Wednesday, July 02, 2008

Yet another case of "I'm from the Government and I'm here to help"

eDwight twigged to something truly scary. Apparently, presumably in response to instances of computer techs stealing identities and other information from customers, the Lege passed a law in the last session that made it a crime to perform "computer security work" without a Private Investigator's license. The problem with that is that it means that anyone that does any kind of computer security consulting work (and that includes installing anti-virus software or removing spyware) must have a PI License. To obtain a PI license, you must have a Criminal Justice Degree or serve a 3 year apprenticeship with a licensed PI. Virtually NONE of the technicians currently working in the field have these qualifications. An advocacy group called the Institute for Justice has filed a lawsuit on behalf of several plaintiffs in Travis County against the Private Security Board, the state administrative agency that administers and enforces PI licensing to enjoin them from enforcing this requirement.

Now, I could see requiring some kind of background check, or bonding, or something of that nature, but this is killing a fly on a window with a sledgehammer. This needs to be fixed, and soon.

2 Comments:

OpenID shreela said...

If they went through with that law as written, then I'm guessing a very large percentage of computer security techs would be out of jobs, and pc infections would increase dramatically, and probably identity theft too X^P

A while back, I was using a small local ISP. They set up the account over the phone, and I had to give them my password over the phone. So after everything was set up, I telnet'd my account and changed my password.

A few months down the road, I had to call tech support for something that did NOT require tech to access my acount. But the tech went through all the scripted questions about my account, which I gave him most of just to prove I was a customer. But when he got to the password question, I refused to give it, telling him my question was not related to my account with them.

He said it didn't matter because he could pull it up from my initial setup call. I told him it didn't matter because my question wasn't related to my account.

Then he told me my password wasn't working. I told him it worked just fine for me (hee). I tried to get him to answer my original question, but he yammered on about how my password worked for me, but not for him.

I finally told him about my telnet'ing after setting up the account. And repeated yet again how my password was NOT needed for this call, but if I ever need to call about my account, I'd give my password then, but as soon as everything was resolved, I'd telnet into my account again and change the password again.

That stupid call took forever, but my actual question was answered very quickly once he realized I wasn't going to give up my password. That was the only time tech support had asked for the password, and now I'm glad I didn't give it up.

July 03, 2008 8:44 PM  
Anonymous Anonymous said...

Ror,

It's not hard to imagine how stupid laws like this get passed, having seen the process in action in Austin. Some lame brained legislator gets a complaint (and proposed solution), finds another legislator who owes him/her a favor, pulls some strings to get it voted out of committee, and gets a floor vote based on everyone doing a 5 second reading of the bill (unless they have a personal position with the bill's author, then the vote is based strictly on like/dislike)

And the citizens of Texas get stuck with another stupid law.

dON

July 05, 2008 10:18 AM  

Post a Comment

Subscribe to Post Comments [Atom]

Links to this post:

Create a Link

<< Home