I'm curious about this. It's 'not allowed' explicitly by the judge? Can the employee be charged with 'evidence tampering' even if the judge didn't issue any order that explicitly prohibits the employee from deleting their files?
I think the concern is that the employer could be accused of destroying relevant evidence in that case. If I’ve understood the tweets and the Wikipedia article on e-discovery correctly, these photos went through the preservation phase but likely were not actually handed over to the other party since relevance is a factor before that happens.
I guess if you have a more complex matrix of personas and remote servers (not only GH), structure and predictability becomes more important than terseness.
> Most big companies have a department in compliance or counsel that reads your mail
They read the email of your personal email account if you use it in the company-owned phone? Or they read the email of your company email account?
In other words, when you say 'This. +100', what do you mean by 'This'? The parent comment raised many points and I'm confused as to which one you're referring to.
Edit: To be clear, it's my fault because I'm new to these things and I don't understand them well.
+100 to the entire way of thinking from the original post. work/personal should be treated like church/state where they are kept separate.
yes, if you read your personal email on a corp device, then there's a good chance corp is reading your personal emails. and 100% yes, the corp can/do read your corp email. they are required to keep copies of every email sent by employees, so just assume at some point some corp lawyer can/will be reading them.
Corporations have to follow guidelines/rules/laws in order to be in good standing. If the corp is sued, the corp will have to respond to discovery requests from the plantiff's attorneys. In the past, so many companies have deleted emails so that they did not have to turn over incriminating evidence has lead to laws being passed that require a minimum amount of document storage. I don't know the details other than it is a thing.
Edit: search "email retention laws" for more precise rules and specifics
The corp having to give out emails on legal requests does not in any way shape or form imply they read your mails regularly. They certainly aren't allowed to in some parts of Europe, even though they have to respond to legal requests.
No, but the point is they can. And if there is anything they feel they need to protect themselves, they can investigate. Most corp employees are just too damn busy avoiding doing their regular tasks to be bothered to snoop other employee emails. Yes, I agree that it's not like someone is just tasked with reading all email every day. The point is that they can and do when necessary. Once they start reading, they have no idea where the trail ends so they will be reading a lot.
It all comes down to the same thing stated here multiple times, don't send any messages on corp equipment that you wouldn't want to see read aloud in front of your manager/boss or worse a courtroom.
There are a few different dimensions here. Note that I’m in the US and have experience specific to larger entities.
For you conducting any personal business on work devices, it is pretty easy for employers to get tools that can detect and even capture that activity. That ranges from grabbing files on the device to periodically or continuously recording screen content.
For conducting personal business on work services, that is trivially searchable with O365 or Google Workplace. Some industries (banking, finance) are required to retain all mail and sample it for policy violations. Sometimes contractors are roped into doing this by contract terms. Sometimes dating coworkers becomes a problem when you communicate on work systems in unexpected ways — anything you do is essentially public.
For conducting business on personal devices, employers cannot generally search through your content. (Unless security or other products are present — for example Crowdstrike or similar EDR tools will log most executable launches) But, if evidence exists that you use personal stuff for business and there is a litigation event or investigation, you can be compelled by a court to turn over your personal gear. That risk depends on what you do for a living and for who. (For example, a government employer may have an inspector general with police subpoena powers, if you are a decision maker in a company, a civil suit may focus on something you said or didn’t say)
All-in-all, the best policy is to keep work away from your personal business and vice versa within reason. The meaning of “Within reason” depends on your circumstances. The issues for a unionized white collar worker at a factory are different than an at-will financial analyst at some big bank.
In the example, fnord77 posted, you can replace all the places that they used personal.github.com. It will be usable anywhere you would use ssh, including when going through a few tools that ultimately resolve to an ssh invocation. I won't copy the host block in .ssh/config but you could, for example:
`sshuttle -r my-cloud-server 0/0` for a poor man's vpn
`ssh some-enterprise-server` for when the server has a user unfriendly domain name that you don't want to bother remembering
`git clone git@github-personal:myusername/somerepo.git` when you want to clone using your personal key from GitHub.
There is the caveat, though, that you may have some nested dependencies that will use the plain ole every day host name in which case things will break for you. It rarely comes up, though, in my experience.
"legal forced me" and "permanent evidence locker" = these texts are part of a legal discovery process (e.g. somebody sued Apple and their lawyers get a certain kind of access to Apple's corporate data)
If there's value for the other side to present the boob pictures as evidence in trial (e.g. in an attempt of character assassination), it will be rather hard to have them not passed around in court now that they're part of the "evidence locker" (as they call it) even though there were 100% personal and unrelated.
[0]: https://news.ycombinator.com/item?id=29066463