Privacy Issues in the Workplace

The California Court of Appeal case of Chrisman v. City of Los Angeles, 457 involved the firing of an L.A. police officer for misusing his department computer. Chrisman improperly inquired about celebrities, friends and others via the City’s computer. The City claimed that Chrisman had violated Section 502. Section 502 makes it a public offense to “knowingly and without permission access or cause to be accessed any computer, computer system, or computer network.” It defines “access” as “hacking,” or breaking into a computer. Section 502 specifically refers to the hacking of computers and not simply an employee's misuse of a computer that he has the right to access. Although the City disapproved of Chrisman’s conduct, his use of the mobile digital terminal computer was not outside the scope of his employment, and, therefore, not violative of Section 502. In another California Court of Appeal case, People v. Childs 458 , the court confirmed the conviction and restitution order of $1.4 million entered against an employee for disrupting or denying computer services to an authorized user (his employer) in violation of Penal Code section 502(c)(5). Penal Code section 502(c)(5) makes it a criminal offense to “knowingly and without permission” disrupt or cause the disruption of computer services or to deny or cause the denial of computer services “to an authorized user of a computer, computer system, or computer network.” The employee, Terry Childs, was the principal network engineer for the Department of Telecommunications and Information Services (DTIS) of the City and County of San Francisco. He was assigned to “configure, implement and administer” the City’s new fiber-optic wide area network (FiberWAN) using Cisco products. He convinced the City to let him implement the network himself instead of having Cisco do it. Against the expressed concerns of his supervisor, Childs designed the network so that only Childs had access to the passwords to recover the systems and that, if unauthorized users tried to reboot the system, this would erase the system configurations. Also, in response to the possibility of layoffs in his department, Childs told a coworker, “They can’t screw with me, I have the keys to the kingdom.” At some point, the City became concerned about the agitated and potentially violent behavior of Childs. A decision was made to reassign Childs and remove him as the FiberWAN network engineer. When the City met with Childs to reassign him, Childs refused to provide the correct user IDs and passwords for FiberWAN core devices. He first stated that he no longer had administrator access; he then provided incorrect passwords and told the City representatives that he met with that they were not qualified to have the FiberWAN user IDs and passwords. He also refused to provide backup confirmations, stating that there were none.

The City remained locked out of the system from July 9 until July 21, when Childs,, through his attorney, gave the correct FiberWan passwords and backup configurations to the Mayor of the City.

Privacy Issues in the Workplace ©2021 (s) Liebert Cassidy Whitmore 145

Made with FlippingBook - Online catalogs