±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 0 Overall: 36620
New Yesterday: 3 Visitors: 89

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

±Latest Videos

±Latest Jobs

Please help..Email request and 2703?

Discussion of legislation relating to computer forensics.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Page 1, 2  Next 
  

jblakley
Senior Member
 

Please help..Email request and 2703?

Post Posted: Nov 07, 07 19:54

I work for a company that hosts Exchange email for clients. One of our clients has recently had an employee leave their company and go to a competitor. They had reason to believe that the employee had been selling trade secrets to this competitor before leaving, and they've hired a third party investigator to do some work. (it's a major auditing firm.)

We have been asked to restore all of the employee's email for a possible criminal investigation by the EMPLOYER. Since then we have also had a request from the Auditor. This has happened within a two day timeframe.

My question is this:

1.) Do we need to have a 2703 letter supplied to us for these records?
2.) Is the employers request for email sufficient enough without a subpoena?
3.) Does the ex-employee fall under the ECPA for email that they are wanting to restore (hence the question for the 2703 letter)?

And anything else you can supply me would be excellent!! I'm a forensics major, and this is my first real interaction with the legal aspect of this, so I don't want to do anything wrong.

Thanks for all of your help!

John  
 
  

keydet89
Senior Member
 

Re: Please help..Email request and 2703?

Post Posted: Nov 07, 07 20:23

Why not simply ask your company's legal counsel these questions?  
 
  

AWTLPI
Senior Member
 

Re: Please help..Email request and 2703?

Post Posted: Nov 07, 07 20:24

A question that needs to be answered is what, if any, Internet and email usage policy is in place at this client?

In most US localities (except, of course, California) employees generally have no expectation of privacy, but the prudent employer explicitly states this in some form of Acceptable-Use Policy which employees are required to read and sign.

Your company's attorney needs to ascertain from your client's legal- or HR department if, indeed, such a policy is in place and is uniformly enforced.

Keep us posted on this case!
_________________
MSc, CISSP 
 
  

jblakley
Senior Member
 

Re: Please help..Email request and 2703?

Post Posted: Nov 07, 07 20:28

That's the odd thing. We are a hosting company that "replaces" an IT department. We have clients who have their own policies, but we also have ours. Who's legal counsel would need to be contacted?

In other words, if we say we protect our clients email and the employer says the employee has no expectation of privacy, then who wins? I can get in touch with our company's lawyer, but I'm not sure they'll be able to help. I'll keep you posted!!

Thanks!  
 
  

AWTLPI
Senior Member
 

Re: Please help..Email request and 2703?

Post Posted: Nov 07, 07 20:44

- jblakley
In other words, if we say we protect our clients email and the employer says the employee has no expectation of privacy, then who wins?


At issue here is Did the employee sign a non-compete with her/his employer? Did s/he sign an AUP?

Your company is merely providing a service; in this case email-hosting. The legal battle will be between your client and their naughty former employee. As H implied in his above response, though, these are questions for your company's attorney(s) to sort out with your client's legal team.

*You* need to repeat the mantra, "Under advice of counsel..." and not make decisions that could put you in the witness stand unnecessarily.
_________________
MSc, CISSP 
 
  

bgrundy
Senior Member
 

Re: Please help..Email request and 2703?

Post Posted: Nov 07, 07 20:46

- jblakley

1.) Do we need to have a 2703 letter supplied to us for these records?
2.) Is the employers request for email sufficient enough without a subpoena?
3.) Does the ex-employee fall under the ECPA for email that they are wanting to restore (hence the question for the 2703 letter)?


I'm no lawyer, but I think that unless you are a "governmental entity", you cannot compel *anything* under 18 USC 2703.

- 18 USC 2703
§ 2703. Required disclosure of customer communications or records
(a) Contents of Wire or Electronic Communications in Electronic Storage.— A governmental entity may require the disclosure by a provider of electronic communication service of the contents of a wire or electronic communication, that is in electronic storage in an electronic communications system for one hundred and eighty days or less, only pursuant to a warrant issued using the procedures described in the Federal Rules of Criminal Procedure by a court with jurisdiction over the offense under investigation or equivalent State warrant. A governmental entity may require the disclosure by a provider of electronic communications services of the contents of a wire or electronic communication that has been in electronic storage in an electronic communications system for more than one hundred and eighty days by the means available under subsection (b) of this section.


AWTLPI has the answer. Does the company have a "banner" in place? Or a "user agreeement" that strictly states there's no expectation of privacy? That's the road you really need to go down.

- jblakley
That's the odd thing. We are a hosting company that "replaces" an IT department. We have clients who have their own policies, but we also have ours. Who's legal counsel would need to be contacted?


There really ought to be some contractual language that addresses this. I would think. But that's outside my frame of reference.  
 
  

ddow
Senior Member
 

Re: Please help..Email request and 2703?

Post Posted: Nov 07, 07 20:55

- jblakley
Who's legal counsel would need to be contacted?

You can only depend on your own. The employer's attorney is there to represent and protect the employer, not you. To save your attorney's time and your money, I'd go in with both your policies and a copy of the employer's policies in question.
_________________
Dennis 
 

Page 1 of 2
Page 1, 2  Next