Well now, what is the world coming to?
Okay, before I get to that conclusion; I should at least share the story. Jacob Citrin, a former employee of International Airport Centers, was given a laptop by his employers to do company work with, managing the IAC’s real estate business. The trouble started when Cirtin decided to go into buisiness for himself and do a little work on the side that may or may not have had anything to do with his work at the IAC, and the notion that he even went into business on the side for personal gain is also alleged and not proven in any court. Even so, Citrin eventually quit the IAC and went off to do his own thing, but essentially in the same business. The IAC complained, saying that his personal venture violated his employment contract. Okay, a contract dispute; whatever.
But here’s the problem-when Cirtin returned his work laptop, IAC’s tried to inspect it for files and data that would incriminate Citrin and link him to the wrongdoing they were accusing him of. The problem is, he outsmarted them and used a secure-delete program to not only erase his data, but also to reformat, over-write, and in as many ways as he could, completely eradicate the data on the laptop so no one would be able to retrieve it. Sure enough, IAC couldn’t get the data they wanted. So what did they do? They hauled him into court, complaining to the judge that they’d been outsmarted-I mean that claiming that Citrin’s alleged secure deletion violated a federal computer crime law called the Computer Fraud and Abuse Act. Apparently, a judge, who likely has absolutely no knowledge of technology (but I’m sure understands the law, which leaves a problem when people who know the law but not technology are making judgements…or worse politicians who don’t understand technology make laws about technology) agreed with IAC, and claimed that his secure deletion of the files did indeed breach the Act.
What does this mean? Well, anyone who uses a secure deletion utility on their computers to protect their data, or eliminate data, that is, could face charges under federal law from a previous employer who was snooping around the system looking for something to incriminate them with. What’s far more frightening is that nothing even needed to be there in the first place; the trick is that the employer only has to claim that damage was done to the company and to it’s property (supposedly the computer) by erasing the data in a manner where it cannot be retrieved. The implications of this are enormous, and the old stand-by of keeping your personal data off of a work computer don’t even apply. Trying to keep your own data from the prying eyes of competiing colleagues, covering your tracks, or even cleaning up your system in the manner that your IT staff would probably have done for you anyway might land you in prison. It’s definitely a frightening prospect.
Read the whole story over at the ZD Net Police Blotter: