From: ebk_lists@hotmail.com
Date: Mon May 21 2007 - 09:03:09 EDT
It's good to know that these laws exist, but does anyone have any case law (preferably recent) to go with them? Knowing the law is good, knowing how it is being applied is even better.
I think alot of it will boil down to intent and purpose. If I audit one of my company's office downtown, it is guaranteed that I will pickup more than just my company's traffic, just because of the density of the office building. But I don't intend to do that, nor is it my purpose. I ignore any data that I know to _not_ belong to my company. I also carry a signed letter from my CISO when I do these audits.
The laws are primarily going to come into play, IMHO, when there is criminal intent. For instance, when two kids are sitting in their car listening to a major home improvement stores wireless traffic for the sole purpose of stealing credit card numbers, I'd say that is criminal intent- pretty blatant, and easy to prove. But here in the US that burden of proof is on the prosecution. So, in cases where the intent isn't as cut and dried, it may not make it to court, depending on the circumstances.
Computer law is getting better, but it still has a long way to go. A great deal of these cases still get tried on other laws such as trespassing, loitering and theft of service.
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Are you using SPI, Watchfire or WhiteHat?
Consider getting clear vision with Cenzic
See HOW Now with our 20/20 program!
http://www.cenzic.com/c/2020
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:49 EDT