Computerworld - A man who forgot to remove a thumb drive from a shared computer that he was using, waived his privacy claims to the content on that device, a federal judge in Florida has ruled.
The ruling, by Judge Maurice Paul of the U.S. District Court for the northern district of Florida, was in response to a motion filed by Octavius Durdley an emergency paramedic with the Bradford County Emergency Services (BCES) in Florida.
Durdley was charged last September with possessing and distributing child pornography based largely on evidence gathered from a personal thumb drive of his that he had inadvertently left behind in a shared work computer.
Durdley claimed that the information gathered from the thumb drive had resulted from a warrantless search of his personal property. He asked for the evidence from the thumb drive, and that gathered from a subsequent search of his house, to be suppressed asserting Fourth Amendment rights against unreasonable search and seizure.
Judge Paul's ruling happened last month, but was first reported this week by The Volokh Conspiracy, a group blog run by several law professors.
Durdley's troubles began last June, when he accidentally left behind a USB thumb drive of his attached to a computer provided by the BCES, for use by Durdley and other members of the emergency service.
A supervisor later noticed the device plugged into the computer and decided to inspect its contents despite suspecting that it was a personal storage device belonging to Durdley.
Rather than aborting his search once he knew whose drive it was, the supervisor clicked on several closed folders contained in the device and eventually stumbled on one containing images and videos of child pornography.
The device was turned over to law enforcement authorities who, after confirming the contents, arrested Durdley later that same day. The evidence from the USB device also prompted another search of his house which yielded thousands of other similar images.
Durdley then filed a motion seeking to suppress all the evidence.
In overturning the motion, Judge Paul noted that a Fourth Amendment search breach does not occur unless an individual manifested a "subjective expectation of privacy in the object of the challenged search."
In this case, no such expectation could have existed because Durdley accidentally had made his files publicly available to anyone who sat at the computer. "Durdley's files were exposed to anyone who sat down at the computer station who used the traditional means for opening and viewing files," the judge wrote in his 15-page ruling.
The supervisor who discovered the files, did so without needing to employ any "special means or intruding into any area which Durdley could reasonably expect to remain private" once he had left the device in a shared computer, he noted.
Judge Paul cited a case involving a civilian contractor working at an airbase in Saudi Arabia who connected his personal computer to the airbase's network. The contractor assumed that the contents of his computer could not be viewed or accessed by others, though in reality it was visible to everyone else on the network because it had a shared hard drive, the judge noted.
Another employee who saw the contractor's computer on the airbase's network accessed its hard drive and stumbled across pornographic material while searching for some music files.
The discovery led to further searches of the contractor's computers and his residence, and led to his eventual arrest on child pornography charges. A federal judge hearing the case refused a motion by the contractor to quash the evidence from the search of his computer, saying that the contractor had essentially waived his right to privacy by inadvertently sharing its contents with others.
In the Durdley case, Judge Paul also noted that no Fourth Amendment rights were violated because the law enforcement action had resulted from information provided by a private search conducted by a third party.
"If a private party presents law-enforcement authorities with evidence obtained in the course of an unlawful search it is "not incumbent on the police to stop her or avert their eyes," the judge cited from a previous case.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at 
@jaivijayan or subscribe to Jaikumar's RSS feed 
. His e-mail address is jvijayan@computerworld.com.
Read more about Privacy in Computerworld's Privacy Topic Center.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
