Diary of a Network Geek

The trials and tribulations of a Certified Novell Engineer who's been stranded in Houston, Texas.

7/3/2008

More News on the PI License for Texas Techs Law

Filed under: Career Archive,Certification,Criticism, Marginalia, and Notes,Geek Work,Life, the Universe, and Everything,News and Current Events,The Dark Side — Posted by the Network Geek during the Hour of the Snake which is just before lunchtime or 11:52 am for you boring, normal people.
The moon is Waning Gibbous

The Houston Chronicle has an update on the law I mentioned the on Tuesday.

The Austin office of the Houston Chronicle did some more digging about the new law that would seem to require PC Techs in Texas to also become Private Investigators. According to the bill’s author, state Rep. Joe Driver, R-Garland, we’re all misinterpreting his new law. He claims that the law means “…anyone who retrieves data from a computer, analyzes it and makes a report to a third party must obtain a private investigator’s license.” To me, it’s almost the same thing.

As I read it, the law would require anyone performing computer security duties in *any* setting in Texas to get a PI License. That means that a corporate computer security officer, who’s job may include computer forensics, would be required to also be a PI.
Frankly, I’m torn between thinking that maybe this is a good thing and maybe it’s excessive. On the one hand, for someone who does independent security work, that background check and finger printing might be a good idea! On the other hand, it might make it impossible for someone in a small company to *legally* do their job.

I’ll give an example…
A small company may have a one or two person IT department who cover everything, like, for instance, me. If there’s a break-in to one of their systems, they would then have to be a licensed PI to investigate that, or they’d have to spend a similar amount of money on a consultant who was. In this case, I’d bet the law just would get ignored.

But, for the independent operator, who might not have any other controls or credentials which a consumer or consulting client can use as a measure of relative security, it might actually be a good thing. Again, I doubt that criminal background checks are being done on all independent computer security consultants right now and maybe they should be.

In any case, like many laws of this nature, they seem like a good idea on paper, but often have much further reach than their author intended.


Powered by WordPress
Any links to sites selling any reviewed item, including but not limited to Amazon, may be affiliate links which will pay me some tiny bit of money if used to purchase the item, but this site does no paid reviews and all opinions are my own.