Avoid Incident Response and Forensics Work in These States
Here's an informative and scary article titled Forensic Felonies. It warns of a new Georgia law that may require incident response and forensics investigators to be licensed private investigators. Article author Mark Rasch notes:
Georgia is not the only state that requires private investigators or private detectives to be licensed. Indeed, the Georgia law is in fact modeled after similar laws in California, Arizona, Utah, Nevada, Texas, Delaware, and New York – just to name a few. In each of these cases, the law requires that a person providing the defined "investigative" services for remuneration be licensed in that state as a Private Investigator.
Good grief. This has to be promoted by criminal elements. What a great way to keep security experts from helping identify and remove threats? It's probably also a play by the Private Investigator community to get their hands on more security work. That's similar to an argument I heard from a lawyer once that all security investigations should be run through law firms. That would be the only way to keep findings from prying eyes, thanks to attorney-client privilege. Again, another way for a non-technical party to make money from a technical problem.
Has anyone else encountered this issue?
Georgia is not the only state that requires private investigators or private detectives to be licensed. Indeed, the Georgia law is in fact modeled after similar laws in California, Arizona, Utah, Nevada, Texas, Delaware, and New York – just to name a few. In each of these cases, the law requires that a person providing the defined "investigative" services for remuneration be licensed in that state as a Private Investigator.
Good grief. This has to be promoted by criminal elements. What a great way to keep security experts from helping identify and remove threats? It's probably also a play by the Private Investigator community to get their hands on more security work. That's similar to an argument I heard from a lawyer once that all security investigations should be run through law firms. That would be the only way to keep findings from prying eyes, thanks to attorney-client privilege. Again, another way for a non-technical party to make money from a technical problem.
Has anyone else encountered this issue?
Comments
According to the article, "a Private Investigator is any person who is in the business of obtaining or furnishing, or accepting employment to obtain or to furnish, information with reference to..." with the list being things like crimes, wrong doings, etc.
Journalists, especially investigative reporters, are hired to obtain information on criminal acts.
IF it's on the books, nobody seems to know about it. If I get some time, I might ask the Texas Office of the Attorney General.
http://www.sled.state.sc.us/CISystem/Images//Private/prireq.pdf
The full SC Statute is at:
http://www.sled.state.sc.us/CISystem/Images//Private/pilaw.pdf
Is there anything that can be done to stop this trend? Or do we all need become PIs?
So will a PI license become the "ultimate certification", and add more fuel to the fiery debate about the value and/or legitimacy this certification vs that certification?
As it stands right now, a "computer expert" can be a complete snake oil salesman and since they have no "license" to revoke, can keep on selling wherever they go.
Gal Shpantzer
I agree with you 100% that PI and Forensics are NOT related. Really getting sick of seeing other industries lobbying for laws to be created so they can attempt to steal work from security professionals. This stinks of the same crap they are pulling in the UK outlawing security tools.
In SC to become a License PI you must be a PI apprentice for 3 years (BS or MS exempts 1 to 1.5 years). Most PIs are not up-to-speed with computer forensics and want you to perform surveillance and tracking of individuals in order to meet the 3 year requirement. I have documented contact with 22 PI agencies in my area and they either "already have it covered with their 'tech guy'" or they not interested in this area. Likewise I'm not interested in taking pictures of people and following them into unknown areas.
So far it's simply been frustrating. When I read the Baseline article I probably side with John Mellon - there needs to be uniformity in the computer forensic licensing field in the mean time we'll probably have some form of the Nevada proposal in SC shortly. And I think there could be merit to having a separate state licensing board for Information Security & Computer Forensics. It would be good to see the CISSP (as an example) be be elevated to a state licensed professional.
Recently I took the online practice test for Certified Computer Examiner (CCE) test. Extremely simple test if you have any forensic experience. There is a separate hardware self-assessment practice test - if you have cracked open a PC before you should ace. I truly hope the certification (Q&A + Practical) is challenging enough to weed out the "PC Magazine Experts".
In any case, today I signed up for the Certified Computer Examiner (CCE) exam and class. I wonder if we'll see the number of CCE certifications significantly increase? This must be good for their business!