Slashdot Mirror
The Failing Right of Laptop Privacy
davidwr writes "Wired has an interesting editorial on laptop searches and seizures. It raises some interesting issues, including employee rights against police searches in the workplace, routine vs. non-routine searches at ports of entry, and police use of unrelated data found in a database search. The article ends saying: 'Of course, there's a chance that the courts will not recognize the different scope of privacy interests at stake in computer searches, or will not be adept at crafting a rule that gives enough leeway and guidance to law enforcement, while also protecting privacy. At that point, the Constitution may fail us, and we will have to turn to Congress to create rules that are better adapted for the information age.'"
...encryption.
TrueCrypt or PGPDisk or....
So keep your sensitive personal data on a server at home, where the protections against warrantless search and seizure are more clearly defined, and take with you on your laptop only what you need. Also there are all sorts of ways to remotely access your at-home data securely (DNS Forwarder/VPN, etc). That way your data is there when YOU need it and not sitting on your portable when you are crossing borders or sitting in your employer's office.
I have made it quite clear to contractors that their laptops will be subject to scrutiny prior to their being permitted to access our corporate LAN, as well there my be periodic spot-checks, especially if I suspect that a laptop might have become infected with something nasty.
You're using her as bait, Master!
It doesn't matter if you're worried about a snooping government, script kiddies, nosy roommates or family members, or anybody else you don't want looking at your data. In this day and age, there really is no substitute for encryption, and there's also really no excuse to not be using it, given the amount of options (many of them free, as in speech and beer) available today. There's no reason to leave things like tax returns, sensitive work projects, etc. sitting out in the open.
One of the best things that I've done recently is to wipe and randomize a 40-gig partition on one of my drives and set up a 256-bit AES-encrypted ext3 filesystem. Unless I enter my lengthy passphrase, there is no way to mount the volume, much less look at its contents. Barring some unforseen weakness in AES, this is now data that nobody but me will ever see (unless I do something silly like forget to unmount it).
It is, in many ways, a brave new world, but people need to know that there are things they can do to protect themselves. This, of course, is not news to the Slashdot crowd, but it is something that the less-clueful public needs to hear about.
We're going down, in a spiral to the ground
or will not be adept at crafting a rule that gives enough leeway and guidance to law enforcement
A perfectly good non-electronic equivalent situation already exists: Personal diaries.
Would the readily-apparent evidence suffice to justify confiscating and reading someone's diary?
If not, then stay the hell away from my laptop.
Would the readily-apparent evidence suffice to justify confiscating and reading someone's diary?
The airport case in question, you are screwed. The courts reasoned that searches at airports are routine, so just about anything goes. They should be ashamed of themselves. Until they come to their senses, I suggest you keep your diary, paper or electronic at home. The electronic one is easier to access, but you better move it around by ground transport.
Friends don't help friends install M$ junk.
With TPM, I won't have the keys to at least one section of my own computer's hard drive. Trusted computing at its finest.
Well, out of the Bill of Rights, Amendments 1, 7, and 8 make absolute statements prohibiting certain acts of Congress (e.g. "Congress shall make no law..."); Amendments 2, 4, 9, and 10 refer to "the people" which could mean all people or 'the people of the United States' (i.e., citizens); and Amendments 5 and 6 use language referring to "no person" or "the accused," which can only mean that they apply to all people, not just citizens. (And for completeness, Amendment 3 would only be relevant for people who owned property in the US.)
The relevant Amendment in this situation, the 4th, is one of those that refer to "the people:"
In my opinion, that ought to cover non-citizens too, but I'm not a Supreme Court Justice. Take from that what you will.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
Keep all your actual, working data on a USB Key. For super-extra security, don't stick the USB key in your PC when it's hooked up to the Internet.
My laptop is really just a shell; it's got an OS, and a ton of music and games on it's HD, but not a single text file or anything personal. Even my browser history is shredded each time I close it. So if I loose my laptop/have it stolen/etc., I'm really just losing hardware and the time it takes to put my OS and music on a new one.
It's worked great for me - and allowed me to eek life out of otherwise dying laptops. When you use a USB key (and back it up on a 2nd key, as I do, every so often), you are protected against hardware failure. If your PC dies, you take your key, go elsewhere, and continue working.
Don't store data on your laptop if you take it anywhere out of your house. It's just good sense.
1 - Separate work and private laptops
I carry mine to work and don't plug it into the network
I don't use the work machine for any internet searches, I use my laptop through cell card
2 - Separate your data sets
Carry your sensitive data on something other than laptop
I carry mine on a CD, they can't call that a bomb
3 - If they want to search it...
Ask "What exactly are you looking for?" and write down the answer!
If they say its just a routine inspection let them look, don't let them open files
If they want to see a file ask for the warrant
If they insist ask (don't) demand to see a supervisor
4 - Be nice, calm, and ask the supervisor to witness
Any search (with understanding you are under protest) as there is no warrant.
Ask the supervisor for a full accounting of all files opened/accessed prior to boot/power on
(this is critical as they cant log all files accessed during boot)
5 - Best of all, don't give them a reason to search it
-- I am the NRA, enough said...
Run "cnn bullet surgery warrant" through Google and you will get a lot of hits on an article that deals with this very situation.
If you're a zombie and you know it, bite your friend!
And you've been mislead by the media into thinking that judges aren't supposed to make law. In fact, in a common law system, that is part of a judge's job and has been since before the U.S. was founded.
I am not a lawyer. This post does not constitute any form of legal advice.
Are you implying that we should have universal military service like Switzerland and Israel? That would keep the militia organized and well regulated.
Apocalypse Cancelled, Sorry, No Ticket Refunds
The overwhelming response of the sysadmins, and many others, is, it's the employer's computer, therefore everything on it is available to the employer (ie. no expectation of privacy as confirmed by 9th Circuit). But there is another perspective that might be reasonably argued (Of course, IANAL; I am a media theory researcher and prof).
If we consider that electronic stuff (hardware, software and data) as containers within containers, the hardware might be owned by the employer, and the employer might have a right to see what containers are placed on the hardware. However, many of those containers (files) might contain so-called intellectual property that belongs to the person herself. The employer has no right to that (leaving aside, for the moment, contracts in which the individual stupidly gives all IP rights to the employer, even for private, non-work-related, non-compensated creations). The mere fact of physical location does not give the employer the right of unwarranted search. For example, the person's purse happens to be located in the desk drawer of the employer-supplied desk, within the employer's office. The employer does not have the right to search the purse, nor take possession of its contents. By analogy, I would argue that the content of personal data files (not necessarily the wrapper that is the file structure itself) is off-limits to the employer.
In short: the employer has the right (according to court ruling) to see the files on their property, but not necessarily the file content. The courts have not distinguished among respective ownerships of the hardware, the data structures, and the data contents. This distinction is something that will eventually be tested in court, I expect.
Like other posters, I agree that the employer could demand immediate return of the laptop and the individual would lose all of her personal information, and therefore the person must assume that risk of loss, encryption or no encryption. And I use my own laptop for my work - the employer does not have the right to access my machine. If they want my work (which they do) they agree to my terms. Every so often I hear the dire warning of the IT department about not providing me support. But then again, I've had occasion to fix some of the messes on other users' computers that were "supported" by the IT department.
There's also the part about it being for an organized militia. You left that out.
The second admendment does not say firearms are limited to a militia, it specifically states the right of the people to keep and bear Arms, shall not be infringed. People have the right. It make perfect sense when you consider the Founding Fathers were concerned about a tyrannical government, when only the government has firearms and not the people, it invites the government to become tyrannical. that's what happened in 1930's NAZI Germany, in the 1980s Iran after the overthrow of the Shah, and I heard the same thing happened in Rwanda in the early 1990s. Now you have the paramilitary groups in Sudan terrorizing civilians in Darfour, along with other areas, when if these people were armed they could defend themselves.
FalconShould there be a Law?
Can you "bear" a main battle tank or a cruise missile? No.
"Arms", in historical context, meant guns that were carried by a soldier. The term was understood to be distinct from "cannon", big-ass guns that were not something a man would "keep and bear".
If a weapon is something that an infantryman would carry into battle, it falls within the rightful scope of the right to keep and bear arms recognized in Amendment II, within the corollary to right of self- and community-defense - the right of access to defensive tools.
If it's a WMD, if its mere presence creates a danger to people nearby (like if my neighbor was keeping anthrax spores or large amounts of TNT in his shed), the RKBA is not infringed by regulating it. Except, for the fact, that a peashooter isn't going to do it these days.
Iraq. Afghanistan (US and USSR experiences). Palestine. Vietnam. Connect the dots and see the picture: groups with "pea shooters" can mount a significant resistance against an vastly better armed occupier.
Tom Swiss | the infamous tms | my blog
You cannot wash away blood with blood
What you've got here is a deliberate attempt to muddy the waters of searching laptops... they're arguing is that you shouldn't worry about your work laptop being searched because it's not yours, and usually work disallows you from putting private data on there anyway. There's two problems with that. First, if it's a work laptop the TSA is searching, YOU are not the owner, especially if you are following the rules, what would you do with an encrypted volume or such work put on there to keep your email or company financial data private if your laptop was stolen? The second fallacy is that the TSA is saying if it's not your "work" laptop you somehow shouldn't be traveling with personal private data... that's the biggest form of bullshit ever. It's the whole "you incriminate yourself" by brining private material into a public place that's going on more and more lately... and that is 10 ways from wrong.. The founding fathers clearly knew what they wrote, in 1776 you would take crates of personal stuff along on trips.. often guys like George Washington or Ben Franklin were away from their homes on travel for MONTHS at a time... personal property is just that...personal... demanding that it remain personal is not some "license" to perform a search because you ask they not look there... that's exactly what unreasonable search is.. especially when the search is unrequested in a public place.
Oh, what bullshit. Look, if the constitution wasn't supposed to be amended, then Article Five wouldn't be there in the first place, would it?
Sure, the constitution can be amended... but much like prohibition, eliminating state legislators from electing senators sucks, amendment or not.