This is good information, thanks. I think this will help all of us develop a
better picture of the thin ice we skate on every day.
It's good to know that these laws exist, but does anyone have any case law
(preferably recent) to go with them? Knowing the law is good, knowing how it is
being applied is even better.
I think alot of it will boil down to intent and purpose. If I audit one of my
company's office downtown, it is guaranteed that I will pickup more than just
my company's traffic, just because of the density of the office building. But I
don't intend to do that, nor is it my purpose. I ignore any data that I know to
_not_ belong to my company. I also carry a signed letter from my CISO when I do
these audits.
The laws are primarily going to come into play, IMHO, when there is criminal
intent. For instance, when two kids are sitting in their car listening to a
major home improvement stores wireless traffic for the sole purpose of stealing
credit card numbers, I'd say that is criminal intent- pretty blatant, and easy
to prove. But here in the US that burden of proof is on the prosecution. So, in
cases where the intent isn't as cut and dried, it may not make it to court,
depending on the circumstances.
Computer law is getting better, but it still has a long way to go. A great deal
of these cases still get tried on other laws such as trespassing, loitering and
theft of service.
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
|