Wednesday, January 05, 2005

Searching PCs without a warrant

A Washington state appeals court issued a ruling today that allows the owner of a computer system to give law enforcement officers permission to search or sieze a PC. This means your employer can, in most cases, grant this permission without your consent. See the news.com.com.com.com.com.com story here.

Overall, this is probably a good thing for us as investigators and security professionals. I am no lawyer, but I'd still cover my butt with a suitable disclaimer at login time if I were you. And who knows, warning your users upfront that you're able to monitor them may just prevent them from doing some regrettable in the first place.

2 comments:

Anonymous said...

I'm not sure how this is such big news, really. Most of the places I've been or done work for have 'consent to monitoring' clauses in their employment paperwork. After all, the company bought the equipment, it's theres.

H. Carvey
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com
http://windowsir.blogspot.com

DavidJBianco said...

It's true that a lot of companies already have this covered in their standard disclaimers and usage agreements, but I think this is still important. US law recognizes the concept of "reasonable expectation of privacy" when dealing with stuff like this. In other words, if an employee can credibly state that they didn't know that their actions were subject to monitoring, then the monitoring could be construed as an invasion of their privacy.

Of course, as professionals many of us tend to think this is silly, but it's the way things (sometimes) work. This new decision doesn't seem to settle the question definitively, but at least in the case of seizure by law enforcement, it makes things a little more sane.