First of all I’m a long time user of privacy community so I did my research before creating this thread, and a lot of you said (and are already thinking by seeing my title) : NEVER USE A PROVIDED LAPTOP FOR YOUR PERSONAL STUFF
Okay okay ! I got that, but most of time I saw this kind of warning was about a laptop for work, I mean “official work”, and here’s the context for my case : I live in RGPD state (Europe) and I’m a student.
Soon I’ll start a student job for University (I’ll have to call some ex-students and ask them personal questions about their career after diploma they got in this University, in order to contribute to statistics of University and help students have a better idea of what they can pretend by doing a specific formation), I’ll take every answer I got and type them in an application provided by the university, this application will be installed in the laptop they’ll provide me. I don’t think anything else will be installed on this laptop (and if yes, why would they do that ? I’m just a student).
My question is if that’s possible to use this laptop also for personal stuff, because my actual laptop is a little bit shitty. For example is it a good idea to connect to Notesnook web app ? Or import on it my keepass file ?
But to answer your question. No you really should not.
I would be highly surprised if it is an unmanaged device. So basically anything you do on the device could be monitored by your employer. So using it for personal stuff is exactly what you should NOT do.
This is exactly what the recommendation would be for. Do not go this route, honestly. Besides that, your employer might also not allow you to use the device for personal stuff, and you could be in breach of your contract. Some employers allow private usage yet I would really advise you to refrain from doing so.
I’d ask the employer if you could image the laptop with something like Clonezilla, nuke the install and put Linux in it. When the time comes to return the laptop, reflash the image back.
The problem is if you will get liability for a failed disk image flash and the laptop is completely nuked.
Another alternative would be to use Tails add a Veracrypt container in your device drive for some persistence. Its a bit annoying to daily drive that way though.
If you cannot answer the question for yourself, then it’s better to not use it for anything personal. I have seen all kinds of things here at universities, including completely unmanaged devices, so I would definitely not be surprised if you could just do whatever on it. But, every institution is different. You’re certainly not owed anything, and in case your employer wants to have a look at, modify or delete the data on their machine, then they could do so. Be smart about it, and if you don’t feel confident about something, just don’t do it.
still disagree by all means besides that this is quite crazy to do on a device that you do not own.
Your device can still be seized by the company, they can demand access, and so can any agency investigating your employer. You really should not use company devices for private usage. There are no exceptions.
they like to mix up the order of words. You can’t help it mate. GDPR 