[Shacs] Texas legislation - PC Techs need PI certification?

Ernesto Ongaro ernesto at etszone.com
Thu Jul 10 14:55:39 CDT 2008 

Interesting...
> if you "come into contact
> with personal or sensitive data" during repair you better have someone
> on your staff who can forensically collect any evidence of illegal
> behavior

Is there some sort of civil duty that I am responsible for if I run into someones stash of illegal material on their PC while 
working on it? 

Is it illegal for me to merely ignore such a finding?

On Thu, 2008-07-10 at 14:09 -0500, Joshua Garvey wrote:
> >From what I have read the Texas Rangers were pushing this as a few cases
> of child porn were thrown out because people from say Geek Squad or
> Firedog found the "evidence", copied it off an gave it to police. Data
> like that has to be forensically collected to be admisable in court.
> Without the original data, computer, etc... You see were this leads.
> 
> So what the law is trying to prevent is evidence being thrown out
> because the people who collect evidence were not licensed to do so. I
> read the entire bill and it looks as though if you "come into contact
> with personal or sensitive data" during repair you better have someone
> on your staff who can forensically collect any evidence of illegal
> behavior.
> 
> Not sure how I feel about this bill; its intention is good, but it will
> drive PC repair through the roof, and shut down small shops.
> 
> Nate Ashe wrote:
> > It strikes me, jaded as I am, that bills don't turn into laws without
> > lobbyists pushing from the legislator's pockets (or ballot boxes)... so,
> > I would ask, who has a vested interest in this?  The people selling PI
> > licenses?  A competitor with political influence?  Someone who's using
> > these exploits for their own advantage (executive branch?), that doesn't
> > want to be discovered by someone that they can't track?  ... gah!
> > where's my tinfoil hat?!?!?
> >
> > I "investigate" stuff all the time... it's what I get paid to do:  make
> > it work.
> > Does running rootkit revealer, nmap, lanshark or using a spectrum
> > analyzer count as an "investigation"?
> >
> > I guess when I start seeing folks going to court for this, I'll start to
> > worry.
> >
> > Nate
> >
> > Kevin A. Estis wrote:
> >   
> >> OK, so I'm finally catching up on all my email and news feeds and came
> >> across this blurb in the SANS newsletter:
> >>
> >>  --Texas Law Requires Computer Technicians to Have PI Licenses
> >> (June 26, 208)
> >> The Institute for Justice has filed a lawsuit against the Texas Private
> >> Security Board because of a 2007 law that requires computer repair
> >> technicians to obtain government-issued private investigators' (PI)
> >> licenses.  Technicians could face both civil and criminal penalties if
> >> they take "any action that the government deems to be an
> >> 'investigation.'"  The definition of investigation is broad and includes
> >> many commonly performed repairs.  To obtain a license, computer repair
> >> shop owners would have to obtain a criminal justice degree or complete
> >> a three-year apprenticeship with a licensed PI. Consumers who knowingly
> >> use an unlicensed operation to conduct an "investigation" would also be
> >> subject to penalties.
> >> http://www.ij.org/first_amendment/tx_computer_repair/6_26_08pr.html
> >>
> >> [Editor's Note (Guest Editor, Rob Lee): Part of this suit began when
> >> Best Buy's Geek Squad was served a cease and desist letter for stating
> >> to customers that they can perform "computer forensics" to aid clients
> >> in discovering how they were compromised. Does this PI license
> >> requirement make sense to anyone?]
> >> (Northcutt): The State of Texas is putting the Geek Squad tag line to
> >> test, "There's nothing we haven't seen. Go ahead. Use us." This
> >> legislation goes beyond dumb. The Geek Squad's "forensics" would be to
> >> help the end users understand the errors they made that caused their
> >> systems to become compromised. One would think this is something
> >> government would want to support. I would be surprised if Best Buy
> >> doesn't hand Texas its hat.
> >> (Schultz): Hopefully, reason will prevail, and this nonsensical law will
> >> be repealed. Requiring a PI license to perform a computer repair just
> >> does not make sense.]
> >>
> >>
> >>
> >> --
> >> This signature was created on a Mac...therefore it should look better than
> >> other signatures but will cost you more and doesn't really work in the
> >> enterprise.
> >> Kevin Estis
> >> macinhack at shsu.edu
> >> _______________________________________________
> >> Shacs mailing list
> >> Shacs at shsu.edu
> >> http://lists.shsu.edu/mailman/listinfo/shacs
> >>   
> >>     
> >
> > _______________________________________________
> > Shacs mailing list
> > Shacs at shsu.edu
> > http://lists.shsu.edu/mailman/listinfo/shacs
> >   
> 
> _______________________________________________
> Shacs mailing list
> Shacs at shsu.edu
> http://lists.shsu.edu/mailman/listinfo/shacs
-- 
Ernesto Ongaro

ETSZONE, Operations
713.559.1406

More information about the Shacs mailing list