Honeypots mailing list archives
RE: Legal Question about privacy
From: "dave kleiman" <dave () netmedic net>
Date: Wed, 23 Jul 2003 22:58:12 -0400
Does a thief who broke into your house have an "expectation of privacy"? If so, and only case law would decide this, then a simple sign on your door that said these premises are monitored at all times by electronic surveillance would prevent this. Just a as a warning banner on your site or in logon pages are suggested for legal reasons. _____________________ Dave Kleiman dave () netmedic net www.netmedic.net "High achievement always takes place in the framework of high expectation." Jack Kinder -----Original Message----- From: Valdis.Kletnieks () vt edu [mailto:Valdis.Kletnieks () vt edu] Sent: Wednesday, July 23, 2003 11:29 To: Josh.Berry () compucom com Cc: honeypots () securityfocus com Subject: Re: Legal Question about privacy On Wed, 23 Jul 2003 09:24:40 CDT, Josh.Berry () compucom com said:
The point of a Honeypot is that if someone is one the system, then they broke into your digital property. I am not going to be prosecuted for having a surveillance system that monitors a thief breaking into my house, the same should be true for a honeypot.
OK.. Assume your surveillance system includes an audio recording. Let's say your thief breaks in, helps himself to a cup of coffee, and calls a friend of his on his cell phone. Your system records it. You may have just committed an illegal wiretap/recording, depending on your jurisdiction. And if you think this is hypothetical, consider the hot water Linda Tripp ended up in... What if the intruder on your system uses a POP or Webmail client to check his mail, and your packet sniffer catches the data? Remember that there's laws in 47 USC mumble mumble (I dont have the section handy - Radiotelegraph Act of 1934 and ECPA are the operative acts) regarding disclosure of transmissions intercepted by a carrier. Are you a carrier in this case? If so, are you allowed to divulge the contents of the transmission? If you *arent* a carrier, are you allowed to do so? If you are a carrier, is the sniffer attached to the honeypot part of "network quality monitoring"? There be serious and nasty legal dragons here....
Current thread:
- Re: Legal Question about privacy Dan Bernard (Jul 23)
- Re: Legal Question about privacy Dave Dittrich (Jul 24)
- Re: Legal Question about privacy Stefan Kelm (Jul 28)
- Re: Legal Question about privacy t. elam (Jul 28)
- Re: Legal Question about privacy Stefan Kelm (Jul 28)
- <Possible follow-ups>
- RE: Legal Question about privacy dave kleiman (Jul 24)
- Re: Legal Question about privacy Valdis . Kletnieks (Jul 24)
- RE: Legal Question about privacy dave kleiman (Jul 24)
- Re: Legal Question about privacy Valdis . Kletnieks (Jul 24)
- RE: Legal Question about privacy dave kleiman (Jul 24)
- Re: Legal Question about privacy Valdis . Kletnieks (Jul 24)
- Re: Legal Question about privacy Jack Cleaver (Jul 24)
- Re: Legal Question about privacy Valdis . Kletnieks (Jul 24)
- Re: Legal Question about privacy Dave Dittrich (Jul 24)