Quote:
|
A company investigator is sent to your desk while you are away to find and retrieve the system linked to the originating IP address.
|
Quote:
|
they also find your laptop that obviously isn't owned by the corporation: it is a different make and model from anything ordered, it has no property label, and the serial number matches nothing in inventory.
|
Based on this evidence, I'd argue:
(1) That the investigator only has the legal authority under the employee's contract/company internet usage agreement/etc to seize the company PC for dissection and analysis and not the laptop. Inappropriate and/or illegal material is being accessed using company resources, so they (the company) have the right to seize any of its assets that may have been used in the act. The laptop, however, is private property of the employee and not subject to corporate search. This of course is contingent upon the absence of any clause in the employee contract/internet usage policy/etc that
would grant the company the authority to seize the laptop.
(2) That, even barring any clause as aforementioned, the investigator
would have probable cause to seize the laptop if a clear and present connection to the company network was visible at the time of his arriving at the workstation. Whether it was the company PC or the laptop which accessed the objectionable material, the access was done through the company network. Whichever device was used in the misuse of services would be subject to search as the service misuse is the issue.
(3) If it turns out that the laptop was used to access the material, and this was discovered without prior approval granted to search it or a clear link to the company network present at the time of the investigator's arrival at the scene, then legally speaking that evidence is inadmissible because it was obtained illegally. The investigator would only have had the power to search the company PC, not the laptop.