Security Basics mailing list archives
RE: PI to do Forensics? WAS: Re: Two questions
From: "Scott Moulton" <SMoulton () nicservices com>
Date: Tue, 26 Feb 2008 16:53:15 -0500
That was the old laws, I am not sure that is the new current law in SC. I understand the new law to state specifically "Digital Investigations". Here is the Georgia introduction that is getting introduced everywhere. It passed but we yelled a lot and it got vetoed. But I have been told they will try again this year. Notice the " any type of digital or electronic information" "(3) 'Private detective business' means providing or accepting employment to provide protection of individuals from death or serious bodily harm or the business of obtaining or furnishing, or accepting employment to obtain or to furnish, information, including but not limited to any type of digital or electronic information, with reference to: http://www.legis.ga.gov/legis/2007_08/fulltext/hb504.htm ---------------------------------------------------------- Scott A. Moulton / Certified Computer Forensic Specialist Forensic Strategy Services, LLC & My Hard Drive Died & Network Installation Computer Services, Inc. ---------------------------------------------------------- 601b Industrial Court, Woodstock, Ga 30189 Phone: 770-926-5588 Fax: 770-926-7089 Web: www.NetworkInstallation.com Web: www.ForensicStrategy.com Web: www.MyHardDriveDied.com ---------------------------------------------------------- -----Original Message----- From: Jon R. Kibler [mailto:Jon.Kibler () aset com] Sent: Tuesday, February 26, 2008 4:49 PM To: security basics Cc: Scott Moulton; Bert Knabe Subject: Re: PI to do Forensics? WAS: Re: Two questions Okay, I AM NOT A LAWYER, but... I just found time to break down and read the SC PI statute. It says that you must be a PI to "... to obtain or furnish information with reference to the: identity, habits, conduct, business, occupation, honesty, integrity, credibility, knowledge, trustworthiness, efficiency, loyalty, activity, movement, whereabouts, affiliations, associations, transactions, acts, reputation, or character of a person; (or) ... securing of evidence to be used in a criminal or civil proceeding, or before a board, an administrative agency, an officer, or investigating committee..." Computer forensics is not explicitly mentioned, but I would think that the 'securing of evidence' probably includes that too. What worries me is that IDSes, network monitoring, maybe even log capture and analysis could fall into that category. I am not a lawyer. However, I can see where it could be twisted such that if I worked for a company, and I got caught violating company policy through someone in IT looking for evidence of a policy violation, and that person was a PI, they either could not use that evidence to punish me, of if they did and I was to turn around a sue them, that evidence could not be used in court. You can check your own state's laws at: http://www.law.cornell.edu/states/listing.html IMHO, if you are doing incident response or computer/network forensics -- including intrusion detection -- you should get legal advice! Jon -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 m: 843-224-2494 ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
Current thread:
- Two questions Michael Condon (Feb 22)
- Message not available
- Re: Two questions Michael Condon (Feb 25)
- Re: Two questions Jon R. Kibler (Feb 25)
- Re: Two questions Bert Knabe (Feb 26)
- Re: Two questions Bert Knabe (Feb 26)
- PI to do Forensics? WAS: Re: Two questions Jon R. Kibler (Feb 26)
- Re: PI to do Forensics? WAS: Re: Two questions Adam Pal (Feb 26)
- RE: PI to do Forensics? WAS: Re: Two questions Scott Moulton (Feb 26)
- Re: PI to do Forensics? WAS: Re: Two questions Jon R. Kibler (Feb 26)
- RE: PI to do Forensics? WAS: Re: Two questions Scott Moulton (Feb 26)
- Re: PI to do Forensics? WAS: Re: Two questions Jon R. Kibler (Feb 26)
- RE: PI to do Forensics? WAS: Re: Two questions Scott Moulton (Feb 26)
- RE: PI to do Forensics? WAS: Re: Two questions Scott Moulton (Feb 26)
- RE: PI to do Forensics? WAS: Re: Two questions Scott Moulton (Feb 26)
- RE: PI to do Forensics? WAS: Re: Two questions Scott Moulton (Feb 26)
- RE: PI to do Forensics? WAS: Re: Two questions Craig Wright (Feb 27)
- Re: Two questions Michael Condon (Feb 25)
- RE: PI to do Forensics? WAS: Re: Two questions Craig Wright (Feb 27)
- Message not available