Duh, Don't Leave A Thumb Drive With Child Porn Plugged Into A Shared Computer

from the plain-view dept

Jim submitted this story about a paramedic who left a thumb drive containing child pornography plugged into a shared computer. A coworker later found the files on the thumb drive, and the owner of the drive was brought up on charges for the offending files.

Obviously child pornography is a serious crime and needs to be stopped; that’s not the issue that is in question here. As law professor Orin Kerr points, out, the concern here is whether or not looking through the contents of an inadvertently plugged in thumb drive constitutes an unreasonable search and seizure and a violation of our fourth amendment rights. In this case, United States v. Durdley, the district court ruled that leaving a thumb drive in a shared computer removed an expectation of privacy since no extraordinary means were necessary to access those files:

Durdley’s files were exposed to anyone who sat down at the computer station who used the traditional means for opening and viewing files (such as Windows Explorer and the My Computer icon). Johnson encountered the files without employing any special means or intruding into any area which Durdley could reasonably expect to remain private once he left the drive attached to the common-use computer. The Court concludes, therefore, that Mr. Durdley had no more reasonable expectation of privacy in the contents of the thumb drive once he attached it to the common-use computer than the defendant in King did in his drive once he attached it to the airbase network.

Kerr disagrees with the ruling, and equates leaving a thumb drive plugged into a shared computer to leaving luggage in a bus terminal:

I think the social norm is that when you see a private person’s thumb drive on a shared-use computer, it’s understood that you’re invading that person’s privacy if you start clicking around to see what the files are. It’s kind of like someone leaving their luggage in the waiting room of a bus station. If the owner leaves the luggage behind for some reason, no one would see that as a waiver of privacy rights in the luggage or an invitation to unzip the luggage and look around.

It’s hard to see how opening someone else’s luggage is remotely close to looking at files on a thumb drive. Whereas luggage has clear physical boundaries, once a thumb drive is part of a file system, those barriers no longer exist. After all, when a thumb drive is plugged into a PC, it appears as a drive under “My Computer” and looks very similar to the other drives attached to the computer. So, if we really want a real-world analogy, a more appropriate one would be an open suitcase in a public bus station. Sure, while it’s kind of nosy to peek inside, things in plain view have long been understood to not be protected under the fourth amendment.

So, the moral of the story is, if you have files you don’t want people looking at, it’s best to not leave your thumb drives plugged into shared computers. Even better, don’t have illegal files in the first place.

Filed Under: ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Duh, Don't Leave A Thumb Drive With Child Porn Plugged Into A Shared Computer”

Subscribe: RSS Leave a comment
67 Comments
Rose M. Welch (profile) says:

More like an unzipped suitcase in a public bus station.

Because the files on the drive are accessible, but you have to navigate to them to actually see what’s in there. The unzipped suitcase is accessible, but you have to open it to actually see what’s there.

To be like an open suitcase, he would have had to open some files, and then walk away from the computer. Then you can see what’s there without having to open the files, or the suitcase.

Anonymous Coward says:

Re: Re:

Thumb drive ownership is not like suit case ownership, suit cases could possibly can be traced back to an owner with many methods whereas a thumb drive is much harder to prove ownership.

I could easily put a thumb drive into anyone of my co-worker’s computers (I work at a tech reseller, 100’s of computers around) to get them fired, blackmail, etc. There are hundreds of them laying around. The same thing could happen to me.

Proving ownership should be the standard, not just discovering the evidence.

Anonymous Coward says:

Re: Re: Re:

Now that they have probable cause, I’m sure they could get a warrant for the HDD on his home computer? I’m sure a quick scan would easily prove or disprove ownership. Judging by this guy’s level of technical skill, if he is truly guilty, it’s likely to all be in an aptly-named folder on his desktop.

If it is a plant, then his drive should come up clean. Now, I don’t want to set off a “OMG guilty until innocent!!!” argument. They already have the guy, so it is reasonable for them to want to fully investigate his belongings to see if he is innocent or guilty.

BearGriz72 (profile) says:

Not an easy call...

This case makes for a tough call, the liked article says “[The Defendant] was an emergency paramedic for the local county who was at work using a shared computer. When he was done using the shared computer, he forgot to take away the thumb drive had attached to one of the computer’s USB ports. Later on, a captain of the paramedic team [Name Removed] was using the computer and saw the thumb drive attached. [The Captain] decided to see what was on the thumb drive“.

There a are a few issues here, now often evidence discovered by a civilian even if the search would have been improper by law enforcement standards is still considered admirable as long as that person was not acting as an agent of said law enforcement, however because they were county employees that question gets a little muddy. On the other side of the equation is the fact that this was a work computer, with most employers you agree to the fact that those systems are NOT considered private in any way. Therefore when (presumably) his supervisor inspected what was being done with that machine, it was quite likely perfectly legitimate.

Richard (profile) says:

Re: Not an easy call...

Therefore when (presumably) his supervisor inspected what was being done with that machine, it was quite likely perfectly legitimate.

No it isn’t. Suppose that drive had been left by a more senior officer and contained confidential information about other employees outside the supervisors area of responsibility.

Alternatively, even if the owner is identified as an employee in the supervisor’s area of responsibility there are all kinds of private information that could quite legitimately be there that it would be improper for the supervisor to access.

To my mind the situation is quite clear. You don’t poke around in what isn’t yours without permission from the owner – except in the cause of finding out who the owner is.

The suitcase analogy is somewhat flawed, however I would say that anything that is clearly visible (an open file or perhaps a top level directory listing – assuming that the drive name doesn’t clearly identify the owner) is OK – but opening files or sub-directories is not – just like you wouldn’t assume that the suitcase being open means that you can open up the washbag inside it.

R. Miles (profile) says:

Re: Re: Not an easy call...

“To my mind the situation is quite clear. You don’t poke around in what isn’t yours without permission from the owner – except in the cause of finding out who the owner is.”
Sorry, but you’re mistaken here. The first thing one must do is recognize who owns the computer in question.

From this position, the owner certainly has full rights to view anything on their machine. In this regard to the article, any employee had every right to search the computer’s open ports storing files.

If owners are concerned about issues like this, they would have prevented any need to attach additional storage for which the computer itself was not capable of providing on its own.

Now, had this been a computer at “Local Cafe”, the line gets gray. Truth be told, most people will fish in files which don’t belong to them, if not only out of curiosity (or possible identification) to return the thumb drive.

However, at this point, “Local Cafe” would be completely justified to re-attach the thumb drive to ensure their systems weren’t compromised or additional files were not added. Owners should have this power (just as they have the power to block).

I concur, in part, with the moral. But the better moral would be “Don’t be stupid to use a personal drive on public computer”. The risks to the data increase if one is completely unaware how the computer is set up.

It blows my mind how people still remain PC illiterate despite them being commonplace for over 20 years now.

vivaelamor (profile) says:

Re: Re: Re: Not an easy call...

“It blows my mind how people still remain PC illiterate despite them being commonplace for over 20 years now.”

Sometimes I get the sense that people do so intentionally to reduce responsibility. Contrast it with real world examples and it can seem stupid; if I don’t post a letter properly it is my fault not the person who handles the mail.

Back to the story. While it would not make sense to do so, it is feasible for a computer to be set up to index files on all attached drives. Should that be seen as an unauthorised search? Many sane Windows admins do in fact mandate full scans on any attached media, would that be a violation also? You may even have an audit policy in place for particularly secure environments that tracks information about attached devices in case of an attack attempt.

From the over side, what is the difference between viewing your secure private email on a shared computer (reasonable expectation of privacy) and viewing information on an attached device? I would argue that you only have a reasonable expectation of privacy on the email because you have made attempts to secure it, any sane browser should not cache HTTPS sites by default because it is presumed that they are private. Had the information on the drive been encrypted then as long as it stays on the device I would say there would be reasonable expectation of privacy.

Anonymous Coward says:

Re: Re: Not an easy call...

“To my mind the situation is quite clear. You don’t poke around in what isn’t yours without permission from the owner – except in the cause of finding out who the owner is.”

To my mind, the situation isn’t nearly as clear.

When I attach my thumb drive to someone else’s computer, it becomes a part of that machine. I expect that any process in that machine may access the data on my thumb drive. The drive becomes, in effect, public space as soon as I plug it into any machine that I don’t own.

If I have information that is actually private (and I do — business plans, etc.), then I encrypt it while it’s on the drive.

Richard (profile) says:

I would expect someone who found an unknown thumb drive attached to a computer to have a look through the files. I actually have a file in the root of my thumb drive that says “I belong to . Please give me back”.
I believe a better analogy would be a piece of paper left in the out tray of a printer. You would simply expect people to read it to find out who printed it so that it could be given to them.

Cohen (profile) says:

Re: Totally agree

Unless there was some sort of label attached to the drive with name and contact info, it is totally reasonable for someone to open the drive, even if they know it is the private thumb drive, to discover who owns it.

But I disagree with the concept of the luggage in the bus terminal as not something that should be opened. If the luggage has no luggage tag, there is no way to figure out who owns it.

And many people have been told by airlines and travel experts to put their name, contact information, and destination in a piece of paper inside the luggage to help someone find them should the luggage be lost and the tag missing.

Richard (profile) says:

Anoyther case

Say I (as a University lecturer) use a thumb drive in a common access lab computer.

If I leave it behind and a student searches through the files, finds and makes a copy of a “live” exam paper I would say the student has committed an academic misconduct.

My expectation would be that anyone finding the drive might look through the directory listing to see if there is a file that would help identify the owner – but beyond that it is a no-no.

Cohen (profile) says:

Re: A file that might identify the owner

What if the file that identifies the owner is labeled “Pictures of kids”

Wouldn’t it be logical and expected that a co-worker would open those files to see if they recognized any of the “kids”.

Remember, it’s a shared computer for a limited number of people who are affiliated with each other.

The co-worker could have the most benevolent of motives to look at the files.

And the owner of the thumb drive really has no expectation of privacy.

Chronno S. Trigger (profile) says:

Re: Re: A file that might identify the owner

It’s not even that complex. Windows (assuming this PC is windows based) has a tendency to default to thumbnail view if there are enough pictures in that directory. This guy may not have had to click on anything at all.

I would like to point out to the University Lecturer that you knew the PC was public and you knew you were plugging your USB drive into said public PC. The consequences are yours. If you are so worried about it, encrypt your files (it’s not that hard).

Anonymous Coward says:

I think it’s a violation of privacy. That said, I’ve never felt that discovering grossly criminal misconduct through a search like this should be discounted.

But let’s say it’s not wrong. Do you have a reasonable expectation of Microsoft not searching everything on your thumbdrive and sending that back to Redmond?

I just don’t see where it stops. The suitcase is a valid analogy, you click a few buttons and it opens. The same is true of a flash drive. You can’t see it, unless you click on it.

btrussell (profile) says:

Re: Re:

“I think it’s a violation of privacy”

It is in “My Computer.”

“You can’t see it, unless you click on it”

If I do a search on the PC for “.jpg” I don’t necessarily look at the source of the file before viewing AND the thumb drive will be included in the search and return results if they match the criteria.

Anonymous Coward says:

This is why all businesses and agencies need effective acceptable use policies that spell out the penalties for violating said policy, and clear warnings that using government or company owned equipment means you have no expectation of privacy. Any time you log on to a DoD computer system you are presented with a warning banner that spells this out.

This is part of the reason that the DoD has banned thumb drives: they’re too easy to lose or misplace and too often contain sensitive or even classified information.

Richard (profile) says:

Re: Re:

his is why all businesses and agencies need effective acceptable use policies that spell out the penalties for violating said policy, and clear warnings that using government or company owned equipment means you have no expectation of privacy.

Those same regs will tell you not to poke around in stuff that doesn’t concern you.

Any Mouse says:

Re: Re: Re:

If I’m your boss, and you plug something into my computer network? It concerns me. Period.

I don’t get where people can ever believe anything you put onto a WORK COMPUTER is private. Seriously. You do not own the system. Yeah, you own the thumb drive, but you’re using company equipment to access it. There goes your right to privacy.

Anonymous Coward says:

Re: Re: Re:

Define “poke around.” This wasn’t looking inside a system directory or even somebody else’s My Documents folder. If you were looking for a file and did a search on the whole system and it pulled up questionable files, legally you can report it to the sysadmin and they can start an investigation.

Since it is a shared machine it is reasonable to expect that any user might need to do a full search at any given time, and the search very well could return thumbnails of the images.

van692 says:

Re: #9

Here’s an example line of the computer usage policy at my place of employment. All employees are required to sign the policy prior to being hired.

“CompanyX reserves the right to routinely audit systems usage for violations of the Computer and Systems Resources Acceptable Use Policy by authorized personnel, without advance notice to the user. Both activity and/or content may be monitored.”

BwainHertz (profile) says:

Who put the content there?

Just a simple thought… A drive plugged into a system can have content put there by anyone. How do you prove who put it there? Did the hapless fool even know that content was there?

Back to bus station, put something stolen that you don’t want to be caught with into a pocket of an open case and wait to pick it up after customs.

Stool Pigeon

John Doe says:

Not unlawful search...

It was not an unlawful by the police as the police were not the ones to find it and initially search it. A co-worker did and reported it. Once reported, the police had probable cause to search it themselves. So if anything, the co-worker invaded the guys privacy, but the police were within the law to act on it.

Now “license check” road blocks on the street is an example of unlawful search.

Andy (profile) says:

Analogy

Actually – I believe that the anology to any suitcase is tenuous at best. Luggage left unattended in a public transportation station is most likely not protected from search by authorities – especially in this day and age. It is probably required for most unattended luggage to be searched.

In the case of the thumbdrive – it could be argued that the perosn who finds it is reasonably expected to look at the files to try and determine ownership. Or at the leat – semi-polite to see if perhaps pictures can be found that could help return the dirve to the owner. If the person who found it saw who left the drive than they probably should have jsut pulled it and handed it to the owner. However, when people find electronic devices – picture files are the most common place to find clues concerning ownership – which would explain why the pictures were found so easily.

Anonymous Coward says:

Just a question here, but by the judge’s definition of why the items on the drive are not privet also be used as the guys defense that the criminal images are not his? Public computer, easy access, anyone can open the thumb drive by just going into My Computer and seeing it.

Seems to me the very reason it’s admissible might be the best defense.

lawlady (profile) says:

Computers at work

There is no expectation of privacy on shared work computers. The employer (or supervisor, in this case) has every right to search content on the workplace computer. If you’re dumb enough to have illegal content on a portable drive that you’re dumb enough to leave in the workplace computer, you deserve to be found out and prosecuted. The suitcase analogy doesn’t apply because we are talking about workplace computers, not private property (nor is your portable drive still “private property” if you leave it in a shared computer). The coffee cafe analogy is an interesting “what if,” but also doesn’t apply to workplace computers. HOW the information is accessed is not the case. WHERE the information was located is the key. Had the portable drive been on the employee’s personal laptop computer and left at the workplace, we would have a different story, though still an icky employee.

aikiwolfie (profile) says:

I think it’s reasonable to look at what’s on a thumb drive to find out what it is and who it belongs to. The police or station staff would do the same thing with an unattended suit case if there were no identifying tags on the outside.

They’d open it up and look around for some kind of ID. If they then found child porn in that suit case and you returned to claim the case just at that moment. You’d be arrested and charged.

I’m not American and frankly don’t give a monkeys about 4th amendment rights or whatever. This is a clear cut case of a paedophile being caught red handed and trying to use a convoluted technicality to worm his way out of charges and jail time with Bubba.

Why do courts tolerate this nonsense?

Chris Rhodes (profile) says:

Re: Re:

This is a clear cut case of a paedophile being caught

Not to be pedantic, but (1) I don’t see anything here that says the man is actually a pedophile. Being a pedophile would require that he actually molests children, rather than simply own a video of them. (2) Even if you want to equate the possession of child porn with actual child molestation, it’s at all certain that the video in question counts as pedophilia, since pedophilia is related to pre-pubescent children. For example, if the child in the video is 17, it would still be considered “child porn” under the law, but it wouldn’t be linked to pedophilia.

Why do courts tolerate this nonsense?

Because tacitly giving the government/police license to do whatever they want with no regard for the rule of law or rights of citizens is much more dangerous than a man who possesses a disgusting video.

rwahrens (profile) says:

Better analogy

I’d say a better analogy would be leaving a folder of child porn on a common use desk at the office, with your name somewhere that could link it to you.

Nobody would question the right of the supervisor to look at the contents of the folder to find out who left it there.

They would question the sanity of the guy that would leave something like that lying around with his name on it…

Dark Helmet (profile) says:

Re: Third Problem....

“3. LAWYER TRYING TO DEFEND SOMEONE CONSUMING CHILD PORN!!!”

You’re right! Only certain criminals deserve the legal representation they are entitled to in our country!

I mean, c’mon! Do we REALLY need to defend these obviously guilty child porn consumers? Wouldn’t our time be better served elsewhere? Child porn consumers don’t deserve representation, and neither do rapists.

known coward says:

it is more like

They are writting tiny exceptions each time they want to do something. Child porn is bad, they all agree. They have to punish the criminal, they all agree, but the law says no unreasonable searches and seizures.

So what tiny paragraph can we write to make this seem legal, but really it is not.

A thumb drive is an open file, There is no expectation of privacy in Garbage. The list goes on and on.

Honestly we should just stop lying about what this country is about. Repeal the bill of rights and be done with it.

known coward says:

Re: Re: it is more like

a cop can make a “good faith” mistake in a search and seizure yet it the results of the search can still be used in court. 3/4’s of the Patriot act, My assemblies can be videotaped by the police (like a mob funeral for example). Computer confiscations without a warrent . . . Computer confiscations by private actors without a warrent. School’s videotaping their students without their consent.

I need to get some work done today, I will list more later if you want.

vivaelamor (profile) says:

Re: Re: Re: it is more like

“a cop can make a “good faith” mistake in a search and seizure yet it the results of the search can still be used in court. 3/4’s of the Patriot act, My assemblies can be videotaped by the police (like a mob funeral for example). Computer confiscations without a warrent . . . Computer confiscations by private actors without a warrent. School’s videotaping their students without their consent.”

Thanks, that makes your point much more clear.

NAMELESS.ONE says:

the truth

hes in the public doing work for the public, if hes violating the law he shuld be punished and having that in any place a person in public or a fellow worker can find it well you get what you deserve mister sicko and anyone defending that is WRONG sickly wrong

now if its in his locker , guess what thats still public property granted to you to put your items in for safety reasons not privacy

this is truth
justice shall follow

your house your privacy
you at work NO Privacy

Atkray (profile) says:

About thumb drives

1: In my IT classes it has come up multiple times that one of the easiest ways to compromise a system is to drop a thumb drive outside in the employee parking lot. A helpful employee will almost certainly pick it up and take it inside and plug it in to the first USB port they find.

2: As mentioned,encrypting a thumb drive is a straightforward and simple process.

Hugh Mann (profile) says:

Fourth Amendment doesn't protect against private nosiness...

The prohibition against unreasonble search is a Constiutional protection against GOVERNMENT activities, and is not directly applicable to private citizens. If I rifle through your files on an unattended thumb drive (or your unattended bag in a bus station), you may have some claim against me for trespass to chattels or something, but not a Fourth Amendment claim that you can’t be prosecuted for the illegal stuff I found and then turned over to the police.

Based on the very brief description of this situation in the original post here, this was a private actor, not an agent of law enforcement, who found the child porn.

This pervert was caught because of his own carelessness, not because the governmetn obatined any evidence in an illegal manner.

Book ‘im, Dan-o.

HM

Mike C (profile) says:

New issue arrises

So this seems to be overlooked but this brings up a new potential problem.

What say happens if I dislike a coworker and brought something illegal on a thumb drive copied files with his/her name on it and then handed it to police telling them i found it plugged into a shared computer at work.

how can you now prove who actually had the illegal files the bad citizen or the good one?

John Fenderson (profile) says:

Re: New issue arrises

Technically, the law would have to prove that your victim put the files there, the victim wouldn’t have to prove he didn’t. (Technically. I know that in practice it’s a bit different.)

The logs in the computer may provide evidence (when was the drive plugged in? When were the files copied? Does the victim have an alibi during those times?)

But really, a thumb drive should be treated like a wallet — very personal, easily tampered with, and to be treated with great caution. You don’t leave them lying around. How hard would it be to slip contraband into your victim’s wallet and calling the cops on them?

The ultra-cautious can also use whole disk encryption on their thumb drives, so nobody can write to them without knowing the password.

www.eZee.se (profile) says:

I have not read all the comments so forgive me if I am repeating anyone but:

“So, the moral of the story is, if you have files you don’t want people looking at, it’s best to not leave your thumb drives plugged into shared computers. Even better, don’t have illegal files in the first place. “

I think the real moral of the story is, if you have child porn AT ALL, you deserve bad things to happen to you.

Mark H says:

Location versus privacy

I find it interesting that people would see this as an issue with privacy more so idea of where the thumb drive was found; in a work environment on a shared computer. This company should have a definition of the expectation of privacy of information on a shared work computer. This is not someone home computer or person system; rights are not transferred simply because the person own the thumb drive. The thumb drive was found in the property of another company’s computer. The location helps dictate any question of privacy or rights a person would have to their information. A technical issue of how the thumb drive was accessed or viewed becomes null and void once the defendant attached the device to the company computer.

Just my thoughts…

btr1701 (profile) says:

Legal Issue

There shouldn’t even be a 4th Amendment issue here since it wasn’t the police that conducted the (allegedly) illegal search. It was a co-worker.

The 4th Amendment only protects against warrantless searches by the police (or by private citizens acting at the direction of the police). There’s no 4th Amendment issue when a private citizen conducts the search all on their own.

If, for example, your next-door neighbor walked into your house, saw illegal drugs on the table, then reported it to the police, there would be no 4th Amendment violation. You might have a valid civil suit against him for invasion of privacy and trespass (and if you went to jail because of his actions, your damages would be substantial), but the evidence could still be used against you in your criminal trial.

chubbysumo says:

read the ruling carfully, its all in the circumstances

encrypt your flash drives. This is all i can think when i read this. Not that i condone such illegal activity. This case really brings into play the individual circumstances that the USB drive was under. As the ruling stated:
1) since it was at the suspects work
2)plugged in
3)and readily accessible(meaning no encryption/password needed)
the suspect had given up his right to reasonable expectations of privacy.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...