Classical Values :: I bought more than I bargained for. Or did I?

May 15, 2010

I bought more than I bargained for. Or did I?

I'm wondering about the ethics surrounding hard drives. I don't mean legal ethics so much as personal ethics. I have bought a variety of computer parts on ebay and in a local building material salvage yard, and I seem to have this uncanny knack for winding up with hard drives just loaded with personal information which simply should never have been mine to see. Like compromising photographs, resumes, school, personnel files, even social security numbers, home addresses, bank account information. It is shocking, and it makes me feel "dirty" just seeing it. I'm an honest person and I would never use any of it to harm anyone, but still.... People don't realized how careless they are. And some of them ought to know better. A few weeks ago I bought a laptop hard drive said to have been pulled from a "working laptop." Yes it was, and it was a complete system, loaded with files, correspondence, chat dialogues and intimate photos of the former user, a teenage girl. I wiped and reformatted it, then cloned an older smaller drive onto it. The girl can consider herself lucky I'm not a stalker.

So much for drive one.

Next, yesterday I bought a nice Pentium 3 machine at a local salvage yard for ten bucks. Which is next to nothing considering it turned out to be a very usable machine. I thought I was buying it for parts, as it looked dirty and funky, and stuff was rattling around inside, so when I got it home I opened up the case to take an inventory. Nice 30 Gig removable hard drive, good sound card, NVIDIA PCI video card, network card, and one of those kickass ASUS motherboards which are great for overclocking. The rattling around was caused by loose RAM which had been taken out, so I figured it probably wouldn't work, but what the hell. I put it back together, plugged in a monitor, speakers, keyboard, mouse, and network cables, plugged in the power cord and turned it on. Windows XP started right up. Everything worked. I would never name names, but it's just crammed with years of a lawyer's professional and personal files, confidential information about clients, cases, and loan applications, even including his wife's social security number and credit information. I don't know what to do. I would contact the guy, but he might get mad. At me! I didn't do a damned thing except gamble ten bucks and push a button.

Then there's the computer I'm working from right now. It's an old clunker laptop sold on ebay for parts because it was inoperable and gave RAM and "hard drive not found" errors. The reason for the RAM error was that one of the sticks of RAM was bad (or incompatible) and the reason the hard drive was not found was because someone had forgotten to stick the adaptor onto the pins, so it wasn't hooked up. The "parts" computer turned out to be completely usable, so now I feel guilty about unwittingly invading the privacy of a chemical engineer from India whose entire recent life is on that drive (photographs, resumes, immigration documents, and complex stuff I don't understand). Obviously, I should wipe or reformat the drives and/or delete the personal stuff, and my goal is to continue my Linux comparisons. But I'm grappling over basic ownership theories here. Who owns this stuff? I bought it, so in theory I would be the "owner." Of what? The drives? What's on them? Do I own the operating systems? Do I now "own" the photos? Someone else's work product? Am I invading people's privacy? And suppose there was illegal stuff in there? Would I own that too? Or would I merely "possess" it without "owning" it? I like to think Ownership is fuzzy. So are the moral issues:

Sales between individuals pretty much always include the software, whether or not it's actually legal, and it would be naive to ignore the value. If you build a new PC and you go out and buy Windows XP and Microsoft Office (OEM versions), you've just spent a few hundred dollars on software. If you purchase a used computer or receive a hand-me-down which has this software installed, even if it's Windows 98 and Office 97, you can get right to work. Again, I'm not preaching about morality here and I don't really understand the legal issues involved in using software that's licensed to the original owner, I'm just reporting how things are. I would say the cheapest you can legally obtain a copy of Windows XP and Microsoft Word for (not the full office) is still over $200 if you build your own PC.

Anyway, if my experience had been limited to one compromised hard drive, I might not have thought it worth a post. But this is three in a row now -- each one containing a lot of personal information which should never have been seen by a stranger, and which I am sure the respective owners would never have wanted to be seen.

It really seems like such a no brainer. I thought everyone knew that you don't make available the contents of your hard drive. In fact, it's so basic that I doubt there's a single reader of this blog who does not know that. So what's with three in a row? A teenage girl I can understand, but an attorney? An engineer?

If only I enjoyed being a voyeur!

posted by Eric on 05.15.10 at 02:57 PM

TrackBack

TrackBack URL for this entry:
http://classicalvalues.com/cgi-bin/pings.cgi/9675

Comments

Great Post, you had me at PC tinkering then sucked me in with the ethics/stupid people argument. Almost makes you wanna call em ya know? well done,
Bob

Bobnormal · May 15, 2010 07:55 PM

Well, people are pretty used to using technology that they really don't understand. How many drivers out there today know anything about their vehicles other than how to put gas in it, start it, put it in gear, and drive?

It's even worse with computers, since for most people it might as well work by magic.

I now see hundreds of "computer literate" new college students every year who actually know pretty much nothing at all about computers except how to [marginally] operate them. Heck, they don't even know how to look stuff up on the web.

I have students who never once attempt to access the course home page where I place all that useful info they need. I wonder how many of them know that I have pretty much total access and can see if they have accessed the page, how long they were on, what they sent to one another, etc? Probably none.

I don't know why you'd expect a lawyer to know squat about computers in the real sense, and as for the engineer, it depends on what kind of engineer he is, among other things. Heck, back in the day I knew engineers who were whizzes with a slide rule but didn't know why the worked. They just used them.

JorgXMcKie · May 15, 2010 09:42 PM

I thought everybody who uses a computer knew of the danger of disposing of hard drives with confidential info on them.

And professionals have no excuse for not knowing. Lawyers, engineers, financial concerns, medical practitioners, and other certified professionals all have professional rules and regulations, by their respective regulatory authorities, that require the destruction of all information, paper or electronic, being disposed of. You also have to document the disposal.

It's really easy to destroy a computer's hard drive. Most large concerns have them demagnitized by third party concerns that specialize in the destruction of documents. You can soak the think in alcohol-that will really strip it. An external hard drive is more difficult to destroy- you have to take the thing apart to do it.

Laura Louzader · May 16, 2010 12:39 AM

Sorry, I meant "soak the THING" in alcohol.

I thoroughly wiped a laptop hard drive this way, by accident. Totally unrecoverable.

Laura Louzader · May 16, 2010 12:42 AM

You should try to dispose of a federal government computer. You are not allowed to remove the hard disk. The computer must be functional. Someone decided it would be wonderful to provide the ancient computers to schools, etc.

But then you aren't suppose to just release privacy data either. So the only real solution is for some very highly paid GS to wipe the disk and reload the OS, drivers, etc. Multiply that by hundreds, thousands of computers excessed each year and your using ups a lot of tax dollars to make computer no one wants okay to excess. Oh, you don't have the original disks for a computer that is 10 years old and was passed down ad infinitim? I would expect there are only a few dozen Windows licenses on those thousands of excess government computers. Well, property control rules aren't required to be logical or efficient. It's government work after all.

JKB · May 16, 2010 12:57 AM

There are lots of freeware HDD erasure utilities. Many dont even need a working OS - just put it on a CD or diskette and boot it.

NIST recommends UCSD's HDDErase because it uses the low-level SATA/PATA Security Erase commands. It nukes even the otherwise unreachable bad-block sectors.

Gideon7 · May 17, 2010 08:58 PM

Frankly, I don't see how this is a problem. You paid for items that the previous owner clearly considered junk, and, who also did not bother to worry about the confidential data that s/he was leaving behind. These ignoramuses lucked out, IMO, because of who their HDD ended up with -an honest person- but OTOH, infinite human stupidity is what keeps both lawyers *and* ID thieves in business. You can't have a Yin without a Yang.

Peyton Farquhar · May 18, 2010 03:30 PM