This decision in People v. M.A., was one of first impression in New Jersey, but is consistent with several other jurisdictions, including U.S. v. Angevine, 281 F.3d 1130 (10th Cir. 2002); U.S. v. Simons, 206 F.3d 392 (4th Cir. 2000); and U.S. v. Bailey, 272 F. Supp. 2d 882 (D. Neb. 2003) in holding that an employee has no reasonable expectation of privacy in personal files stored on a company-owned computer and an employer’s consent makes a police search lawful.

Moreover, the court applied what appears to be a derivative of the Fundamental Equity Doctrine in holding that, even if defendant had a subjective expectation of privacy because he used a confidential password, that expectation was unreasonable because of the criminal use to which it was put: “A burglar plying his trade in a summer cabin during the off season may have a thoroughly justified subjective expectation of privacy, but it is not one which the law recognizes as legitimate,'” the court said, quoting the U.S. Supreme Court’s ruling in Rakas v. Illinois, 439 U.S. 128 (1978).

An intriguing question arises when applying this doctrine to overcome the legitimate expectation of privacy:  What if the encryption software used is discovered to have been pirated or in violation of the EULA, but defendant was not otherwise putting the computer use or data to criminal use?  Does the Independent Source Doctrine warrant exception apply?  What if defendant’s alleged unlawful conduct has no relation to the data or computer use  –can that conduct be used as a pretext for overcoming defendant’s legitimate privacy expectation?  Can tortious, but not unlawful conduct, be used as a pretext for overcoming the legitimate privacy expectation?

For related prior blog posts, see: