RE: A reminder that security is not inherently solvable with tech nology

[Jimi Thompson <jimit () myrealbox com>]

I have already had one client that found out, much to their dismay, 
that in certain countries, streaming your entire customer database 
through a chat room isn't illegal.

The problem with sending your intellectual property overseas is that 
in many cases it is either not illegal or virtually impossible to 
prosecute/obtain compensation from anyone who misuses or outright 
seizes it.  This little bit of information is often overlooked in 
favor of paying someone $2.00 an hour.  Companies who consider $2.00 
hour a living wage get what they deserve!

2 cents,

Ms. Jimi Thompson, CISSP

At 11:41 AM -0700 10/27/03, Hagen, Eric wrote:
> Ah, yes most first-world countries do not treat extortion lightly.  However,
> most first-world countries pay their workers more than corporations are
> happy to provide, so the data ends up in developing countries where there is
> little legal framework to protect data privacy. That is more what I was
> referring to.
>
> Eric
>
> -----Original Message-----
> From: Paul O'Malley [mailto:ompaul () eircom net]
> Sent: Saturday, October 25, 2003 5:01 AM
> To: Hagen, Eric
> Cc: security-basics () securityfocus com
> Subject: RE: A reminder that security is not inherently solvable with
> tech nology
>
>
> On Fri, 2003-10-24 at 19:02, Hagen, Eric wrote:
> >  The fact is that in the US, an individual would likely be arrested for
> even
> >  threatening to release this information.  The problem with the countries
> >  overseas is that US laws, especially the privacy laws, are virtually
> >  unenforcable.  While the activity of releasing that information it illegal
> >  in the US, it is not usually illegal in another country, therefore, even
> if
> >  the individual released that information while residing in his native
> >  country, his actions would be entirely lawfull, and even under extradition
> >  treaties, the US would have little or no recourse in sequestering that
> >  information, which is a huge problem.
> >
> >  Just my 2c.
> >
> >  Eric
> Well now there is a slight misunderstanding - in the EU you can get a
> very big kick if you are naughty with other peoples data.
> It should be noted that moving personal data out of the EU to process it
> elsewhere is not legal.
> The US or Switzerland or any other place for that matter is not
> considered a safe harbour for data.
>
>
> Paul
>
>
> ---------------------------------------------------------------------------
> Visual & Easy-to-use are not words that you think of when talking about
> network analyzers. Are you sick of the three window text decodes? Download
> ClearSight Network's Analyzer and see a new network analysis tool that
> makes the complex - easy
> http://www.securityfocus.com/sponsor/ClearSightNetworks_security-basics_0310
> 21
> ----------------------------------------------------------------------------
>
> ---------------------------------------------------------------------------
> Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
> The Presidio integrates PGP data encryption and XML Web Services security to
> simplify the management and deployment of PGP and reduce overall PGP costs
> by up to 80%.
> FREE WHITEPAPER & 30 Day Trial -
> http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027
> ----------------------------------------------------------------------------


---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 
----------------------------------------------------------------------------