Easiest and safest way to do it would be to plug a USB drive or SD card into the laptop and copy the files over. I am not qualified to comment of the legality of this, and you should probably consult a lawyer familiar with your jurisdiction who can look at any contracts or agreements you may have with your employer if you are concerned about that. If I were in your position, I probably would not be concerned about that.
posted by Rock Steady at 5:18 AM on September 10, 2014 [1 favorite]

1. Yes, this is a bad idea. It's intellectual property theft, and your former employer can sue you for it.

2. Don't.
posted by jpeacock at 5:29 AM on September 10, 2014 [17 favorites]

1. This is a very bad idea. Your company owns that work product.
2. Strongly advise against. Worst case if detected: legal issues. Best case if detected: they refuse to give a reference.

They will detect it.
posted by hellomiss at 5:31 AM on September 10, 2014 [3 favorites]

Instead of taking the actual code, write up something that you can refer back to in the future to remind you of what you did.
posted by COD at 5:34 AM on September 10, 2014 [12 favorites]

The fact that you're talking at all about how to do this without being detected means you know it's a terrible idea. Don't do it.
posted by Itaxpica at 5:35 AM on September 10, 2014 [2 favorites]

Read the book Flash Boys by Michael Lewis. Do not do this without permission. Before you ask, make sure you have not accidentally already done this.
posted by 724A at 5:36 AM on September 10, 2014 [1 favorite]

Instead of taking the actual code, write up something that you can refer back to in the future to remind you of what you did.

This. Not only are you not actually stealing company data, but the process of writing it up will help you learn/remember it better as well as giving you a reference for the future, similar to writing revision notes if you're a student.
posted by EndsOfInvention at 5:37 AM on September 10, 2014 [8 favorites]

I suggest you read this first, before you decide what to do.
posted by dyslexictraveler at 5:41 AM on September 10, 2014 [2 favorites]

It depends on your industry how closely they'll be watching you. If you must take the data, Rock Steady has the right idea from a technical standpoint. Emailing it to yourself is possibly the worst way / most easily traceable way to do it.

If I were you, though, I wouldn't bother doing this. Unless you're going to use your old code as a cut-and-paste library (which is a terrible idea), it's not going to be that useful as a reference. As you mention in your title, you wrote it. You'll remember how to do it again if need be.
posted by festivus at 5:42 AM on September 10, 2014 [1 favorite]

Easiest and safest way to do it would be to plug a USB drive or SD card into the laptop and copy the files over.

Just to add to any paranoia, I work for a large company and we have products that detect when people do this. If your company has similar products, they will get an alert that you inserted a USB drive and they will know exactly what files you copied over. This information will be logged for months, possibly permanently.
posted by bondcliff at 5:49 AM on September 10, 2014 [10 favorites]

It sounds like you're a programmer, but in the off-chance you're a technical writer who happens to code, or for others finding this thread in the future:

If you are a technical writer, it's not uncommon as you move on from jobs to maintain a portfolio of your best work, as long as it is watermarked and redacted properly. If you wrote the training material, it would probably be okay to take a copy of that with you, redact as appropriate, and present as part of a body of work indicative of your skill as a technical writer. I see it all the time, and I don't bat an eye unless the workplace is not listed in the resume.
posted by juniperesque at 5:51 AM on September 10, 2014 [3 favorites]

The fact that you're asking this anonymously means you're probably aware that this is a bad idea. Please, don't do it --- you might have written that code, but you wrote it as an employee, which means your employer owns it and taking a copy with you would be intellectual theft.
posted by easily confused at 5:52 AM on September 10, 2014 [2 favorites]

Is this a bad idea? Possibly.

Can they detect it? Yes. Most major tech companies do keep an eye on things like this - e.g. I've heard of interns that try and copy portions of the codebase being basically fired immediately.

The kind of thing you can safely take with you: personal config/scripts that are unrelated to the work (e.g. vimrc etc.), copies of any personal or HR emails (such as an email with your team's details!), that kind of thing.

Maybe ok: your presentation/training material. An option might be printing off a physical copy of your presentation.

Bad idea: code. Of any kind that's remotely related to your work.

Often you'll be asked to sign a form on your last day that states something along the lines of 'I will distroy any company data in my possession and I haven't snuck anything out'
posted by Ashlyth at 6:07 AM on September 10, 2014 [2 favorites]

I would not do that. Not because it's illegal, but because you can't know for sure that someone won't swipe your USB drive or steal your home computer years later, and you may put that company's security in jeopardy. Especially if you have ssh keys or login credentials somewhere in your code. You can't keep it locked down once it leaves company property.

I have a sort of similar situation with a tool I wrote. The powers that be are being a little ridiculous about open sourcing it even though it is a relatively simple thing that anyone could come up with and would not give anyone competitive advantage. So I'm going to rewrite the thing! There's nothing illegal about remembering how the code works and writing your own version. Plus I usually find that I do a better job writing something the second pass through. So there's that.

Otherwise, just make notes to yourself. I used to keep a notes.txt file on my Dropbox folder for this exact purpose – jotting down things I learned at work that would be useful in the future.
posted by deathpanels at 6:11 AM on September 10, 2014

I've done it, I just copied it over on to a USB drive and put it on my home computer's hard disk. I used it as reference material for myself.

Admittedly at my last job it was quietly suggested that I take a copy by the project lead, so I had unofficial approval.

What I regret is not taking copies of the code I was working from at my first company. It would have been interesting to see how my coding style has developed over the years.
posted by antiwiggle at 6:26 AM on September 10, 2014

It doesn't matter if you wrote it. You most likely signed something upon employment saying that you would not do this. At especially paranoid places I've worked, I had to sign something both upon employment and upon termination.

It's kind of shitty but it's industry standard at this point. If I hired someone and found out they had done this at a former job, you bet my eyebrows would go up.
posted by fiercecupcake at 6:34 AM on September 10, 2014 [5 favorites]

Hey, the outfit I contract to just fired a guy a couple months ago for doing this! So don't you do it.
posted by Sternmeyer at 7:20 AM on September 10, 2014

The biggest difference between code and text is that code is often/usually distributed as closed source, whereas with text, you can see the work in the work product.

As such, it's usually out of the question to keep code that you wrote as a work product. That is work for hire, and most corporate software isn't open source (I don't think.) You can ask just in case, but odds are good that they're not going to want you to do that. I used to have a little toolkit of basic little scripts I wrote to do various work tasks, and I'd always have to tell my employers and clients about that at the outset--basically let them know this is not they were just little open source tools I'd written on my own time and used at different companies--and I STILL had a couple companies trying to claim copyright on them when I left. And believe you me, those scripts were insignificant in value, and obviously generic enough that I could use them at multiple different workplaces. That doesn't matter to most companies. It's just across the board policy that anything you wrote for them is their intellectual property, and people can and have been not just fired, but arrested, for stealing code from their employers.

With text that's being distributed anyway, it's usually fine to take a copy of the finished product to include in your work samples. They might have a problem with it if the training courses are something they sell a la carte or if it contains anything even approaching a trade secret or anything, but other than that, it's pretty normal to keep copies of writing you've done as work samples. You should still ask just to make sure.
posted by ernielundquist at 7:26 AM on September 10, 2014

I am a lawyer, but not your lawyer. I have worked on a number of cases where an employee leaves and takes confidential information (including, at least once, portions of a source code) and that action by itself or in combination with others, has led to litigation against the former employee and/or his new employer. And, as noted above, generally the company knows if you have copied something to a USB or other removable storage device, including what was copied.

I've also been involved in cases where there was evidence that confidential information/documents may have been copied and sent using the person's personal email and we have sometimes been granted discovery from the former employee's personal email account (though, admittedly, my experience has been that this has only occurred in more egregious cases).
posted by Bailey270 at 7:26 AM on September 10, 2014

You probably want to read all the documents you signed when you agreed to employment.

"My work and the training material are pretty insignificant in terms of value"
That's not the test.
posted by vapidave at 7:48 AM on September 10, 2014

I have been programming for 15 years and I honestly don't know why this question always results in a pile on of FUD about how unethical or illegal it is for you to use your own code for your own reference.

There are lots of issues but let me address just a couple.

1. Freelancers and contractors keep old clients' code as a matter of doing business because you never know when you will be asked to come back for maintenance. I've freelanced and full-timed for 15+ years and I've never seen a company that doesn't use contractors (who use their own equipment with all the implications thereof) so in fact, this "theft" happens all the time.

2. Back in the day, it was common for programmers to keep a personal library of code snippets that they would use to solve common problems at work and to take it with them from job to job. It's not as prevalent today because google but I personally do this and I am sure so do a lot of other programmers. I consider it a win-win for the programmer AND the employer, along the lines of the DRY principle. So again, this "theft" happens all the time.

3. For the love of god, let's not link to articles if we cannot be bothered to read them. That Michael Lewis article? It actually concludes that the programmer was NOT guilty of theft:

The real mystery wasn’t why Serge had done what he had done. It was why Goldman Sachs had done what it had done. Why on earth call the F.B.I.? Why coach your employees to say what they need to say on a witness stand to maximize the possibility of sending him to prison? Why exploit the ignorance of both the general public and the legal system about complex financial matters to punish this one little guy?

4. Using the same Goldman Sachs case, the programmer in question was aquitted:

He was acquitted in an appeals court after the judges found that Aleynikov had been wrongly charged. [...] Chief Judge Dennis Jacobs wrote in the court's unanimous decision: "Because Aleynikov did not 'assume physical control' over anything when he took the source code, and because he did not thereby 'deprive [Goldman] of its use,' Aleynikov did not violate the NSPA."

FWIW, I have often kept the more interesting code I personally wrote just so I can have recent code samples that employers want to see. Of course, before sending out my samples I carefully scrub any potential security issues and make sure this is immediately apparent by replacing those portions of code with a comment block that says "code removed" in all caps. During dozens and dozens of interviews where I showed my code samples (usually as requested), I have never had anyone question it, whether directly or via body language/pause/raised eyebrows/etc. And I've never not had an offer following an interview either so in my personal experience this has never been an issue.

If your "work and the training material are pretty insignificant in terms of value" I wouldn't worry too much about concealing your actions. Just make sure to limit your copying to your own work and to scrub any business logic/secret sauce that constitutes a competitive advantage for your employer. If you want to be extra careful, save a copy of the codebase on your computer prior to scrubbing and then copy over just the cleaned up version.
posted by rada at 7:54 AM on September 10, 2014 [4 favorites]

Aleynikov had his conviction overturned and was recharged. The prosecutor was willing to accept a guilty plea with time served. He did not take it, but I am not sure what happened after that. He actually took open source code that he had used to help solve one of the problems at Goldman.

There are two (or more) points to be learned from his case. One, your employer will know if you took it. Whether they care is another question. Two, even if you are not guilty of a crime, the cost of fighting a criminal charge or a civil case is quite high in both dollars and time. Also, you could spend some time in jail waiting for your case to be adjudicated.

If it were me, I would ask my supervisor and show her what you want to have a copy of. If it is standard industry protocol pr practice, it won't be a problem.
posted by 724A at 8:44 AM on September 10, 2014 [3 favorites]

rada has an interesting point. I work in ediscovery, so my experience differs and focuses exclusively on things gone wrong. What my professional life has taught me is that if you draw the attention of a large corporation for doing this, the legal department is unlikely to assume you had good intentions, even if the people who hire programmers don't raise eyebrows at code samples from old jobs. Bottom line, the main threat is lawyer-induced migraines and expenses.

I've had a number of cases come across my desk that could reasonably start with an act like you're describing. Here's how a client might describe it to me: "We're getting attention from somebody who can liberally apply civil investigative demands/document requests/undue regulatory attention to us. One of our former employees left for a competitor, and IT shows that they plugged in a USB drive and copied some files over to it. Your forensics team collected their email dating back to 2008, their workstation, and their laptop. We'd like to see any documents suggesting that they took IP to our competitor, or emailed it to themselves or friend/family member/colleagues, along with an analysis of whether there might have been some data deletion. We'd also be interested in anything 'hot'."

Notice how the first sentence is not necessarily related to the possible loss of IP? Me, too. That's life in the big city.

In this instance "hot" would mostly be anything that might make you feel bad if you were confronted about it at deposition. It might include things that showed you didn't do it. But the counsel of many large corporate entities are sensitive to the fact that absence of evidence often means somebody is trying to hide something.
posted by averyoldworld at 8:45 AM on September 10, 2014 [1 favorite]

rada is giving you really terrible advice. Don't do this.
posted by ewiar at 9:08 AM on September 10, 2014 [3 favorites]

If your current employer typically blogs, publishes demos or samples, or publishes tools/code on github or similar, see if your current employer would let you publish the code publicly as a sample.

This is what I did - published a large sample in my last few weeks of work. Served me well.
posted by crazycanuck at 9:14 AM on September 10, 2014 [2 favorites]

Personally, I would copy and paste the code into a personal email body and email it to myself if that's an option. I don't think there's anyway they would know you did that or red flags would pop up. If it has to be a file, you can email it yourself. But don't do anything via your work email. You could also just copy it onto a flash drive. They may have ways to detect that if they actually care enough to monitor that. I imagine people do copy files to flash drives in the course of their jobs though.

I think if you can ask your supervisor, that's ideal. Explain you want it as part of a portfolio and you won't send anyone the full code or something. Personally, I've taken work from every job I've ever had and, to be honest, I have copied all my emails too, just in case I want to refer back to some previous work I did. (I just use Thunderbird and copy all the emails into a personal account I set up.) One time my boss said we could take a couple small examples of work but not the big projects we did. Other times, I didn't ask. But I've never worked for an uptight corporate company with lots of resources like, say, Goldman Sachs, as referenced above.

I think it's unlikely they will notice, care, or sue you. But this should be covered in your employee handbook or whatever. You can see if it's like "we own all your work" or "we own all your work and we monitor duplication of files and will take appropriate action against anyone distributing work without permission."

I don't know much about code, but if it's a super protected thing, I would in future jobs start saving your best work as you go. It will be far less conspicuous than taking the files on your way out the door right before you leave.
posted by AppleTurnover at 9:17 AM on September 10, 2014

I have been called as an expert witness in two unrelated cases that were based on similar facts. In one case, the programmer was on the winning side and in the other they were on the losing side. In both cases, the cost and hassle was probably quite high for them. I personally wouldn't take the risk without pre-approval from the company if I was an employee.
posted by Lame_username at 9:49 AM on September 10, 2014 [1 favorite]

Freelancers and contractors keep old clients' code as a matter of doing business because you never know when you will be asked to come back for maintenance.

To elaborate on this specific: it's certainly been true for me, but the relationship between a freelancer/contractor and their client seems to be seen differently than an employee-employer relationship -- for whatever reason, it often seems less feudal, and more often you can negotiate contract terms (sometimes you're even the one handing boilerplate agreements to your client).

Not that you can't try and negotiate code-keeping for educational/demo purposes as an employee, but unilaterally composed non-negotiable agreements seem to be a lot more common for full-time positions at bigcorp, even when the agreement contains provisions that may not matter or may even be contrary to actual practices. This is because the agreements aren't written to cover practical and day-to-day realities of most employee's work and professional development with sensible exceptions like doing what you've described here, they're there to give the company the biggest possible stick in case they ever need it.

If you're truly being paranoid, get familiar with that stick. Read your employment agreement. If it forbids what you want to do, either don't do it, or explicitly renegotiate what you want to do with your employer (or, hire a lawyer of your own to find out if there's another way you can do it). Don't try to fly underneath the radar, do it clearly or don't do it.

If you're not being paranoid, it's probably fair to say that as long as you aren't doing anything stupid or genuinely unethical like publishing large portions of your employer-sponsored work or including it in another product, you'll probably be fine, and people do in fact do this frequently to no ill effect for anyone, just like they moonlight even when an employment agreement forbids moonlighting (sometimes even at the behest of senior staff). Just remember that doesn't change the fact there's some small but real risk you could be held to your agreement.

And this is all something to think about the next time you're negotiating a job offer: ask to see the employment agreement you'd be signing, read it carefully, ask for changes of anything you don't like, don't let anyone tell you they're just a formality, the stuff the company says they'd never do isn't stuff they'd never do if they aren't willing to strike it from the agreement, and finally, any company that refuses to alter an employment agreement in any way is probably the kind of company that is more likely to use it against you, whether for petty/thoughtless reasons or good ones.
posted by weston at 9:50 AM on September 10, 2014 [1 favorite]

Anyone who is saying you should just copy code or work to a USB drive or send it to yourself via email or whatever is giving you bad advice. This is definitely one of those scenarios where you should get permission instead of hoping it'll fly under the radar because the potential consequences if you're caught are pretty severe. If you're good at what you do, the experience of having created the thing in the first place will be all you need to be successful elsewhere. In the case of code, it's often better to be able to approach problems with a fresh perspective anyway, and even if you end up with a similar solution, the mere fact that you've done it before will make it easier to write the second time around.
posted by Aleyn at 9:53 AM on September 10, 2014

Without judgement of the morality of this .... if you are somewhat technical you should be able to copy a laptop hard drive without being detected. Boot another OS. Take it out. Etc. Or just print to PDF ...
posted by Xhris at 10:10 AM on September 10, 2014

Ask. Get permission, in writing, from someone at your company with the authority to give that permission. If you don't know who that is, find out. Explain that you would like to keep a copy of the code and training materials, with any sensitive portions redacted, for your personal reference and/or portfolio purposes only and explicitly not for re-use in any context. Show them the exact pieces of code and training materials, with redactions, that you wish to keep. Get it in writing.

If they won't give you permission to do this, then just let it go. You signed a contract, it's their prerogative whether or not to allow an exception. Making an issue of it will only leave a bad last impression with your current employer (which could color any future references) and trying to sneak it out against their wishes could get you in big trouble and make it hard for you to find work in your industry again. Do it with explicit permission or not at all.
posted by Anticipation Of A New Lover's Arrival, The at 10:25 AM on September 10, 2014 [1 favorite]

As others have correctly noted, this is flat-out illegal. Work done for an employer is done as "work for hire", which means you own no rights to it. There's no question here - if it was anything else, you'd know about it, because it'd be an exceptionally uncommon employment agreement that you'd have to explicitly negotiate with the company.

However, in case you don't believe anything stated here, I'd like to propose a test for you. When I'm faced with questionable choices, I ask myself if I could ask for permission for those choices. If I normally wouldn't ask for permission, but could ask if necessary, I'm comfortable with those choices. If I couldn't bring myself to ask for permission to do those choices, they're probably the wrong choices. If you can't bring yourself to ask for permission to copy these files, you should realize that you are doing something wrong. If there is some sort of industry convention implicitly allowing copying those files (which I highly doubt there is), then asking for permission shouldn't make you uncomfortable (even if you end up not asking).
posted by saeculorum at 11:06 AM on September 10, 2014 [3 favorites]

I agree with others above - copying the code is not your best choice of action.

However, if you decide to go ahead and attempt it, I'd strongly recommend that you not copy *files*, and instead do a text copy/paste buffer copy out of the source document and then paste into a different document on removable storage.

That kind of activity will be harder to track, although the possibility exists that your employer has software installed on your work PC that takes periodic screen shots.
posted by de void at 11:59 AM on September 10, 2014

rada correctly notes that Aleynikov was acquitted after a year in jail and six figures in legal costs, but neglects to mention that the law was subsequently changed specifically to remove the reason given for the acquittal (that the code itself was not used in interstate commerce, only in support of it).
posted by the agents of KAOS at 6:09 PM on September 10, 2014

Personally, I would copy and paste the code into a personal email body and email it to myself if that's an option. I don't think there's anyway they would know you did that or red flags would pop up.

This is probably the worst of all possible options. The companies I've worked at have been required to keep records of emails for at least seven years. Since you say you work at a large company, I bet their IT department keeps emails around for a long time too. Furthermore, I would suspect that every company that is sophisticated enough to track file copies to USB also tracks emails, so it's likely even riskier in terms of detection.
posted by Blue Jello Elf at 6:22 PM on September 10, 2014 [1 favorite]

No. Do not do this.
You will remember what you need to know at your future job without having your work to look back on. This is absolutely not worth the risk.
posted by ch1x0r at 6:23 PM on September 10, 2014

Blue Jello Elf, you didn't read my answer. I said paste it into personal email, not work email. There's no way they would track copying and pasting.
posted by AppleTurnover at 11:14 PM on September 11, 2014

At my current workplace, if you are even allowed to access personal mail, the contents of what you type are logged, tracked for keywords, and if any are found, go straight to hr. This is via some proxy server that decrypts https traffic.
posted by Admira at 7:16 AM on September 13, 2014 [2 favorites]

This thread is closed to new comments.