Slashdot Mirror
Supreme Court Declines Case Over Techs' Right To Search Your PC
An anonymous reader writes "A few years back, a guy was arrested for possessing child pornography after techs at Circuit City found child porn on his computer, while they were installing a DVD player. The guy insisted that the evidence shouldn't be admissible since the techs shouldn't have been snooping through his computer — and a lower court agreed. The appeals court, however, reversed, noting that the guy had given Circuit City the right to do things on his computer — including testing out the newly installed software (which is how the tech claims he found the video). The guy appealed to the Supreme Court, who has declined to hear the case, meaning that the ruling stands for the time being. So, basically, if you hand your computer over to someone else for repairs, at least in some jurisdictions, they may have pretty free rein in terms of what they're allowed to access on your computer."
So, basically, if you hand your computer over to someone else for repairs, at least in some jurisdictions, they may have pretty free rein in terms of what they're allowed to access on your computer.
No, but whatever they find is admissible as evidence in court.
That something is admitted as evidence in court does not mean it was legal to obtain that evidence. Similarly, if something is inadmissible as evidence in court, it could still be legal to obtain that evidence.
http://outcampaign.org/
There's a difference between what they're "allowed to access" and what's admissible in court once they've seen it. The techs aren't the government--things they've seen don't automatically get excluded because they shouldn't have seen them.
If a private citizen breaks into my house and sees something illegal, they can usually alert the cops and have knowledge of that thing be admitted in court, even though they themselves can still be prosecuted for trespassing and breaking and entering.
rage, rage against the dying of the light
"Thou shalt not get caught"
This is right up there with handing the cop your beer or dimebag as you get your driver's license out after being pulled over - if you have something illegal, don't give it to people who A) know that it's illegal, and B) know who you are.
Never underestimate the potential of Human stupidity. -Heinlein
I should point out this is not always the case.
I know of at least one PC repair company that, when doing any sort of recovery/repair work, asks the customer to sign a form giving permission for them to look at the data files on the computer.
This is just so they can verify a successful fix/file recovery. If the customer doesn't sign the form, fine, but then they have absolutely no guarantee that the repair will be okay, or that their recovered files are not just illegible garbage.
Seems the logical approach to me since it protects the customer's rights;
but then again, if you are stupid enough to keep incriminating of stuff in a visible place, then you shouldn't be surprised if you get caught. I'd be interested to hear WHERE they found the files.
Evolution - Est. 4500000000 B.C. Don't piss in the gene pool.
You know, you could always choose NOT to have child pornography on your computer.
A month ago a friend of my nephew was killed by a driver in a hit and run collision (I won't call it an accident). My brother in law told me that the way the police found the driver was that her boyfriend took the car to a repair place to be resprayed in a different color. Staff at the repair place looked at the damage and called the police.
If you see evidence of a crime you have to call the police. Thats the law where I live.
http://michaelsmith.id.au
... RIAA dumps Mediasentry in favor of new sweeping deal with Circuit City. Details are currently kept silent, but if you've been downloading music and your computer breaks down, you'll know.
It would be almost brain-dead easy to put anything you want on a computer and then change the file properties to look like it was there before you gained access to the machine. I could do it on any given morning before I've even had a sip of coffee.
I dream of a better world... one in which chickens can cross roads without their motives being questioned.
Keep your 'private' data on an external hard drive and just leave the system drive for the OS + applications. Extra paranoid people can encrypt it to for good measure.
While I certainly despite people who desire or who peddle in child porn (and that includes the government "sting" entrappers themselves who are the LARGEST distributor of the stuff in the country, and who keep the largest amount of it around) this decision dumps barrels of oil onto the slippery slope.
I guarantee that the aforementioned "stingers" are going to start pressuring IT shops to search for the disgusting stuff and report to them. I can even see localities passing laws REQUIRING technicians to search hard drives for illegal material, and probably not just porn, but imagine the RIAA buying themselves some laws requiring techs to report file sharing software and MP3's...
It's a HUGE loophole that needs to be closed. If the evidence would be inadmissible in a criminal court if government actors collected it in that manner (ie: no warrant, no probable cause, no witnessing something happening in front of them) then evidence collected by civilians passed to the government should also be inadmissible. Indeed, in those circumstances, a citizen getting involved in law enforcement by implication is part of the "unorganized militia" and should be subject to the same limitations because they ARE, in effect, a government actor.
Corporatism != Free Market
"the techs should have not snooped" is a defense that implicitly admits the guy had downloaded the video. He get jailed, that's the spirit of the law.
What's troubling is that a pc which is tampered with by a third person, that is the tech repair guy, is then admitted as proof.
A random technician is elevated to the rank of police forensic tech! but how can you trust him not making mistakes (restoring somebody else's partition) or him being corrupted into intentionally downloading illegal stuff to a client PC? nevermind child porn, all you need to ruin a person are a bunch of mp3s, in this brave new world.
No they wouldn't have been, because there is nothing about this case that is legally novel or particularly controversial. The techs were not state actors (meaning working for the government either officially or at the direction of somebody from the government). Therefore, the 4th amendment rights to protection from unreasonable search & seizure do NOT apply (notice how I'm NOT talking about expectation of privacy... you don't even get to that issue when there's no state action).
There have been cases in the past where criminals have broken into people's houses and stole items that prove crimes (like say papers proving bank fraud or something like that). Later when the cops bust them and recover the items, those papers were completely valid as evidence against the original owners of the papers, even though the police would have needed a warrant to get the papers if they had conducted a direct search & seizure. If a criminal breaking into your house doesn't count as state action, then voluntarily handing over your computer to techs who are supposed to know how to fix the computer is not the brightest move.
AntiFA: An abbreviation for Anti First Amendment.
If I had 100lbs of cocaine, I'd just buy a new car, screw the garage.
"There are no facts, only interpretations." --Friedrich Nietzsche.
I dont work at CC .. but a larger "repair centre" in canada ...
We have, as part of our SOP, child pornography related rules. They call them "criminal images" in the verbage, however, it is the same. I have yet to "find" something criminal, but to my knowledge, no one goes "fishing" though a computer to look at a persons data. I think true repair techs don't really care WHAT is on someones computer, just get paid your paycheck to fix the thing. IF we are testing a burner and need to use data from a system (ie pictures folder) again .. drag drop, dont care what it is .. test .. label DVD "test burn" give to customer when they come to pick it up.
After doing this for 20 years now .. I can tell you what you ALWAYS will find on a computer that comes in for "repair".
1. Lime/Frostwire - the bane of my job - and telling a "customer/uneducated person" that those types of programs make it more likely to get a virus, they immediately ask you "well, how else can I download free stuff" - my response " you can't"
2. Some sort of torrent client - see #1
3. expired/outdated or no antivirus - which leads to #4
4. massive amounts of spyware/malware/virals
This is my daily grind. Trying to inform the public that just because you CAN do something doesn't mean it makes it A: legal or B: not harmful to your computer environment - "You mean downloading all that porn got me a virus? You mean my limewire folder has massive amounts of trojans in it? ---- but I paid for it ....
Sucker # 12,488 line up please ....
Years ago, I worked for $BIG_PHARMA, and in one of the labs, there was a shared printer and some shared PCs. Each PC required a user to log in, using their own credentials.
One day, one of the female scientists walked over to the printer to retrieve some print jobs, and found full-color pr0n prints sitting on the printer that someone had printed from one of the shared PCs in that lab.
An investigation ensued, and they found the offending machine, but couldn't pinpoint who had actually browsed to the site or printed the images. What they did find, was a VERY organized local directory of pr0n on the machine.
When they were looking through the upstream proxy and web logs, they found the site that the images were sourced from, found the date and time they were viewed and requested, etc. They finally figured out who the culpret was... and terminated him.
HOWEVER , they also found hundreds of other PCs across the company visiting the same site all over the logs, including some VERY high-level directors.
So now what do you do? Do you just fire the one person who was caught because of the reported incident, or do you start firing everybody because they're guilty of the same "offense" (browsing restricted content on company resources).
I don't know how it ended up, but I do know a lot of people were talked to and put on probation/had their public web browsing rights restricted or removed (only internal/intranet allowed).
For one, I don't know why I'd ever hand a piece of computer equipment with a hard drive in it to the folk at Best Buy, etc. after all the exposes re: naughty technicians surfing the hard drive for porn and other things of interest. There are lots of guides out there on how to do common tasks like hard drive replacement yourself, I'd only hand over a machine with a clean drive, if that.
Secondly, one has to consider the possibility that the images stored on the computer were not deposited there by the person who owns it. Any technician in the store could have used the computer to do some surfing, there is no chain of custody. Next, the images may have been deposited by malware, yet another possibility that I imagine the defense will bring up. Lastly, the images may have been deposited by a previous laptop owner, roommate, etc. - issues for the courts to mull over.
http://the.honoluluadvertiser.com/article/2004/Feb/05/ln/ln01a.html
"Each member of the computer crime squad (FBI) is given a list of local businesses, Laanui said, with the idea of establishing a
working relationship with all of them."
and
""We're trying to build a rapport with companies, a lot of computer guys don't necessarily know we exist," Laanui said.
"Virtually anyone in the high-tech arena is up for a visit with the FBI.""
Domestic spying is now "Benign Information Gathering"
Here's the keys to my house. Please clean my rug. If you find my porn/drugs/kidnapped child then it will be unusable in court.
If I had 100lbs of cocaine, I'd just buy a new car, screw the garage.
http://www55.wolframalpha.com/input/?i=100+pounds+of+cocaine
I'd mould it into a sphere of radius .2 metres.
Always back up, never back down. ---- Think you're cool 'cos your uid is prime? Take mine, modulo the one digit integers
Is that with child porn, people get a very "witch hunt" mentality with little consideration for the whole situation. What I mean is if a 19 year old kid has a naked picture of his girlfriend, taken when she was 17, that is "child porn" in the same way that a picture of a 10 year old being sexually abused by a parent is where the law is concerned. You get charged with the same thing for possessing either. Now most rational people would agree that these are not the same things, however it doesn't matter in the eyes of the law. Also, prosecutors are extremely zealous about this stuff. Maybe it is because they don't want to be labeled soft or whatever. No matter the reason, they tend to nail people to the wall even if they shouldn't.
The best example, which I can't find a link to right now unfortunately, was a boyfriend/girlfriend who sent each other naked pictures via e-mail. Both were under age, but teenagers (like 15-17). Both where charged with child porn charges and sentenced to prison, a charge that was upheld on appeal. That's right, they were charged for taking pictures of themselves and sending it to each other. No other distribution.
One would like to believe it's that easy, but I doubt most people know enough about computing to make decisions so that they can fully control what their computer does. Proprietary software + Internet access can easily equal someone else determining what's on someone's computer. Proprietary software is untrustworthy by default, no amount of testing an executable binary's behavior makes that program trustworthy because the program can be written to do something undesirable after a delay. Other than source code examination, there's no easy way to conclude that a proprietary program isn't going to grant access to someone else who could do computing on your computer without your consent. We can't examine the source code for everything we run, but we can spread out this work so people with those skills have little incentive and opportunity to mess with others. Therefore we all need the freedoms of free software to collectively help one another and get the best chance we're running binaries we can trust.
Digital Citizen
The problem is there is a mass global rebellion to copyright laws. You saw that over in Sweden where a previously unknown and niche party managed to get EU representation. You see it on /. on TPB, all over the internet. Its about as unpopular as prohibition was.
Taxation is legalized theft, no more, no less.
You have something in common with many lawmakers today; you are completely missing the point behind this law. The obvious reason for not allowing evidence found illegally is that it is not trustworthy; if someone is willing to break the law to find evidence, how do you know that they are not willing to break the law to plant evidence? The more important issue, however, is that it undermines the police. If you report a crime, and there is a good chance that the result will by your conviction for some other crime, are you going to report the crime in the first place? Probably not. This is already happening in the US, where high-profile lawyers are recommending that you never talk to the police because everyone is guilty of something, and it's easier for the police to find what you are guilty of than it is to solve the crime you reported. Enforcing the law in such circumstances becomes increasingly difficult.
I am TheRaven on Soylent News
Yes, and in Britain a white's only party managed to get two seats to the EU. Let's not make two seats more than they are, nor EU representation (and the lowest turnout ever) more than it is.
Yes, Justice. The company was testing out the software they were installing for the DVD, while doing that they saw that there were child porn videos. The company has an obligation to humanity to tell the authorities, this person is promoting children being sexually abused, give me a break if you don't think it's justified. Should they be allowed to just randomly search your drive, no, not really. Still if they find something like that, they should report it and it should be usable. If you don't like it.... DONT LOOK A PICTURES OF NAKED CHILDREN YOU SICK @#$@#
First job out of college, I was an apartment maintenance man. Commonly, people would call in problems and I'd go into their place to fix things during the day while they were at work. I saw all manner of illegal stuff and it never occurred to me to call the police. I've seen coffee tables literally heaped with a kilo of weed in a very neat pyramid, but I'm not a cop and it's not my job to tattle on other folks, so I just forgot about it.
The only time I did anything to change the status quo was when someone was taking action that damaged the property. I was an agent of the property owner, so if you painted your bedroom black (It takes gallons of expensive Killz to cover black well enough to rent the place after you move out) or if you wallpaper your bathroom with porn (I wonder what kind of impression that made on any female houseguests?), it was my job to report and take action.
Sometimes, the action was pretty simple. For example, someone stole most of the furniture from around a pool. A few days later, I got a ticket to fix a leaky faucet. When I went into the apartment, there was our pool furniture, covered with towels, being used as a living room suite. I didn't say anything to anybody; I just put the furniture back out by the pool. Resident was a little sheepish after that.
Nowadays, I fix computers for a living. When I see something dodgy on an employer-owned computer, it's my job to report it. But on those occasions when I've done work for friends, even when I see something that might be dodgy, I don't take the time to look. It's none of my business. I'm not a cop and outside of work, it's not my job to tattle on you.
Now, here's where I get twisted up. What's the legal obligation of someone who sees something on your computer? I would imagine some jurisdictions have tried to make it illegal to look away when you accidentally stumble across something that might, at first glance, seem a bit to young to be doing what they're doing. In fact, wasn't there a law proposed in Texas that would have required all computer repair shops that do file recovery to have an investigator's license issued by the state just so that they'd hove some idea how to maintain a chain of custody and some legal obligation to actually report what they see rather than ignore things (like I used to do?
I'm not sure what the law is, so I don't work for friends ever since my sisters best friends sons computer needed help and I found, in addition to multiple virus infections and no anti-virus software, a large collection of sexually explicit webcam vids he'd made with his contemporaries. (I'm sure they were all over 18 years old, of course. They may have all been freshmen in high school but I keep telling myself that there were all over 18.) I simply don't want to deal with that stuff so I no longer help people who come to me with "My kids computer is really slow; can you help?"
Likewise, if I worked at Best Buy or some such repair depot, there's flat out no way I'd look at anything on the drive I didn't absolutely have to to get the job done. I just don't need the drama in my life.
Well if the Tech involved seen a folder on the desktop labeled 'child porn' then he'd have every reason to check to see the contents of the folder and inform police. More than likely they installed some sort of video editing software or something and went to the last opened list for a file to test it with.
Illegal evidence typically only applies to police and those acting on behalf of the police from what I understand. The tech may be on the hook for breaching privacy laws or some obscure computer hacking laws but lets face it... Are the cops going to arrest a guy who helped them bust a Pedo? I doubt it.
09F911029D74E35BD84156C5635688C0
+2 Troll is Slashdot's way of saying groupthink is confused
If the cops can just do whatever they want without losing their case, then they'll just do whatever they want, including door-to-door shakedowns.
It was the circuit city guys though. They were the ones who found the stuff, they presumably called the police. And if the guys from circuit city can just do whatever they want, then they'll just do whatever they want, including playing WoW rather than helping you find anything.
Fortunately, that dystopian vision won't come true since they went bankrupt.
The point though is that this was NOT the cops. If it were, it would definitely (or rather, should definitely) be an open and shut case if they didn't have a warrant to search his computer. You as a private citizen though have no need to get a search warrant. If you're breaking into a neighbors house to steal something, and you see your neighbor has a kiddie porn dungeon, your testimony can be used as a basis for a search warrant, right (IANAL so I don't want to overstate that)? If the cops, on the other hand, go into your house uninvited and without a warrant, that case would be tossed out (or should, and again, IANAL.) Why should it be any different for a computer?
But, what's to stop law enforcement to start outsourcing more and more and more to 'private' businesses to spy on people and do their work for them?
We see this type thing already with the feds...they have trouble getting their own 'national big brother database' going (at least publicly), so they use private companies to get around this, like Acxiom . They used them in a big way for sure shortly after 9/11...and they're a good source too. They have lots of info on at least 98% of the people in the US, and I have no idea how much on peoples outside the US borders.
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
[I]f the Tech involved seen a folder on the desktop labeled 'child porn' then he'd have every reason to check to see the contents of the folder and inform police. More than likely they installed some sort of video editing software or something and went to the last opened list for a file to test it with.
Or maybe they opened your browser and looked at the last few things that were downloaded. If you run with javascript (or other scripting tool like active-X) turned on, there are demos around the net showing how this can implicate you in all sorts of crimes. (I have a couple such demos on my own site, but I don't want it to be slashdotted, so I just suggest you google for it. ;-)
What these demos typically do is use what's often called "preloading" to download things like images that are likely to be used in the site's other pages. This speeds up access to later pages, at the price of possibly downloading a few files that are never used. The fun part of the demos is to point out that files may be preloaded from anywhere on the net, and need not be used by any other pages. This means that, if you have JS turned on, my page can download all sorts of porn from various sites and just store them in your browser's cache. And anyone who knows how to check what you have recently downloaded will find them there, where they can easily be displayed via a file://... URL.
On second thought, maybe I should make a copy of my demo, using URLs for images that aren't quite as innocent as the ones that I've used, and post the URL here. Then I could look at my server's logs to see if I can identify any of the visitors, and send a tipoff to their local police that you've been downloading a lot of porn, and which browser's cache they should look in to find the images.
Maybe later ...
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
I'm one of the people who works both on problem PCs and who supervises others who do.
When working on a PC, "snooping" is the last thing I've got time or interest in doing.
However, if I install or update software (anything from a video editor to the latest version of word) and test it using the "recent files" list, you are crazy if you think I'm not going to call the police if I see something about the user being a terrorist or other kind of a criminal.
For those of you concerned about privacy laws, I think back to when I was in graduate school learning about counseling. A counselor is obligated by law (at least in Connecticut, New York, and New Jersey,) to call the authorities if the person being counseled reveals that he or she is contemplating or in the act of harming themselves or others. That applies even after promising confidentiality. (Ignore the misinformation you see so often on TV cop shows.)
I think the same principle applies here. If I work on your PC, I am obligated to keep secret your legitimate business secrets. As a matter of fact, you can and should sue me if I make public that kind of information. But reveal to me that you are a threat to yourself or others and I promise you a call to the authorities.
Live Long and Prosper - Thanks Leonard. You are missed.
Same thing that stops the cops from doing the spying themselves. Anyone working on their behalf is bound to the same laws regarding evidence.
We hope your rules and wisdom choke you / Now we are one in everlasting peace