The Privacy of Computer Files


As we saw in Chapter 1, equipping employees with high-powered personal computers poses tremendous productivity issues for employers. Much of this problem has to do with the flexibility of computers: A PC is just as happy running the software for the latest role-playing game as it is running a spreadsheet. And even if an employer successfully limits its PCs to business applications, the PC itself makes no distinction between a word-processing document that contains an assigned market analysis or the latest chapter of your Great American Novel. The temptations for misuse are legion.

It should come as no surprise, then, that surveys show that roughly four out of ten employers periodically search the electronic files on their employees' computers. Companies are looking for a wide range of forbidden materials, ranging from unauthorized software (games, shareware, bootleg copies of programs) to files indicating a lack of productivity (personal work, pornography, offensive jokes, etc.). Lost productivity, of course, is only one reason for this type of search; increasingly, employers are also looking to see if an employee has files on his or her computer that should not be there, indicating a possible involvement in corporate espionage or outright theft.

The Growing Frequency of Searches

There are a number of tools your employer can use to ferret out inappropriate files on your computer. The simplest tool is the Mark I eyeball. It's amazing how many people store games, jokes, and copies of their personal website in directories on an office computer or network server labeled "games," "jokes," and "my website." Even given the fairly large hard drives in most computers today, it doesn't take long for an experienced system administrator or computer tech to look at a computer's directories and identify evidence of possible misuse.

Nearly as easy to use is the search utility included as a standard tool in most operating systems. A basic search utility can be used to look for files with particular names, files with specific extensions (for instance, the ".jpg" in the file name "bikini.jpg,"), or even for files containing certain words. The main drawback to using the operating system's search utility is that it's not particularly easy to automate; a human being generally has to run it in order to look for potentially offending files. Not surprisingly, there are dozens of software products on the market that allow network administrators and management to automate the search process.

The most common type of search is to look for files containing certain words. For instance, at the Coca-Cola headquarters in Atlanta, network administrators might periodically check to see if any employee's computer files or e-mails contain the phrase "secret formula" or "secret ingredients." Of course, this can be a tedious process: For any moderately large corporation, the number of potential keywords can be huge.

It's slightly easier and more efficient to search for files with extensions that are associated with specific types of materials. An employer who is concerned that you might be looking at Internet pornography can search for files ending in ".jpg" (the extension of the most common compression format used to save photographs on the Web) or ".mpg" (the extension for the most common video compression format). As we'll see later in this chapter, if you're looking at those types of materials on the World Wide Web, copies of the images or movies you've viewed may remain on your hard drive even if you haven't deliberately saved them.

Not every file extension is associated with a particular type of material. For instance, while the files that run computer games generally end in ".exe," the ".exe" extension also covers most of the programs that are designed to run on a Windows-based computer. A search for ".exe" will bring up a list of nearly every program on the computer. The employer can always search for games by name, but with thousands of games on the market, that process could be a little tedious.

Sensing a need seven years ago, a company called Apreo (formerly DVD Software, Inc.) released AntiGame, which as the name implies is specifically designed to prevent game-playing. The Irvine, California, company claims that its current version, AntiGame Plus, is capable of detecting over 20,000 different games. In addition, purchasers can create their own library of banned programs, and AntiGame Plus will search for those as well. Recently, Apreo has begun offering software that will perform the same functions for peer-to-peer programs and MP3s.

From an employer's perspective, AntiGame Plus offers two key benefits. First, in a networked environment, a company's computer technicians can use the program to scan your computer from a remote location; you will most likely be completely unaware that Antigame Plus is checking your hard drive for the latest version of Warcraft 3: Reign of Chaos.

Second, simply changing the name of a game to something innocuous like "spellcheck.exe" will not fool the surveillance program. AntiGame Plus is able to see through such deception by searching your hard drive for data strings, called signatures, that it associates with specific games. (It's the same technique used by antiviral software to identify viruses on your computer disks.) Even if you change the name of the file containing a game's program, the content of the program remains unchanged, and that's what AntiGame Plus is programmed to identify. On systems with a full-time Internet connection, the AntiGame Plus software can update its library of game signatures automatically.

Once AntiGame Plus has identified a game or other banned program, it can either delete the program and its components, or send a notice to the network administrator with a list of the games that it found on each computer. Apreo states that there are currently 1,200 organizations around the world that use its detection software. The company has recently started marketing a companion program, SoundJudgment, that searches out and destroys MP3s and peer-to-peer file-sharing programs.

Even Congress became involved—albeit briefly—in the issue of using business computers to play games. In July 1997, Senator Lauch Faircloth (North Carolina) proposed a bill, the Responsive Government Act, that would have required that games be eliminated from all government computers and would have banned the government from purchasing computers with games preloaded. [2] On a unanimous vote, the Senate agreed to attach Senator Faircloth's bill to that year's Treasury and General Government bill, but his proposal was stripped from the conference committee report and never became law. To the extent that Congress has paid any attention to computer games recently, it's mainly been in the context of online gambling or the marketing of video games to children.

Computer Forensics: Why It's So Hard to Escape Your Past

One of the major goals of the software industry over the last fifteen years has been to create operating systems that are easier to use than the dreaded DOS C: prompt. The chief strategy in making systems "user friendly" has been to incorporate features that emulate elements of a real office: The main part of the screen is referred to as the "desktop," information is stored in "files," which in turn are put in "folders," and deleted information is dragged to either a "trash can" (Macintosh, which Steve Jobs borrowed from Xerox PARC) or a "recycle bin" (Windows, which Bill Gates borrowed from Jobs).

Perhaps the most enduring myth is that when a file is put in the trash can or recycle bin, it's actually removed from the computer system. But just like in the three-dimensional world, throwing something in an electronic trash can is only the first step in the process of deleting it. All too often, material that you think you've "deleted" may still be somewhere on your hard drive. The practical consequence is that this type of material can frequently be recovered by your boss, a private investigator, or a federal or state prosecutor. This tendency of information to linger in the nooks and crannies of computers has proven to be a tremendous boon for lawyers, in particular, offering them a powerful new source of evidence for litigation.

The difficulty in cleaning information from a computer (and the ease with which it can be recovered) stems from two main factors. First, as most of us are painfully aware, one of the by-products of a consumer-oriented society is that stuff expands to fill available space. Anyone who's moved recently, or who's cleaned out an elderly relative's home, can attest to the remarkable amount of stuff that somehow accumulates over the years.

Over the last twenty years, we've undergone the electronic equivalent of moving from our first student apartment to a Beverly Hills mansion. In the early 1980s, a 10-megabyte hard drive would cost you about $3,000; by the summer of 2002, even the most basic $1,000 computer was routinely equipped with a 30- or 40-gigabyte hard drive. Thanks in large part to growing consumer interest in music and video editing, hard drives of 60 or 70 gigabytes are increasingly common.

In addition to the computer's internal hard drive, we can also choose from a bewildering variety of external storage media, including:

  • The soon-to-be-obsolete floppy disk (1.2 megabytes per disk)

  • Zip disks (100–250 megabytes per disk)

  • CD-ROMs (640 megabytes per disk)

  • Jazz disks (one gigabyte and up)

  • Flash memory sticks (one gigabyte and up)

  • External hard drives (5 gigabytes and up)

On the immediate horizon are burnable DVDs, which will initially allow us to store 7 to 8 gigabytes of information per disk; anticipated advances in technology will increase the per-disk capacity of DVDs to over 30 gigabytes; and 50-gigabyte disks are not much farther down the road.

The most immediate impact of all of this storage space is the steady accumulation of vast amounts of digital stuff—huge, feature-laden programs (also known as bloatware); enormous quantities of songs, pictures, and increasingly, videos; installation files for various programs; assorted temporary files generated by the operating system; and so on. Thanks to the ongoing advances in storage capacity, computer users have little incentive to clean off their hard drives. It's as if you hired a contractor to expand the size of your basement every time it got full so you could keep going to flea markets to collect more stuff.

But even if you wanted to keep your computer's hard drive uncluttered, the computer operating system that you use was written to make it very difficult to successfully eliminate unwanted material. [3]

The Durability of Electronic Data

In the late 1970s and early 1980s when Bill Gates and Paul Allen were first working on what would eventually become MS-DOS (the Microsoft Disk Operating System), designing an operating system was a tremendous challenge, given the extremely tight constraints on processor speed, memory, and disk space. When a computer user instructed her PC to save a file, DOS carved the file into small chunks and stored each chunk in a separate sector on a floppy disk, beginning with the first available sector and continuing until the entire file was saved. A separate file on the floppy disk known as the File Allocation Table (FAT) was then updated with the name of the file and the number of each sector containing data for that file. [4] To retrieve a file, DOS went to the File Allocation Table, looked up the name of the file, went to each of the listed sectors, and put the data together.

When the time came to add another new file to the disk, DOS checked the File Allocation Table to find the first available sector of space. DOS then continued storing the file sector-by-sector. Remarkably enough, nearly twenty-five years later, that's still the basic process used by Windows-based computers to store files.

Given the hardware limitations at the time, Gates and Allen decided that when a user wanted to delete a file, it would take DOS too long to wipe out the data contained in every sector. It would be easier, they realized, simply to delete the first letter of the file name in the File Allocation Table. For instance, if you instructed a computer running DOS to delete a file named "resume.txt," the entry for that file in the FAT would be changed to "?esume.txt." When DOS next looked for free disk space and saw a file name with a question mark at the beginning, it would know that the sectors associated with that file were available for storing new data.

The significance of the programming choice made by Gates and Allen is that when you delete a file on your computer, all of the data associated with that file remains intact on the hard drive or disk; the only thing that is altered is the file name.

Eventually, some or all of the data associated with a deleted file gets overwritten by new files. As is the case with so much of life, however, timing is everything. How quickly a sector in a deleted file gets overwritten by new data depends on a variety of factors, including how frequently you use your computer, the size of the disk containing the sector, the types of programs that you store and run using that disk, etc. On a floppy disk, available sectors may get overwritten in an afternoon; on a 70-gigabyte hard drive, a given sector may not get overwritten for months. And as long as information from a "deleted" file exists on a disk, it can be retrieved.

Recent versions of Windows have added another step to the deletion of computer files. Today, when you delete a file, the system first stores the file in a system directory called the recycle bin. If you decide to recover a file from the recycle bin, you simply open the directory, highlight the file, and choose "restore" from the menu options. The operating system returns the file to its original location. If you wish, you can instruct Windows to "empty" the recycle bin. Windows then changes the first letter in the File Allocation Table for each of the deleted files. Again, the data in those files does not vanish in a puff of smoke. Instead, it remains on your hard drive until it is overwritten by new data. [5]

The fact that files or fragments of files continue to lurk on computer hard drives after they've been "deleted" has given rise to an entirely new field of investigation known as computer forensics. Prosecutors and defense attorneys alike have discovered the powerful impact that recovered computer files can have. Juries are often very impressed by embarrassing e-mails and memos that are magically recovered from the hidden recesses of a computer hard drive.

Even when no criminal violations have occurred, employers are using computer forensic techniques to assess what an employee has been up to, or how much damage a discharged employee might have done before he left. The detective agency Kroll Associates reported in 1997 that employee investigations of computer files had risen a steady 30 percent per year over the preceding three years. Given the amount of valuable information that can often be recovered from an employee's computer, it's not uncommon for private detectives to conduct "midnight raids" of a target cubicle, in which they sweep up any potential evidence, from the employee's Rolodex to her computer. [6]

Because of the value that recovered files can have, two competing software industries have developed: one that focuses on the recovery of such materials, and one that focuses on their complete and utter destruction.

In the recovery field, the industry leader is EnCase, a computer forensics product created and distributed by Pasadena-based Guidance Software. In the five years since the program was first released, EnCase has become the preferred file recovery tool of more than 7,000 businesses and government agencies around the world. The expensive software—$1,995 per license for government and educational facilities, $2,495 for the private sector—has a wide range of capabilities, but its most salient features are its ability to produce an exact, sector-by-sector replica of a hard drive and then analyze that hard drive for any deleted materials. Among other things, the software maintains the time stamp that Windows attaches to each file, which makes it possible for investigators to construct detailed chronologies of activity that took place on the computer.

What EnCase seeks to preserve, other programs seek to permanently destroy. The current industry leader among bit-burners is Evidence Eliminator, a program manufactured by the aptly named Robin Hood Software, Ltd., in Nottingham, England. The main function of the software is to sift through and eliminate unwanted data from all of the nooks and crannies where information about your computer use might linger. Once it has done so, then Evidence Eliminator writes over every unallocated or empty sector with a string of zeros, which will foil most conventional recovery efforts. The program can also be instructed to overwrite deleted material and empty space according to Department of Defense specifications, which require overwriting with zeros, then ones, then a random character, with each step repeated up to seven times. [7]

In the right setting, a program like Evidence Eliminator can be a powerful tool for protecting your privacy. However, it's important to recognize its limitations as a tool for protecting your privacy in the workplace. First, Evidence Eliminator and similar programs are likely to be considered unauthorized software, and their discovery on your computer may raise red flags with your boss. Second, many of the mechanisms available to your employer for tracking your computer activity would be unaffected by Evidence Eliminator or any other type of antiforensic tool—they will not, for instance, prevent your employer from viewing e-mail you send, monitoring your Web activity, or even recording your keystrokes.

And lastly (and this is the most common misunderstanding regarding antiforensic software), if you forget to delete a particular image or file, Evidence Eliminator will not know that you wanted it deleted, and it will remain on your hard drive.

The Legality of Searches

Employers are often interested in conducting searches of the physical space in which you work. The rules governing such searches depend on the type of employer for which you work. If you work for a public employer, the employer's ability to search is restricted by the Fourth Amendment prohibition against unreasonable search and seizure. Under the leading case, O'Connor v. Ortega, the first question is whether a public employee had a "reasonable expectation of privacy" in the area being searched. [8] If the answer to that is yes, then the next question is whether the search itself was reasonable under the circumstances. Specifically, courts look to whether the search was reasonably calculated to further the employer's interest in supervision, control of the workplace, and efficiency.

The same general principles are applied to employer searches of the computer equipment used by their employees. One recent case, Leventhal v. Knapek, illustrates the difficulty that even public employees have in successfully protecting their computer files from searches by their employers. [9] An employee named Gary Leventhal, a principal accountant with the New York Department of Transportation, filed suit after his computer was searched during an investigation into his alleged use of company time to conduct non-DOT business.

Investigators found a hidden directory on Leventhal's computer and some files that indicated that Leventhal was preparing tax returns on DOT time. Leventhal challenged the search, arguing that his Fourth Amendment rights against unreasonable search and seizure had been violated. The U.S. Court of Appeals for the Second Circuit agreed with Leventhal that he had a reasonable expectation of privacy with respect to the contents of his computer. However, the court also found that the DOT was justified in beginning its investigation of Leventhal, and that the search of his computer files was reasonable in scope.

As we saw earlier, the Fourth Amendment does not protect people who work for private businesses from actions taken by their employers. However, some states do offer employees either constitutional or statutory privacy rights, and all states recognize lawsuits claiming an invasion of privacy. Typically, courts have recognized that private employees do have a reasonable expectation of privacy in areas that are typically set aside for the employee's personal use, including lockers, desks, office space, mail received at work that is marked "personal," and even computer files.

The problem for private employees (and to some extent for public employees as well), as the Second Circuit pointed out in Leventhal, is that an employee's reasonable expectation of privacy largely vanishes if their employer specifically notifies them that they have no expectation of privacy. As a result, more and more lawyers are recommending to their business clients that they have their employees sign policy statements that clearly delineate the boundaries of their privacy rights at work.

Moreover, if your employer has a reasonable basis for suspecting you of misconduct, then even if you do have an expectation of privacy in the files on your computer, your employer can override that expectation in order to protect its property interests.

[2]The bill would also have required service-oriented government agencies to use people instead of machines to answer telephones before 5:00 P.M. EST.

[3]Again, this discussion applies primarily to the 85 percent of the country that uses a member of the Windows operating system family or its predecessor, MS-DOS.

[4]The File Allocation Table is arguably the most important collection of data on a hard drive or storage disk. It contains the road map that allows the operating system to correctly read every other file on your disk. That's one of the reasons that viruses that target the File Allocation Table are so dangerous; if the File Allocation Table is destroyed, your hard drive becomes an undifferentiated mass of data that is essentially worthless.

[5]There's no question that the surprising durability of computer files has been a hidden blessing for thousands of computer users. During my first week as an associate in a Burlington law firm, I earned serious brownie points by helping an older attorney recover a lengthy brief that he had accidentally deleted. Programmer Peter Norton, whose utility I used to recover the file, built a multimillion dollar software company largely on the strength of his disk editing and file recovery programs.

[6]Dana Hawkins, "Who's Watching Now?," U.S. News & World Report (September 15, 1997).

[7]The immense repetition required to comply with DOD specifications results from the fact that with the appropriate technology and a very high-tech lab, some data can still be recovered from drives or disks that have only been overwritten once or twice. Most experts seem to agree that the data on a drive or disk can only be truly destroyed by destroying the drive or disk itself. Bits are remarkably durable little critters.

[8]480 U.S. 709 (1987).

[9]____F.3d ____(2d Cir. 2001).




The Naked Employee. How Technology Is Compromising Workplace Privacy
Naked Employee, The: How Technology Is Compromising Workplace Privacy
ISBN: 0814471498
EAN: 2147483647
Year: 2003
Pages: 93

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net