Information Assessment Legality

[Stephen <stephen () greyhat-security com>]

Hi all, we're considering offering 2 new services at Greyhat-Security,
but wanted to know quite simply whether they'd be legal or not. I
imagine they would be, but I'd appreciate if anyone could offer their
views and experiences, or preferably, reference to the relevant laws.

The services are:
a) A personal information integrity check. The client pays us to conduct
a review of all their personal information on the internet, where it's
located, and the impact that could have on them or their business.
b) A information review on a target. The client pays us and provides us
with a starting point (a targets email, website, etc), and we find out
as much as we can about said target using provided information, then
provide the client with a report.

Now, I would assume that option A is legal, as the person is requesting
information on themselves, and we'd be using already publicly available
information, however, I just wanted to confirm this, and whether a
special license would be needed. Option B I would also assume would be
legal, as services like Intelius do a similar thing (publicly available
information on anyone at a cost), however, I wanted to know if there
were special licenses needed, and whether we would be responsible if
that information were used to commit a crime, or not? Thank you all for
your input.

-- 
Stephen
CEO of Greyhat-Security.com
Education, Assessments, and Community
Phone (Skype): +618 8121 7403

Attachment: signature.asc
Description: This is a digitally signed message part