Presented at
DEF CON 16 (2008),
Aug. 9, 2008, 11 a.m.
(50 minutes).
If the only requirement for you to become a Computer Forensic person is to be a Private Investigator, why would you ever take a certification again? You would never need to be a CCE (computer certified examiner), nor any other certification of any kind. You would be one of the only people in your area that could legally do the job and why spend a single dime you don't have to? These new laws will destroy certifications and qualifications as we know it, and we will be pushed out of our own industry!
I was the one of the first experts to be challenged on the new Private Investigator laws while on the stand testify in a criminal case in 2006. This is the bill that actually passed in 2006 a week before I took the stand and was challenged by state prosecution. It simply states that doing any kind of 'digital investigation' without a PI license is a felony.
http://www.legis.state.ga.us/legis/2005_06/fulltext/hb1259.htm
When they passed the law in March of 2006 they intended for it to go into effect on July 1st, 2006 with no grandfather clause. Since it takes 2 years to become a PI in the state of Georgia, immediately everyone that was a third party practicing forensics would be a felony.
In Georgia it is a 2 year apprenticeship, then a test and a pile of money and insurance (PI's have to have 2 million in EandO) and then 40 hours of continuing education a year specifically on PI topics in certified classes. Currently I do not know of any on computer forensics that qualify for the PI continuing education. The inclusion of computer forensics in the PI license does not change a single item for the existing PI tests, knowledge base, or requirements. A security guard would be able to do a computer forensic job legally where the CISSP could not.
Since this time, my company has become a Private Investigation company and I have a Private Investigator License. This is a talk about the struggles of becoming a PI and what the laws are for computer forensics going forward. Everyone that does computer security for any legal purpose, or computer forensics as a third party stands to lose as these laws are being passed all over the United States. In the future it may be impossible for "you" to go out on your own doing any kind of "DIGITAL" security or forensic work limiting your future forever!
I hope that everyone who never pays any attention to legislation and their own laws, spends a little time reviewing the laws they are trying to slip in without your even knowing it is coming. There is a great ignorance amongst computer security and computer forensic people that just disbelieves this can even happen. However a few states like Texas have already made this a law and it is affecting the industry now and causing quite a few well know computer forensic people to walk away from jobs. I hope everyone listens and gets involved and joins together this fragmented society of computer security and forensic people into one voice that makes the states take notice that we will not standby and let government make our choices for our future!
If you are in a computer forensic job or collect any kind of digital evidence for any legal purpose you might want to be aware of what is about to happen to your jobs! Now is the time to get knowledgeable about this topic and do what you can to prevent it from becoming the requirement for you to have a job. Computers Forensics/Security and Private Investigations are so different that many people will never believe that is what will enable you to be able to do your job. This will destroy certifications as we know it for many digital fields.
Presenters:
-
Scott Moulton
- President of Forensic Strategy Services, LLC
Scott Moulton Scott Moulton began his forensic computer career with a specialty in rebuilding hard drives for investigation purposes and has rebuilt hard drives for several cases including murder investigations, corporate fraud, civil defense and criminal defense.
Scott was the first person arrested for Port Scanning and won his case back in 2000 when the judge declared Port scans legal. Scott has also been fighting against computer forensic people and computer security people having to become private investigators for which laws are being passed in each state making it a felony to do any kind of 'digital investigation' without a PI License.
Scott has spent more than a year digging into repairing Solid State Hard Drives and understands the ins and outs and how it will affect recovery and forensics in the future. Many forensic jobs will change due to fact that some information will not be accessible in the future.
Links:
Similar Presentations: