Clandestine Imaging of a Spouse’s Computer ensures the opposing party doesn’t manipulate crucial dates or destroy the entire digital device in question.
By Nicholas G. Himonidis, Attorney
On occasions too numerous to count, we have assisted clients and their counsel in obtaining critical data from a spouse’s computer(s) and/or digital devices before and after litigation began, outside the scope of formal discovery. This process, often called “Clandestine Imaging,” has proven invaluable to clients and their counsel over the years.
The Concept and Benefits of Clandestine Imaging
The benefits of Clandestine Imaging should be obvious. Because the opposing party or “Subject Spouse” does not know that the information is being gathered, they do not have an opportunity to manipulate crucial dates, or to destroy or “lose” the entire computer or digital device in question.[1]
Clandestine Imaging can be extremely useful, even when no immediate analysis of the acquired data is contemplated. Simply securing a forensic image of the Subject Spouse’s hard drive gives the client and their counsel an “ace in the hole.” They now possess a forensically-perfect duplicate of the Subject Spouse’s hard drive, “frozen in time,” before the Subject Spouse had notice of impending litigation and a motivation to obfuscate its contents.
This “ace in the hole” can be used to keep the other side “honest,” and randomly “audit” the thoroughness and authenticity of information provided later, through the formal discovery process. For example, take the scenario of a Subject Spouse’s laptop computer, which is the subject of Clandestine Imaging prior to the commencement of a case. This hard drive image is secured, but not analyzed, and the Subject Spouse is unaware of the same. The case then begins and discovery ensues. The Subject Spouse provides information requested in discovery – but the client spouse and/or their counsel suspects that such information is incomplete or not authentic. A focused forensic examination of the acquired hard drive image can ensue at that point, to determine if responsive information exists that was not produced, or if the information produced was altered or other “versions” of the same exist.
Another strategy counsel may employ, is to notify the other side after the commencement of the case, that his client has a forensic image of the Subject Spouse’s hard drive as of a specific date. Such “notice” will obviously tend to dissuade the Subject Spouse from any efforts to destroy, manipulate or otherwise make discoverable data “unavailable.”
Clandestine Imaging of a Spouse’s Computer: Legal Concerns
With all of the benefits of Clandestine Imaging, and the relatively modest cost (it typically costs $1,500.00 to acquire a forensic image of a laptop or desktop computer), we are surprised that doing so is not at least considered by more clients and their counsel prior to commencement of a matrimonial case. One possible reason is the common misconceptions about the legality of Clandestine Imaging. We have heard many clients, and many attorneys, express concerns about same. We have often heard: “my lawyer told me it was illegal to copy my spouse’s hard drive” or “I read somewhere that copying my spouse’s emails was illegal.”
Many clients, and perhaps some attorneys, are misinformed about the relevant law on this issue. Certain questionable articles and publications, have, in this author’s opinion, contributed to these commonly held misconceptions.
While clearly, a case-by-case analysis by counsel is appropriate, and we acknowledge that the relevant laws and regulations may vary from state to state, the following authorities and discussion should provide perspective and context for the analysis that must occur on a case-by-case basis when deciding whether to conduct Clandestine Imaging.
Clandestine Imaging of a Spouse’s Computer: Case Law Directly on Point
Three New York cases are particularly illustrative about the legality and admissibility of data retrieved from a spouse’s computer in a matrimonial situation without the knowledge of the other party (i.e. Clandestine Imaging). Pertinent state statutes must also be considered as they may be directly controlling on these issues, and vary from state to state. The relevant New York statutes are included below.
The seminal New York decision on this issue is Byrne v. Byrne, 168 Misc. 2d 321, 650 N.Y. S.2d 499 (Sup. Ct., Kings Co. 1996). Despite its age, Byrne remains good law and it is continually cited for the proposition that a computer in the marital residence is the equivalent of a filing cabinet. Each spouse has access to the computer in much the same way either could physically open a filing cabinet.
In Byrne, the court arrived at this decision even though the computer was admittedly the property of the husband’s employer – and not actually owned by either spouse. The decision hinged on the computer’s presence in the home and its physical availability to either spouse (and at times, to their children).
The 2008 case of Moore v. Moore 2008 NY Misc Lexis 5221 240 N.Y.L.J. 32 (Sup. Ct. NY Co. 2008) involved a laptop computer that a wife had taken from her husband’s car. This laptop was turned over to the wife’s counsel and the attorneys for both spouses stipulated that the husband’s password would be provided and that discovery would be permitted from the computer. Apparently acting on second thoughts, the husband moved by Order to Show Cause to suppress the contents of the hard disk drive pursuant to CPLR Sec. 4506, claiming that the wife had violated Article 250 of the New York Penal Law (Wiretapping and Related Offenses, which makes it a criminal offense to, inter alia, intercept an electronic communication without the consent of at least one party).
The court disagreed and ruled that there was no eavesdropping, no penal law violation and no need to suppress anything from the computer’s hard drive. The court stated that the hard drive record of past communications is not susceptible to “interception” under the statute. This analysis is key to understanding why Clandestine Imaging in the spouse/spouse context is, in most cases perfectly legal, as opposed to the deployment or use of “spyware” which actually intercepts emails, instant messages or other “electronic communications.”
The case of Gurevich v. Gurevich 24 Misc. 3d 808 (Sup. Ct., Kings Co. May 5, 2009) presents a slightly different set of circumstances, and is the case that is most often referred to by those who would argue Clandestine Imaging in the marital context is potentially a violation of law. In Gurevich, the wife, a software developer, had used the husband’s password to access the husband’s email account and obtain his emails after the divorce action commenced. The husband’s attorney attempted to exclude from evidence, the emails obtained by the wife, citing New York Civil Practice Law and Rules sec. 4506, which makes evidence obtained in violation of New York Penal Law Article 250 inadmissible in any civil proceeding. The court held that there was no eavesdropping violation under Article 250 (citing Moore), which should have ended the inquiry. However, the court went on to state in dicta, that there may have been a violation of the computer tampering/computer trespass statues, but failed to provide any analysis or reasoning for that statement. The court did not need to reach a conclusion on this issue because suppression under CPLR sec. 4506 applies only to evidence obtained in violation of Penal Law Article 250, which the court already concluded had not been violated.[2]
Despite the fact that the court’s reference to a possible violation of New York Penal Law sec. 156.10 (Computer Trespass, a Class E Felony) was clearly dicta, the implication is certainly serious enough to cause concern, at least until the issue is thoroughly analyzed.
What the court in Gurevich either failed to consider, or did not mention, when suggesting that the Clandestine Imaging of the Subject Spouse’s hard drive could potentially have been a violation of New York Penal Law Sections 156.05; 156.10 et seq. (Unauthorized Use of Computer, Computer Tampering, Computer Trespass etc.) is the express defenses[3] contained in the statute, to any charge under any of these sections that “the defendant had reasonable grounds to believe that he had authorization to use the computer” or “had reasonable grounds to believe that he had the right to copy, reproduce or duplicate in any manner the computer data or the computer program.”
In light of the Byrne v. Byrne, case discussed above, which has been cited and adopted by courts throughout New York, it is difficult to imagine an argument under which a spouse would not have “reasonable grounds to believe” that they had authorization to use the computer of their spouse, or copy, reproduce or duplicate data on their spouse’s computer.
Nicholas G. Himonidis, is an attorney, licensed Private Investigator, Certified Fraud Examiner and Certified Computer Forensic Specialist. He is a Vice President at T&M Protection Resources, LLC in New York City, where he heads the firm’s Private Investigation Division. For more information, please visit Nicholas G. Himonidis, J.D., CFE, CCFS at T&M Protection Resources at www.tmprotection.com.
[1] With several significant caveats; the rules which apply to Clandestine Imaging of a Spouse’s computer hard drive apply equally to the Clandestine Imaging of handheld devices such as [cell/smart phones, tablets], and/or other devices that store digital data.
[2] Unlike evidence obtained in violation of Penal Law 250.00, which is specifically excluded as evidence under CPLR 4506, there is no such statutory basis for exclusion of evidence obtained in violation of Penal Law 156.10 or similar provisions of Penal Law Article 156, Offenses Against Computers.
[3] Under New York Penal Law a “defense” is distinguished from an “affirmative defense” in that a defense merely need be raised by a defendant, and must thereafter be disproven by the prosecution beyond a reasonable doubt. This makes the case against a spouse who engages in Clandestine Imaging nearly impossible to win since the defendant need only raise the defense that they had a “reasonable belief” that they had legal authority to access or copy the data, which must then be disproved beyond a reasonable doubt. (See NYPL section 25.00 (1).) This seemingly impossible hurdle to overcome in any potential prosecution in this context makes it extremely unlikely that any prosecutor would ever bring such a case.
Published on:
