Man who left USB drive in shared PC waived privacy claims, court rules
Defendant in child porn case had sought to suppress evidence gathered from the thumb drive
Computerworld - A man who forgot to remove a thumb drive from a shared computer that he was using, waived his privacy claims to the content on that device, a federal judge in Florida has ruled.
The ruling, by Judge Maurice Paul of the U.S. District Court for the northern district of Florida, was in response to a motion filed by Octavius Durdley an emergency paramedic with the Bradford County Emergency Services (BCES) in Florida.
Durdley was charged last September with possessing and distributing child pornography based largely on evidence gathered from a personal thumb drive of his that he had inadvertently left behind in a shared work computer.
Durdley claimed that the information gathered from the thumb drive had resulted from a warrantless search of his personal property. He asked for the evidence from the thumb drive, and that gathered from a subsequent search of his house, to be suppressed asserting Fourth Amendment rights against unreasonable search and seizure.
Judge Paul's ruling happened last month, but was first reported this week by The Volokh Conspiracy, a group blog run by several law professors.
Durdley's troubles began last June, when he accidentally left behind a USB thumb drive of his attached to a computer provided by the BCES, for use by Durdley and other members of the emergency service.
A supervisor later noticed the device plugged into the computer and decided to inspect its contents despite suspecting that it was a personal storage device belonging to Durdley.
Rather than aborting his search once he knew whose drive it was, the supervisor clicked on several closed folders contained in the device and eventually stumbled on one containing images and videos of child pornography.
The device was turned over to law enforcement authorities who, after confirming the contents, arrested Durdley later that same day. The evidence from the USB device also prompted another search of his house which yielded thousands of other similar images.
Durdley then filed a motion seeking to suppress all the evidence.
In overturning the motion, Judge Paul noted that a Fourth Amendment search breach does not occur unless an individual manifested a "subjective expectation of privacy in the object of the challenged search."
In this case, no such expectation could have existed because Durdley accidentally had made his files publicly available to anyone who sat at the computer. "Durdley's files were exposed to anyone who sat down at the computer station who used the traditional means for opening and viewing files," the judge wrote in his 15-page ruling.
The supervisor who discovered the files, did so without needing to employ any "special means or intruding into any area which Durdley could reasonably expect to remain private" once he had left the device in a shared computer, he noted.
Judge Paul cited a case involving a civilian contractor working at an airbase in Saudi Arabia who connected his personal computer to the airbase's network. The contractor assumed that the contents of his computer could not be viewed or accessed by others, though in reality it was visible to everyone else on the network because it had a shared hard drive, the judge noted.
Another employee who saw the contractor's computer on the airbase's network accessed its hard drive and stumbled across pornographic material while searching for some music files.
The discovery led to further searches of the contractor's computers and his residence, and led to his eventual arrest on child pornography charges. A federal judge hearing the case refused a motion by the contractor to quash the evidence from the search of his computer, saying that the contractor had essentially waived his right to privacy by inadvertently sharing its contents with others.
In the Durdley case, Judge Paul also noted that no Fourth Amendment rights were violated because the law enforcement action had resulted from information provided by a private search conducted by a third party.
"If a private party presents law-enforcement authorities with evidence obtained in the course of an unlawful search it is "not incumbent on the police to stop her or avert their eyes," the judge cited from a previous case.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
- Franken presses Ford on location data collection practices
- Justices let stand appeals court decision on border searches of laptops
- California lawmakers move to bar state help to NSA
- Appeals court again nixes Google's bid to overturn Street View case
- Older Mac webcams can spy without activating warning light
- Update: Judge rules NSA spy efforts may be unconstitutional
- Perspective: Privacy concerns could keep Amazon delivery drones grounded
- NSA collects data from millions of cellphones daily
- Perspective: Curbing data use is key to reining in NSA
- Lavabit-DOJ dispute zeroes in on encryption key ownership
Read more about Privacy in Computerworld's Privacy Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well... All Privacy White Papers | Webcasts