Slashdot Mirror
The Trial of Terry Childs Begins
snydeq writes "Opening arguments were heard today in the trial against IT admin Terry Childs, who was arrested 18 months ago for refusing to hand over passwords to the San Francisco city network. InfoWorld's Paul Venezia, who has been following the case from the start, speculates that the 18-month wait is due to the fact that 'the DA has done no homework on the technical issues in play here and is instead more than willing to use the Frankenstein offense: It's different, so it must be killed.' On the other hand, the city — which has held Childs on $5 million bail despite having already dropped three of the four charges against him — may have finally figured out 'just how ridiculous the whole scenario is but is too far down the line to pull back the reins and is continuing with the prosecution just to save face,' Venezia writes. The trial is expected to last until mid-March. San Francisco Mayor Gavin Newsom, to whom Childs eventually gave the city's network passwords, will be included in the roster of those who will testify in the case — one that could put all admins in danger should Childs be found guilty of tampering."
It's not like this guy started yelling the passwords while his bosses were screaming "La La La La" with their fingers in their ears. He has a very clear request from his management that they requested the passwords. What they do with them from that point on is solely their responsibility.
If employees could simply do what they wished at work because they didn't happen to like what their place of employment was doing, we would have a very different workplace these days. That obviously isn't the case.
He didn't steal the network. He stole the passwords. Passwords are not an obligation. They are company property. He still has to leave everything company owned behind, unless you can point out the relevant law that says otherwise?
Two words. Intellectual Property.
Intellectual property (IP) is a number of distinct types of legal monopolies over creations of the mind, both artistic and commercial, and the corresponding fields of law.[1] Under intellectual property law, owners are granted certain exclusive rights to a variety of intangible assets, such as musical, literary, and artistic works; discoveries and inventions; and words, phrases, symbols, and designs.
When he was fired, and refused to give up the passwords, it became stealing.
Most likely, your company has legal agreements that everyone agrees to when they put a personal device on the company network (assuming that's allowed at all). For instance, we have such a policy for person iPhones indicating they can be wiped to ensure company data is no longer on the device. If this guy put company data on a personal device without authorization, then he would be liable for theft as well.
If in doubt, simply ask your legal department. If you don't have a legal department, then I would suggest you get a better job ;)
Where does it say it was a policy? TFA says he felt the "mayor was the only person he could trust".
From TFA: "Jailed IT admin Terry Childs relinquished his hold over San Francisco's multimillion-dollar FiberWAN, handing his administrative passwords over to San Francisco Mayor Gavin Newsom, who was 'the only person he felt he could trust."
Personal feelings do not a policy make...
Well you kind of blew holes in their 'argument' in your first sentence. The fact that Management was in possession of the passwords if something went wrong. Unless his management SysAdmin's on the side, they would have had to request said passwords from him. If some harm came to the network, any logs would show where it came from (IP's, MAC addresses, dates, times, etc). Digital trails can be messy, but not that messy and obfuscated, but not completely.
His personal feelings in the matter are irrelevant. Business is not a democracy (even in a democracy he would have been outvoted as he was the only objector). He was given a directive by his management, and he failed to comply. When he was fired, he refused to surrender the passwords, which then became a case of Intellectual Property Theft.
"What is Intellectual Property Theft?
Intellectual property theft is different than the theft of physical property. Instead, it involves stealing or misusing proprietary information a company (or person) owns. Examples of intellectual property include copyrights (which protect things such as written material, audio or video recordings, and even computer code), trademarks (which protect things like a company name, product name, logo, slogan, or package design), trade secrets (like a restaurant's secret recipe), and patents (which protect inventions or discoveries, like the composition of a new medication). "
These passwords would be considered a trade secret. He would not be required to 'wipe his memory' or whatever drama folks are claiming in here, but they were created while he was an employee, and they are owned by the employer. He is legally bound to surrender them. He was ordered to surrender them before he was fired. Any works created by someone in the employee of a business is owned by the business. The law is very clear about cases like this. He used company time, money, and hardware/infrastructure to create said passwords. No amount of wrangling or pleading about his feelings, or other silly drama will change that fact.
I disagree.
The rules pertaining to employee inventions are not limited to patents, but apply to other kinds of intangible property or rights that the law refers to as "intellectual property." In one case, for example, university professors devised a process for producing milk by introducing beneficial bacteria. Later, milk produced using this process was sold under a certain trademark that the university owned and licensed to dairies. The university declined to pay royalties to the professors who claimed to be the inventors of the process that led to the trademark, so the professors brought suit against the university. The court concluded that the trademark belonged to the university, as the professors' employer, and that there was no obligation on the part of the university to pay royalties to the professors who invented the process. Importantly, the court found that the professors, when they were conducting the research that led to the invention or development of the trademarked process, were doing precisely what they had been hired to do.
I think precedent is very clear here.
Just as they would have to prove that he was indeed the one who 'fsked' the route tables.
That is exactly what happened. Did no one even read the affidavit and arrest warrant?
http://weblog.infoworld.com/venezia/childs/tcramsay_affidavit1.pdf
He was fired for Insubordination. The router then sent a page to his company pager after he was fired, indicating he had exorcised admin rights after being terminated.
He was charged with not divulging the information to unauthorized individuals. I doubt seriously it mentioned the qualifications or intelligence of who he divulged it to.
Actually I'm not. Previous precedent is well established regarding who owns company data like e-mail.
Probably the best-known case involving e-mail privacy is Flanagan et al. vs. Epson America, Inc. In this case, Alana Shoars, an Epson employee, arriving for work one day discovered her supervisor reading and printing out e-mail messages between other employees. She says she was told by the same manager that all messages on the system were private. She questioned the practice and said she was told to mind her own business. A day later she was fired for insubordination. She filed a $1M wrongful-termination suit. Shoars filed a class-action suit on behalf of herself and other employees, claiming invasion of privacy (under California's constitution and a wiretapping statute). The state court ruled against Shoars on the grounds that email was not covered by California's wiretapping statute and that the right to privacy guaranteed by the state constitution covered personal but not business information. (Incidentally, Shoars also lost her wrongful-termination suit, which she filed after being fired from Epson.)
In another high-profile case, Eugene Wang, a former Borland International vice president, was accused of disclosing confidential corporate information in email messages sent to Symantec CEO Gordon Eubanks shortly before Wang left Borland to go work for Symantec (a Borland rival). Borland executives discovered the messages and filed suit against Wang, Eubanks, and Symantec; a California grand jury also issued criminal indictments against both executives.
In a case decided earlier this year, Michael A. Smyth vs. The Pillsbury Company, executives at Pillsbury fired a manager after finding a printout of an email message in which the manager referred to several of his supervisors as "backstabbing b*****ds." A U.S. District Court in Pennsylvania upheld the company's right to subsequently read all the manager's e-mail. The court ruled: "We do not find a reasonable expectation of privacy in email communications voluntarily made by an employee to his supervisor over the company email system notwithstanding any assurances that such communications would not be intercepted by management...Moreover, the company's interest in preventing inappropriate and unprofessional comments or even illegal activity over its email system outweighs any privacy interest the employee may have." Notably, the court differentiated searching through an employee's email account from an invasion of an individual's person, personal information, or personal effects.
He didn't claim he forgot. He gave them false passwords. He can't even claim he forgot, as the records show he exercised his admin credentials AFTER he was terminated for refusing to give them the passwords.
http://www.bluoz.com/blog/index.php?/archives/743-Terry-Childs-gets-most-charges-dropped.html
Currently it's overcast and rainy. I take it that you can't actually refute my points and thus you drug out some tired, worn out, passive-aggressive attempt at an insult?
No, fired and made to repay salary for not doing his job. Why should someone get to collect a paycheck without doing the work? The job of an administrator isn't to do all the little tasks the admins typically do, it's to ensure the stability and availability. Establishing some fiefdom over his employer's network doesn't even begin to address those responsibilities.
What is there to refute in that statement? If I had written "hit by a bus" would you feel a need to refute that? Perhaps you need to review your attitudes towards gays and others who choose to live alternative lifestyles. Bigot.
I'm done with your idiocy.
"We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
According to the affidavit, he was asked for the password by the General Security Manager, and the Directory of Security. Both were authorized to request that information. It's stated directly in the password policy that if someone asks for a password, that the employee is to contact Security (who also published the policy btw).
No where in the password policy does it even mention the mayor. I find it amusing that people on here are running with that. The mayor came into it because according to a quote from Childs, he "felt the mayor was the only person he could trust". The mayor has nothing to do with the password policy nor was he listed as an 'authorized requester'.
http://www.sfgov.org/site/uploadedfiles/dtis/coit/Policies_Forms/CCISDA_security.pdf