Privacy Issues in the Community College Workplace

recover the systems and that, if unauthorized users tried to reboot the system, this would erase the system configurations. Also, in response to the possibility of layoffs in his department, Childs told a coworker, “They can’t screw with me, I have the keys to the kingdom.” At some point, the City became concerned about the agitated and potentially violent behavior of Childs. A decision was made to reassign Childs and remove him as the FiberWAN network engineer. When the City met with Childs to reassign him, Childs refused to provide the correct user IDs and passwords for FiberWAN core devices. He first stated that he no longer had administrator access; he then provided incorrect passwords and told the City representatives that he met with that they were not qualified to have the FiberWAN user IDs and passwords. He also refused to provide backup confirmations, stating that there were none. After reviewing the legislative history and amendments to Penal Code section 502, the court held that “the Legislature did not intend that subdivision (c)(5) could only be applied to external hackers who obtain unauthorized access to a computer system.” 431 Rather, “[i]t appears that subdivision (c)(5) may properly be applied to an employee who uses his or her authorized access to a computer system to disrupt or deny computer services to another lawful user.” 432 The court also found that case law supported the application of section 502(c) to employees, “in appropriate circumstances.” 433 Penal Code section 502(c) prohibits knowingly introducing, without permission, a contaminant or lock on a computer, computer system, or computer network for the purpose of restricting an authorized user from accessing the computer, computer system, or computer network. The second is the California Privacy Act (“CPA”) 434 which prohibits the willful attempt to learn the contents or meaning of communications in transit over a wire. 435 As with the federal law, the California Privacy Act only applies to communications during transmission; once an individual receives the communication, the CPA no longer protects it. The consent exception to CPA goes beyond that of federal law because it requires the consent of “all parties to the communication.” The CPA makes it a crime to eavesdrop or record any confidential communication without the consent of all participants to the communication. 436 A confidential communication is any communication carried on in circumstances reasonably indicating that any party thereto desires the communication to be confined to the parties. The prohibition also applies to prevent any of the participants from recording any part of the communication. 437 These sections do not apply to law enforcement agencies in the context of criminal investigations. Also, no person who was not a party to the conversation may disclose the contents of a telegraphic or telephone communication to another person without permission of the person to whom the message was addressed. 438 In 2017, Penal Code section 632.01 was added, which extended Penal Code section 632 to individuals who “aid and abet” the intentional disclosure or distribution of the contents of a confidential communication with a health care provider that was obtained by that person in The City remained locked out of the system from July 9 until July 21, when Childs, through his attorney, gave the correct FiberWan passwords and backup configurations to the Mayor of the City.

Privacy Issues in the Community College Workplace ©2021 (c) Liebert Cassidy Whitmore 140