Great question CP.
Let's first take a step back and look at Australian/WA law related to employers liability for crimes committed by their employees or contractors during work hours, or using their employers assets, systems, information, intellectual property or any other employer resources, to assist in committing the crime either during work hours or outside work hours.
For starters (using google) I found this.
http://inspiringaustralia.net.au/are-employers-liable-for-their-employees-cyber-crimes/
Not sure how reliable or up to date this is to use from a legal point of view, but useful for discussion and to raise awareness for anyone to further research of this issue.
[/FONT]
[FONT="]
So if CSK was not on call when the crimes were committed, or committed the crimes on weekends, in his vehicle, when he had access to a company vehicle in a private capacity, would the company be liable?
If the company vehicle was not used to kill victims: hit and run, or knock over using the vehicle as a weapon, but was just used to abduct victims, or transport deceased or victims, has the CSK broken any motor vehicle regulations in doing so?
[/FONT][FONT="]
With the above being under US Law, it might not apply under Australian/WA law.
Applying it to the CSK, might there be a case against the CSK's employer, if he was using a Company Vehicle and the employer did not bother tracking where the vehicle had been used both during work hours and private usage?
Much easier and cheaper to do nowadays.
Likewise if BRE was issued with a company mobile, tracking where that mobile has been, (particularly if you are a Mobile Network owner company), when it's GPS, mobile data, wifi, or mobile network is turned on, is possibly although IMO, a legal minefield in terms of privacy issues.
How is monitoring of computer activity (inside and outside of work hours) on a company issued electronic device any different from tracking where a company issued vehicle has been driven or what it has been used for?
With the CSK, let's say the company was legitimately tracking the vehicle via GPS (pre-agreed to by the employee under them signing a policy saying this would happen if they were to use a company vehicle in or out of work hours).
That a body was discovered at a remote location in a high profile missing person case, and that the discovery was well publicised. Does every company who has tracked their employee vehicles, have a duty of care to cross check all of their vehicle tracking logs against the approx time range and location of the discovered body to see if one of their vehicles might be involved. Cross check without being asked to do so by the Police?
Much harder to get away with these sorts of crimes for very long nowadays.
What with all the tracking technology and cameras about.
[/FONT]