1

I have an employer-issued computer and a google-based email account. I use both the computer and the email account solely for work purposes. I am permitted to bring the computer home with me, provided it is used only for work purposes. This hasn't been a problem, and I understand that it's their device (not mine) and so I follow the rules. I understand that if they wanted to, they could inspect it at any time, etc. That's all fine. But I was quite alarmed today when I was told that if I did any of the following things...

  1. Check my work email at home using my home computer,
  2. Check my work email anywhere using my own smartphone,
  3. Connect my own smartphone (I own it, I pay for the contract, and it's not issued by work) for any purpose - be it work or otherwise - to the employer-provided internet network (including making a phone call using the wifi)...

...my personal device could be taken from me and its entire contents searched for relevant data were there some sort of a lawsuit or subpoena. I asked many clarification questions, such as why the home computer could be taken even though all the email contents are stored on a server elsewhere, etc. and was told in no uncertain terms that my use of their network forfeits any right I might have to expect privacy on my devices. They confirmed that, even though I only check their web-based gmail account my entire hard drive on my home computer could be taken if there was cause.

I'm not in the know about legal issues, but want to fully understand my rights. Also, assuming that they are in fact correct, can I mitigate this at all? I use my home computer for a side business and it would be financially devastating if it were to disappear unexpectedly.

The jurisdiction is Vermont, USA. I'm employed in the public sector, not a private business.

NB - I'm new to the tags on this site, so please advise if I've mis-tagged this post.

David Siegel
  • 115,406
  • 10
  • 215
  • 408
nuggethead
  • 1,233
  • 10
  • 21

2 Answers2

6

If there's a reason to believe that your machine has data that would be relevant to a lawsuit, then yes, it is subject to inspection under Fed. R. Civ. P. 34:

A party may serve on any other party a request ... to produce and permit the requesting party or its representative to inspect, copy, test, or sample the following items in the responding party's possession, custody, or control: ... any designated documents or electronically stored information—including writings, drawings, graphs, charts, photographs, sound recordings, images, and other data or data compilations—stored in any medium from which information can be obtained either directly or, if necessary, after translation by the responding party into a reasonably usable form.

So if there's a lawsuit where there becomes a question about what you downloaded from the network, then it's quite plausible that your device could be demanded or subpoenaed.

But that's not the same thing as "forfeiting" your device. The normal procedure in such a case would be that the agency's lawyers would notify you of the demand, and you would take your device to an ESI expert, who would make a digital image of the device's hard drive. The parties would then fight about what portions of that image they are allowed to access, but you would have your device again while that was going on.

bdb484
  • 66,944
  • 4
  • 146
  • 214
-1

You don't give enough explanation about the nature of your work for us to give a detailed relevant answer, but this sounds plausible. The short version is, they can establish reasonable rules about accessing their property, and the fact of being government-related is immaterial.

The basis rule is "do not touch work email or the work network, using your own devices". If you violate this rule, they can take your device to verify the integrity of the information they have, and to ascertain that you have not put them in any legal jeopardy – the employer is entitled to protects its interest. The fact that the employer is government-funded or a branch of a government does not nullify that interest.

For example, government agencies often have access to "sensitive information", which cannot legally be disclosed to the public. An employee of the government may legally access such data and process it in some manner, and report some fact about the data to a supervisor. By isolating transmission of such information to secure facilities, they can know if you have violated the rules. Introduction of non-secured outside computers puts the agency at risk, and justified taking steps to established that the rule weren't broken.

user6726
  • 217,973
  • 11
  • 354
  • 589