Module 3 - When Incidents Turn Criminal

Question 1

Legal Situations That May Occur During Review of Data in IR

Answer 1

• violations of corporate policies / user agreements

- evidence of illegal activities

Question 2

4th Amendment

Answer 2

Right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures… (from government, not LE)

Question 3

Lawful Search (3 types)

Answer 3

• court order
• consent
• other legal exception exists

Question 4

Katz v. US

Answer 4

Unreasonable Searches:

search is constitutional if it does not violate a person’s “reasonable” or “legitimate” expectation of privacy.

Question 5

Container

Answer 5

Courts have differing opinions as to whether or not a computer’s hard drive is one container or a collection of containers. Impacts what may be searched.

Question 6

Negation of Expectation of Privacy in Orgs (exceptions)

Answer 6

• user policies
• consent agreements
• banner/click-through agreements

Question 7

US v. Ziegler

Answer 7

Expectation of Privacy:
- private sector employers generally have broad authority to consent to searches in the workplace and this authority extends to workplace networks.

Question 8

US. V. Matlock

US V. Smith

Answer 8

Third Party Consent:

co-users of a computer will generally have the ability to consent to a search of its files.

Question 9

Trulock V. Freeh

Answer 9

Third Party Consent:
When an individual protects files with passwords and has not shared the passwords with others, who also use the computer, the Fourth Circuit has held that the authority of those other users to consent to search of the computer will not extend to the password-protected files.

Question 10

People v. Ramey

Answer 10

Exigent circumstances exception to 4th amendment:

An emergency situation requiring swift action to prevent imminent danger to life or serious damage to property, or to forestall the imminent escape of a suspect, or destruction of evidence. There is no ready litmus test for determining whether such circumstances exist, and in each case the extraordinary situation must be measured by the facts known by officials.

Question 11

United States v. Ross

Answer 11

Expectation of Privacy:

Because individuals generally retain a reasonable expectation of privacy in the contents of closed containers, they also generally retain a reasonable expectation of privacy in data held within electronic storage devices.

Question 12

Abandoned / Orphaned Property

Answer 12

If computer equipment is abandoned or thrown out (in a location where the refuse container is out for pickup or disposal – a place where anyone can get to it), the expectation to privacy does not exist.

Question 13

US v. Jacobsen (1984)

Answer 13

Contraband:
The U.S. Supreme Court has held that there is no privacy interest in contraband.

Third Parties:
The Fourth Amendment “is wholly inapplicable to a search or seizure, even an unreasonable one, effected by a private individual not acting as an agent of the Government or with the participation or knowledge of any governmental official.” (Not criminally responsible for improper search)

Question 14

US v. Caymen (2005)

US v. Lyons (1993)

Answer 14

Contraband:
Individuals do not generally enjoy a reasonable expectation of privacy in the contents of computers they have stolen or obtained by fraud.

Question 15

4th Amendment Rights and Individuals

Answer 15

Question of civil liability

Question 16

US v. Young (2003)

Answer 16

A third party may disclose the item or information to the government provided the third party has common authority over the item or information.

Question 17

Third Party significant factors (with regard to government)

Answer 17

timing (order of events)

relationship to authorities

Question 18

Sniffing network traffic

Answer 18

Question of whether there is an expectation of privacy for communication.

Question 19

Berger v. New York (1967)

Answer 19

Communication (sniffing):
Government acquisition of an intangible electronic signal in the course of transmission may also implicate the Fourth Amendment.

Question 20

Title III

Answer 20

Omnibus Crime Control and Safe Streets Act of 1968

Government can’t install sniffers everywhere.

Question 21

Private Companies and sniffers

Answer 21

Corporations typically have a “monitoring” clause in user agreements.
Network traffic should be done with permission and for a reason.

Question 22

Determining Reasonable Expectation of Privacy in Computers as Storage Devices

Answer 22

To determine whether an individual has a reasonable expectation of privacy in information stored in a computer, it is helpful to treat the computer like a closed container such as a briefcase or filling cabinet. The Fourth Amendment generally prohibits law enforcement from accessing and viewing information stored in a computer if it would be prohibited from opening a closed container and examining its contents in the same situation.

Question 23

Relinquishing Control

Answer 23

Individuals lose Fourth Amendment protection in their computer files if they relinquish control of the files.

Question 24

Exigent Circumstances (3 scenarios)

Answer 24

• prevent imminent danger to life or serious damage to property
• forestall the imminent escape of a suspect
• destruction of evidence