United States v. Jerome T. Heckenkamp, United States of Am. v. Jerome T. Heckenkamp, 482 F.3d 1142 (9th Cir. 2007). · Go Syfert
United States v. Jerome T. Heckenkamp, United States of Am. v. Jerome T. Heckenkamp, 482 F.3d 1142 (9th Cir. 2007). Cases Citing This Book View Copy Cite
“rivacy expectations may be reduced if the user is advised that information transmitted through the network is not confidential and that the systems administrators may monitor commu- nications transmitted by the user.”
68 citation events (68 in the last 25 years) across 21 distinct courts.
Strongest positive: Use of the EINSTEIN 2.0 Intrusion-Detection System to Protect Unclassified Computer Networks in the Executive Branch (olc, 2009-01-09)
Treatment trajectory · 2007 → 2026 · click a year to view as-of
2007 2016 2026
Top citers, strongest first. 42 distinct citers.
examined Cited as authority (verbatim quote) Use of the EINSTEIN 2.0 Intrusion-Detection System to Protect Unclassified Computer Networks in the Executive Branch (6×) also: Cited as authority (rule), Cited "see"
OLC · 2009 · signal: see also · quote attribution · 2 verbatim quotes · confidence high
rivacy expectations may be reduced if the user is advised that information transmitted through the network is not confidential and that the systems administrators may monitor commu- nications transmitted by the user.
examined Cited as authority (verbatim quote) Legal Issues Relating to the Testing, Use, and Deployment of an Intrusion-detection System (EINSTEIN 2.0) to Protect Unclassified Computer Networks in the Executive Branch (6×) also: Cited as authority (rule), Cited "see"
OLC · 2009 · signal: see also · quote attribution · 2 verbatim quotes · confidence high
rivacy expectations may be reduced if the user is advised that information transmitted through the network is not confidential and that the systems administrators may monitor communications transmitted by the user.
cited Cited as authority (rule) M.R. v. Salem Health Hospitals and Clinics
D. Or. · 2024 · confidence medium
United States v. Heckenkamp, 482 F.3d 1142, 1146 (9th Cir. 2007); People v. Nakai, 183 Cal. App. 4th 499, 518 (2010).
discussed Cited as authority (rule) United States v. Oriyomi Aloba
9th Cir. · 2022 · confidence medium
Even assuming the July 28, 2017 state email warrants were unconstitutionally overbroad because of their “indiscriminate sweep,” Stanford v. Texas, 379 U.S. 476, 486 (1965), the subsequent federal email warrants provided an independent source for the email evidence because they were supported by probable cause and did not rely on any of the information obtained from the state warrants, Murray v. United States, 487 U.S. 533, 542 (1988); United States v. Heckenkamp, 482 F.3d 1142, 1149 (9th Cir. 2007).
discussed Cited as authority (rule) People v. McCavitt
Ill. · 2021 · confidence medium
United States v. Heckenkamp, 482 F.3d 1142, 1147 (9th Cir. 2007) (an individual generally has a reasonable expectation of privacy in their personal computers and data files).
discussed Cited as authority (rule) United States v. Jermaine Richardson
9th Cir. · 2020 · confidence medium
Second, we conclude that after excising the evidence discovered during the initial search, the remaining information in the search warrant affidavit was sufficient to “provide a neutral magistrate with probable cause to issue a warrant.” United States v. Heckenkamp, 482 F.3d 1142, 1149 (9th Cir. 2007) (citation 5 omitted).1 The warrant application stated, among other things, that the officers were familiar with both the residence and Richardson, the officers knew Richardson was a suspect in ongoing investigations, the trailer smelled of marijuana, there was a stolen vehicle parked outside …
discussed Cited as authority (rule) People v. McCavitt (2×) also: Cited "see"
Ill. App. Ct. · 2020 · confidence medium
United States v. Heckenkamp, 482 F.3d 1142, 1147 (9th Cir. 2007); United States v. Broy, 209 F. Supp. 3d 1045, 1053-54 (C.D.
discussed Cited as authority (rule) United States v. Hever Guzman-Guerrero (2×) also: Cited "see"
9th Cir. · 2017 · confidence medium
See id.; United States v. Heckenkamp, 482 F.3d 1142, 1149 (9th Cir. 2007).
discussed Cited as authority (rule) United States v. Taylor
N.D. Ala. · 2017 · confidence medium
U.S. v. Heckenkamp, 482 F.3d 1142, 1147 (2007). 1, Nature of the Property Searched & Seized In their briefs, both parties address Mr. Taylor’s constitutional privacy interests in the property searched and seized in the context of á Rule 41 violation.
discussed Cited as authority (rule) United States v. Mohamed Mohamud
9th Cir. · 2016 · confidence medium
MOHAMUD United States v. Heckenkamp, 482 F.3d 1142, 1146 (9th Cir. 2007) (quoting United States v. Lifshitz, 369 F.3d 173, 190 (2d Cir. 2004) (citing Guest v. Leis, 255 F.3d 325, 333 (6th Cir. 2001))); see also Guest, 255 F.3d at 333 (“[Users] would lose a legitimate expectation of privacy in an e-mail that had already reached its recipient; at this moment, the e-mailer would be analogous to a letter-writer, whose ‘expectation of privacy ordinarily terminates upon delivery’ of the letter.” (citation omitted)).
discussed Cited as authority (rule) United States v. Mohamed Mohamud
9th Cir. · 2016 · confidence medium
But as with letters, “[a] person’s reasonable expectation of privacy may be diminished in ‘transmissions over the Internet or e-mail that have already arrived at the recipient.’ ” United States v. Heckenkamp, 482 F.3d 1142, 1146 (9th Cir. 2007) (quoting United States v. Lifshitz, 369 F.3d 173, 190 (2d Cir. 2004) (citing Guest v. Leis, 255 F.3d 325, 333 (6th Cir. 2001))); see also Guest, 255 F.3d at 333 (“[Users] would lose a legitimate expectation of privacy in an email that had already reached its recipient; at this moment, the e-mailer would be analogous to a letter-writer, whose…
cited Cited as authority (rule) United States v. Broy
C.D. Ill. · 2016 · confidence medium
United States v. Heckenkamp, 482 F.3d 1142, 1147 (9th Cir.2007) (citing Levenihal v. Knapek, 266 F.3d 64 , 74 (2d Cir.2001)). .
discussed Cited as authority (rule) People v. Aguilar CA6
Cal. Ct. App. · 2016 · confidence medium
(See, e.g., People v. Appleton (2016) 245 Cal.App.4th 717, 724 (Appleton) [individuals hold constitutionally protected expectation of privacy in the contents of their computers]; People v. Michael E. (2014) 230 Cal.App.4th 261, 277 [computer hard drive searches implicate “at least the same privacy concerns” as cell phone searches]; U.S. v. Heckenkamp (9th Cir. 2007) 482 F.3d 1142, 1146 [reasonable expectation of privacy in personal computer is not extinguished simply by attaching computer to the network].) The Supreme Court has expounded on these concerns in the context of warrantless sear…
discussed Cited as authority (rule) United States v. Muhtorov
D. Colo. · 2015 · confidence medium
The concept has been held to apply to electronic communications, where “a person’s reasonable expectation of privacy may be diminished in transmissions over the Internet or e-mail that have already arrived at the recipient.” United States v. Heckenkamp, 482 F.3d 1142, 1146 (9th Cir. 2007).
cited Cited as authority (rule) United States v. Santiago Martinez
9th Cir. · 2014 · confidence medium
United States v. Heckenkamp, 482 F.3d 1142, 1146 (9th Cir.2007).
discussed Cited as authority (rule) State v. Welch
Ariz. Ct. App. · 2014 · confidence medium
The court held that although an individual generally has “an objectively reasonable expectation of privacy in his personal computer,” it did not agree that this “expectation can survive Ganoe’s decision to install and use file-sharing software, thereby opening his computer to anyone else with the same freely available program.” Id., citing United States v. Heckenkamp, 482 F.3d 1142, 1146 (9th Cir.2007).
discussed Cited as authority (rule) State v. Carle
Or. Ct. App. · 2014 · confidence medium
See, e.g., Patino, 93 A3d at 56 (concluding, under the Fourth Amendment, that sender of text message “no longer enjoy[ed] a reasonable expectation of privacy in the digital copy of the message contained on the recipient’s” cell phone because “a cell phone user retains control over what becomes of the content on his or her phone, but entirely loses control of the messages contained on the phone of another” once that message is delivered); U.S. v. Lifshitz, 369 F3d 173, 190 (2d Cir 2004) (reasoning that “[individuals generally possess a reasonable expectation of privacy in their home…
discussed Cited as authority (rule) United States v. John Ahrndt
9th Cir. · 2012 · confidence medium
“An individual has a reasonable expectation of privacy if he can demonstrate a subjective expectation that his activities would be private, and he [can] show that his expectation was one that society is prepared to recognize as reasonable.” United States v. Heckenkamp, 482 F.3d 1142, 1146 (9th Cir.2007) (internal quotation marks omitted) (alteration in original).
cited Cited as authority (rule) In re United States
E.D. Va. · 2011 · confidence medium
Petitioners’ additional citations to United States v. Warshak, 631 F.3d 266, 286-88 (6th Cir.2010) and United States v. Heckenkamp, 482 F.3d 1142, 1146-47 (9th Cir.2007) are also distinguishable.
discussed Cited as authority (rule) Reaffirming Use of the EINSTEIN 2.0 Intrusion- Detection System to Protect Unclassified Computer Networks in the Executive Branch
OLC · 2009 · confidence medium
Union v. Von Raab, 489 U.S. 656 , 665–66 (1989) (warrant and probable cause provisions of the Fourth Amendment are inapplicable to a search that “serves special governmental needs, beyond the normal need for law enforcement”); Griffin v. Wiscon- sin, 483 U.S. 868 , 872–73 (1987) (special needs doctrine applies in cir- cumstances that make the “warrant and probable cause requirement im- practicable”); United States v. Heckenkamp, 482 F.3d 1142, 1148 (9th Cir. 2007) (preventing misuse of and damage to university computer network is a lawful purpose).
discussed Cited as authority (rule) Legality of Intrusion-Detection System to Protect Unclassified Computer Networks in the Executive Branch
OLC · 2009 · confidence medium
See O’Connor, 480 U.S. at 720 (plurality); see also Nat’l Treasury Employees Union v. Von Raab, 489 U.S. 656, 665-66 (1989) (warrant and probable cause provisions of the Fourth Amendment are inapplicable to a search that “serves special governmental needs, beyond the normal need for law enforcement”); Griffin v. Wisconsin, 483 U.S. 868, 872-73 (1987) (special needs doctrine applies in circumstances that make the “warrant and probable cause requirement impracticable”); United States v. Heckenkamp, 482 F.3d 1142, 1148 (9th Cir. 2007) (preventing misuse of and damage to university com…
discussed Cited as authority (rule) United States v. Sharpe
9th Cir. · 2009 · confidence medium
“In order to determine whether evidence obtained through a tainted warrant is admissible, [a] reviewing court should excise the tainted evidence and determine whether the remaining untainted evidence would provide a neutral magistrate with probable cause to issue a warrant.” United States v. Heckenkamp, 482 F.3d 1142, 1149 (9th Cir.2007) (alteration in original) (citation and quotation marks omitted).
discussed Cited as authority (rule) United States v. Sharpe
9th Cir. · 2009 · confidence medium
“In order to determine whether evidence obtained through a tainted warrant is admissible, [a] reviewing court should excise the tainted evidence and determine whether the remaining untainted evidence would provide a neutral magistrate with probable cause to issue a warrant.” United States v. Heckenkamp, 482 F.3d 1142, 1149 (9th Cir.2007) (alteration in original) (citation and quotation marks omitted).
discussed Cited as authority (rule) United States v. Ganoe
9th Cir. · 2008 · confidence medium
Although as a general matter an individual has an objectively reasonable expectation of privacy in his personal computer, see United States v. Heckenkamp, 482 F.3d 1142, 1146 (9th Cir.2007), we fail to see how this expectation can survive Ga-noe’s decision to install and use file-sharing software, thereby opening his computer to anyone else with the same freely available program.
discussed Cited as authority (rule) United States v. Ganoe
9th Cir. · 2008 · confidence medium
Although as a general matter an individual has an objec- tively reasonable expectation of privacy in his personal com- puter, see United States v. Heckenkamp, 482 F.3d 1142, 1146 (9th Cir. 2007), we fail to see how this expectation can sur- vive Ganoe’s decision to install and use file-sharing software, thereby opening his computer to anyone else with the same 10752 UNITED STATES v. GANOE freely available program.
discussed Cited as authority (rule) Warner v. McCunney
3rd Cir. · 2008 · confidence medium
See, e.g., Rawlings v. Kentucky, 448 U.S. 98, 105 , 100 S.Ct. 2556 , 65 L.Ed.2d 633 (1980); United States v. Heckenkamp, 482 F.3d 1142, 1146 (9th Cir.2007); United States v. Brown, 408 F.3d 1049, 1051 (8th Cir.2005). *478 The following facts are undisputed.
discussed Cited as authority (rule) United States v. Greiner
9th Cir. · 2007 · confidence medium
As we have previously noted, “privacy expectations may be reduced if the user is advised that information transmitted through the network is not confidential and that the systems administrators may monitor communications transmitted by the user.” United States v. Heckenkamp, 482 F.3d 1142, 1147 (9th Cir.2007).
discussed Cited "see" United States v. Shane Nault
9th Cir. · 2022 · signal: see · confidence high
See United States v. Heckenkamp, 482 F.3d 1142, 1149 (9th Cir. 2007) (“In order to determine whether evidence obtained through a tainted warrant is admissible, ‘[a] reviewing court should excise the tainted evidence and determine whether the remaining untainted evidence would provide a neutral magistrate with probable cause to issue a warrant.’” (citation omitted)).
discussed Cited "see" United States v. Patrakis
D. Haw. · 2017 · signal: see · confidence high
See United States v. Heckenkamp , 482 F.3d 1142 , 1146 (9th Cir. 2007) (citing United States v. Lifshitz , 369 F.3d 173 , 190 (2d Cir. 2004) ) ("Individuals generally possess a reasonable expectation of privacy in their home computers.") ); see also United States v. Buckner , 473 F.3d 551 , 554-55 n.2 (4th Cir. 2007) (recognizing a reasonable expectation of privacy in the defendant's password-protected files on a computer leased by his wife); Trulock v. Freeh , 275 F.3d 391 , 403 (4th Cir. 2001) (same as to a computer the plaintiff and another person had joint access to) ).
discussed Cited "see" United States v. Ammons
W.D. Ky. · 2016 · signal: accord · confidence high
See United States v. Conner, 521 Fed.Appx. 493, 497 (6th Cir. 2013) “Generally speaking, computer users have a reasonable expectation of privacy in data stored on a home computer.” (citing Guest v. Lets, 255 F.3d 325 , 333 (6th Cir. 2001))); accord United States v. Heckenkamp, 482 F.3d 1142, 1146 (9th Cir. 2007); United States v. Lifshitz, 369 F.3d 173, 190 (2d Cir. 2004); Trulock v. Freeh, 275 F.3d 391, 402-04 (4th Cir. 2001); Palmieri v .
cited Cited "see" United States v. Matish
E.D. Va. · 2016 · signal: see · confidence high
See United States v. Heckenkamp, 482 F.3d 1142, 1146 (9th Cir.2007).
cited Cited "see" United States v. Nunzio Guadagni
9th Cir. · 2014 · signal: see · confidence high
See United States v. Heckenkamp, 482 F.3d 1142, 1149 (9th Cir.2007). 2.
discussed Cited "see" Quon v. Arch Wireless, Inc.
9th Cir. · 2008 · signal: see · confidence high
See United States v. Heckencamp, 482 F.3d 1142, 1146-47 (9th Cir. 2007) (holding that a student did not lose his reasonable expectation of privacy in information stored on his computer, despite a 6 Because Jeff Quon’s reasonable expectation of privacy hinges on the OPD’s informal policy regarding his use of the OPD-issued pagers, see infra pages 7027-29, this conclusion affects only the rights of Trujillo, Florio, and Jerilyn Quon.
discussed Cited "see" Quon v. Arch Wireless Operating Co., Inc.
9th Cir. · 2008 · signal: see · confidence high
See United States v. Heckenkamp, 482 F.3d 1142, 1146-47 (9th Cir.2007) (holding that a student did not lose his reasonable expectation of privacy in information stored on his computer, despite a university policy that it could ac *906 cess his computer in limited circumstances while connected to the university’s network); United States v. Ziegler, 474 F.3d 1184, 1189-90 (9th Cir.2007) (holding that an employee had a reasonable expectation of privacy in a computer in a locked office despite a company policy that computer usage would be monitored).
discussed Cited "see" United States v. King (2×)
N.D. Cal. · 2008 · signal: see · confidence high
See United States v. Heckenkamp, 482 F.3d 1142, 1146 (9th Cir.2007).
discussed Cited "see, e.g." United States v. Dontavious M. Blake
11th Cir. · 2017 · signal: see, e.g. · confidence medium
See, e.g., United States v. Heckenkamp, 482 F.3d 1142, 1146 (9th Cir. 2007) (holding that a college student had a reasonable expectation- of privacy in his-dorm room computer); United States v. Lifshitz, 369 F.3d 173, 190 (2d Cir. 2004) ("Individuals generally possess a reasonable expectation of privacy in their home computers.”); Guest v. Leis, 255 F.3d 325, 333 (6th Cir. 2001) ("Home owners would of course have.a reasonable expectation of privacy in their homes and in their belongings — including computers — inside the home.”). 5 .
discussed Cited "see, e.g." Palmieri v. United States of America
D.D.C. · 2014 · signal: see, e.g. · confidence medium
See, e.g., United States v. Heckenkamp, 482 F.3d 1142, 1146 (9th Cir.2007); United States v. Buckner, 473 F.3d 551 , 554 n. 2 (4th Cir.2007); United States v. Lifshitz, 369 F.3d 173, 190 (2d Cir.2004); Guest v. Leis, 255 F.3d 325, 333 (6th Cir.2001).
discussed Cited "see, e.g." United States v. Charles Borowy
9th Cir. · 2010 · signal: see also · confidence medium
See id.; see also United States v. Heckenkamp, 482 F.3d 1142, 1147 (9th Cir. 2007 ) (“[P]rivacy expectations may be reduced if the user is advised that information transmitted through the network is not confidential and that [others] may monitor communications transmitted by the user.”).
discussed Cited "see, e.g." United States v. Borowy
9th Cir. · 2010 · signal: see also · confidence medium
See id.; see also United States v. Heckenkamp, 482 F.3d 1142, 1147 (9th Cir.2007) (“[P]rivaey expectations may be reduced if the user is advised that information transmitted through the network is not confidential and that[others] may monitor communications transmitted by the user.”).
discussed Cited "see, e.g." Friedman v. Boucher
9th Cir. · 2009 · signal: see also · confidence medium
Under this exception, suspicionless searches may be upheld if they are “conducted for important non-law enforcement purposes in contexts where adherence to the warrant-and-probable cause requirement would be imprac- ticable.” Kincade, 379 F.3d at 823 (emphasis added); see also United States v. Heckencamp, 482 F.3d 1142, 1147 (9th Cir. 2007) (applying a special needs exception when a university computer system was under imminent threat). [5] The “special needs” exception is limited to “important non-law enforcement purposes.” Kincade, 379 F.3d at 823 .
discussed Cited "see, e.g." Friedman v. Boucher (2×)
9th Cir. · 2009 · signal: see also · confidence medium
Under this exception, suspicionless searches may be upheld if they are “conducted for important non-law enforcement purposes in contexts where adherence to the warrant-and-probable cause requirement would be impracticable.” Kincade, 379 F.3d at 823 (emphasis added); see also United States v. Heckenkamp, 482 F.3d 1142, 1147 (9th Cir. 2007) (applying a special needs exception when a university computer system was under imminent threat).
discussed Cited "see, e.g." Friedman v. Boucher (2×)
9th Cir. · 2009 · signal: see also · confidence medium
Under this exception, suspicionless searches may be upheld if they are “conducted for important non-law enforcement purposes in contexts where adherence to the warrant-and-probable cause requirement would be impracticable.” Kincade, 379 F.3d at 823 (emphasis added); see also United States v. Heckenkamp, 482 F.3d 1142, 1147 (9th Cir.2007) (applying a special needs exception when a university computer system was under imminent threat).
UNITED STATES of America, Plaintiff-Appellee,
v.
Jerome T. HECKENKAMP, Defendant-Appellant; United States of America, Plaintiff-Appellee, v. Jerome T. Heckenkamp, Defendant-Appellant
05-10322, 05-10323.
Court of Appeals for the Ninth Circuit.
Apr 5, 2007.
482 F.3d 1142
Benjamin Coleman, San Diego, CA, for the appellant., Hanley Chew, Assistant United States Attorney, San Francisco, CA, for the ap-pellee.
Canby, Hawkins, Thomas.
Cited by 49 opinions  |  Published
THOMAS, Circuit Judge.

In this case, we consider whether a remote search of computer files on a hard drive by a network administrator was justified under the “special needs” exception to the Fourth Amendment because the administrator reasonably believed the computer had been used to gain unauthorized access to confidential records on a university computer. We conclude that the remote search was justified.

Although we assume that the subsequent search of the suspect’s dorm room was not justified under the Fourth Amendment, we conclude that the district court’s denial of the suppression motion was proper under the independent source exception to the exclusionary rule.

I

In December 1999, Scott Kennedy, a computer system administrator for Qual-comm Corporation in San Diego, California, discovered that somebody had obtained unauthorized access to (or “hacked into,” in popular parlance) the company’s computer network. Kennedy contacted Special Agent Terry Rankhorn of the Federal Bureau of Investigation about the intrusion.

Kennedy was able to trace the intrusion to a computer on the University of Wisconsin at Madison network, and he contacted the university’s computer help desk, seeking assistance. Jeffrey Savoy, the University of Wisconsin computer network investigator, promptly responded to Kennedy’s request and began examining the university’s system. Savoy found evidence that someone using a computer on the university network was in fact hacking into the Qualcomm system and that the user had gained unauthorized access to the university’s system as well. Savoy was particularly concerned that the user had gained access to the “Mail2” server on the univer[*1144] sity system, which housed accounts for 60,000 individuals on campus and processed approximately 250,000 emails each day. At that time, students on campus were preparing for final exams, and Savoy testified that “the disruption on campus would be tremendous if e-mail was destroyed.” Through his investigation of the Mail2 server, Savoy traced the source of intrusion to a computer located in university housing. The type of access the user had obtained was restricted to specific system administrators, none of whom would be working from the university’s dormitories.

Savoy determined that the computer that had gained unauthorized access had a university Internet Protocol (“IP”) address [1] that ended in 117. In addition, Savoy determined that Heckencamp, who was a computer science graduate student at the university, had checked his email from that IP address 20 minutes before and 40 minutes after the unauthorized connections between the computer at the IP address ending in 117, the Mail2 server, and the Qualcomm server. Savoy determined that the computer at that IP address had been used regularly to check Heckencamp’s email account, but no others. Savoy became extremely concerned because he knew that Heckenkamp had been terminated from his job at the university computer help desk two years earlier for similar unauthorized activity, and Savoy knew that Heckenkamp “had technical expertise to damage [the university’s] system.”

Although Savoy was confident that the computer that had gained the unauthorized access belonged to Heckenkamp, he checked the housing records to ensure that the IP address was assigned to Hecken-kamp’s dorm room. The housing department initially stated that the IP address corresponded to a different room down the hall from Heckenkamp’s assigned room. The housing department acknowledged that the records could be inaccurate but stated that they would not be able to verify the location of the IP address until the next morning. In order to protect the university’s server, Savoy electronically blocked the connection between IP address 117 and the Mail2 server.

After blocking the connection, Savoy contacted Rankhorn. After Savoy informed Rankhorn of the information he had found, Rankhorn told Savoy that he intended to get a warrant for the computer, but he did not ask Savoy to take any action or to commence any investigation.

Later that night, Savoy decided to check the status of the 117 computer from home because he was still concerned about the integrity of the university’s system. He logged into the network and determined that the 117 computer was not attached to the network. However, Savoy was still concerned that the same computer could have “changed its identity,” so he checked the networking hardware to determine if the computer that was originally logged on at the 117 address was now logged on at a different IP address. His search confirmed that the computer was now logged on at an IP address ending in 120.

Based on this discovery, Savoy became even more concerned that the Mail2 server “security could be compromised at any time,” particularly because “the intruder at this point knows that he’s being investigated” and might therefore interfere with the system to cover his tracks. Savoy concluded that he needed to act that night.

Before taking action, Savoy wanted to verify that the computer logged on at 120 was the same computer that had been[*1145] logged on at 117 earlier in the day. He logged into the computer, using a name and password he had discovered in his earlier investigation into the 117 computer. Savoy used a series of commands to confirm that the 120 computer was the same computer that had been logged on at 117 and to determine whether the computer still posed a risk to the university server. After approximately 15 minutes of looking only in the temporary directory, without deleting, modifying, or destroying any files, Savoy logged off of the computer.

Savoy then determined that “[the 120] machine need[ed] to get off line immediately or as soon as possible” based on “a university security need.” He contacted both Rankhorn and a Detective Scheller, who worked for the university police. Savoy informed them of his discoveries and concerns. Rank-horn asked Savoy to wait to take action because he was attempting to get a search warrant. However, Savoy felt that he needed to protect the university’s system by taking the machine off fine immediately. Therefore, he made the decision to coordinate with the university police to take the computer off line and to “let [the] university police coordinate with the FBI.”

Together with Scheller and other university police officers, Savoy went to the room assigned to Heckenkamp. [2] When they arrived at the room, the door was ajar, and nobody was in the room. Savoy and Scheller entered the room and disconnected the network cord attaching the computer to the network. Savoy noted that the computer had a screen saver with a password, which prevented him from accessing the computer. In order to be sure that the computer he had disconnected from the network was the computer that had gained unauthorized access to the Mail2 server, Savoy wanted to run some commands on the computer. Detective Scheller located Heckenkamp, explained the situation and asked for Heckenkamp’s password, which Heckenkamp voluntarily provided.

Savoy used the password to run the commands on the computer and verified that it was the computer used to gain the unauthorized access. After Savoy confirmed that he had the right computer, Scheller advised Heckenkamp that he was not under arrest, but Scheller requested that Heckenkamp waive his Miranda rights and give a statement. Heckenkamp waived his rights in writing and answered the investigator’s and detectives’ questions. In addition, Heckenkamp authorized Savoy to make a copy of his hard drive for later analysis, which Savoy did. At no time did Savoy or Scheller search Heckenkamp’s room. Throughout his testimony, Savoy emphasized that his actions were taken to protect the university’s server rather than for law enforcement purposes.

The federal agents obtained a search warrant from the Western District of Wisconsin, which was executed the following day. Pursuant to the warrant, the agents seized the computer and searched Hecken-kamp’s room.

Heckenkamp was indicted in both the Northern and Southern Districts of California on multiple offenses, including counts of recklessly causing damage by intentionally accessing a protected computer without authorization, in violation of 18 U.S.C. § 1030(a)(5)(B). In separate orders, Judge Ware in the Northern District and Judge Jones in the Southern District denied Heckenkamp’s motions to suppress the evidence gathered from (1) the remote search of his computer, (2) the image tak[*1146] en of his computer’s hard drive, and (3) the search conducted pursuant to the FBI’s search warrant. [3]

The two cases were eventually consolidated before Judge Ware. Heckenkamp entered a conditional guilty plea to two counts of violating 18 U.S.C. § 1030(a)(5)(B), which allowed him to appeal the denials of his motions to suppress. The district court entered its judgment and commitment orders on April 28, 2005, and Heckenkamp filed a timely notice of appeal.

We review de novo both a court’s denial of a motion to suppress evidence and a court’s determination of whether an individual’s expectation of privacy was objectively reasonable. United States v. Bautista, 362 F.3d 584, 588-89 (9th Cir.2004).

II

As a prerequisite to establishing the illegality of a search under the Fourth Amendment, a defendant must show that he had a reasonable expectation of privacy in the place searched. Rakas v. Illinois, 439 U.S. 128, 143, 99 S.Ct. 421, 58 L.Ed.2d 387 (1978). An individual has a reasonable expectation of privacy if he can “ ‘demonstrate a subjective expectation that his activities would be private, and he [can] show that his expectation was one that society is prepared to recognize as reasonable.’ ” Bautista, 362 F.3d at 589 (quoting United States v. Nerber, 222 F.3d 597, 599 (9th Cir.2000)). No single factor determines whether an individual legitimately may claim under the Fourth Amendment that a place should be free of warrantless government intrusion. Rakas, 439 U.S. at 152-153, 99 S.Ct. 421 (Powell, J., concurring). However, we have given weight to such factors as the defendant’s possessory interest in the property searched or seized, see United States v. Broadhurst, 805 F.2d 849, 852 n. 2 (9th Cir.1986), the measures taken by the defendant to insure privacy, see id., whether the materials are in a container labeled as being private, see id., and the presence or absence of a right to exclude others from access, see Bautista, 362 F.3d at 589.

The government does not dispute that Heckenkamp had a subjective expectation of privacy in his computer and his dormitory room, and there is no doubt that Heckenkamp’s subjective expectation as to the latter was legitimate and objectively reasonable. Minnesota v. Olson, 495 U.S. 91, 95-96, 110 S.Ct. 1684, 109 L.Ed.2d 85 (1990). We hold that he also had a legitimate, objectively reasonable expectation of privacy in his personal computer. See United States v. Lifshitz, 369 F.3d 173, 190 (2d Cir.2004) (“Individuals generally possess a reasonable expectation of privacy in their home computers.”); see also United States v. Buckner, 473 F.3d 551, 554 n. 2 (4th Cir.2007) (recognizing a reasonable expectation of privacy in password-protected computer files); Trulock v. Freeh, 275 F.3d 391, 403 (4th Cir.2001) (same).

[3] The salient question is whether the defendant’s objectively reasonable expectation of privacy in his computer was eliminated when he attached it to the university network. We conclude under the facts of this case that the act of attaching his computer to the network did not extinguish his legitimate, objectively reasonable privacy expectations.

A person’s reasonable expectation of privacy may be diminished in “transmissions over the Internet or e-mail that have already arrived at the recipient.” Lifshitz, 369 F.3d at 190. However, the mere act of accessing a network does not in itself extinguish privacy expectations,[*1147] nor does the fact that others may have occasional access to the computer. Leventhal v. Knapek, 266 F.3d 64, 74 (2d Cir.2001). However, privacy expectations may be reduced if the user is advised that information transmitted through the network is not confidential and that the systems administrators may monitor communications transmitted by the user. United States v. Angevine, 281 F.3d 1130, 1134 (10th Cir.2002); United States v. Simons, 206 F.3d 392, 398 (4th Cir.2000).

In the instant case, there was no announced monitoring policy on the network. To the contrary, the university’s computer policy itself provides that “[i]n general, all computer and electronic files should be free from access by any but the authorized users of those files. Exceptions to this basic principle shall be kept to a minimum and made only where essential to ... protect the integrity of the University and the rights and property of the state.” When examined in their entirety, university policies do not eliminate Heck-enkamp’s expectation of privacy in his computer. Rather, they establish limited instances in which university administrators may access his computer in order to protect the university’s systems. Therefore, we must reject the government’s contention that Heckenkamp had no objectively reasonable expectation of privacy in his personal computer, which was protected by a screen-saver password, located in his dormitory room, and subject to no policy allowing the university actively to monitor or audit his computer usage.

Ill

Although we conclude that Heckenkamp had a reasonable expectation of privacy in his personal computer, we conclude that the search of the computer was justified under the “special needs” exception to the warrant requirement. Under the special needs exception, a warrant is not required when “ ‘special needs, beyond the normal need for law enforcement, make the warrant and probable-cause requirement impracticable.’ ” Griffin v. Wisconsin, 483 U.S. 868, 873, 107 S.Ct. 3164, 97 L.Ed.2d 709 (1987) (quoting New Jersey v. T.L.O., 469 U.S. 325, 351, 105 S.Ct. 733, 83 L.Ed.2d 720 (1985) (Blackmun, J., concurring in the judgment)). If a court determines that such conditions exist, it will “assess the constitutionality of the search by balancing the need to search against the intrusiveness of the search.” Henderson v. City of Simi Valley, 305 F.3d 1052, 1059 (9th Cir.2002) (citing Ferguson v. City of Charleston, 532 U.S. 67, 78, 121 S.Ct. 1281, 149 L.Ed.2d 205 (2001)).

A

Here, Savoy provided extensive testimony that he was acting to secure the Mail2 server, and that his actions were not motivated by a need to collect evidence for law enforcement purposes or at the request of law enforcement agents. This undisputed evidence supports Judge Jones’s conclusion that the special needs exception applied. The integrity and security of the campus e-mail system was in jeopardy. Although Savoy was aware that the FBI was also investigating the use of a computer on the university network to hack into the Qualcomm system, his actions were not taken for law enforcement purposes. Not only is there no evidence that Savoy was acting at the behest of law enforcement, but also the record indicates that Savoy was acting contrary to law enforcement requests that he delay action.

Under these circumstances, a search warrant was not necessary because Savoy was acting purely within the scope of his role as a system administrator. Under the university’s policies, to which Heckenkamp assented when he connected his computer to the university’s network, Savoy was authorized to “rectif[y] emer[*1148] gency situations that threaten the integrity of campus computer or communication systems[,] provided that use of accessed files is limited solely to maintaining or safeguarding the system.” Savoy discovered through his examination of the network logs, in which Heckenkamp had no reasonable expectation of privacy, that the computer that he had earlier blocked from the network was now operating from a different IP address, which itself was a violation of the university’s network policies.

This discovery, together with Savoy’s earlier discovery that the computer had gained root access to the university’s Mail2 server, created a situation in which Savoy needed to act immediately to protect the system. Although he was aware that the FBI was already seeking a warrant to search Heckenkamp’s computer in order to serve the FBI’s law enforcement needs, Savoy believed that the university’s separate security interests required immediate action. Just as requiring a warrant to investigate potential student drug use would disrupt operation of a high school, see T.L.O., 469 U.S. at 352-53, 105 S.Ct. 733 (Blackmun, J., concurring in the judgment), requiring a warrant to investigate potential misuse of the university’s computer network would disrupt the operation of the university and the network that it relies upon in order to function. Moreover, Savoy and the other network administrators generally do not have the same type of “adversarial relationship” with the university’s network users as law enforcement officers generally have with criminal suspects. 469 U.S. at 349-50, 105 S.Ct. 733 (Powell, J., concurring).

The district court was entirely correct in holding that the special needs exception applied.

B

Once a court determines that the special needs doctrine applies to a search, it must “assess the constitutionality of the search by balancing the need to search against the intrusiveness of the search.” Henderson, 305 F.3d at 1059 (citing Ferguson, 532 U.S. at 78, 121 S.Ct. 1281). The factors considered are the subject of the search’s privacy interest, the government’s interests in performing the search, and the scope of the intrusion. See id. at 1059-60.

Here, although Heckenkamp had a subjectively real and objectively reasonable expectation of privacy in his computer, the university’s interest in maintaining the security of its network provided a compelling government interest in determining the source of the unauthorized intrusion into sensitive files. The remote search of the computer was remarkably limited given the circumstances. Savoy did not view, delete, or modify any of the actual files on the computer; he was only logged into the computer for 15 minutes; and he sought only to verify that the same computer that had been connected at the 117 IP address was now connected at the 120 IP address. Here, as in Henderson, “the government interest served[ ] and the relative unobtrusiveness of the search” lead to a conclusion that the remote search was not unconstitutional. Id. at 1061.

The district court did not err in denying the motion to suppress the evidence obtained through the remote search of the computer.

IV

The district court also did not err in denying the motion to suppress evidence obtained during the searches of Hecken-kamp’s room. Assuming, without deciding, that Savoy and the university police violated Heckenkamp’s Fourth Amendment rights when they entered his dormitory room for nonlaw-enforcement purposes, the evidence obtained through the search was nonetheless admissible under[*1149] the independent source exception to the exclusionary rule.

Under the independent source exception, “ ‘information which is received through an illegal source is considered to be cleanly obtained when it arrives through an independent source.’ ” Murray v. United States, 487 U.S. 533, 538-39, 108 S.Ct. 2529, 101 L.Ed.2d 472, (1988) (quoting United States v. Silvestri, 787 F.2d 736, 739 (1st Cir.1986)). Therefore, we have held that “ ‘[t]he mere inclusion of tainted evidence in an affidavit does not, by itself, taint the warrant or the evidence seized pursuant to the warrant.’ ” United States v. Reed, 15 F.3d 928, 933 (9th Cir.1994) (quoting United States v. Vasey, 834 F.2d 782, 788 (9th Cir.1987)). In order to determine whether evidence obtained through a tainted warrant is admissible, “[a] reviewing court should excise the tainted evidence and determine whether the remaining untainted evidence would provide a neutral magistrate with probable cause to issue a warrant.” Id. (quoting Vasey, 834 F.2d at 788).

Here, even without the evidence gathered through the allegedly improper search, there is sufficient information in the affidavit to establish probable cause. The affidavit recited evidence that the server intrusion had been tracked “to a campus dormitory room computer belonging to Jerome T. Heckenkamp”; that “[t]he computer is in Room 107, Noyes House, Adams Hall on the University of Wisconsin-Madison”; and that “Heckenkamp previously had a disciplinary action in the past for unauthorized computer access to a University of Wisconsin system.” This was sufficient evidence to obtain the warrant to search “Room 107, Noyes House, Adams Hall.”

V

Although Heckenkamp had a reasonable expectation of privacy in his personal computer, a limited warrantless remote search of the computer was justified under the special needs exception to the warrant requirement. The subsequent search of his dorm room was justified, based on information obtained by means independent of the university search of the room. Therefore, the district courts properly denied the suppression motions.

The judgment of the district court is AFFIRMED.

1

. An IP address is a standard way of identifying a computer that is connected to the Internet. An IP address is comprised of four integers less than 256 separated by periods.

2

. They also went to the room the housing department stated was connected to the IP address ending in 117 to ensure that those records were not correct.

3

. Judge Ware later reaffirmed his denial of the motion to suppress when Heckenkamp filed a renewed motion to suppress after the cases were consolidated.