Privacy is a constant bugbear for many people who use the internet, particularly those who use social networking sites such as Facebook and LinkedIn but computer privacy is also a big deal at work. If you’re using a computer supplied by an employer, how much privacy should you expect to have when it concerns objects you’ve downloaded onto the drive.
In what strikes me as a bizarre apportioning of the right to privacy, a court in Ontario has found that what’s stored on a computer’s hard drive should be regarded as private even if it’s undergoing maintenance conducted on behalf of the people who own the equipment.
Whose Privacy Is Being Protected Here?
A teacher who had nude photographs of a year 10 student on a laptop supplied by the school board had a right to expect the files on the hard drive would remain private, however, committing the case for a new trial the court also said that the teacher’s expectation of privacy should have been limited because he was perfectly well aware that a technician employed by the school board would be accessing the computer in order to run maintenance of the school’s IT matrix.
The teacher in this case, a one Richard Cole was working at Sudbury Second School was teaching ICT and had access to data stored on the computers which were being used by his students. Logging, or should that be hacking, into one student’s account he found nude pictures of the student’s girlfriend and, like any great respecter of privacy, copied them onto his own hard drive. When the technician noticed the flow of data from the student’s machine to the teacher’s the tech’ accessed the teacher’s machine to check for malware and found the sexually explicit pictures of the girl.
The tech’ took the responsible steps of taking a screen grab and notifying the principal, who then requested that the images were copied onto a disk. Justice Andromache Karakatsanis of the Ontario Court of Appeal said that both these employees acted reasonably and Cole had no personal privacy issues concerning the photos because they were in plain view during a routine maintenance check. But, she said, Cole also had the right to expect personal information on his hard drive would remain private.
Teachers routinely take their work issued laptops home with them at weekends and vacations and store all kinds of sensitive data such as banking records and personal photographs. So, when the school board handed Cole’s machine over to the police they copied the hard drive without a search warrant or obtaining Cole’s permission believing that since the computer was the property of the school board then they had the right to carry out a search.
The court had originally found that the search had been a violation of Cole’s entitlements under the Charter of Rights and Freedoms, particularly section 8’s right to be free from unreasonable search and seizure. They then ordered the evidence which was found on the hard drive to be excluded as evidence from the trial.
Justice Karakatsanis’ findings upon appeal applies to governmental and those that act for and on behalf of government agencies but they’re also likely to apply equally to the private sector wherever the case is covered by the Charter’s proscriptions and requirements.
Frank Addario, the lawyer acting on behalf of Cole said that there “is a constitutional right to privacy” when an employer allows staff to use electronic equipment for personal reasons and that is “pretty much everyone.”
He went on: “There was a belief that ownership meant control of privacy” but that idea was now outmoded in the twenty first century.
Personally, I find it hard to feel too much sympathy for Cole; I’m sure he has many excuses for his behaviour but to call privacy and illegal search as mitigation for his behaviour seems to stick in the craw. After all, wasn’t it him who accessed one of his student’s email accounts and then copied his personal and private property into his computer?
What about the student’s expectation of privacy and protection against unreasonable search? Cole was perfectly happy to violate those rights but it pinches when they put the boot on the other foot doesn’t it?
This case should act as a constant reminder to anyone, especially any second school student who has sensitive data on their computer that they should be very careful about where they store it and always use a unique password wherever possible.
What do you think privacy law should change here? Is it legit that despite of teacher sneaking into someone else laptop, he is protected by privacy law?
Get Free Blogging updates in your Email