Post Process

Everything to do with E-discovery & ESI

More details on PI Licensing and Forensics Technicians

Posted by rjbiii on July 1, 2008

An update on the licensing issues discussed here, here, and here, with a couple of helpful links.

First, Kessler International, a company that engages in forensics accounting, computer forensics and corporate investigations, has posted the results of a survey concerning state licensing laws with respect to forensics accounting and computer forensics companies and employees. The results are posted in map form. Click on the state that interests you, and that state’s response pops up in pdf format.

Now, with respect specifically to Texas, you may click here [PDF] to find a series of opinions made by the Private Security Bureau with respect to licensing issues and technical tasks associated with computers. Scroll down and look at those opinions from August 21 to October 18.

Some relevant excerpts (keeping in mind that these are the board’s opinions, and not judicial rulings):

Computer Forensics August 21, 2007
The computer forensics industry has requested clarification of the Private Security Bureau’s position regarding whether the services commonly associated with computer forensics constitute those of an “investigations company” and are therefore services regulated under the Private Security Act (Chapter 1702 of the Occupations Code). It is hoped that the following will be of assistance.
First, the distinction between “computer forensics” and “data acquisition” is significant. We understand the term “computer forensics” to refer to the analysis of computer-based data, particularly hidden, temporary, deleted, protected or encrypted files, for the purpose of discovering information related (generally) to the causes of events or the conduct of persons. We would distinguish such a content-based analysis from the mere scanning, retrieval and reproduction of data associated with electronic discovery or litigation support services.
For example, when the service provider is charged with reviewing the client’s computer-based data for evidence of employee malfeasance, and a report is produced that describes the computer-related activities of an employee, it has conducted an investigation and has therefore provided a regulated service. On the other hand, if the company simply collects and processes electronic data (whether in the form of hidden, deleted, encrypted files, or otherwise), and provides it to the client in a form that can then be reviewed and analyzed for content by others (such as by an attorney or an investigator), then no regulated service has been provided.
The Private Security Act construes an investigator as one who obtains information related to the “identity, habits, business, occupation, knowledge, efficiency, loyalty, movement, location, affiliations, associations, transactions, acts, reputation, or character of a person; the location, disposition, or recovery of lost or stolen property; the cause or responsibility for a fire, libel, loss, accident, damage, or injury to a person or to property; or for the purpose of securing evidence for use in court. Tex. Occ. Code §1702.104. Consequently, we would conclude that the provider of computer forensic services must be licensed as an investigator, insofar as the service involves the analysis of the data for the purposes described above.
With respect to the statutory reference to “securing evidence for use in court,” we would suggest that the mere accumulation of data, or even the organization and cataloging of data for discovery purposes, is not a regulated service. Rather, in this context, the Bureau would interpret the reference to “evidence” as referring to the report of the computer forensic examiner, not the data itself. The acquisition of the data, for evidentiary purposes, precedes the analysis by the computer forensic examiner, insofar as it is raw and unanalyzed. FN1 The mere collection and organization of the evidence into a form that can be reviewed and analyzed by others is not the “securing of evidence” contemplated by the statute.
This analysis is consistent with the language of HB 2833 (Tex. Leg. 80th Session), which amends Section 1702.104. The amendment confirms that the “information” referred to in the statute “includes information obtained or furnished through the review and analysis of, and the investigation into the content of, computer-based data not available to the public.”

FN1 It may well be that the hardware on which the data exists is itself the product of an investigation, but that is a separate question.

Computer Network Vulnerability Testing Firms — AMENDED January 15, 2008
This opinion amends the previous opinion issued in June of 2007. The question posed was whether network vulnerability testing firms must be licensed under the Private Security Act, Chapter 1702 of the Texas Occupations Code (“the Act”). Such companies typically conduct:
(1) Scans of a computer networks to determine whether there is internet vulnerability or other external risk to the internal network;
(2) Sequential “dial ups” of internal phone numbers to assess potential access;
(3) Risk assessment and analysis on all desktop computers connected to the network;
(4) Notification of any new security threats and required action.
Section 1702.226 of the Occupations Code provides in relevant part, that “[a]n individual acts as a private security consultant for purposes of this chapter if the individual consults, advises, trains, or specifies or recommends products, services, methods, or procedures in the security loss prevention industry.” TEX. OCC. CODE §1702.226 (1).
However, while the Bureau regulates consultants in the “security industry or loss prevention industry,” these latter phrase is not explicitly defined in the statute. It is therefore necessary to look to the rest of the statute in order to understand to which services the private security consultant’s licensure requirement applies.
It is reasonable to consider those industries otherwise regulated by the Private Security Act as reflecting the scope of the phrase “security industry or loss prevention industry.” In other words, the definitions are implied by those services that are regulated by the statute, viz., security guards, locksmiths, alarm system installers and monitors, and private investigators, and not software designers, installers or suppliers.
Thus, the industries that are directly regulated are the same industries about which one cannot consult without a license. Because the Private Security Bureau does not regulate software designers, installers, or suppliers, it also does not regulate those who provide consulting services related to computer network security.
Computer Repair & Technical Assistance Services October 18, 2007
Computer repair or support services should be aware that if they offer to perform investigative services, such as assisting a customer with solving a computer-related crime, they must be licensed as investigators. The review of computer data for the purpose of investigating potential criminal or civil matters is a regulated activity under Chapter 1702 of the Texas Occupations Code, as is offering to perform such services. Section 1702.102 provides as follows:
§1702.104. Investigations Company
(a) A person acts as an investigations company for the purposes of this chapter if the person:
(1) engages in the business of obtaining or furnishing, or accepts employment to obtain or furnish, information related to:

(A) crime or wrongs done or threatened against a state or the United States;
(B) the identity, habits, business, occupation, knowledge, efficiency, loyalty, movement, location, affiliations, associations, transactions, acts, reputation, or character of a person;
(C) the location, disposition, or recovery of lost or stolen property; or
(D) the cause or responsibility for a fire, libel, loss, accident, damage, or injury to a person or to property;
(2) engages in the business of securing, or accepts employment to secure, evidence for use before a court, board, officer, or investigating committee;
(3) engages in the business of securing, or accepts employment to secure, the electronic tracking of the location of an individual or motor vehicle other than for criminal justice purposes by or on behalf of a governmental entity; or
(4) engages in the business of protecting, or accepts employment to protect, an individual from bodily harm through the use of a personal protection officer.
(b) For purposes of subsection (a)(1), obtaining or furnishing information includes information obtained or furnished through the review and analysis of, and the investigation into the content of, computer-based data not available to the public.
Please be aware that providing or offering to provide a regulated service without a license is a criminal offense. TEX. OCC. CODE §§1702.101, 1702.388. Employment of an unlicensed individual who is required to be licensed is also a criminal offense. TEX. OCC. CODE §1702.386.

Advertisements

2 Responses to “More details on PI Licensing and Forensics Technicians”

  1. s said

    Texas….great law. Computer techs, for $$Profit$$ are obviously trying to do investigations normally handled by the police and trained, credentialled investigators and other LICENSED professionals, otherwise Texas would not have made and enforced this law to protect the consumers. Attention Computer Techs…..you may be in over your head when you conduct a criminal or civil case investigation with computer data as evidence. Some clever lawyer will catch you on a case, and remove you using licensing law, embarrasing you and the client, and possibly causing your client to lose. Leave investigations to the licensed professionals, who have passed the criminal background checks and other minimums requirements. Teachers, taxi drivers, lawyers, barbers, engineers, accountants, and many more have to be licensed….what makes you computer techs so special that you believe you are immune from professional licensing laws?

  2. rjbiii said

    Fascinating. My first rabidly hostile comment. Other than some of the spam I receive, of course.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: