[Shacs] Texas legislation - PC Techs need PI certification?

Binkley, Jeremy JMBinkle at Central.UH.EDU
Thu Jul 10 14:35:25 CDT 2008 

Slashdot had a posting yesterday with a link to a good follow-up on the amendment: http://www.networkperformancedaily.com/2008/07/texas_private_investigation_se_1.html
 
It seems that it was basically just ignorance on the part of the drafters as to the reality of the IT industry.  Also, I would submit (and many of y'all know far more on this subject than I do), that merely being licensed isn't going to be enough to get discovered data into evidence.  The person discovering and retrieving the data must use sound methods (we won't get into everything that requires because then I would be actually studying for the bar, thus defeating my attempt at procrastination) for completing the actual operations.  The license may help show that somebody should know what he is doing, but is not a conclusive factor in getting evidence admitted into the record.
 
 
On a side note, and this is merely out of personal curiosity, do the Texas Rangers deal with child porn much?  I just always figured the feds step in on those matters, but I'm probably wrong.

________________________________

From: shacs-bounces at shsu.edu on behalf of Joshua Garvey
Sent: Thu 7/10/2008 2:09 PM
To: shacs at shsu.edu
Subject: Re: [Shacs] Texas legislation - PC Techs need PI certification?



>From what I have read the Texas Rangers were pushing this as a few cases
of child porn were thrown out because people from say Geek Squad or
Firedog found the "evidence", copied it off an gave it to police. Data
like that has to be forensically collected to be admisable in court.
Without the original data, computer, etc... You see were this leads.

So what the law is trying to prevent is evidence being thrown out
because the people who collect evidence were not licensed to do so. I
read the entire bill and it looks as though if you "come into contact
with personal or sensitive data" during repair you better have someone
on your staff who can forensically collect any evidence of illegal
behavior.

Not sure how I feel about this bill; its intention is good, but it will
drive PC repair through the roof, and shut down small shops.

Nate Ashe wrote:
> It strikes me, jaded as I am, that bills don't turn into laws without
> lobbyists pushing from the legislator's pockets (or ballot boxes)... so,
> I would ask, who has a vested interest in this?  The people selling PI
> licenses?  A competitor with political influence?  Someone who's using
> these exploits for their own advantage (executive branch?), that doesn't
> want to be discovered by someone that they can't track?  ... gah!
> where's my tinfoil hat?!?!?
>
> I "investigate" stuff all the time... it's what I get paid to do:  make
> it work.
> Does running rootkit revealer, nmap, lanshark or using a spectrum
> analyzer count as an "investigation"?
>
> I guess when I start seeing folks going to court for this, I'll start to
> worry.
>
> Nate
>
> Kevin A. Estis wrote:
>  
>> OK, so I'm finally catching up on all my email and news feeds and came
>> across this blurb in the SANS newsletter:
>>
>>  --Texas Law Requires Computer Technicians to Have PI Licenses
>> (June 26, 208)
>> The Institute for Justice has filed a lawsuit against the Texas Private
>> Security Board because of a 2007 law that requires computer repair
>> technicians to obtain government-issued private investigators' (PI)
>> licenses.  Technicians could face both civil and criminal penalties if
>> they take "any action that the government deems to be an
>> 'investigation.'"  The definition of investigation is broad and includes
>> many commonly performed repairs.  To obtain a license, computer repair
>> shop owners would have to obtain a criminal justice degree or complete
>> a three-year apprenticeship with a licensed PI. Consumers who knowingly
>> use an unlicensed operation to conduct an "investigation" would also be
>> subject to penalties.
>> http://www.ij.org/first_amendment/tx_computer_repair/6_26_08pr.html
>>
>> [Editor's Note (Guest Editor, Rob Lee): Part of this suit began when
>> Best Buy's Geek Squad was served a cease and desist letter for stating
>> to customers that they can perform "computer forensics" to aid clients
>> in discovering how they were compromised. Does this PI license
>> requirement make sense to anyone?]
>> (Northcutt): The State of Texas is putting the Geek Squad tag line to
>> test, "There's nothing we haven't seen. Go ahead. Use us." This
>> legislation goes beyond dumb. The Geek Squad's "forensics" would be to
>> help the end users understand the errors they made that caused their
>> systems to become compromised. One would think this is something
>> government would want to support. I would be surprised if Best Buy
>> doesn't hand Texas its hat.
>> (Schultz): Hopefully, reason will prevail, and this nonsensical law will
>> be repealed. Requiring a PI license to perform a computer repair just
>> does not make sense.]
>>
>>
>>
>> --
>> This signature was created on a Mac...therefore it should look better than
>> other signatures but will cost you more and doesn't really work in the
>> enterprise.
>> Kevin Estis
>> macinhack at shsu.edu
>> _______________________________________________
>> Shacs mailing list
>> Shacs at shsu.edu
>> http://lists.shsu.edu/mailman/listinfo/shacs
>>  
>>    
>
> _______________________________________________
> Shacs mailing list
> Shacs at shsu.edu
> http://lists.shsu.edu/mailman/listinfo/shacs
>  

_______________________________________________
Shacs mailing list
Shacs at shsu.edu
http://lists.shsu.edu/mailman/listinfo/shacs


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shsu.edu/pipermail/shacs/attachments/20080710/1d477dda/attachment.html

More information about the Shacs mailing list