e-ignite

It’s official: You have no right to the expectation of privacy when your computer is in for repair.

A recent Slashdot article told the story of a man from Pennsylvania who had his computer in for repair (a repair to the DVD burner of his PC). When the computer was in for the repair, technicians found illegal pornography on his hard disk, and he was reported to and arrested by the police. When it went to court, he successfully argued that the technicians had no right to be accessing data on his hard drive, but this decision was later overturned by a prosecution appeal.

In no conceivable way do I support his actions relating to the illegal material found on his computer, and I believe that people who make and access this material deserve to be prosecuted to the full extent of the law.

The fact the the material in question was found on the computer, however, highlighted the issue: do you or can you trust computer technicians with your data when your computer is in for repair?

Realistically, the computer technicians shouldn’t be rummaging through hard drives of people whose computers are in for repair - in the example case shown in the Slashdot story, the person’s DVD drive was being repaired - this could have been replaced or fixed without the need for the technicians to even turn on this person’s computer. So why did they hunt around on the hard disk? What were they looking for? And do they do it with every computer they are trusted to repair?

In this case, it’s difficult to show any sympathy with the man because of the nature of the material he was caught with, and realistically he was a criminal and deserved to be caught. But what if it was your computer and your data? Even if you had simple things like emails, invoices or financial information somewhere on your hard disk - would you be happy knowing that this was being looked at by others? Unfortunately, this is also a problem if equipment is ever lost or stolen, and anyone can access your private information - it could even be used as part of identity theft or phishing scams after it got into the wrong hands, so all I’m suggesting is that you think about your data. What is private and what should you be protecting?

Due to a large number of personal emails, online receipts and financial data held on my computer, I use truecrypt to secure my data. Perhaps file encryption is something you will consider before you next entrust your computer to an unsupervised stranger.