Slashdot Mirror
No Right to Privacy When Your Computer Is Repaired
Billosaur writes "ZDNet's Police Blotter bring us the interesting story of a Pennsylvania man who brought his computer into Circuit City to have a DVD burner installed on his computer and wound up being arrested for having child pornography on his hard drive. Circuit City employees discovered the child pornography while perusing Kenneth Sodomsky's hard drive for files to test the burner, then proceeded to call the police, who arrested Sodomsky and confiscated the computer. Sodomsky's lawyer argued in court that the Circuit City techs had no right to go rifling through the hard drive, and the trial court agreed, but prosecutors appealed and the appeals court overturned the lower court's decision, based on the fact that Sodomsky had consented to the installation of the DVD drive."
When the perp has a name like "Sodomsky", I really gotta wonder if this is for real...
Cheers,
"What in the name of Fats Waller is that?"
"A four-foot prune."
Ultimately it doesn't matter whether you have a right to privacy or not. It's not a right you can rely on. Expect the monkeys to paw through your private photos & videos regardless of where you get your PC repaired.
The answer is routine encryption, but let's face it - if you need help installing a DVD drive, you're unlikely to have any idea what encryption even is....
There are shills on slashdot. Apparently, I'm one of them.
That's like taking your car to get it repaired and being pissed off when you get arrested because the mechanic notices the 5 kilos of coke in your back seat. I mean, come on. The guy is an idiot and a criminal and he should go to prison.
You wanna break the law and not get caught? Use some brain cells. Sorry, if I take my computer to get it repaired (and I have), I yank the hard drives. ALWAYS. I have no expectation of privacy when I drop my computer off with a tech. I do it largely because I have client data on my computer and I would be liable if I took it in for repairs and someone stole the data. It's just common sense, and if a criminal can't amass enough common sense to do the same, well, they deserve to be arrested, tried, and convicted.
I was running a consulting company in Halifax just under a year ago, and a soldider from the armed forces had contacted me to fix his hard drive. While my tech was working on it, he discovered hundreds of gigabytes of porn, including many shots of young (pre-puberty) girls. The police had to get a search warrant for my office in order to legally seize the computer. The police did ask how we came across the images, because that was the most obvious way the case might have been thrown out. I never heard anything about the case again.
It not like the employees installed a keylogger or monitoring software and discovered it, it was on his machine when they were asked to do work on it.
Its like crying privacy rights if I ask a plumber to come fix my kitchen sink, I take off to run errands, and when I get back I am arrested for having murdered victims in my bedroom. Did the plumber violate my privacy and thus charges be thrown out?
Someone with legal knowledge please clear this up.
Well yeah they need to be able to login to make sure whatever they're repairing worked. Just create them a joe user account and give that to them.
If this is true (what are this guy's first and middle names? Paedo Fill?) Then this guy is a moron. Giving a computer with stuff like that to whoever? His other charge should be 'being a moron'.
You can't handle the truth.
AFAIK, when you turn information into your lawyer, it's protected by "client-attorney priviledge". Your attorney can know that you murdered somebody, and is under no obligation to tell anybody. (In fact, he/she could be sanctioned or disbarred if they DID tell anybody)
So, could you offer a bonded "secure" computer repair service through attorneys?
I have no problem with your religion until you decide it's reason to deprive others of the truth.
Yeah. What the fuck kind of name is "Kenneth"???
Because isn't concealing or helping to conceal a crime against the law in itself?
Without reading the article, what I'm guessing they're saying is that the evidence is not inadmissible in criminal court, because the person installing the hardware (and software, i.e. drivers) had blanket permission to boot up the computer and use it for the purpose of doing the installation. If, in the course of performing the installs, the person stumbles upon evidence that a crime has been committed, you can't retroactively claim that they didn't have permission to use the computer.
What they're probably not saying is that you have no recourse if that person posts the embarassing (but legal) video you made for your spouse folder to YouTube, or even gossips about it.
Just from reading the summary, I have no reason to believe that there's been anything new happening here. The police are held to the same standard all the time.
http://outcampaign.org/
Ok, I'm guessing that the staff at the store were not police officers, so I find it hard to see how them doing something wrong would invalidate evidence gathered by the police, provided that the police did everything right. Now IANAL but it would appear to me that it basically boils down to what the police did after receiving the tip, or does US law actually say the police can't act on tips from the public if the public only knows what they know because of illegal actions? I.e, if I a crook breaks in to somebody's home to steal something, then finds a large quantity of drugs, I'd expect that the police would need a warrant to search the house, but surely the mere fact that the crook tipped them of doesn't mean they can't investigate? Thus I'm guessing that the real issue here is weather the police would have needed a warrant to have a look at the computer while it was in repair. What is precedence on that? Does the police need a warrant to search your car while it is being repaired, or can the mechanic just let them have a look around if they want to ?
Or better yet ... learn how to fix your computer yourself. Or just keep all your important information on an external hard drive.
The higher the technology, the sharper that two-edged sword.
He might actually have a right to privacy, however he would have to sue circuit city to get restitution for it being infringed. IANAL but I am a human being, and if someone who is not working at the behest of the police infringes on someone's rights but also discovers evidence and turns it over to the police, that evidence should be admissible. For example if a thief breaks into someone's home and discovers child porn and hands it over to the police, the prosecutor should be allowed to use that evidence. Now if there was evidence that the thief was working for the police (for example they routinely handed over evidence to the police) that would be a different story.
"Circuit City employees discovered the child pornography while perusing Kenneth Sodomsky's hard drive for files to test the burner"
That's right your Honor, we were just looking for some jpegs and avis to test the burner with.
The ones that have flesh-colored icons work are best for testing burners.
Take out all the HDDs before you send it in to be repaired. This is prudent even if you're not concerned with privacy (but you should be) to protect your data from the idiots at the repair center that might finish off their work with a complimentary format and reinstall. I've seen that happen before. I don't have much sympathy for people who tried and failed to hide their child porn, but as with most losses of privacy it has a small impact on guilty people (who will just find a way around it) and a huge impact on the rest of us.
If you build it, nerds will come. Soylentnews.org
Ten minutes to fix the DVD. Five days to go through your media looking for bank info, pictures of the missus to post on www.lonelyhearts.com etc.
Engineering is the art of compromise.
-The Car Analogy (obligatory): take to mechanic for repair, leave illegal material in an unlocked glovebox. Fuses are in the glovebox, mechanic finds illegal material. Arrested, trail court dismisses on evidentiary grounds, prosecution appeal currently pending. Al Sharpton somehow becomes involved in media coverage.
-The Kitchen Appliance Analogy: take mini fridge in for repair. Leave severed hand of (former) roommate in freezer. Hand is found when test of ice cube tray attempted. Convicted to 30 year sentence, paroled in 9 years. Begin anew with career as tech security consultant.
-The Post Office Analogy: Take large, heavy package to post office. Deliver using media mail rate, the cheapest shipping option. Miss sign claiming that any media mail package is subject to inspection by any PO employee. Box is lined with child pornography. Arrested, sentenced in federal court, killed in prison after 2 years.
-The 19th Century Tech Analogy: take daguerreotype plates in for annual silver halide tune up and focus lens coal-cloth polishing. Leave illegal woodcuts of "ladies of the night" wearing bloomers and baring arms and shoulders(!) underneath stack of plates. Illegal woodcuts & etchings located when technician reaches bottom of stack. Immediately jailed, lynched by angry torch-bearing mob by evening. Grave marker doubles consonants and adds "e"s to the ends of first and last names.
Next you'll be saying that eyewitnesses reporting what they see to police is infringing on someone's privacy.
"Circuit City employees discovered the child pornography while perusing Kenneth Sodomsky's hard drive for files to test the burner"
Sure they did !
I'm willing to bet that the first "diagnostic" these guys do when a PC comes in is search all drives for image files. They must have quite the collection by now.
This raises the question: what was to stop them from copying the incriminating files, and then "discovering" them on the hard drive of the next customer who dicks them around ? Could that have even been what happened in this case ?
I don't know about anyone else, but 'poking around for files' is pretty damn intrusive. Just burn a couple of files on the desktop to the CD rom.
I hate child porn as much as anyone else, but this stinks of people looking for personal details on their clients that are none of their business. This shady shit has to stop.
Paranoia abound. First off, that he left his computer in another's custody negates their role in search and seizure. Secondly, an investigator makes the final judgment about an actual crime or otherwise.
That the tech was rifling through his photos looking for pictures of his wife or hot 19yo daughter is irrelevant. That is a matter of internal security and policy, and potential prosecution in its own right, but Sodomsky's possession of child pornography should not be tainted by this action.
It is VERY easy to accidentally uncover stuff you don't want or mean to when working with Windows. I have more than once stumbled upon private information while working with a customer's computer by simply way of the folder previews in Windows XP. You open a folder with pictures and there's thumbnails all over the place.
Most techs have some kind of ethical standard, written or unwritten, which prevents them from engrossed reading of personal documents and unnecessary browsing of media, as well as not divulging or discussing private information found in the course of normal work.
In Florida, as soon as you come across what you even think is child porn on a client computer, that computer and all around it immediately become a crime scene and cops must be called immediately. No arrests or charges are made until authorities investigate and make a final decision.
If the investigation deems necessary, an arrest is made and the whole thing can go to court where the accused has the right to proclaim his innocence and the prosecution has the burden of proving guilt. If the investigation determines that the media is not of concern, the customer is miffed, but life goes on. If the case goes to trial and the accused is exonerated, then only the court of public opinion lays judgment.
I fail to see a problem with this system.
The constitutional Right To Privacy, to the extent that it exists at all, applies only to govenment agencies.
The defendant might try bringing a civil action.
But no matter hiw you frame the issues, there is only a snowball's chance in hell that a jury will punish Circuit City for reporting a crime it discovered in the ordinary course of business.
With the exception of Child Porn of course... That should remain on the internal drive in plain sight, on the desktop even, so you will get your sick ass thrown in jail.
One huge difference:
The people at the photo development place can be very sure that a person under 18 was molested by the person who brought in the roll of film.
The person with under-18 porn on their computer might never have molested a minor
Thus I think that child porn should only be considered as evidence for someone molesting a child, but not a crime in its own right, as that makes it very easy to frame someone just by emailing them some pictures. Or what if the tech in this case planted the pictures on the hard drive? And then if you make having artifically generated pictures or text stories that depict people under 18 having sex illegal, that is just crazy, as no kids were ever harmed there. What about someone under 18 taking a picture of themselves?
Of course, if you like the idea of thought police, where you can be arrested for creating something from your imagination that is evil, then where does it stop?
If I have nothing to hide, don't search me
If I had been the guy's lawyer, the first thing I would have argued is that since the evidence was not uncovered by a sworn police officer, it could have been planted. What if this guy was a rude on the clerk, who was a vindictive bastard and decided to frame him? Or maybe a jolly clerk may have decided to pull a prank that went out of control when someone in the shop contacted the police ("hey Jimbo! this guy's name is Sodomsky, guess what I found on his drive!").
Yes, the courts could have checked the last-modified filestat, but that can be tampered too.
Victims of 9/11: <3000. Traffic in the US: >30,000/y
No-one is arguing that child porn should be protected (although elsewhere some *would* argue, that only producing it should be an offense).
What's at issue is that next time a repair guy goes through your files and sees "...whenever any Form of Government becomes destructive of these ends, it is the Right of the People to alter or to abolish it..." and is going to report *that* too.
Next thing you know, you'll have your ass hauled from workplace to the county jail. Apologies will be slow in coming, and your work buddies may not be joining you at lunch for a while.
WHat's also at issue is that submitting a computer for repairs does not give the service people a blank check to read my email or browse through my vacation pictures. I fix my own machine, but I don't fix my car myself, and I expect the technician not to rummage through stuff I may have left in the boot, looking for thrills.
"Only the small secrets need to be protected. The big ones are kept secret by public incredulity." - Marshall McLuhan
Quite directly and sensibly. As the head of the department, I'd have the guy who reported it fired. No, not because I want to protect a pedophile. But he simply has no business in a customer's personal files. Yes, in this case breaking into the privacy of the person helped discovering another crime. Yes, that's "another". Not "a", not even "a more serious".
I happen to get a lot of client PCs on my desk, for similar matters. We do forensics for various high profile customers who want to follow the trail when a trojan hijacks their machine and they want to have proof how it happened. Which also means we got quite a few certs from various places, private and governmental, that allow our findings to be used as evidence in a trial. Looking through a customer's personal files (or any files not related to the problem outlined in very fine detail) is simply a no-go. No matter what.
Yes, that means that I would have to let a pedophile get off the hook. By the contract between my company and the customer, and (as odd as this may sound), even by law. I must not look at those files. Having certain customers from certain companies that deal with certain topics plays a role here, but that's not the point.
Should I accidently look at a file that does not belong to the case at hand (for example, when looking for trojan screenshots and I happen to run across a porn pic that happens to be in the same location a certain trojan would put its pics, or when undeleting files and perusing the findings), I have to ignore it. I never saw it. For all I know, it does not exist.
Now, the kid who discovered that pedophile pics might consider himself being in the right. IMO, he's not. He broke the primary law of business: Don't break your contract with your customer. Don't invade your customer's (or anyone's) privacy.
Yes, I consider an invasion into privacy a bigger crime than collecting kiddy porn. In other words, our politicians are lower than pedos in my books.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
It is not the result I'm quibbling with, but the rationale. The court is arguing (as are you) that because the defendant did nothing to protect his privacy he had no expectation of privacy. My argument is that it is precisely where I do not protect my privacy that I expect it the most, because I simply don't expect others to look there. E.g, just because I don't lock my door doesn't mean that I have no expectation that the public at large is going to stay out. The court's statement that by renaming the files he would have protected his privacy is ridiculous from this point of view. The court is saying that by showing that he did expect the service technicians to look at his media files he would have established an expectation of privacy in those files.
Suppose that I hire a repairman to come to my home and fix a part in my bathroom. They wander around a bit, go into the garage (which, stupidly, I forgot to lock) and find my stash of child porn. Did I have no expectation of privacy in my garage? What if it were a guest cottage in my backyard? I think the court gave short shrift the scope of consent given to the repair shop. Now maybe a reasonable person would or should know that media files that happen to be on one's hard drive will be inspected prior to the installation of a dvd burner. But I didn't know that, and I imagine it would be surprising in the same sense to most people as if a plumber went into their garage.
Sodomsky?
Are you serious?
That's like....occuponymous.
-Styopa
The kind of "Freedom" you guys enjoy in the USA has been earned. You had a great consitution and proper personal freedoms but you let various people scare you into shredding that constitution and those freedoms.
Engineering is the art of compromise.
Your clients can hold you liable for unauthorized access to their data?
Yet when someone takes their computer into a best buy, circuit city, etc, that person then becomes a client of said store, and has different rights?
The point is that they looked through his files without his express permission.
Was he dumb? Yes.
Were they wrong in going through his files, even for a test burn? Yes.
If they do a routine test burn, they should also do a routine disc read.
Why not have a test dvd that they copy, and burn back?
The fact is these stores LOVE to rummage through your files.
It's good PR when the company can say they help fight child porn.
It's a laugh riot for the employees to dig through your favorites and personal files.
It's not beyond reason to suspect that said files may have been planted.
It's wrong of them to do it, and legally, this guy has a good defense.
When you develop film, they HAVE to see the pictures to do their job.
Film developers are required by law to report anything involving child abuse or animal abuse (and probably murder, etc).
A tech installing a dvd drive does not need to look through your files, even for a test burn.
It's the equivalent of a plumber coming into your house and pawing through your stack of magazines on the lid of your toilet tank.
This did not warrant an arrest for this man.
It warranted an investigation, with the computer being returned and law enforcement going to a judge requesting a warrant.
It's called due process.
I freelance, and I work for a few casinos, sportsbooks, and some investment firms.
I have a very clear data policy publicly available on my site, and I ask all my customers to read them.
I have these to protect myself and to protect my clients. I always tell them what data/logins/access I need, and ask them to agree or deny.
Did Circuit City tell the guy that they were about to look into his files? Did they warn him what access they needed, and what they needed to modify? If not: well the guy is right.
Note 1: I am not sorry for a kiddiporn lover who gets arrested.
Note 2: My data policy can cost my life, so I am very open and strict about it. Most importantly I always ask clients to give me the least possible access necessary, so a data lifting accusation is out of question.
Note 3: The highest danger factor of being a tech in Central America is losing knee caps/life/fingers after stealing customer info data from a gaming operation. It is best to not even attempt is, and even better to not even get suspected.
The list goes on. I'm tired of reading Red Herrings people! Let us discuss weather the tech was actually right and the evidence should stand instead of all these other things. I think the perp is a bad guy too, but that doesn't allow me to step all over his privacy rights.
Or better yet ... don't download child porn.
Is everybody here sure they don't have any child pornography on their computers?
I'm not.
You don't have to be looking for it to stumble on it.
It can be in spam mail, it can be in newsgroups where you wouldn't expect it to be.
You could be happily downloading from some "hairy MILFs" binary newsgroup and some idiot has uploaded pictures of 6 year olds.
If these people don't respect the well being of children, you think they would obey newsgroup guidelines?
You just downloaded all of today's hairy MILFs then the phone rang, you got busy with other stuff, you never looked at it.
You don't know if there is child porn in there.
Moral of the story?
Hide all your p0rn before you bring your puter for repair cause you never know what might be lurking in there.
Its about stupidity. You see, im not worried that they checked, not worried that they found. What worries me is how the HELL do you prove beyond the shadow of a doubt that the guy was actually the user of that porn?
How do you prove he didnt get it by clicking on some pr0n spam. How do you know he didnt just get it off of google images and it got into his cache.
What has to stop is the assumption that people are responsible for whatever shit gets dropped in their box. They arent and most specially arent when using microsoft software. Anyone can put the pr0n there.
NO SIG
This is why I maintain a spare drive...for times I have to send my laptop in for repairs (not the kiddie porn thing).
Load a clean copy of an OS on there, verify that it works, then submit the machine with that in. And NO, I'm not talking about pirating Windows by installing a second copy. Ubuntu works fine. If they can't use it, they can wipe the drive and install Windows on it again. It's just going to get wiped and re-Ubuntu'ed when it gets back anyhow. I then slam my Windows drive back in and voila!
I have too much sensitive data on my drive to turn it in. And I've seen too many clients lose literally their ENTIRE business' data because they didn't do backups before sending a computer in that was later wiped.
As I have backups, if it's my hard drive that dies (or the machine is replaced by one that's somehow different enough to make my original drive not work, I can recover my data.
It's easy. Buy the smallest hard drive you can with the thing. And get one of an acceptable size after-market.
Chas - The one, the only.
THANK GOD!!!
The above raises a good point -- store your data in a manner that's not easily accessed.
But, this case raises TWO different questions that are getting confused.
1 -- Did the service technician violate the privacy of the computer owner by looking at files on the hard drive that might not have been required to perform the repair work? This is a question of civil law, and possibly of the contract between the user and technician.
2 -- Can the police use the evidence found by the technician to prosecute the computer owner? This is a question of constitutional law and criminal procedure.
The answers to 1 and 2 are not necessarily linked.
The constitution provides protection against GOVERNMENT searches of your property. The government can't, without a warrant or an emergency, take your computer away and look through your files. Nor can the government pay a repairman to do what the government can't do directly--for example, if the government paid repairmen to snoop through computer.
But, the constitution doesn't say anything about what OTHER people can do. If the repairman did snoop beyond the limits of his authorization then the computer owner might be able to sue the repairman. But, just because the repairman did a bad thing doesn't mean that the protections in the constitution against government invasion are automatically triggered. Take a different example -- a burglar breaks into a home, steals a lot of stuff, and also sees child porn on the way out the door. If the burglar gives an anonymous tip to the police (or bargains for a lighter sentence in exchange for testimony) then the evidence can probably still be used, even though the burglar had no right whatsoever to be in your house. In fact, it was CRIMINAL for the burglar to be inside your house at the time he saw the child porn, but it's still probably fair game in a prosecution.
The key difference is whether the STATE has violated your right to privacy. You can't bargain with the state to set a higher or lower expectation of privacy; we have a Constitution that sets a minimum floor of privacy for everyone. But, you can negotiate with a computer repair service--if one service offers "no privacy-we'll read all your files" and the other say "complete privacy, for a little bit more money" then you get to pick which one you like, and to sue the "complete privacy" company if they break their word.
Disclaimer: Before you do something dumb, speak with YOUR attorney. I am not an attorney and the law often turns on what seem like very small differences in facts; your situation is probably different and will require personalized advice.
There are two issues here that need to be distinguished. One is whether the techs had any business going through the guy's files. The other is whether the state can use what they discovered against him. To the first, I would say that although it isn't safe to assume that the techs won't go through your files, they don't have any business doing so except to the generally limited extent that it is necessary for their work. Obviously if you have a problem with corrupted files they're going to want to look at the files, and they may well need to look at various kinds of system files and config files, but most of the time there is no good reason for them to look at other files. If they want to test a DVD burner, they can perfectly well use a file that they keep for that purpose.
On the second issue I am surprised at the trial court's ruling. As a rule, the state is entitled to use evidence whether or not it was legally obtained so long as it wasn't the state that broke the rules. If the person who obtains evidence is a police officer or is acting as an agent of the state, the evidence must be excluded if there was no search warrant and it does not fall under one of the exceptions to the need for a warrant. If, however, the evidence is obtained by a private party acting on his own, not at the behest of the police, it is generally admissible even if the private party had no right to do what it did. The principle is that the state should not be penalized for actions outside of its control. The Fourth Amendment constraints government action, not that of other parties.
It's all well and good to debate the general case of whether there is an expectation of privacy when you hire someone to work on your PC. But what matters in this case is the specific agreement. I'm sure the store has a standard form with lots of boilerplate where the customer grants them rights to do such and such with their computer, waives certain liabilities, etc. The specifics of that agreement are really what's important, without that you can't say whether it was legal or not.
If I had mod points, I'd mod you insightful. It amazes me that people don't think that they'll get reported for that.
Gary Glitter got busted for that in a similar manner quite a while back. Realistically, if you hand your computer in for repair they may very well have to look at the files to figure out what's going on. Especially if they need to log in and they're on the desktop.
It does surprise me that people don't realize that computer techs have to report that sort of thing to the authorities when they find out.
Hitler and Stalin came in quietly. W. was freely elected (kind of). The part that amazes me is the number of idiots who argue for lose of gun rights or lose of civil rights (such as privacy), and think that they are being patriotic. The entire group that steals our rights, wraps themselves in the flag, while so many others ignore that.
I would not say that we earned this. We have earned our freedoms. But I will say that due to spineless assholes we are losing them rapidly. I only hope that our children will have the ability to imprison these same idiots who stole and gave them away. These traitors deserve to swing.
There's at least an argument that such a law would be unconstitutional as it would make computer repair technicians into agents of the state. It's one thing if they act voluntarily to report suspicious files (like here), it's another if there's a criminal penalty for failing to do so. I'm curious and will read up on it. Thanks for the tip.
Post AC!
Engineering is the art of compromise.
"There's at least an argument that such a law would be unconstitutional as it would make computer repair technicians into agents of the state. It's one thing if they act voluntarily to report suspicious files (like here), it's another if there's a criminal penalty for failing to do so. I'm curious and will read up on it. Thanks for the tip."
It's been the case for a while that hosting providers must, by law, report child pornography when they find it. Been there, done that, got the ncmec.org login. I don't understand why extending this to repair technicians would bring up any new constitutional issues that don't already exist. Might be one of those legal elephants in the room that nobody -- not even the ACLU -- wants to touch, as it's political suicide... would you want to be the one to go to court to defend hosting providers' rights to protect kiddy porn collectors?
Sitting in my day care, the art is decopainted.
Something very similar happened to me when repairing someone's pc.
I as running a defrag in XP and some of file names rolling by, at the bottom of the management console, caught my eye. I stopped the defrag and noticed items in an unemptied recycle bin, so I opened it. There were plenty more files with very suggestive names. Not wanting to ruin my dreams, I didn't open anything. I shut off the box and told my manager, who called the cops. Here's what I found out from the officer that arrived.
1) If you have suspicion, report it.
2) Do not open/copy/delete/empty anything.
3) Shut down the box and wait for the law to arrive.
Once the officer arrived he took my statement and called in for a warrant to search the PC. Within 20 min.s he got a call back confirming a warrant had been issued to search the pc. The officer attached a write blocker to the drive and checked out some of the files in question. Suspicions were confirmed and the officer took the pc in custody as evidence, and had other officers sent to pick up the suspect.
All of this transpired in a matter of hours.
So if you have suspicions, just report it to your boss, and leave the box alone.
"Corporate rock still sucks. What are you gonna do about it?"
My thinking on this is that computing power is finite, so they (whoever "they" is for you) have to choose which file to try to decrypt, so if you have 100 fake encryped containers and 1 real encrypted containers and they can't tell the difference, they'd waste a lot of time. Of course there is always rubber-hose cryptography, but that's a different issue, and if you're enough of a concern to highly placed spooks or cops, you're screwed already, passphrase notwithstanding. Camp X-Ray for you!
Anyway, my point was (I do have one somewhere) is that how screwed would you be in the UK to have a file of random data that you can't prove isn't an encrypted container? Would what seemed originally like a clever trick to play on the authorities basically sentence you to life in prison, since there is no passphrase to turn over?
It's official. Most of you are morons.
I'm pretty sure they do. IANAL and I haven't looked up the case law on it, but they would most likely be accomplices after the fact if they aided the criminal in keeping the crime secret.
Of course if the pedophile isn't caught then they wouldn't be able to prosecute accomplices.
In college I was working in a lab where I discovered that a grad student known as 'the porn king' was trafficking child pornography.
Sadly due to police screw-ups with the evidence and warrants, there was no admissible evidence. The student was released.
On the other hand I know of a man who was arrested because a drive sent for repair was found to have an image of a child.The man arrested.
Sure... you can say, download no adult images. Sure, you can say that a person is responsible for every file on their drive. But where does the penalty and the judgement show any sense of fairness or balance.
Also, while trying to avoid the conspiracy angle. We have to admit that it's pretty damned easy to get a file on a person's drive. Windows, Mac, or *nix. Add to this some of the horrifying things I've seen done in child custody cases to make one party or the other look bad... passing judgement based solely on images found on a hard drive becomes fairly weak.
In the cases above, the student trafficking had several CD masters of child pornography, but the CDs were inadmissible as they were obtained from his house with warrant, but the constraints of the warrant were badly defined and executed. In the case of the other man, it turned out that the image was found as a result of inflating an archive of what was supposed to be 250 adult images.
The legal system seems to be very direct on this. You bring one image into the court as evidence and there is no question of origin, intent, or guilt.
Personally, as a father, I have very strong opinions against Child Pornography. I also have very strong opinions about punishing the right person for the right crime.
(Figures this will either get rated -1 or flamebait. Just my $0.02.)
This may not be relevant but I think it's worth pointing out that the reason the tech was supposedly looking for files is bullshit. They probably made that up after they discovered the files. The tech was almost certainly looking for normal porn or movies on purpose to copy it. Using a video file to check if a burner is installed correctly is utter nonsense.
I know in some Best Buys it gets so bad that it's not even techs individually doing this sort of thing. Last time I had a friend working at one they even had a server setup where they copied customers files that were interesting so everyone could get at them. I can't imagine Circuit City is any different.
This thing is only going to get worse. Fact is some people are always going to have reasonable reasons for trusting someone else to work on their computer. A lot of these techs even use tools to override any normal security just to make their jobs easier. People are going to have to get smart about not putting things they want private on non removable media. Software is going to have to become more mature at making sure normal users know where there information is on their drive and know how to remove it also.
So my question is this, if you hire a plumber to fix your sink,and he instead goes rooting through your underwear drawer and finds something illegal, should that be allowed in court? I personally don't think so, and while I hate the child molesters as much as the next guy, letting someone who commits a crime turn in a second criminal and walk away scott free himself seems like the height of insanity to me.
And while I think those that molests a child should get life, the way these laws have been rewritten scares the hell out of me. The addition of non minor images,cartoons,and even adults whom some judge decides "looks lolita" can have your life ruined? WTH? As the law is written now there is way too much that is left to judge's and prosecutors discretion. And with all the hare brained cases we've seen lately,like the 17 year old who was sent to prison for consentual sex with his 15 year old girlfriend,I think the judges and prosecutors have proven they can't be trusted with this much power.
Sadly, the whole kiddy porn thing is spiraling into the 21st century version of the red scare. Even if you can prove yourself innocent,which would be pretty hard with the laws today being pretty much "eye of the beholder",just like with communism you'll be looked at as "the accused child molester" by all those around you. We really need to redefine all these laws and make it actually about protecting kids again,instead of the insanity of the witch hunt that this topic seems to be heading towards.
ACs don't waste your time replying, your posts are never seen by me.
I work for a computer repair shop between uni, a similar thing happened at our shop.
We were hired to do regular matinence, but discovered huge amounts of child pornography.
The legal concerns of our position were important to us, but not as important as the possibility that this crime could go on, uninhibited.
The case was tried and the idea that we had no right to look at the files was not even mentioned in the case. The fact was that he had child porn. It was wrong and everything else was a non issue. I agree people should have privacy and civil liberties, but sometimes you have to put aside the politics and take things at face value.
IANAL and I don't know what specifically is the law in Pennsylvania. However, some jurisdictions in the US (South Carolina, for example) compel computer technicians to report child pornography just like social workers, teachers, and medical professionals are often required to report suspected abuse.
The technician in this case apparently, according to TFA, was searching for random video files on the customer's PC to burn using the newly installed DVD burner to make sure everything was working. He got suspicious based on the names of some files, including one listing a male name and a number he thought was an age of 13 or 14. Upon deciding he'd probably found child porn, he contacted authorities. This doesn't sound like rifling through all the guy's files at all if that's the way it really happened.
The judge decided the test was a commercially common and acceptable way to test a DVD burner -- by searching for video files on the user's drive. I'm not sure how common it is these days to do it that way, but it certainly sounds reasonable and not nefarious to test it that way.
The appellate court also decided that you have no privilege of confidentiality with a computer store like you would with a doctor or lawyer.
How about telling the tech to supply his own data for burning? Even if there is material on the HD that's legal, how can the tech assert he has the right to make a copy of it? E.g. if someone made movie on his PC, had to send it in for repairs and the tech makes a copy of that movie, isn't the tech liable for copyright infringement?
Justice is the sheep getting arrested while an impartial judge declares the vote void.
Legalizing child porn because of the first amendment really isn't that strange (I don't buy the claim that porn is somehow exempt from the speech label when pretty much everything else is covered), it serves to point out the flaws of the constitution. In the end the constitution really IS a "goddamn piece of paper", it's a paper designed to represent the will of the states and people but you can be pretty damn sure neither the states nor the people really want to enforce it to its fullest. I guess it would work better to actually spell these things out in the constitution, i.e. have the first amendment say explicitely that pornography is not speech and what constitutes pornography instead of having that remain as an unspoken rule or the result of some judge's moral feelings. Update the constitution to reflect what it is understood to mean, don't leave the thing there as a relic that says almost nothing because it's been completely reinterpreted. Also introduce new features that have been asked for quite often, e.g. enforced age ratings on media (states have been asking for that quite a few times but were shot down because the constitution disagrees when the actual wording of the constitution doesn't even say anything about states' rights there). The constitution serves the people, not the other way around.
Justice is the sheep getting arrested while an impartial judge declares the vote void.
http://pbfcomics.com/?cid=PBF215-Kitty_Photographer.jpg
The sad thing, this has happened. Parents in the UK have been arrested for pretty much exactly this. From what I can see, no one seriously thinks they were abusing their children - they just took a few admittedly tasteless pictures of them.
E.g.
http://en.wikipedia.org/wiki/Elton_John Controversy struck in late September of 2007 when police confiscated a picture taken by a well known photographer by the name of Nan Goldin that featured two naked prepubescent girls. The concern surrounding the picture was the "provocative" position they were standing in. The picture was one of 4,000 pictures in John's collection. On October 27, 2007, the charges were dropped due to lack of evidence. I actually think that pictures should be legal in themselves. If they show someone committing a crime, they could be used as evidence to prosecute that person but would not become illegal in themselves. Making pictures illegal when they don't depict any criminal activity is an absurd overreaction.
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
Opening files on a computer is hardly the same as kicking down a door.
I'd say a better metaphor for it would be calling the fire department to put out a fire in your meth lab.
Well, that's an important point, but that's not what they're arguing about. The issue is with people who are repairing your computer using it as an excuse to go through your stuff. I used to work at a optical drive company, and on occasion needed to test drives against specific discs for unusual errors or BIOS issues. In some cases customers gave me copies of their home movies that were failing to play or causing problems. Watching someone's personal memories on disc at work is a strange thrill, and honestly made me kind of uncomfortable sometimes. If they were just testing the burn process, they would obviously have test files they could use. They just got off on looking into videos that weren't meant for them.
Child porn is disturbing, but I get suspicious any time an article brings it up, because it's almost always being used as an excuse to do something that is otherwise morally unacceptable on the government's or other establishment's part. Invasion of privacy, search and seizure, wiretapping, etc, there are always justifications brought up in the form of "this one time it caught a guy with child porn!" I can't believe that child porn is so rampant that it justifies the laws that are passed with child porn as an excuse. If it truly is, then the only law I could see as effective at that point is castration.
[insert witty quote here]
I used to work tech at a SUNY (State University of NY) school. Our official policy was to not report pirated software/music/movies, but we were required by law to report child pornography. I am not sure if this also applied to non-government employees.
Perhaps like spammers need "bullet proof hosting" users of pornography, file-sharers, spammers and all types of people who have incriminating info on their PCs need "bullet proof PC repair" services ...
Civil liberties aren't just "politics" that can be set aside for crimes that are *really* bad. That kind of thinking leads to innocent people riding in cattle cars to special camps.
In the example you gave, civil liberties were not set aside. It just wasn't an issue. If someone invites another person to look at their hard disk drive, and the other person sees evidence of a crime, he can report it to authorities. Likewise, if someone offers you a ride in their car, and you see a big bag of pot in the back seat, you can tell the police, and they can arrest the guy.
On the other hand, if the police come up to you and ask you to go through some guy's hard disk to look for child porn, I think that evidence would get thrown out. I believe that in the US they would need a warrant to conduct the search, even if they have you do it.
At least, I think they would need a warrant. These days I'm not too sure. They might have erased that part of the constitution.
I think a better analogy would be that you bring the car in to get new tires, forgetting you had a dead body in the trunk. The shop guys check on your full size spare as a courtesy, find the corpse. Should they protect your privacy or report their findings to the authorities? I know, sounds really dumb, how can you forget you have a dead body in the back? Then again, what was the guy thinking when he gave full access to the computer and all data on it, knowing that some of the content was clearly illegal?
I'd argue that the child porn that the burglar saw probably shouldn't be admitted as evidence. It's entirely possible that it was planted by the burglar on their way out. However, the evidence could be used to get a wiretap warrant and when the accused obtains (or tries to obtain) more child porn, the police can nab him. As a bonus, they can then get the child porn supplier as well.
My sci-fi novel, Ghost Thief, is now available from Amazon.com.
On an unrelated note I know I can't verify the age of EVERY person in my "adult entertainment" collection, if you define child pornography as strictly as 17 years and 364 days old then yes I may have some on my hard drive... oops :p
This is one of the problems with Porn 2.0 (Porn on Web 2.0, i.e. user generated porn), professional pornography is supposed to go through certain legal requirements to ensure all participants are 18/, and they keep records. Amateur content uploaded to the porn equivalents of YouTube however, have no guarantees whatsoever.
> (I don't buy the claim that porn is somehow exempt from the speech label when pretty
> much everything else is covered
That has always struck me as wrong too. Why is it that "sex" gets special treatment as a topic? Why is it that something intended to arouse those who view it has no social value? It certainly has value to the people who buy it, to the people who watch it, to the people who jerk off or have sex while or after watching it.
Utter crap if you ask me. I can at least see the argument for the exclusion of kiddie porn that children are unfairly exploited in its creation and its those same exploited persons who are the main subjects of the video.
However... anything made with consenting adults... I say is fair game for free speech.
-Steve
"I opened my eyes, and everything went dark again"
Disclaimer: I am not a lawyer, but I am a police officer and have testified as a witness in many trials. I am also well-versed in most criminal and constitutional case law, and with Florida criminal statutes.
Typically, trial and appeals courts don't examine whether or not you had a *right* to privacy. They usually examine whether "under identical circumstances, would a reasonable person expect privacy?"
In other words, if you're doing something in your un-fenced back yard, you have no "reasonable" expectation of privacy, even though you are on private property. On the other hand, if you are in your home, you do have a reasonable expectation of privacy.
Sodomsky! No, wait, don't tell me: he has an accomplice called Gomorransky.
The crime of allowing your computer to keep a local digital copy of a file that someone has deemed "illegal"? Was this guy generating the CP or was he just saving photos that caught his sick fancy? Was he paying for a subscription to access areas where he could get these photos and therefore financially rewarding and encouraging another to assault a child or did he stumble accross them on *chan?
Except for the fact that he isn't arguing the point, what *proof* do we have that the tech themselves didn't plant the CP? If I had it in for someone, that'd be a pretty good start. All you have to do is mention CP and the witch hunt begins.
I know I'm going to get flamed into oblivion for this (not to mention accused of being a pedophile, homophobe and everything else in the book), but, if we take it as proven that homosexuality (being sexually aroused by your own gender) is genetic (or at least something you're born with) and therefor an "abnormality" and at best a "normal variant in human sexual preference" how is pedophilia, necrophilia, and bestiality different? Are we saying it's a choice of "lifestyle" and not something you're born with? How do we prove that?
In many countries of the world it is still illegal to be gay. If someone is born with the abnormality of being attracted to "those below the [arbitrary] age limit", and goes through life never once molesting a child, but only collects images that titillate their particular twisted interests, should they be branded a pariah and be sent to prison for years and years?
"But", you say, "seeing those pictures will encourage them to rape a child!". Hmmm... Does that mean that seeing pictures of naked men will force my gay coworker to rape me?. If I download rape photos, will I be driven to rape, should I be charged with the rapes in the photos? It's like the whole "violent games" argument all over again. Maybe this is some sort of release valve for some people.
Don't get me wrong. I think the exploitation of children is wrong, but I also think that the irrational fear and associated draconian laws are so ridiculous that we can't even hold a rational discussion on the matter any more. I mean, really, a 14 year old girl takes a picture of herself naked in the mirror with her cell-phone and she is convicted of creating and possessing child pornography. A 13 year old girl has sex with her 12 year old BF and is charged as a sexual predator and the victim? WFT?!
Something in me says that the same people who make the most noise in government about pedophilia are the ones that are probably hiding something in themselves, sorta like those politicians that bash gays so bad then get caught soliciting strange men.
C'mon people! If pedophilia is a "genetic disease" we should be working for a cure. If it is a sociopathic "choice" then we should be allowing those "suffering" from it to get treatment, not cart them off to jail.
And if someone assaults a child, charge them with the assault and lock them up. Rape is rape. Kidnapping is kidnapping. Child abuse is child abuse. There are already laws for that. Use them. But destroying someone's life because some pictures were found of a child without proper clothing on is ridiculous. Where I grew up it was normal for a girl to be married off and start having children as soon as she started menstruating. That often made her 12 or 13 years old. That was life. That's the way it had been for untold generations. Suddenly, there's something terrible about those people. My grandmother was married at 14. I guess my grandfather was a sick bastard. Funny, he never struck me that way. They were married for almost 70 years.
Well, I've got my flame-proof panties on and karma to burn. Flame on!
"terrorism" and "pedophilia" are the root passwords to the Constitution
"The key difference is whether the STATE has violated your right to privacy. You can't bargain with the state to set a higher or lower expectation of privacy; we have a Constitution that sets a minimum floor of privacy for everyone. But, you can negotiate with a computer repair service--if one service offers "no privacy-we'll read all your files" and the other say "complete privacy, for a little bit more money" then you get to pick which one you like, and to sue the "complete privacy" company if they break their word."
Actually, criminal law kinda trumps civil contract law. If the repair guy finds out that you're committing a crime, not only does any privacy contract become preempted by criminal statute, but the tech is now on notice of a crime, and HIMSELF goes on the hook if he does NOT report it. It's called "accessory after the fact".
And no, you do NOT get to sue, because once the tech gets wind of your crime, the contract of nondisclosure is discharged by a "supervening illegality", in this case, the tech's duty to report you for CP discharges the NDA, because NOT reporting it is against the law. Hence, the supervening illegality.
No silly CIVIL contract is going to protect you if you are involved in a CRIMINAL act. Not even the most expertly drawn up NDA is going to stop someone from being obliged to report you if they find out you're breaking the law, especially if it's a criminal offense.
On top of that, most courts nowadays will consider your entering this contract in bad faith, because you were knowingly and willingly attempting to conceal a criminal act. Heck, the tech could even be charged with obstruction if he tried to go with the NDA he signed.
The only way you can bust someone civilly for exposing you to prosecution is if that someone is your defense attorney, and they wind up breaching their duty to defend you. You can give your lawyer a full confession, and lawyer client privilege OBLIGES them to keep mum. That is the ONLY exception I know of to the "eminent domain" that criminal law posesses over civil matters.
In this case, any money you paid above and beyond the standard rate for "privacy premiums" would likely be owed back as equitable relief, becasue the tech is NOT engaging in any breach of contract that causes you damage, because the contract itself becomes discharged. Since the guy can't complete the contract (he'll go to jail for obstruction/accessory), the contract would most likely be "rolled back".
And you may not even get the money back. Last time I checked, possession of CP is a felony most anywhere, and civil forfeiture laws often call for seizure of "any property involved in a felony", which would probably include any money you spent on trying to cover it up.
As far as privacy is concerned, apart from the tech guy not being a government agent, but simply by putting your computer into someone else's custody you almost certainly give up your "right to a reasonable expectation of privacy", which is what the Supreme Court has established is the basis for 4th amendment protection.
Qualified Disclaimers:
I am not a lawyer.
I DID get straight 4.0's in law class at college.
I ALSO read the RCW's for Washington State.
I discussed UK laws against indecent images here.
Although your post is relatively insightful, I'd like to ask you about your claims that "child porn is clearly a very bad thing" and that "children must have been abused to create it".
As I discussed in the article which I have linked above, a jury will usually decide that naturist images are "indecent" and therefore pornographic in a statutory sense. Do you not feel that it is somewhat absurd to claim that naturist images of children are a "very bad thing" and that "children have been abused" to create such images? Convictions involving naturist images are not rare; they constitute a significant proportion of convictions under the Protection of Children Act.
"To the future or to the past, to a time when thought is free" ~ Nineteen Eighty-Four