Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Mosher, Robert E. (robert.mosher_at_cmet.af.mil)
Date: Mon Sep 16 2002 - 14:01:51 CDT
There was a presentation on this subject at the 2002 Black Hat Briefings.
The presenter was a U.S. Department of Justice attorney specializing in
network law and computer crime. That might make him a authoratative source.
He explained everything in everyday English, not legalese. His Powerpoint
slides can be found at
From: Fred Cohen [mailto:fcall.net]
Sent: Monday, September 16, 2002 10:52 AM
Subject: Acting for LE
More misunderstandings and misinformation... I would suggest that those
who do not have at least some real-world experience with legal issues
and who are not lawyers stop trying to assert their points of view on
legal issues to the list. So far, essentially all of them have been at
odds with the written law, case law, and reality on the ground.
Wire tapping statutes:
The wire tapping statutes in most states in the US make it a felony to
listin to a telephone conversation without permission (unless you are
one of those calling or being called). There are 'one party' and 'two
party' states in the US - in a one-party state only one party needs
grant permission. In a two-party state, both must agree. The
permission is associated with recording of the conversation as well as
listening in. Notice is often required for listening in, as an example,
'your call may be recorded for quality assurance purposes'. The notice
means that you are now giving permission by continuing the call and the
recordings are normal business records - thus are admissable under the
heresay exception for normal business records.
Whether wire tap laws apply to interstate computer communications is
still an open question, particularly in the case of 'chat' and other
real-time sessions between human individuals. In terms of recording
keystrokes, auditing of other sorts, recording all packets and their
content, etc. this has been ruled on as legal and admissible under
various conditionsin various courts. The provision of notice, and in
particular, the notice provided in proper employee agreements, are
legally adequate in all US jurisdictions today for this sort of data
collection as well as presentation in court.
If law enforcement wishes to record such information, this is a
different matter. It requires either a title 5 or a standard search
warrant depending on whether you are tapping real-time communicaitons
(title 5) or examining residual data left from prior acts (Standard
I am not a lawyer.
--This communication is confidential to the parties it is intended to
Fred Cohen Fred Cohen & Associates.........tel/fax:925-454-0171
fcall.net The University of New Haven.....http://www.unhca.com/
http://all.net/ Sandia National Laboratories....tel:925-294-2087