, but a federal court judge once made the comment that people need the ability to delete files and have courts recognize them as "destroyed". Just because computer forensics has a much greater chance of success shouldn't mean that people can't deliberately disassociate themselves from material. This is core to the right against self incrimination.
Consider what might happen if I sent you a child porn image. You, offended, delete the image immediately and report me to the FBI. Now what if, unable to find me, the FBI came to your door, confiscated your laptop with a warrant (after all, you reported seeing the file, therefore you must have it) and used an undelete program to recover it. Are you now guilty of the crime of possession of child pornography? Yes, you are. At least, as far as the prosecutors are concerned.
It's never been tested legally to my knowledge, but the court MUST recognize that for someone to be charged over deleted evidence is akin to government agent pulling memories from your brain and using those memories to reconstitute matter in the same patter and then use it as evidence against you in a court of law.
This is Orwellian to the extreme, but it is quite possible that the raving "think of the children" lunatics out there will create just such a legal system. After all, they will argue, what stops kiddie porners from keeping their porn collections in the Recycle Bin? What about on a shadow drive with no FAT to link sectors to filenames? At what point does the work involved in recovery become high enough to consider something "gone"?
I'm glad to see this case, and I hope that the jurist in charge realizes that this is about a person's right to prevent their own thoughts and memories from being used against them in a court of law. After all, if the evidence went beyond the employee's person...there will be copies in e-mails, filed records, other computers. For someone to be able to go beyond the bounds of corporate communications into the person at the computer makes that employee's mind the company's property and not just his laptop.
-JoeShmoe
.
-- I wonder which will go down in history as the bigger failure: the War on Drugs or the War on Filesharing
Shouldn't judges that decide on cases like this have an adequate understanding about the internet, hardware, software and in general computers before they decide upon ethical issues regarding these things? If judges knew more about this, then maybe they would realize that deleting information is different than throwing away a weapon.
Unless the company's written policy was "you cannot delete files from this laptop we've given you" then I can't see where there is a problem. If they really needed those files, they should have taken possession of the laptop BEFORE the fit hit the shan rather than cry foul after the fact.
I think this story is over hyped. How is destroying data on the companies' laptop any different from destroying data on their database, or shredding documents?
It depends on the intent. And courts are always dealing with the question of 'intent'.
If he did it, intending to cover up evidence of his violating a noncompete clause, yes, I could see it being a possible crime.
This isn't that much different than if he shredded paper files that detailed what he had been doing. If he did it to cover something up, it could be criminal.
See the famous 18 minute gap during the Nixon administration for example.
IANAL - But i used to work for a bunch... legally speaking you should install eraser and allow it to wipe nightly/weekly then this isn't an issue. If you do it on a regular schedule... your more likely to be legally covered. For example: You destroy a bunch of files before a warrant comes to you... you are busted, but if you destroy your files, one per night every night as normal upkeep you have the same nothing as before... but you arent in trouble cause its scheduled destruction. similar to insider trading: scheduled sale vs. impromptu trading. If you sell just to sell... and the stock takes a dive or jumps.... you could be liable for insider trading (assuming you have insider info). But if you sell a certain amount every month.... you cant be hurt in court no matter what jumps its doing. wipe that hard drive every night....OR do not store the contact info on their computer and you are fine just say you like paper records or a roledex.
Victory is gained, not in knowing your opponents next move, but in preempting them.
From the article:
That law says whoever "knowingly causes damage without authorization" to a networked computer can be held civilly and criminally liable.
The 7th Circuit made two remarkable leaps. First, the judges said that deleting files from a laptop counts as "damage." Second, they ruled that Citrin's implicit "authorization" evaporated when he (again, allegedly) chose to go into business for himself and violate his employment contract.
The court argued that the worst damage you can cause to someone's computer is erase their personal data. Seems he deleted his client list (or something similar, the article wasn't very clear on that point), and the company wanted it. Unethical way to leave a company, and he probably deserves to be nailed.
The main thing that bothers me is, what if I delete some JPGs that were stored on the computer? I may have a good reason for not wanting anyone to see them, and since they were mine, there should be nothing wrong with deleting them. Will this law allow them to come after me? Seems like it will, and that's what's scary.
Qxe4
Er, I guess I missed the opening line that it was already decided 3-0 and for exactly the wrong reasons. I thought the rest was the prosecution argument.
Hopefully this gets appealed to the Supreme Court because file deletion, I belive, is going to be one of the key legal issues for future generations for the reasons I mentioned.
I wonder what these judges have in their own Recycle Bins at home.
-JoeShmoe
.
-- I wonder which will go down in history as the bigger failure: the War on Drugs or the War on Filesharing
He has a RIGHT to not incriminate himself. The company, while "fishing" for
some evidence, they did not say what evidence.
If he had even one personal email on the laptop, he had the RIGHT to not
incriminate himself.
The company was trying to violate his "rights" before the fact.
It is pure bullshit.
Everyone is a criminal now. Or soon will be. So the only real crime is getting caught. Unless you can buy yourself some American Justice. For the record, only public officials with lots of influence or mega-rich corporations can do that. SO start sucking up and pray they don't come after you. Because you're guilty.
So would the case be any different if this guy shredded a filing cabinet of paperwork?
I thought so, they'd sue the heck outta him.
I have no qualms with a corporate "no delete policy", I'm in the storage business and soon selling tape drives to back up all this 'undeletable data'.
Thank you and the ferrari dealership is now on speed dial.
A computer provided to an employee to do their work is a tool and nothing more.
If the company did not have a backup policy for the laptop, they did not take reasonable precautions to secure and protect their data.
Whether by secure erasure, hard-drive crash, truck-runneth-over, or otherwise, they put all their risk in one device.
Too bad, so sad. You lost your only copy.
For the courts to presume that such a loss constitutes an actual crime is ludicrous. Thank God I'm not an American having to put up with the nonsense coming out of their courts lately.
I do not fail; I succeed at finding out what does not work.
If you allow the employee to use the laptop for personal use (online banking eg.) then you have to expect them to take steps to protect themselves.
This is a bizarre ruling -- I expect some interesting repercussions.
Deleting files can have legal consequences: if it's prohibited by your contract, if it's data shared with others, or if the evidence has already been subpoenaed.
This decision seems wrong, however: preventing people from deleting files on laptops under their control was not what the Computer Fraud and Abuse Act was intended for (note, in particular, that it makes reference to a networked computer). Whether the employee was allowed to files should be a matter purely of their employment contract and the stated corporate policies.
Is it the company's policy that the notebook be returned in the condition that it recieved in? That would mean clean and ready for use. A lot of computer savy people would use a safe delete software as a matter of practise so there can't be any intent shown. Did they instruct the employee to not delete any files from the machine? If they didn't it's their fault for not telling them to return it in a condition with all files intact. If anyone has a concern about this keep a personal external hard drive that you store the information on so the machine will remain clean while you are using it. They'd need a court order to obtain your personal hard drive which you of coarse are now using on your home machine and you had to format it first. You should be required to provide back ups of business files when you leave a company but it seems like they are trolling for information. The law is pretty sketchy in this area and probably does need an update. Deleting the files might look suspicous but it also can just show an employee be responsible when they return a device.
If what you're saying is true, I say we all get busy emailing our government representatives some choice kitty porn, then immediately reporting them to the FBI as being "in possesion" of unlawful pictures... would that help to get the laws changed?
I've abandoned my search for truth; now I'm just looking for some useful delusions.
The technologies are a decade old, but the lawmakers in power are from a generation when computers meant punch cards and files were something found only in cabinets. Should we really be so surprised then when the law can't catch up with the technology?
As long as there is a Second Amendment, there will always be a First Amendment.
Ideally, a judge would, like the article's author, take one look at the charges and say, "whaaaaat?" just before throwing the whole silly thing out. Now three loops have decided returning the drive clean is a crime, unanimously.
RTFA. That's exactly what the judge did. The company appealled the decision, and the appeals court sent it back to the judge saying: no, you can't throw this out. The company might be right. You need to hold a trial to figure it out.
Having read the article, I agree. The issue is not so clear-cut that it should be dismissed out of hand: it deserves its day in court. The guy may have deleted incriminating information (which is a crime, see Enron paper shredders). He may also have been propping up his business at company's expense (i.e. using whatever data he acquired while making sure the company doesn't get a hold of it). That's for the judge to decide, and that's exactly what the appeals court said should happen.
Oh and, btw:
Adolf Hitler
you lose.
___
If you think big enough, you'll never have to do it.
..."if you have no evidence against guy, you simply can't get guy punished" they don't understand?
How they will prove that he cleaned up needed information in first place? Fingerprints? Electronic analystics? Give me a break, it is simply NOT possible. It is very possible that employee did something very wrong (and in fact, we don't know much about that). What we know that before getting a order from judge to get back hard drive, employee discarded any information from it. He maybe breached job contract, he maybe overstepped some laws, but clearly company will have a hard time to prove that this guy is gulty in first crime. And if laptop was only evidence then I think it smells more like "pushing around the small guy" theme all over again, not serious wish to discover the truth.
user@ubuntubox:~$ stfu This server is going down for shutdown NOW!
If for nothing else, littering is illegal. The mere act of throwing something out of car is probable cause for the police to pwn j00 royally. Beyond that, just because one isn't caught and convicted doesn't mean the act wasn't illegal in the first place. Lots of rapists and murderers never get caught, what they did was still illegal.
I think you win dumb post of the day.
Or the third possibility is he does not delete the files, and there are no files which shows he violated his work contract. The crime was in deleting the files. There could not be a crime in leaving the files there.
What most likely happened was he used his employers laptop in starting his own buisness. Who knows how he did this, maybe he used trade secrets or something else. When he decided to quit, he wanted to remove the evidence of his actions, so he removed everything from the laptop.
The company has a right to issue the laptop and require it is returned in the same condition, and that would include the software and data on the laptop.
Is the laptop's data the property of the employer? That is the question. If the laptop is the property of the employer, and the employer has a right to the data on the laptop, then what this guy did is the same thing as if he deleted records from a PC in his cubicle. Or is it different because he can take a laptop out of the office?
My gut reaction is to want more privacy. But maybe that is not possible anymore. Heck, the government demanded search records from Yahoo, MSN, and Google a few months ago so they could see who was searching for prohibited porn and terrorism. Google was the only one who did not provide the data, but not because they wanted to protect their users privacy, but because they did not want other companies to see their data.
That law says whoever "knowingly causes damage without authorization" to a networked computer can be held civilly and criminally liable.
Here's a simple defense then:
"I had unplugged the network cable at the time I deleted the files."
You can't claim damage to a networked computer if the computer wasn't networked.
Could he win this on grounds similar to pleading the 5th Amendment? He could argue that he deleted the files because they could be self-incrimination. However, since IANAL, I do not know if this would hold up in court.
Possibly, if I read the report correctly, he was using his employer's computer to kick off his own business, which is hardly ethical and possibly illegal (IANAL).
Clearly, what he should have done was to have an accident with the laptop: it should have ended up under a wheel of his car, or his car was broken into and the laptop stolen.
The real "Libtards" are the Libertarians!
Leaves no discernable marks. Perfect for percussive maintenance. Just a BOFH tidbit.
Don't think of it as a flame---it's more like an argument that does 3d6 fire damage
It's not good that the judgement was 3-0. This decision stretches the law beyond where it should be stretched. I suppose that we all now know that, in a similar case, our company laptops should meet with an unfortunate accident or be stolen well before we leave the company.
A similar thing happened to me a few years ago. I had brought in my OWN Hard Drive after the company provided one died. This was a startup (that I founded as employee #2 out of 160!!), so I was more than willing to help the cause with a spare 20GB drive I had sitting around. (back then, that was the avg. size)
Well, flash forward 3.5 years and 9/11/01, and there are massive layoffs. I VOLUNTEERED for a layoff as it was a good way to leave gracefully with benefits, accelerated stock and a severance package (not to mention $500/week from unkle sam).
We were allowed to clean out our desks and stuff at our liesure. I just took back my HD as it had years of personal stuff on it and threw it in the box with the rest of my junk.
A week or so later I got a call from the President who asked where my computer's HD was. I explained that I took it. He asked if I could "return it". I said sure. I copied my personal stuff off, and formatted the drive (not even DOD, just regular M$ format). When I brought it in, I was shocked (and pissed off) to hear him ask if I had "taken any proprietary source code". I never even had access to that SourceSafe!! I assured him no, and why would I do that anyways even if I could? I had thousands of shares of stock. It's in my best interest for this company to succeed -- not to mention that *I* asked to leave. I had no hard feelings.
Long story short. The cunt-rag HR woman refused to give me my severence package, claiming that I stole code and formatted the drive to cover it up. I told her, she could very easily "unformat" the drive and see that I did no such thing.
A year later I had to sue them, and they settled out of court for my full severance.
If you read the opinion, it's not particularly novel. Basically, it amounts to this:
"We lent you a laptop. You went to work for our competitors and used our laptop to help you do this. Instead of giving us the laptop back immediately, you installed some software on the laptop that we didn't authorize you to install and used it to get rid of all the information that we're interested in."
The court specifically found that the problem was installing the 'secure delete' software -- Posner said that applying the CFAA to just hitting the 'delete' key "might be stretching the statute too far." So, if the OS already had the secure delete software on it, there wouldn't be any problem.
Typically when you install software on your work computer, it's considered to be implicitly authorized by your employer. (That's the court's discussion about the agency relationship). But, once he stopped working for the company (or when he starting competing), that implicit authorization goes away. So, this decision probably doesn't affect you if you installed some secure delete software on your work computer months ago. It's when you do it for the purpose of hiding stuff from your (ex-) employer that you have problems.
well if the person has deleted some important company stuff then he could be held liable. but if he has deleted his personal information then i don't think why he should be held liable
It's important to point out that this decision was not made in a criminal case, but in a civil case. As such Critin wasn't found guilty of anything and therefore I believe this ruling does not count as a binding precedent for criminal cases merely a persuasive one. Nevertheless, it is disconcerting that the seventh circuit court of appeals made this ruling. However there are lots of caveats in the ruling that mean the question of what you can and can't delete from a computer when leaving a company is still relatively open. In the end, Citrin didn't just delete love letters and e-mails to personal friends from his computer - he deleted files concerning clients - files he knew his company would be interested in and didn't have a copy of. Personally, I think that it should be the responsibility of the company to make sure a copy of such files exist on their servers but that's just my opinion.
Sadly, once again Slashdot has chosen to report news with the most sensationalist slant possible. Despite the fact interest in the story would have probably been the same (or more) if it had reported a few extra details of the case. In the end, sensationalism diminishes, not increases, the value of a news service.
Though to go to the extent of using such methods to delete the data makes me wonder if he was hideing something.
What is the point of privacy if you are just going to assume that everyone who wants some is automaticaly therefore hiding something bad? Who knows, perhaps the guy had a strange on-line dildo shopping fetish and just wanted to make sure his web cache was clean! Hey, you laugh, but I had to deal with this issue once for a cutstomer because an employee was abusing company network access by shopping for dildo's on-line!! heh
Any ways, this is why people want privacy, most of us do something behind closed doors that would embarrass us if others found out. That doesn't mean we are all terrorists or something...
Oh and, btw:
:P
Adolf Hitler
you lose.
Now really, I have to assume here you're perpetuating a misconception of Godwin's Law here. A misconception that has become tradition, true, but it's rather absurd to say that once someone has invoked Nazi analogies that they lose, especially because grandparent was not even making any sort of direct analogy! He was just using something Hitler stated to explain a point: you don't need to convince people if you can win over their children. Note, however, that traditionally your attempt to deliberately invoke Godwin's Law means that you lose!
But yes, otherwise you raise some very valid counterpoints; having deleted the data it's not quite clear what he did, which changes under what grounds the issue is to be decided, so yes. But you still lose
I remember sigs. Oh, a simpler time!
Deleting files is a crime.
Copying files is also a crime.
What about deleting copied files? Will the two cancel each other out?
I guess deleting is like killing, copying is like saving someone's life (but still getting sued over cracked ribs or something), and file compression is pretty much torture.
JFK etc... KING etc... 911 etc..
They always remove evidence if it incriminates govt officials or their buddies that havent payed up.
Missing files, missing coffins, missing metal beams.
They declare to the judge you have no confidence in the law if it has been obstructed countless times by
the fbi and nothing has come of it.
The govt is evil period.
Liberty freedom are no1, not dicks in suits.
Some law in the UK makes it illegal to possess encrypted data and not provide a key to decrypt it. it even allowed for the situation where i could email u an encrypted archive and your inability to open it would put u in breach of the law.
hehe, the rebel i am.. i just emptied my recycle bin..
--AlexC
Just because I dont agree with climate change doesnt make me a troll
I have a work-issued (or at least reimbursed for) PowerBook. I sometimes use 'srm' to securely delete files (write over them with random data before deleting them).
But, most work-related files I save are in an encrypted filesystem. The system mounts that virtual filesystem, just like it's another drive (like mounting an ISO image in Linux). But, the data is actually in a single file saved AES encrypted on the hard drive (again, like an ISO cd image).
Without the password to unlock/decrypt the AES encrypted data, it's just an opaque file. If I quit, and either don't give them the password or delete that one file, it's a similar situation to the original post.
Any rules for relinquishing your passwords when leaving a company?
"Citrin's breach of his duty of loyalty terminated his agency relationship (more precisely, terminated any rights he might have claimed as IAC's agent--he could not by unilaterally terminating any duties he owed his principal gain an advantage!) and with it his authority to access the laptop, because the only basis of his authority had been that relationship..."
Sounds like a Tom Sharpe's book. In South Africa during the apartheid a white woman killed her black servant and called the police because she felt guilty. The (white) sergent at the station told her that there is nothing wrong in what she did because killing a black who was not authorized to be in her property was not a crime. When she replied that the he was her servant and was authorized to be in the property the sergent replied that by pulling the trigger she had clearly revoked the authorization..... the same perverse logic seems to be applied here
Why cant these programs just fill the empty data with real useless data.
Like pictures of flowers, and exe code segments of windows dlls'.
Liberty freedom are no1, not dicks in suits.
If they can prove he did this in order to hide evidence, they may have a case.
However, for instance, I run "eraser" on a daily basis which scrubs all free space on all drives, plus slack space at the ends of files. I consider this simply standard operating procedure, because my computer does have sensitive data on it. In addition, I lock my machine when I leave, and all my data is held in an encrypted volume, so if someone reboots the machine to a boot CD or something, or steals the machine, they still get nothing.
If I undertake these actions as a general course of business because I consider them to be simply part of trying to do my job and take security seriously, I think that's a lot harder to prosecute against.
This poor schmuck should have been able to avoid the federal felony charge if he could show that the damage was less than $5,000. That's what makes it a felony. Since it's a laptop, in his possession, he should have been able to try to fight the interstate commerce aspect, which is what opens the door for the feds. If the laptop wasn't connected to the internet when he wiped it, how can he possibly be impacting interstate commerce? Especially if he was in the same state as the company claiming damages.
I always wipe my company machines before I turn them in. Our IT guys take great delight in "archiving" every porn collection they can find.
Beg:
2) To ask earnestly for or of
so "begs the question" literally means, "asks earnestly for or of the question"
which is a bit convoluted, but perfectly valid way of stating, "raises the question."
It so happens that "begging the question" is ALSO a logical fallacy with a meaning separate from the literal meaning of the phrase. I frankly fail to understand how the literal meaning of a phrase could ever be considered to be an incorrect usage. Uncommon perhaps, but certainly not incorrect. The irony (and I'm using that word in a common, but literally incorrect sense) is that "raises the question" is by far the more common meaning attached to the phrase, "begs the question."
If you don't have anything nice to say, at least don't say something irrelevant for the purpose of being mean.
Can you be Even More Awesome?!
There are laws and/or company policies that dictate what documents need to be retained. If he is in violation of those, then yes deleting files is illegal. This is no different than illegal shredding of documents as part of a cover-up (eg Enron)
D6 63 0D 70 89 81 BB 8E 7B 7C 5F 5D 54 EA AB 73
of course, the /. crowd is blowing this up into scenarios like people getting prosecuted for throwing out decades old papers. in this case, it wasn't so simple. they were not just hoping to pick up his projects, contacts, etc. they were trying to find incriminating evidence against him that he violated his contract.
what people don't get is that judges + jurors often have some common sense. there is no freaking way someone would be prosecuted for innocently tossing out some papers or deleting unused computer files. this is different, he was pretty clearly performing a self-interested act to protect himself from the contract violation claim.
Destruction of evidence is a crime .. so he is a criminal. Well first off if you were actually reading and paying attention you'd grasp the difference between personal data and evidence.
Just cuz the company owns the laptop does not make every piece of data on it theirs.
As a reader already pointed out if the company wanted to keep tabs on what their employee was doing then they should have spied on him via the company network or taken his laptop without first warning him.
Just because you use a pencil from work to write a note to your wife doesn't mean the company intrinsically owns the data simply because you produced it using their pencil or paper. So any claim that all the data on his laptop could be considered company property is a joke and is more then pushing the envelope of personal privacy.
Cases like this are great because they strengthen our rights by pointing out the continued erosion of personal privacy and getting people interested. If Americans are freaking out because they could be wiretapped imagine what they would do if we told them every note they have written and every word they have said at work or using company paper, pencils, cell phones or computers magically belongs to that company.
If there is evidence on the computer then it has to be addresses as evidence, and they must provide the burdeon of that proof and good reasons for why they waited to long to review the potential evidence to see if it was even there.
Obviously if they had ANY case what-so-ever they would have siezed the laptop from him like the police do with no questions asked. This will be a stupid move on the companies part as they have gone and gotten their private happenings into the public eye.
If the guy dropped his laptop in the pool or something are they gonna claim that as a computer crime for destroying company data.
It's not as if they don't have backups of the vast majority of work he did or else they DESERVE to lose their data as they had no reasonable plan for data backup in place.
It's also ridiculous to suggest that if a person stores personal data on their laptop they have no right to remove.
Any data worth not losing should have been backed up as company procedure. They only have their selves to blame.
What would prevent someone from "accidently" passing the laptop by a large electromagnet?
-- HOW does IAC know WHAT he deleted?
Its not about WHAT he deleted, its about the fact that he deleted something while NOT BEING AUTHORIZED TO EVEN ACCESS THE COMPUTER. Much same as if someone from the street walked in to your office and deleted files from your computer - as soon as he terminated his contract with his employer, he no longer had a right to do anything on this system. At least that is what the judge thought.
-Em
RelevantElephants: A Somatic WebComic...
Basically the whole issue ended up being about timing.
When he decided to leave employ of the IAC to start his own venture, his authorization at that point to use the computer did not belong to him. Though he may have physically retained the computer, and had all access to it, he did not have legal rights to its contents.
At that point, he was a competitor to IAC, possibly with information on his person about IAC that a competitor should not.
IAC wondered what he had, and whether he was misusing this laptop for his own benefit, which would break all kinds of laws. They wanted to take a look at said laptop, and see if he'd used it or seen anything he shouldn't have recently.
This employee then accessed the laptop and deleted all kinds of stuff, akin to shredding documents Enron or Watergate style. He then returns the laptop to IAC, his former employer and now competitor.
Unsurprisingly, former employee is now sued, though his conviction is by a tenuous interpretation of a law.
This interpretation fits squarely with the law.
The law includes in its definition of damage "destruction of data." The law forbids the "transmission of a program" that will cause such damage. Since he installed the secure deletion program, he pretty clearly transmitted it to the machine.
Judicial decisions are grounded in laws passed to them by zealous temporary legislatures. It's unsurprising that these rulings work just like everything else: garbage in, garbage out.
(I think Posner & Co. grossly misinterpreted the contract, but the lower court might be free to reconsider that issue on remand anyway. I think the major ridiculousness here comes from hasty lawmaking.)
If it was the companies laptop, and he deleted company files, then yes hes a criminal. ( which is what happend here )
Depending on the agreements at work, personal use/files may not have been permitted , so again he was in the wrong, techincally.
If it was his own laptop, and his own files hes not in the wrong. Unless of cousre he was trying to hide illegal activity ( intent ) ( which is an option for the private citizen )
---- Booth was a patriot ----
When you delete a file you are DESTROYING a unique piece of data. Files are just as human as the rest of us and they have rights to. Liberals say they should ahve the right to murder files because it's "their hard drive"... Well that's like saying it's not cheating if you screw "your dog" you satanists, YOU created that file, YOU face the consaquences. Millions of files are deleted EVERY DAY, this is like the holocaust but way worse. Stop the genocide, BAN DELETION NOW!
Citrin pointed out that his employment contract permitted him to "destroy" data in the laptop when he left the company.
His right to do this was in his contract. Can anyone tell me why a contract can no longer protect an individual from a company?
Prominent computer employers usually require basic scrubbing, like deleting and formatting harddrives, but generally encourage any technique that renders the previous data inaccessible such as zeroing and random writing programs when returning a workstation. Even if the machine isn't sold to the general public at that point, it can be given to another employee who has no business looking at data you might have been privy to. You would think that given the recent data exposures from companies who sold old equipment without properly 'scrubbing' the machines that something like this would be encouraged. FTFA, Sounds like the guy is no saint, but the employer should store any data they deem critical on central servers where they control retention and backup regiments. What do they want his browser bookmarks? history? Really sounds like the employer is misuing law because they were duped. Without any data, proving his breach of contract is more difficult regardless of how nefarious his activities appear. Gotta love the great cases that get to establish precedent...yeehaw...
All of your work on company time and using company assets belongs to your employer. Whether your work is stored on paper or on a computer is immaterial. If you choose to conduct personal business on company time and with company assets including paper, computers, or telephones, then you are subjecting yourself to revealing your personal business to your company. Many companies are required to do this by law. For example, whenever a company is sued, the first thing that the lawyers want is the email backups. Some industries (e.g., stock brokers) also must present logs of telephone calls. This is not a personal freedom thing; its not a privacy thing. If you use your employer's business assets to conduct your personal business, then your communications are subject to review because the business has a legitimate right to view those communications or because the government has the right to subpoena the communications.
I understand the reasoning that Judges can only pass judgements based on the arguments presented by lawyers on behalf of their clients, and this was fine for hundreds of years, but the computing universe that a lot people spend a considerable amount of time living in is far too different to the physical domain we live in.
A Judge who is not computer literate should not be prevailing over a case based on IT. Even us geeks have trouble coming up with analogies that are accurate enough to explain things properly to ordinary people when we're fixing their computers.
Judges shouldn't need analogies or "translators" when they hear a case centred around IT, they should know what CPU, GPU, NTFS, EXT2, HFS, etc, all mean, otherwise they cannot seriously be expected to form an accurate picture of what is being argued, and therefore cannot be expected to come up with a ruling based on any sort of accuracy.
Judging, he he, from this bit in the article,
This Judge doesn't really know how a computer works.
Deleting files is certainly not the worst thing you can do to a computer. Hell, go ahead and delete critical operating system files. A restore disk, OS installation disk, or re-image later and the computer is back up and running.
It may seem like I'm arguing semantics, but it's just the way that phrase leapt out at me that leads me to think that the Judge seriously misunderstands the connection between the functions of a computer, and the way that data is stored within the computer.
Could he also misunderstand that the computer was probably going back to the company almost exactly as it had been issued, and therefore undamaged other than normal wear and tear?
His name is Robert Paulsen...
Disclaimer: IANAL and I have no formal legal training.
There are at least two things here. One is that if you have something like a reasonable suspicion that some material in your possession (computer files, documents, whatever) will be subpoenaed, you have a duty to protect and preserve them and you generally cannot discharge this duty to anyone else, save maybe your lawyer (Groklaw recently covered this--you might want to check out the exact way PJ put it).
The other issue is one of child pornography--when last I read the Federal statues on it (and mind you, state or local laws can drastically change this), there were at least a couple "outs" for those who happened somehow to accidentally hit some site that contained child pornography. Basically, if you came across it accidentally (e.g. didn't buy it, etc.) and deleted it right away *without showing it to anyone else*, you were okay. The second was just like the first, save that you were allowed to report it to law enforcement (and delete any copy you had after turning it over to them). Note that any effort to abuse this by a pedophile (e.g. repeatedly "accidentally" going to the same site, buying the material while knowing what it was, etc.) won't work because no one will believe that the access was for any purpose other than to satisfy prurient interests.
Hope that helps clarify things, but if for some reason you need legal advice about this, please do not rely on the advice of anyone except an attourney licensed to practice in your jurisdiction.
"people need the ability to delete files and have courts recognize them as "destroyed""
... then yes, I totally agree.
... let's say pictures or videos he was "using for work", deleting incriminating evidence "to free up space" and replacing those video files multiple times?
When they're *your* files on *your* computer
But I don't think that logic applies to this case. Evenso, what would have prevented this guy from filling his hard drive with
If he did that often enough it would probably be very difficult to recover any data. Would he still be liable then?
I think his mistake was in arguing about his authority to delete files at all. His argument should have been that all the files alleged to have been deleted were personal files, personal use of the laptop was authorized by his employment agreement (quote the relevant paragraph from the agreement, and the company has no right to demand that those files be turned over in the first place. You can't be charged under the law he was if the only things you "damaged" belonged to you.
Of course, this only works if he was scrupulous to avoid mixing his personal stuff with company data and can clearly show that all the files the company can prove were theirs are untouched. If he did delete files from an area normally or provably containing company data, he's pretty much SOL.
If the article is to be believed:
What: International Airport Centers sues former employee, claiming use of a secure file deletion utility violated federal hacking laws.
Then isn't this a civil suit without a "prosecution"?
Whatever he used to delete the files, was definitely just contributing to the privacy problem by leaving a fingerprint that it was used.
-fb Everything not expressly forbidden is now mandatory.
The defendant might have had a better chance of getting away with using a secure delete program if he had securely deleted it once he had finished using it. If you're going to use software that is potentially unauthorized, it's just plain stupid to leave any indication that you ever installed it, let alone that you used it.
Since secure deletes can be detected and prosecuted. Someone should add a feature to rewrite and overwrite, multiple times, legitimate files
(possibly a folder with files specified by user)
over the secure delete files.
This could be a real selling point now.
It's obvious that there is insufficient information in this article to make a judgement by the reader. One can come up with several different conclusions based on how one 'reads between the lines'. Give us the missing information and then perhaps we'll be able to come to a reasonable conclusion.
Heard any good sigs lately?
If the guy ever actually signed any policy concerning ownership of data he'd be hosed in most countries. Otherwise its more or less a coin toss with so many factors involved.
-- No Sig is a Good Sig
Did the company's lawyers subpoena the information on the laptop? If they did, then yes, it would be a crime to delete those files.
Sounds like a witch hunt:
Well, a guilty person would float in the water when we tied 500 kg of laptops to his legs,
and an innocent person will drown, proving their innocence.
What is to say the files existed in the first place?
Well, hell - he should sue the company for the $$ Billion $$ book and movie script that existed on that laptop!!! Also was his cure for all cancers and the blueprint for 9-volt battery powered warp drive engines!
What is the company going to do, build a bridge out of him?
From the atricle, though, one of the things it points out is that the ruling is valid because it occurred after the termination of the employment contract. Without knowing the specifics, I know Illinois treats employment at will very loosely. It almost sounds like the court ruled that for all intents and purposes, when the employmee made the decision to go into business for himself he implicitly rescinded the employment contract. Thus, any actions occuring after this decision he was civilly liable for. Now again, this is from the rehash of the real opinion. I didn't really feel like digging for the actual opinion, but if the court did in fact reason this way, I think file deletion is the last thing we need to worry about from this case. I would worry more about things like "Your interview for a position with another company was your implicit termination of the employment contract."
Except what is his employer's data and what are his own personal thoughts? Taking their leads on properties and going "hey, I should call my friend and have him buy land near XYZ" is a lot different than "hey, I should send my friend a copy of confidential employer report".
The company is alleging that the only proof that the guy violated his contract was on their laptop. Well what if the guy had put the data on his own computer? Would the company then be entitled to it? If he destroyed the data on his own personal computer, would that also be a crime?
This whole idiotic ruling creates a legal catch-22. You are an employee given access to confidential information. Suddenly you are no longer an employee. So, if you keep that information, you could be found to "gaining access to information that you do not have permission to access" and be guilty of computer fraud under the statues. NOW, if you destroy the information so that you cannot be found guilty of having access, you can be charged with "hacking or tampering with information you did not have permission to access" and be guilty of computer fraud under the statues. Damned if you do, damned if you don't.
-JoeShmoe
.
-- I wonder which will go down in history as the bigger failure: the War on Drugs or the War on Filesharing
This should be a civil matter.
It is a testament to the broken state of our laws (and especially our computer crime laws) that his former employer was able to (convince a DA to) drag him into criminal court for this.
If the guy had hacked into company computers and destroyed data, then sure, he should be prosecuted under criminal laws. But wiping files from a hard drive? If the guy really did do damage to his former employer, or violated a contract with them, then it shouldn't be a criminal case. It should be a civil case.
If you had super powers, would you use them for good, or for awesome?
If you're like me and an exec or anyone else with some level of clearance wouldn't you "posion" other people if you didn't wipe your drive? For instance corporate sales or acquistion information is privilaged and certainly not for the guy in IT working on laptops. I'd make him a corporate insider just by putting the data in his hands. What about a technology company working on the next super gizmo? Wouldn't handing over an uncleaned drive be a violation of national security laws. Many people would seem be bound by civil and criminal constraints that would not allow them to return anything but a clean drive.
If you RTFA, this case isn't about whether it's legal to use a disk wiping utility on data you own. What the guy did was clearly immoral, and would probably have been illegal if the information was on paper, too.
I don't think this is the kind of thing that should be handled under a hacking statute, but it's not like creative prosecutions are anything new.
Kitty Porn?
You mean like this?
I might know what I'm talkin' about, but then again, this is Slashdot...
Of course it's BS. But so is the whole case.
The REAL case is that the guy was setting up his competing business, and they wanted the laptop data to prove it.
They shouldn't be going after him for "destruction of data on a networked device" but for violating his non-compete. Especially since, if they can't prove he violated the non-compete, then it IS his data to do as he pleases, even if it was sitting on their laptop.
Look at it this way: If they can't first show he violated his non-compete, then they have no claim to the data he erased, as it may have been "his" data just as much, or more, than theirs.
On the other hand, prove first that he violated his non-compete, and you can THEN also get him on the data destruction.
What you CAN'T do is the reverse - prove the destruction of your data if you can't first prove that it is uncontestedly your data.
This is all Bush's fault! I know it!
Now someone mod me up for parroting the Slashdot party line...
A Government Is a Body of People, Usually Notably Ungoverned
Then he could have been able to argue "You can't have it - returning it to you would be self-incrimination."
The Bill or Rights prevents the *government* from doing so. Your employer can demand you return their property whether or not it would incriminate you.
if you do the damage with an ax. :)
Procrastination Man strikes again!
some choice kitty porn,
Mmmmm, hot stuff
Yes, or you could just quit, and then be sued the next week because the company went through your desk and found it "too clean," as if somebody had scrubbed it out with windex wiped it down...
Seriously, this isn't about files being missing, or taken, it's about them not being able to find evidence, and thus concluding the evidence was hidden, and bringing forth charges anyways.
If a smart lawyer would take the case.. it could be overturned on appeal.. How can you be charged when there is no evidence to hold you to that charge?
I believe that when evidence has been tampered with or destroyed it is legal for courts to assume that the evidence was prejudicial. While there may be no smoking gun, the deletion is circumstantial evidence against you. Get enough circumstantial evidence and you still end up in jail.
The retention policy at my company is to delete everything. We're to delete our email, our files, all types of data. Delete, delete delete! Until you get a notice from the legal group that nothing is to be deleted, then you don't delete anything.
Seems like a better way to do things. But it's still pretty painful because it's hard to keep things for reference without breaking the company's policy.
Beg is one of those intransitive transitive verbs, like ask. Do you beg money? Sure, I begged 5 bucks from a guy. Do you beg people? Sure, I begged him for 5 bucks.
What's missing is an understood preposition. Otherwise, the exact same action is being done to two entirely different direct objects, which really blows the mind.
With begging a question there is also a pretty big omission that is nevertheless understood: "to be asked".
English is a changing language. Whereas programming expects one and only one definition for a particular word, English expects 1 or more, with others to be added later. And deprecation may or may not stick.
While the debate club is the only place where the formal definition of "beg the question" will ever be used unpretentiously, the commonly understood meaning can be used any time "raises a question" needs a little bit more urgency.
So Bush backing known terrorist sympathizers in taking control of US ports may raise a few questions. But Angelina Jolie birthing Brad Pitt's baby just begs the question of whether she will continue to do nude scenes. We have to know!
I read the decision.
The only issue the appeals court decided is whether Citrin 'transmitted' a command causing damage to a computer (as defined, which includes the computer's contents). That's all. It's not a criminal case.
From the decision, it appears that Citrin worked for IAC and had an employment agreement; IAC claims he violated the agreement. As the appellate court points out, employees have a duty of loyalty to their employees, and IAC claims, among other things, that he violated that duty. That is a civil claim, not a criminal one. To gather evidence for its claim, IAC attempted to recover data from the computer that would show Citrin was acting on his own behalf and against the company's interest while he was still an employee, but Citrin had deleted files in a manner that precluded their recovery. The company claimed this was in violation of a federal law.
This claim gets them into federal court, which is then authorized to hear IAC's state claims as well (called pendant jurisdiction). Citrin filed a motion to dismiss the federal claim, apparently on the ground that even if all the facts alleged in the complaint were true, IAC had failed to state a federal claim. The trial court agreed, finding that there was no evidence of a transmission of a command to delete those files. Citrin claimed, and the trial court agreed, that deleting a file from the keyboard does not constitute a transmission.
The appellate court agreed that typing a command might not qualify as a transmission under the statute, but it found that the statute covered 'the transmission of a program." Since the program Citrin used did not come on the computer, the issue was whether the copying of the application to the fixed disk did constitute a transmission of a program which resulted in the deletion of the files.
The appellate court ordered the trial court to reinstate the suit, including the state claims.
Note that in the motion before the appellate court, the factual allegations of the complaint must be accepted as true; the appellate court acted under that rule, although at trial, those facts may be successfully disputed by the defendant. Thus, it may be determined that Citrin did not violate his duty of loyalty, did not determine to enter into a competing business until after he had quit, and so on.
Note also that the claim under the federal statute is civil, not criminal. The Computer Fraud and Abuse Act provides for both civil and criminal liabilities. Citrin is not "now being charged with a violation" of the act - his employer claimed civil damages under the act and has all along.
It may be that the trial court determines that there still was no violation of the federal act, and Citrin may still be liable for civil damages for any state civil law violations alleged by IAC.
How about if I have a policy of deleting all files securely on all my computers all the time? Just as I shred my papers before throwing them away. Since I shred my papers, possibly I am destroying 'possible evidence' for any future law suit? If I do not delete files securely and someone steals my laptop and wrongly uses the information therein, who is responsible??
The employer can demand anything he wants. And the employee can say "sue me."
In this case, though, the employer is putting the cart before the horse - attempting to claim vandalism to their property (destruction of files on a networked computer) without first proving the files in question were their property. They wanted the files to show he broke his non-compete and, as such, was no longer an employee, and thus not authorized to delete the files. Seems to me, if they can't first show he broke his non-compete, they can't claim uncontested ownership to the files.
They're in a catch-22.
Because he supports these kinds of business ethics. Don't get me wrong, here. Hillary Clinton supports this shit, too. She has absolutely no fucking morals and will change her fucking "opinion" 180 degrees, any time the "polls" tell her she's on the losing side. Right or wrong, she doesn't give a fuck, just so long as she's the winner. And the winner, as Hollywood has so blissfully told gets, goes home and fucks the prom queen.
Real leaders take the risk of being wrong -- they don't check the fucking polls and adopt whichever side is winning. Bush is a leader, but he's far from perfect.
At least Bush stands by his policy (Dubai World International), even when it's the wrong policy. And in cases like these, Bush would be siding with whichever company can donate $20 million to the GOP and his successor. Which means this employee would be absolutely fucked.
*sigh*
Which reminds me. The Fairtax would make the politicans work for individuals, again, and not just corporations. Which is why we would have to force it upon them, to actually implement it.
Viva le Revolucion!
It seems to me that the company in question is arguing that the ex-employee deleted business related materials with intentions to use these materials for his own financial gain. If this is the case, the company should revisit its business policies, they should enforce a rule, that all business related materials must be committed to a source repository. Maybe they should even install software on the laptop, that duplicates all files that are created, but does it quitely, encrypts the files, and stores them in a local protected database, and syncs with an online repository when it can.
This also means that the company probably should use a different tactic - they should simply sue the former employee for breach of contract and not play these silly games with the deleted files.
You can't handle the truth.
He could have just wrote files that look like they where the deleted files. Depending on the issue, you chose the file name, or some files that go in that spot, or whatever. Change the time and date stamps. Then you delete those files. When they attempt a recovery, they will find the recent files, which prove innocence.
A few years back, I worked on a project that used ClearCase, and the management really wanted us to use it to record the full history of our projects. The group I was working with decided to take them literally.
.o and executable files, see ...
After about a week, we found that we were each able to fill our workstations' disks with the compiles we did. The ClearCase setup saved all our
If was fun watching them actually install a second disk on most workstations the first time this happened (and we all showed that the disks were 99% full of ClearCase files recording the week's work. Then, by the end of the next day, the new disks were full, and we announced that our progress was blocked until we could get more disks.
It actually took a couple weeks of meetings (and no progres on the project) before they faced the fact that "You can't delete your files" was not a tenable rule. They simply couldn't afford the petabytes of disk that the project was projected to require under their "save everything" rule.
So finally we were able to start deleting the 99% of our files that couldn't possibly be of any use to anyone, and only save the interesting source files. I don't think most of the management ever did understood what "source" and "binary" files referred to.
Anyway, yeah; if an employer wants to pay for the disk space, I'll happily save all my files for their later study. But somehow, I suspect that they're not gonna get much for their investment. They'll be much better off if they let me be the judge of which 99% of my files can be safely discarded.
If this court does go along with a "save all files" rule, it could be a very interesting precedent. It'll take more than a couple weeks of meetings to get such a court ruling overturned. In the meantime, some disk manufacturers might be doing a lot of business.
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
This is OLD law! Why they had to invent a new, somewhat flakey law to deal with the digital equivalent is just stupid.
"People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
Frankly, I would delete anything like email, temp files caches and whatnot too, not because I am hiding anything, but because I dont know who may touch the computer between when I leave and when it is reimaged, and there are things that some people dont need to see (you wouldnt want a lie worker to stumble accross HR salery records for example) so it seems like he could have been doing them a little bit of a favor...
Does the employee has rights to delete any files from the computer? If he does, there is ZERO reason to sue him. If you ask a non technical lay person who has no prior knowledge of how computers delete files, I think it is likely that he will think the act of deleting a file would remove a file completely from the computer and there will be no trace of it. However, it is the imperfection of use current technology that result in residue of files still residing in the computer after you delete them. There is ZERO requirement from anyone using a computer that the computer should contains copy of data in the computer after the data is deleted (if so, why should there be a delete in the first place?) So why should the act of "deleting" deleted data a crime, especially a serious crime? It is like you can throw away a piece of paper document but you can't shred a piece of paper document and throw it away.
but if i was going to quit my job... and start a new company in the same business .... I woudln't use my old companies laptop for planning my new venture. When i look for new jobs, I don't search monster from my work computer... i go home and weep like a woman... consider killing myself and then decide to look for a new job instead =)
... it is always sales or real estate?? why is that...?
had this guy bought a laptop (which he is likely going to need for his new company anyway) and used it for dealings w/ his new venture... his problems would be gone.
that said.... it is some bullshite to claim that deleting the files securely was a violation.
seems like most of the time when i hear about employement problems like this
actually I am happy to see you, however that is in fact a banana in my pocket.
We ask supervising managers what files/data are required and ask the users to send us those files. Provided that data is returned and the user left on good terms the drive on their machine/laptop is wiped. We have a lot of users who travel fulltime and to ask or even expect them not to use their laptop for personal reasons while on the road is ridiculous and management thankfully agress with that stance. So, for everyone's privacy... the drive just gets zapped and then reimaged.
It was argued that we may lose valuable information in doing so but I pointed out to our CMMI happy managers that this would indicate a failure in the document creation and control process and not an issue with our IT policy and they conceded the point.
Additionally we work on secure projects for the government and have NDA's in place with corporate clients. I can't allow my IT staff to dig through files that they're not authorized to see and because of that we have to treat the whole drive as if its classified material unless we can get someone who is authorized to see to come in and sort through the whole mess. And we're never going to be able to pull a billable consultant off a project to do that unless something is missing.
Long story short... *ZAP*
You steal a thousand dollars in a nice shiney case. You open the case and blam! there was a paint bomb in it the money is drenched but luckily nothing else was. By your logic when the guy chucks the case in to the trash it should be considered destroyed and unusable. Even if the trash can is sitting in his kitchen and the police are searching his house with a legally obtained warrent.
Your example of being sent an illegal picture is inacurate. The law (at least in the UK anyway) takes in to account the content of the hard drive in total. So if they find one deleted child porn pic on your computer you wont get in to trouble. (Especially when they have records of you reporting the image.) If they find 2 or 3 thousand deleted images thats a whole different kettle of fish.
Unless evidence is obtained illegaly there is no point at which you should just discard it.
From the article: But it is unlikely, to say the least, that the provision was intended to authorize him to destroy data that he knew the company had no duplicates of and would have wanted to have
So why the hell was this critical data on a laptop and not backed up or stored somewhere more secure? Their IT guys should be fired...
IANAL, but I think there's his defense right there. If the data was critical, any company worth it's salt has a policy that it needs to be stored (or at least copied) somewhere secure.
Real programmers use "copy con program.exe"
Deleting data isn't necessarily a crime, but destroying evidence which is subject to discovery in a civil or criminal process is, even if you're Arthur Anderson.
-fb Everything not expressly forbidden is now mandatory.
That is bullshit. If that were true: a company could argue that the government can't look at their financial records because it would incriminate them; a murderer could deny police access to their premises because they would find a body in her freezer that would incriminate her.
A murderer CAN deny access to their property even having a dead body in the freezer, enless the police have a warrant. A company CAN refuse to turn over documents enless the police have a warrant. Police can't walk in anywhere they want and/or just take things because they may or may not be incriminating, it's called probable cause. They must have enough viable reason to further their investigation, you can't just bother every citizen because you may or may not know a partial bit of information about a crime.
Having RTFA, it looks like Mr. Citrin's problem was that he resigned first, THEN handed back the laptop. The judge ruled that Citrin's right to issue commands of any sort on the system ended upon resignation. If I'm reading that correctly, the solution for other soon-to-be-former employees or contractors seems simple: delete, then quit.
More than anything, use head main ting when separating from a company. 1) get your personal gear out of the office; 2) delete email and files relating to personal business (or that might reflect especially poorly on you); 4) clear your browser history and cache; 5) securely overwrite all free sectors on disk; 6) log out and power down; 7) resign. It looks like Mr. Citrin may have gone overboard and nuked all of the company data on the laptop, which is of value and use to the company and their next person to fill his position, and made it look like he had something to hide.
Luke, help me take this mask off
Besides the poor choice of going into business that directly completes with his former employer, this guy allegedly made the other poor choice of using a 'wipe' utility to remove data.
... How about a group of graphics files that are public domain textures, traffic signs, fragments from websites (taken from browser cache), etc.. Another good group is music - record meetings and lectures then rename them to look like popular music titles. The final idea is to include some encrypted zip files with suggestive names - of course the files contained are renamed unix man docs. Just be sure to use the standard delete command to 'hide' the files from recovery.
What he should have done is used what I refer to as the general-use non-wipe routine. Basically, it involves simply deleting files you don't want/need, then filling the remaining drive space with 'wipe' files - various sized files filled with random or meaningless data and given random or misleading file names. Generate a group of base files, store on USB drives, then copy to the root directory of the target drive, renaming the files as you go. For extra fun, delete your 'wipe' files after you fill the drive. You could probably write a script to help, just make sure it is given an innocent name and stays on the USB drive.
It would be interesting to see the reaction of the managers and scavengers to finding a directory of hundreds of text files and then discovering that each file is a copy of unix man files, or five year old project documentation (that you had no part), or trek fan fiction, or
If you are brought into court like this poor guy your lawyer can argue that those files are there from the day-to-day use of the system. Nothing sinister or devious about those files.
We need a "secure delete" utility that doesn't overwrite with 0's. That's too obvious. A good secure delete will take random files and overwrite thus obscuring the damage.
It's a stupid legal interpretation, so we need a stupid utility to get around it.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
"The first thing we do, let's kill all the lawyers."
-- Henry VI, Part 2 - Act IV, Scene II
Well holy crap. I can't believe you just had me read a giant avertisment.
The bit about Norton UnDelete is funny. Of course it can recover files that are wiped. To my knowledge it makes a copy of deleted files in a hidden FIFO holding pen.
I use a two-pass shred on files I want actually deleted. Couple this with regular disk activity (if you keep using the dirve eventually your wiped file will be overwritten with a new file, which may get deleted or shredded, etc). If anyone wants to spend the time and fortune to get past that then I will be too flattered to be upset. Hell, I'd come to Slashdot, retrieve my registration info, and post an article about the subject so that someone actually has proof that their wiped files Can be discovered!
Just a note that the law does have an exception for people who immediately delete child pornography after viewing or immediately report it to law enforcement.
What?
You're probably talking about Judge James M. Rosenbaum (United States District Court for the District of Minnesota). "In Defence of the Delete Key", The Green Bag, 2D Series, Vol3, No4, Summer 2000.
Here's the HTML Introduction and here's the actual PDF.
"I believe that when evidence has been tampered with or destroyed it is legal for courts to assume that the evidence was prejudicial. While there may be no smoking gun, the deletion is circumstantial evidence against you. Get enough circumstantial evidence and you still end up in jail." Ok.. I can understand what your saying there.. but what this court decision is now saying is that he should have returned the laptop and leave information on it that would in all sense of being a violation of his rights under the 5th Ammendment and incriminate himself? That to me is the most boneheaded thing I ever heard of. The company received their property.. They are using the lack of information against a former employee..Its a interesting thing.. kind of like McDonalds being sued for spilled hot coffee and pickles.. Oh thats right.. those people won their cases too.. LOL
A better policy for the company, would have been to periodicly mirror his drive at the office.. at least then they would be able to say.. "see this file is missing.." and there you have your proof of destroying company data. Now, his job may have been collecting information and storing it on the laptop, but the fact that it is not there doesn't prove anything. Perhaps he was just not doing his job, and spending all his time daydreaming about starting his own company.
waiting for ad.doubleclick.net
Someone please tell me how the fuck they could prove that certain incriminating files even existed, if said files were wiped before they got the laptop?
What if they were never there to start with?
What a fucking idiot retard of a judge.
Does the same hold true for drugs?
If someone drops off a kilo of cocaine at my house, and I drive it right to the police station and turn it in, will I be arrested for posession of cocaine?
Disclaimer: I have been an independent contractor for ~15yrs. The law is an ass and IANAL.
:))
/. means he definitely did not have the cunning to do either and get away with it like the big boys do, perhaps it was just spite or even something as trivial as porn.
Let's start with a bad analogy, what you are saying is like an oil refinery manager saying "I did before I resigned, it's not my problem your refinery exploded". ( Apologies to BadAnalogyGuy if you are reading, it's not quite down to your standard
Iff the product of his work was embodied by the files on the laptop and he did this deliberately, it would be a clear case of sabotage regardless of when it happened. If he made secret notes or back-ups it would be industrial/commercial espionage. Much more likely that a lazy or stupid manager hired a greedy and stupid cotractor. His appearance here on
On the surface, it seems he was intent on rubbing out every trace of the data, so he must have known it was sensitive and unique. The company must also have known sensitive data was stored on the laptop or else how would they know it was missing?
I think his manager(s) should be slapped around the head for not ensuring the data was periodically transfered to company repositories. The moron with the laptop should be "red-flaged" to agencies by being banned from starting a company for a few years, hopefully he will be forced out of contracting. The company lost it's data because of lax data security, hopefully the lesson was worth the cost.
And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
such trusting companies we work for
Comment removed based on user account deletion
The company is stupid for not requiring backups. The guy's an idiot for using his position to start his own business, and using the company're property to do it. He screwed over all his co-workers by doing that, because it takes away from the company's viability.
/., so that's saying something.
I'm really surprised they actually needed the guy's laptop to support their position in all this, they should be able to prove it without that. Going after him because he deleted files is just a vindictive ploy after they realized they had no way of proving what he was doing.
Sounds like the guy AND the people at the company are both guilty of being freaking morons.
I mean really.... all of the sudden "Wipe"-like programs are going to be off corporate computer systems? Yeah, good luck with that. That's the stupidest damn thing I've read all day.... and I've been reading
I kept the computer quite tidy due to a small hard drive. Most work was accouting, spread sheets and some word processing. Hard copies were printed and filed as permanent reports and as backups. Every month or two I would do a Norton Speed Disk which would wipe unused space.
When I left the company I left about two months of data on the hard drive and a 20 page status report which detailed where all the hard copy documents/files/data were physically located and info on the work in progress. The company sent the computer out for data recovery and when no erased files could be recovered I was sued. The company claimed the hard copies did not exist but were later found when I succeeded in obtaining a court ordered search of the company's office.
My lawyers filed a motion to dismiss claiming there was no triable evidence. The judge ruled that the lack of recoverable files was in itself evidence that "something" on the computer had been destroyed and thus fit the statute. The bopgus case settled a few year. No money changed hands but my legal fees ran about $150,000, my life savings.
Advice: 1. NEVER erase anything. Simply move the file out of the current workspace to an archive directory. When the drive gets full have the company buy a new drive -- give the old drive to the boss with a corresponding memo detailing in general what was on the drive. 2. Keep each file you create in a separate directory and maintain a printout of that directory. 3. Run your own backups and transfer the backups via memo when you leave. Leave another copy of the backup with a trusted co-worker who can put them where they can't easily be found and destroyed. The more people involved the better.
If you accidentially have personal info on the hard drive it might be a good idea to wipe the info before you leave. But you need to overwrite the directory and file space deleted since the empty space might be detected. Others here can suggest a procedure.
... but what this court decision is now saying is that he should have returned the laptop and leave information on it that would in all sense of being a violation of his rights under the 5th Ammendment and incriminate himself?
1. The fifth ammendment does not allow you to tamper with or destroy evidence.
2. The fifth ammendment prevents the *government* from forcing you to testify against yourself. It does not prevent a company from compelling you to return company property, incriminating or not.
The company received their property
The files were *also* company property.
There is a difference between a civil claim and a crime. There is no indication that there was any crime charged, there is only a civil claim under a federal statute. Under the US system, a private party cannot bring criminal charges, only the government can. The claim is the digital equivalent of alleging that somebody shredded paper evidence.
A (recovering) lawyer.
if more companies adopt this approach, and its successful (however unlikely), i see a lot of laptops getting "stolen" just prior to an employee leaving...
What I want to know is why anyone would ever want to work for IAC ever again.
I'll go out on a limb here and say that if this company is sophisticated enough to have a non-compete agreement in place, there's probably an agreement in place that covers what you should and should not have on a company laptop. You say that if they can't prove violation of the non-compete then hte data is his to do with what he pleases. This is almost certainly not so. I'd be willing to bet that ANYTHING on that company computer is company property. The company has a right to look at any of it at any time, and the individual's use of the computer is tactit agreement to that policy. Therefore, if he has deleted ANYTHING the company wants to see he is likely in violation of the company's data policy. If any data recovered was unrelated to his work, he's again violated the company's data policy. If any data recovered was related to a private business he was running using company property, then he's in violation of the company's data policy AND his non-compete agreement. If it's company hardware then everything on it is uncontestedly their data. They don't need to prove it.
Perhaps a little off topic, but just today I was reading how my former mayor left office and 4000 emails magically "disappeared". It is interesting because lately San Diego has had a great deal of scandals. I suppose stuff like this is becomming common practice. I can't help but wonder, why is the IT system so lacking? I know that if the FDA were to audit a life critical system, such a thing wouldn't pass (of course, the auditors might not realize the flaw). Granted lives aren't on the line in this case... but still.
The GP postulated a case where a developer takes the code for the project he's working on, you're saying he doesn't have that source?
Give me a flaming break, how then do you expect him to do his work? It's of course very true that all respectable software houses keep repositories, but as a clue, developers do something commonly called "check-out" to work on a local copy before verifying all changes and finally submitting it back in to the repository.
Deleting files or destroying property?
Maybe he should have just destroyed the entire drive and returned the laptop driveless.
The point is that any data of any kind even if it was created by the employee for the employee's own use, was at one point on a company owned resource (the laptop), and hence owned by the company.
That seems overly broad. My phone number is in my employer's phone directory, stored on a company server. Does my employer own my phone number, then? HR has my résumé in both electronic form and hard copy. Think they'll mind if I borrow it for a bit if I decide to search for a new job? And suppose I find a new job... will I have wrongfully transferred company data to a competitor by showing them my salary history?
I've got a picture of my wife in a frame on my desk. Did I unwittingly transfer the copyright on that image to the company when I put it there? What if I scan the it and use it as a background image on the computer on my (er, the company's) desk?
And what's so special about data, anyway? I fail to see a significant difference between my résumé, which is stored on a company server, and my car, which is parked on a company parking lot. Would the company be upset if I willfully sent the car off to a crusher? Or worse, what will they do to me if I sell the car and keep the profit?
That settles it... on Monday, I'll be parking across the street.
That's in California. In some other states and countries, it's quite possible that any work done by you in the general field of commerce engaged by your employer belongs to them, regardless of when, where and how you did it.
Thus, they certainly have a right to be looking for evidence on the computer that he'd done competitive work on it - that would belong to them. They looked, closely, and found.... nothing at all. Probably, just a clean, sanitized system (just like I always leave at the end of a job :]). So what? Sure, it's suspicious, but I'd say "too bad"; they certainly can't prove that he threw away anything useful.
I'm sure that any lawyer worth his salt can call any number of expert witnesses who can show that secure-deletes are not hacking, and are absolutely required in many instances.
He'll get off, but sure it's a pain.
It's not self-incrimination to return company property to the company, as they own everything on the laptop anyway.
However...this seems like an easy slam dunk case to me. The only way they can prove he broke any law is by proving that he deleted something that would have incriminated him. If I were him, I would say the following: "I only deleted files that did not violate the law to delete, as there were no files on the hard disk that violated the law in letter nor in spirit."
Innocent until proven guilty--they not only have to show I deleted files, but that the files I deleted were illegal to delete. The only way they can do that is to have knowledge of the files before they got deleted, which they do not have.
As an analog, consider document shredding. Companies shred documents all the time. If I get brought up on destroying evidence and the prosecutor has no idea what evidence I destroyed, I can simply say, um...no, none of the docs I shredded would have served here to incriminate me in any crime. They were personal love notes to my wife that I kept with me at my desk and things like that, things I no longer wanted. Please feel free to prove otherwise.
but have you considered the following argument: shut up.
I am somewhat torn on the issue, so first my argument against him...
The data on the laptop belonged to IAC, not the employee. It wasn't personal emails to his wife or his personal credit card information. It was data gained during his employment and deleting those files was a malicious act taken after his employment ended. Would anyone here really say it is OK for someone to login to the server on their last day and wipe the company's customer database when they don't have a backup? What about a bank employee deleting financial records? Once you agree that those occurences of deleting data would be wrong, it's just a matter of scale to determine how wrong his actions were.
On the other hand, his contract specifically let him return or delete the data on his laptop. They probably didn't anticipate him leaving this way, and maybe he was supposed to backup those files to the company server or store them there in the first place. I don't think it matters though. When you have a contract (like his employment contract), you HAVE to take the plain meaning of it's words. The judge in the opinion tried several different ways to explain how IAC may have been thinking when they created the contract, but you can only argue that if the actual words of the contract are ambiguous. That is why lawyers make so much money, they are supposed to catch things like that. Saying that he can delete the data before returning the laptop is pretty plain to me. In either case, if the employement agreement was a standard employment contract for the company with minor modifications, any ambiguities must be decided against the drafter. If he has some say in the wording of the contract and had things changed from the first draft that wouldn't be the case though.
Also note that th
Of course, take this all with a grain of salt as I am not a lawyer...
They don't cancel each other out, so you better get a REALLY REALLY large hard drive.
SearchIRC - Now with live chat directory!
The movement is organized by www.safernet.org.br, that tries to make sure tecnologies aren't used for crimes. The problem is that it's not a job for internet providers or google to search fpr crime data, it's a job dor the police, but the police can'thave complete access to data, because it's not legal to see personal information without a justice order.
The question probally will be solved in the matter of cooperation, when receiving information about crimes in the social network orkut, google will try to help in the best form it can, but it's still depends on the answer of the company in USA.
"Probably not, but lawyers have to eat, too. There's only so much sustenance to be gained by sucking the lifeblood out of people."
Become a porn actor.
"If only that were true. Unfortunately, companies, corporations anyway, do have the same rights as individuals in the United States."
Whew! Then it must be ONLY the US that's having all these problems with corporations then.
There are ways to get the information back if you look at the traces of magnetic distortion left on the surface of the disk from each write. Rather expensive equipment and much time is required to make it work.
Why UNIX?
If you kill someone, and chop their body into little piece, you haven't destroyed evidence. If you kill somone, bury their body out back, and when the police show up with a search warrant you manage to run around back and chop their body up, you have destroyed evidence.
It's only 'evidence' once the police say it's evidence, or once the police 'control' it and logically are going to get around to saying it's evidence. Don't ever tamper with anything under police control, even if that includes yourself and things on your person. For example, delete numbers from your cellphone while standing there as they execute a warrant to search you and your premisses.
And sometimes the police will let you have evidence back. Sometimes this is out of pity, sometimes it is because half the house is a murder scene and half isn't, and you live there, sometimes it is to see what you do with the evidence, a sort of trap. If the police say 'That's evidence', don't mess with it.
If the police do not control it, or have not decided it is evidence, it is legal to mess with it all you want. (At least, as far as 'tampering with evidence' goes. Attempting to cover up crimes can be illegal in other ways.)
If corporations are people, aren't stockholders guilty of slavery?
How is this different than when Microsoft or some other large corporation deletes emails or shreds incriminating documents? Thats a crime, its impeding an investigation or obstructing justice, hell thats one of two counts that they impeached President Clinton on and are trying Scotter Libby on, so yeah its a crime.
Just because its a computer doesnt mean its not a crime, I hate this concept that someone computers are a sacred space where the law doesnt apply any more, that allows corporations to get away with murder because the laws regarding digital records are intentionally vague. For example everybody on slashdot freaked out when they said they wanted to regulate political donations online, they regulate political donations offline, so why not? Now bribery is done through a website thats the only difference.
It sounds like a good reason to use a USB drive for storing personal information on a company provided laptop.
So wait, they looked on his laptop to find these files but couldn't. So now they're saying the guy used secure delete to get rid of them. Ummmm...yeah ok, prove it, pal. How do you know they existed in the first place, hmmmm??? Lack of evidence is not evidence.
I doubt it. I remember a situation once in New Hampshire some years back when some guy was ice fishing and actually pulled in a box of dynamite. He called the police, they came and handled it, and he was not charged with a crime because he obviously couldn't be blamed for having possession of the dynamite during the time he had it. In the case of someone dumping coke at your house, though, I'd think it would be better to call the police and have them come get it rather than driving it to the station yourself. (IANAL)
is that they re-map weak sectors automatically. so you can't properly wipe a modern drive without a customised controller board (all modern drives have the controller board as part of the drive) and you'd have to have a lot of identical drives to wipe before the development costs of such a board would be more cost effective than just physically destroying the drives.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
Suppose instead of deleting the files, he just encrypted his files in the first place? This would remove the issue of the destruction of data and focus on the IP question, ie the ownership of the information. Suppose he refused to provide the key to unencrypt the data claiming that he owned the information, and/or that providing this information would be self incriminating? Would this refusal be a crime? If not, then should deleting the files still be a crime?
So what is a good -- and free -- secure delete for Windows? Preferably one that both deletes files securely, and wipes all free space when requested.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
is that the drives weak sector remapping system will have left valuable data in sectors where it cannot be reached through the ide/scsi/sata/whatever interface. without replacing the controller board on the drive you can't erase this yet someone with a direct platter read facility almost certainly could.
likewise with the flash sticks you mentioned the wear leveling system could leave data lying arround on the flash chip even though the OS thinks its gone (multiple overwrites of the whole media may actually help here). Once again if the flash chip is seperated from the controller chip theese can probablly be read.
for theese reasons "secure wipe" tools cannot be relied on to actually distroy the data if the enemy has access to a data recovery lab.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
1) Corporations have more and more power and clout in the US than we citizens. This alone makes me start looking for another country! The problem: we (not me) vote for the politicians who have the best $ advertising $. Which perpetuates the problem- big corporate $ prop up the people who we hear about over and over in advertising. We MUST start voting for people who say they will eliminate our legal system being for sale.
2) If you or I ever get a company computer/laptop, image the drive imediately. Then, if you ever leave the company, do a low-level write 0s to the drive, then restore the original image.
3) I would disagree with the judges even if the guy deleted files that didn't belong to him, but they were HIS files! He has the right to delete them!
4) How can the court believe the corporation? How can the corp. prove the guy deleted the files? Maybe the corp. did it to then try to fry him? (a similar defense freed OJ Simson- sorry, but it works)
Apparently, there is no need for one! :)
"You idiot! You own a Macintosh! The file is fucking gone!"
I'm at a non-profit, hence the mental lapse!
Luke, help me take this mask off
Fortunately a level-headed and informative review of the case (which puts a different light on it) is available here http://www.groklaw.net/article.php?story=200603110 7414764
Recommended!
It's safe to assume most legislators are not geeks. How can judges make effective and just rulings if they don't know the subject matter? "During oral argument last October, one judge wondered aloud: 'Destroying a person's data--that's as bad as you can do to a computer.'" The laws governing technology are ethical dilemas that could hinder future innovations. It is unsettling knowing the future of legal technology is in the hands of non geeks.
See above. Littering is perfectly illegal. Tool. Guilt or innocence has nothing to do with the cops or courts or juries or anything else. Though societies use those methods, as a statement of purpose anyway, to try to determine the truth, the guilt or innocence is dependent on the actions themselves. And with few exceptions, most notably in California clear water and chicken feathers being among them, it is perfectly illegal to throw things from a moving car. If you did it, it was illegal and you are guilty.
First, if you have a laptop/PC/PDA that you got as an employee or executive (especially) of a company then how it's used is per company rules and what's on it is company property, period, with very few exceptions. If you don't want the company looking over your shoulder, don't put in on the device on the first place. Don't send personal emails, keep personal addresses, load personal software, files, etc., get your own. Want to change it, get enough money to influence your own set of congress critters.
As for this issue there are several other possibilities. SOX (Sarbanes-Oxley) a law passed after the Enron mess for public companies, plus court decisions made about civil suits allow a plaintiff to include the contents of that company device (the laptop, plus any files at the person's home) in a dicovery motion. SOX requires a policy and process for electronic records of a company (especially those of an officer or executive). Anyone that destroys these records outside of company policy puts the company in violation of SOX (look at Morgan-Stanley and other wall street brokers in trouble stories) and opens the company to a big fine, etc. If SOX did not apply here, then the company may have had notice of a law suit being brought against them (opposing lawyers send this to the target company ahead of filing the lawsuit to ensure information is retained) and the laptop in question being in the hands of an executive would has fallen under the rules of don't dump any info on it now. Any info destroyed (which can be proved to be removed like on the laptop, the software showed the oppuntunity) can be claimed by the plantiff to contain the worst case data. Judges have supported this, message to companies, don't delete anything. This is becoming the thinking of companies, delete only under strict policy and then only if no possible lawsuits are going to use the data.
To summarize, this could have been a case of an ex-employee (executive level) trying to jump-start a competitng entity with info from the current employer or he may have just been using the laptop to communicate with his new job and maybe do some work while still at the old job or it could have been SOX/Legal worries of the company or it could just have been a pis*ing match that got out of hand and now will affect many more persons.
Yes, everyone prior to this post is missing the fact that he's not convicted for deleting files - he was just sent back to a lower court because there were new details that needed to be clarified, whereas before there were insufficient details to even proceed with the suit.
The judge simply found that the secure deletion of files created uncertainty - not guilt - uncertainty. He punted sorting out that uncertainty to the lower court. The company will now at least get its due process of arguing the legality of the secure delete (probably not successful there) and surrounding evidence of what was likely to have been deleted (better chances there), which they're owed, and the lower court can decide on the real matter at hand - did this guy steal a client list from a former employer?
Technically speaking:
The most interesting detail to me in this case is the way that the "Secure Delete" was proven - which is, the company said Citrin did it, and he excused it, which implied that he did it. It would be interesting if he denied that accusation - could they prove that a hard drive had secure delete software run on it? What if he were smart enough to run the secure delete software from an outside CD or thumb drive leaving no install trace, and to use one that dumps random bytes, not 0's, where the files to be deleted once were? What would the court demand as proof, and could they properly interpret it?