funsec mailing list archives
Re: "Employees cannot delete files without permission, says U.S. court"
From: "S.f.Stover" <sam.stover () gmail com>
Date: Sun, 12 Mar 2006 23:10:19 -0500
Paul Vixie wrote:
http://www.tgdaily.com/2006/03/11/deletingfiles_appealscourt_citrin_reversed/
I've been intrigued by this case, and in trying to piece together the real impact to secure delete users, I end up with this: It was OK for Citrin to secure delete the files as long as he was an employee. <his employment contract authorized him to "return or destroy" the data in the laptop"> It was only after he had violated the contract by moonlighting that he put himself in a position to be prosecuted. If I'm right, then if he had done it by the books (i.e. quit his job BEFORE starting his own company), then the charge wouldn't stick? <Citrin's deletion violates the Computer Fraud and Abuse Act because he accessed a protected computer without authorization. Even though the laptop was in his possession, his authorization ceased when he violated his company's loyalty.> If he hadn't "violated his company's loyalty" then he wouldn't have accessed the laptop "without authorization" - so he would have been golden? If that's the case, then we all just need to make sure that A) our employment contracts give us the right to securely delete data and B) we remain vigilant in our efforts to secure delete our data PRIOR to violating those employment contracts. ;-) -- S.f.Stover http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5C4DAB68 _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- "Employees cannot delete files without permission, says U.S. court" Paul Vixie (Mar 12)
- RE: "Employees cannot delete files without permission, says U.S. court" Gary Funck (Mar 12)
- Re: "Employees cannot delete files without permission, says U.S. court" S.f.Stover (Mar 12)