I am not a lawyer, but from what I understand from a forensics class I took, personal devices can be in scope in the US if:

* A warning banner is displayed when you connect to the VPN / network / asset that states that use of the resource voids your expectation of privacy, you consent to monitoring, and you acknowledge they can inspect personal devices etc

* You signed a policy document acknowledging that they can monitor you and that connecting to a company resource brings your personal device in scope of monitoring and seizure

* You committed a crime, the police become involved, and a search warrant is issued.

If you do not sign such a policy document, they do not have evidence of a criminal (ie not civil) infraction, and they do not display a warning banner, then you can claim reasonable expectation of privacy (meaning you were ignorant of their policy), refuse a search, and there isn't much they can do to my knowledge. In this specific case you would have to talk to a lawyer, but I would just be safe and use only work assets for work.

The correct answer is whatever your lawyer says.

Whatever the judge says. Lawyers say no, yes, maybe with maybe being the big fun part

"I plead the fifth" or "I'd like a lawyer" or silence.

That's a good question. But as long as you don't save any files on your personal computer, it is just a transport device like a car that gets you to work.

I'm guessing the law isn't that forward thinking though. Maybe I should keep a <$200 mini-PC, just to RDP into work so I have no problem giving up that machine.

> Maybe I should keep a <$200 mini-PC, just to RDP into work so I have no problem giving up that machine.

Doesn't help you. Either your personal devices are in scope or not. If they are, then they all disappear and you're unlikely to get them back.

Investigators don't trust the subjects of the investigation to tell them what devices are in scope or not. If your devices are in scope, they'll take everything that has any chance of having data on it.

(Source: many many reports from subjects of such investigations.)

Could I just have "work" buy me the $200 mini-PC for RDP sessions from home so that it is not a personal device?

In the FBI's defense, they did return all the equipment after they were done with it (if I remember correctly within like a day too). Funny enough though, one guy thought it was strange that after they gave his phone back, all of his text messages from then on were suddenly emailed to his work email also. Wouldn't happen to be that all email in the company was saved indefinitely due to the archiving server?

> All email in the company was saved indefinitely due to the archiving server

Not at all. Many companies actually do the opposite. A previous company I worked for had a 30 day email deletion policy, though we could setup special folders for 13 month retention on emails.

At another company, we were in the backup space and some enterprises had very restrictive backup and archive policies. One was to the point that our backup software was pretty much useless.

To limit liability, files that are not involved any ongoing legal issue such as a lawsuit are deleted as soon as possible without interrupting the business. Once there is a lawsuit, any relevant documents or emails can be deleted. This is all from the point of view for civil lawsuits. I assume gov't investigations are similar.

Sorry, that was sarcasm. It turns out that after the investigation started, they saved all emails indefinitely. I'm pretty sure that it was due to something going on with the investigation, but I can't say for sure. It just seemed a little too coincidental that both occurred so close to each other and one right after the other. It might be too that the FBI requested this, because they said they were trying to "catch the other party involved" (not part of the company).

Oh yeah, at the backup company, we worked on a Legal Hold feature where if an employee was tagged as being involved in a company lawsuit, all their backup files would be held indefinitely. You can delete shit after learning of a lawsuit, only before.

Clever. A modern day "dumb terminal"

If you think that's clever, you'll be blown away when you see actual thin client and zero client hardware. PCoIP zero client tech is pretty seamless with the right backend & network configuration.

Logically, to me, it doesn't count. But lawyers and courts have a real twisted sense of logic and will indict their way around this to get your data off of your personal device.

The details of what you claim to do, are irrelevant -- you can produce work product on the personal computer (ie. writing down a note in textedit, etc)