Search
No 'Legitimate' Privacy Expectation in Data on Office Computer, Court Says - Via Law.com :
An employee has no reasonable expectation of privacy in personal files stored on a company-owned computer and an employer's consent makes a police search lawful, an appeals court says in a ruling of first impression in New Jersey.
The Aug. 29 ruling affirms a former bookkeeper's conviction of stealing over $650,000 in electronic fund transfers, records of which were found through warrantless searches of the laptop and desktop computers he used at work.
"We conclude ... that neither the law nor society recognize as legitimate defendant's subjective expectation of privacy in a workplace computer he used to commit a crime," Judge Marie Simonelli wrote for the three-judge panel in State v. M.A., A-4922-06.
The defendant -- denoted as M.A. to protect his privacy because he suffers from AIDS -- was hired in 1997 as a temporary bookkeeper by Joseph Braun, the owner of Certified Data Products of Hillsborough, which makes adhesive-backed labels. Braun made him full-time a year later and put him in charge of company invoicing, order entries, payroll and bank records.
M.A. owned a side business, Dynamic Data Solutions, that built and sold computers. Braun, relying on M.A.'s computer expertise, purchased about 10 computers from DDS and put M.A. in charge of CDP's computer systems.
Over the course of the next four years, M.A. transferred money from CPD's accounts to accounts belonging to either DDS or his mother and covertly increased his salary from $40,000 a year to $125,000 a year. M.A. kept information about the transfers on CDP computers and installed special passwords to keep the information off limits.
Braun discovered the improper salary increase in 2002 and promptly fired M.A., who made no move to take with him any of the computers with his personal data stored. Braun turned the computers over to the State Police High Technology Crimes Investigation and Support unit and signed consent-to-search forms. The state police ultimately discovered that M.A. had stolen $665,935 from CDP.
Somerset County Superior Court Judge Paul Armstrong denied M.A.'s suppression motion, rejecting his claim that he had a reasonable expectation of privacy in information entered in the computers since they were in his office and the information was password-protected. M.A. pleaded guilty to the thefts but preserved his right of appeal on the search and seizure issue.
The appeals court, finding no controlling precedent in New Jersey, applied federal rulings from other jurisdictions that say employees have no reasonable expectation of privacy when using computers linked to company networks. They include U.S. v. Angevine, 281 F.3d 1130 (10th Cir. 2002); U.S. v. Simons, 206 F.3d 392 (4th Cir. 2000); and U.S. v. Bailey, 272 F. Supp. 2d 882 (D. Neb. 2003).
The court said that even if M.A. had a subjective expectation of privacy because he used a confidential password, that expectation was unreasonable because of the criminal use to which it was put. "A burglar plying his trade in a summer cabin during the off season may have a thoroughly justified subjective expectation of privacy, but it is not one which the law recognizes as 'legitimate,'" the court said, quoting the U.S. Supreme Court's ruling in Rakas v. Illinois, 439 U.S. 128 (1978).
The court also found that M.A. effectively abandoned the computers when he made no attempt to get them when he was fired. Quoting State v. Carroll, 386 N.J. Super. 143 (App. Div. 2006), Simonelli said a defendant who abandons property "no longer retains[s] a reasonable expectation of privacy with regard to it at the time of the search."
(Read Original Article - Via Law.com .)
Delicious
Digg
Reddit
Google
Yahoo
Technorati