Saturday, September 6, 2008

Private investigator licenses for digital forensics

A few days ago I posted about the growing trend to exclude people from the digital forensics field if they are not members of a law enforcement agency. I guess that I'm not the only person that feels that way since the American Bar Association has passed a resolution urging all the states to avoid the folly of requiring private investigator licenses for people practicing digital forensics. I quote:
RESOLVED, That the American Bar Association urges State, local and territorial legislatures, State regulatory agencies, and other relevant government agencies or entities, to refrain from requiring private investigator licenses for persons engaged in:
computer or digital forensic services or in the acquisition, review, or analysis of digital or computer-based information...

The traditional role of private investigators is significantly different from that of a computer forensic or network testing professional and may licensed private investigators have little or no training in these areas.

The public and courts will be negatively impacted...because not all licensed private investigators are qualified to perform computer forensic services and many qualified computer forensic professionals would be excluded because they are not licensed.
There was also a great breakdown about states which require a license, and states where there is some ambiguity about requiring a license. Here are the states the most definitely require a private investigator license for digital forensic work: Illinois, Texas, Michigan, Georgia, Rhode Island, South Carolina, and coming soon North Carolina.

In these states a license may be required: Massachusetts, Nevada, New York, Arizona, Arkansas, California, Connecticut, Hawaii, Iowa, Kansas, Maine, Maryland, Minnesota, Montana, New Hampshire, New Jersey, New Mexico, Ohio, Oklahoma, Oregon, Tennessee, Utah, Vermont, West Virginia, and Wisconsin.

So already in 64% of states it is either illegal to perform digital forensic work without a private investigator license, or there is some ambiguity and doing so might open you up to trouble down the road. I fear that the trend has already gone too far.

I can only guess what the arguments are in favor of licenses. I honestly can't find a website where someone has claimed that this is a good idea. There seems to be almost universal agreement that this is a bad idea, except in the state legislatures of our country.


Benjamin Wright said...

A Texas judge said the company running a red-light camera was acting illegally because it did not have a private investigator license. On the basis of this ruling, motorists are challenging traffic tickets. New Texas legislation regulating computer forensics is causing problems for robo-cop traffic enforcement. See deails: --Ben

Black Fist said...

I think the problems will continue to grow. Just about any kind of information security stuff could probably be considered an investigation requiring a license. For example, if a University receives an RIAA takedown notice. At my school I go through the old log files, and tie the ip address to a user name. Is that an investigation? Would I need a license to do that if I lived in TX?