If *I* sniff a password on your corporate network, since your employees have no expectation of privacy there, and make digital copies of every document and database there, wouldn't you want to charge *me* with hacking or illegal computer entry/misuse under the Fabled Patriot Act? But, according to this case, "no expectation of privacy" + "digital copies with unaltered originals != possession" = NO HACKING CHARGE.

Come on, there's a huge difference between an employee expecting privacy when using a company computer system for personal use, and you compromising access control through a user account.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/105/16315#16315