PC Repair In Texas Now Requires a PI License

JohnnyNapalm writes "In some shocking news out of Texas, PC repair will now require a PI License. Surely this stands to have a substantial impact on small repair shops around the state if upheld. Never fear, however, as the first counter-suit has already been filed."

I don't think the report is accurate

[vanyel]

IANAL, but I don't think PC Mag or "CW33" read the law. Per Section 4a1 and 4b, it only applies if you're specifically snooping in the data on the computer. It says nothing about normal repair. Not that someone disgruntled couldn't try to make a case out of it...

No

[BenEnglishAtHome]

Please follow the links and see that the summary is wrong. The new law requires a PI license if you act as a private security consultant company (which can be an individual).

The relevant qualification for the Slashdot crowd are that you must

engage ... in the business of securing, or accepts employment to secure, evidence for use before a court, board, officer, or investigating committee;

and do so by

furnishing information ... obtained or furnished through the review and analysis of, and the investigation into the content of, computer-based data not available to the public.

IOW, you can't take into divorce court the notion that your spouse was having a cyber-affair based on having your computer looked at by the kid down the block. This doesn't appear to have much effect on most repair shops.

The text is here. [state.tx.us] Read it. The word "computer" appears in the text just once, so grep for the relevant part.

Re:I don't think the report is accurate

[kjh1]

IANAL, but I don't think PC Mag or "CW33" read the law. Per Section 4a1 and 4b, it only applies if you're specifically snooping in the data on the computer. It says nothing about normal repair. Not that someone disgruntled couldn't try to make a case out of it...

Agree w/ vanyel. If you read the original quoted article [wordpress.com], you'll see that the original author only wondered out aloud if this would apply to PC repair folks. From the post:

"It seems obvious that in order to provide a full range of litigation support services, including forensic examination, then you will have to become licensed. But will all vendors, even those who do not perform such examinations, need a license as well?"

Re:No

[languagehacker]

This news story essentially came out like the telephone game. The linked story came from a Daily Texan article (the UT student newspaper) which came from an anecdote by a PC repairman. There were too many intermediaries. The Daily Texan article is available here: http://media.www.dailytexanonline.com/media/storage/paper410/news/2008/06/27/TopStories/Computer.Repair.Technicians.May.Be.Acting.Illegally-3386027.shtml [dailytexanonline.com] And essentially, what it's suggesting here is that you only need a PI license if you're snooping through a user's data for whom you're not repairing the computer. There will be plenty of repair shops taking care of single-owner Dells and Gateways who won't even need to remember the word "forensics" even exists until CSI comes on.

Try reading the law

[analog_line]

These articles are a ridiculous over-reaction to the actual law, which I just spent a few minutes actually reading. Nothing in that law has anything to do with computer repair. It DOES have something to do with companies that offer computer forensic services for legal actions, and some repair shops do that, but you shouldn't be going to Corner Computer Repair, or Joe Computer Guy if you have a requirement for forensic work in a legal sense. If you actually think your computer was hacked, you need to get people with the kind of legal training that can get things done the way the legal system requires them to be done.

The law is in legalese, and therefore hard to read, but the only thing this applies to are people doing this for investigations of a legal nature. There is a long list of exemptions, including one for people who install and repair security devices.

For a bunch of people that claim to be rational and above superstition, you people are totally credulous when wild statements like this are made. The law is there, it's linked to, read it for yourself.

Re:Slaughterhouse Cases

[mishehu]

Whether or not it's film or digital, you can take your photos to a photo shop with a minilab, and they can produce for you the prints. During the printing or developing, they still can make color and density corrections to the photos. Thus a developer can still end up seeing whatever it is that you photographed.

Re:I don't think the report is accurate

[Obfuscant]

Imagine that doing a "find . -name file.jpg" or similar might be considered an "investigation".

Read the entire law. .

Sec. 1702.104 defines an "investigations company". A person acts as an investigations company if he engages in the business of obtaining or furnishing, or accepts employement to obtain or furnish information related to crimes or activity of a person, or location of stolen property, or cause for a fire, libel, etc.

A computer repair business in not in the business of doing any of that. They aren't in the business of obtaining information regarding crimes, they are in the computer repair business. The information they gather is "what doesn't work".

It is 1702.104(b) that seems to be troublesome because it talks about "computer-based data not available to the public."

The fact that 1702.104(b) defines what obtaining information means is irrelevant, since (a)(1) doesn't apply to a computer repair business to start with. Defining what obtaining data means doesn't change the limitations on who 1702.104(a)(1) applies to. It expands the activities of the people who are covered by (a)(1) to include computer searches.

If you start a business tailored specifically to PI's and forensic analysis, say fixing broken computers with the explicit intent of getting the data off of them to determine crimes, cause of fires, etc, then yes, you need a PI license. If you are just replacing a defective CPU or disk, no. You are not in the business of obtaining information listed in (a)(1).

In short, it all revolves around the phrase "in the business of".

This law is a good thing. It may be possible to sue a "computer repair company" that does, as a matter of regular business, "investigate" the content of your computer when you take it in for repair. They've made themselves "in the business of" by looking for information related to crimes. But Joe Technician who sticks to finding the bad bits and replacing them has nothing to worry about. And if you are stupid enough to make kiddie porn the splash logo on your boot screen, or background image after an auto-login, Joe is still able to call the cops, since his job isn't obtaining the information, YOU gave it to him by your actions.

Re:Try reading the law

[analog_line]

No, it'd be illegal for you to investigate what went wrong, what entity is at fault for that going wrong, and sell me that information. It wouldn't stop you from examining the computer (even the OS) and seeing what is not functioning right, and repairing it. If I hand you my computer and tell you to "fix it" what you're selling me is the repair service, not the information. If I brought you a computer and said, " if you tell me what's wrong with this, and who did it, I'll give you 100 bucks" that would be illegal. Same if I brought you a computer and asked you to find out what my girlfriend or even my child has done on it. On top of it, it would be illegal for me to even ask you to do that if I knew you weren't licensed to. Even deep data recovery using "forensic" tools would not be illegal, unless you're selling the list of sectors that "lost" data is on. If you're actually recovering the data, you're in the clear. Copied and pasted the relevant bit from the law, note the large importance "information related to" has in all this.

                (1) engages in the business of obtaining or
            furnishing, or accepts employment to obtain or furnish, information
            related to:
                                                  (A) crime or wrongs done or threatened against a
            state or the United States;
                                                  (B) the identity, habits, business, occupation,
            knowledge, efficiency, loyalty, movement, location, affiliations,
            associations, transactions, acts, reputation, or character of a
            person;
                                                  (C) the location, disposition, or recovery of
            lost or stolen property; or
                                                  (D) the cause or responsibility for a fire,
            libel, loss, accident, damage, or injury to a person or to property;

This does have big implications for security researchers in Texas, but for small time repair shops, aside from being legally bound to say "I can't do that" when someone asks them whether their kid broke their computer, or wants you to check whether their girlfriend is cheating on them, is pretty much nil.

Calm down and read the source material

[they_call_me_quag]

Folks, calm down. The fault here seems to lie with the person who wrote the newspaper article. I read the Texas law in question and I don't see a problem.

Here's the important passage:

----
INVESTIGATIONS COMPANY. (a) A person acts
as an investigations company for the purposes of this chapter if the
person:

(1) engages in the business of obtaining or furnishing, or accepts employment to obtain or furnish, information
          related to:
      (A) crime or wrongs done or threatened against a state or the United States;
      (B) the identity, habits, business, occupation,knowledge, efficiency, loyalty, movement, location, affiliations, associations, transactions, acts, reputation, or character of a person;
      (C) the location, disposition, or recovery of lost or stolen property; or
      (D) the cause or responsibility for a fire, libel, loss, accident, damage, or injury to a person or to property;

(2) engages in the business of securing, or accepts employment to secure, evidence for use before a court, board, officer, or investigating committee;

(3) engages in the business of securing, or accepts employment to secure, the electronic tracking of the location of an
individual or motor vehicle other than for criminal justice purposes by or on behalf of a governmental entity; or

(4) engages in the business of protecting, or accepts employment to protect, an individual from bodily harm through the use of a personal protection officer.

(b) For purposes of Subsection (a)(1), obtaining or furnishing information includes information obtained or furnished through the review and analysis of, and the investigation into the content of, computer-based data not available to the public.
----

I don't see how the applies to computer repair shops.

I searched the entire text and found only two instances of the word "repair", both in reference to the repair of "security devices" and the word "computer" is only used once in the entire document (in the last sentence of the passage above.)

The "PC Magazine" story cites as it's source a "Dallas-Ft. Worth CW Affiliate." That affiliate published a story penned by:
"Pelpina Trip, KDAF33 News at Nine Intern"

It looks like you have all been riled up into a foamy froth by AN INTERN AT A LOCAL TV NEWS OUTFIT.

Do you feel foolish yet?

Re:Slaughterhouse Cases

[afidel]

Actually many states have instituted nurse practitioners, kind of a doctor light for just such reasons. They have to be part of a doctors practice but they can see patients and write scripts (I believe cosigned by the doctor). It's actually often a more lucrative position then a GP because they don't have to carry nearly the insurance load and they share billing resources with the established practice.

Re:Slaughterhouse Cases

[Anonymous Coward]

Mod parent +5 Insightful.

This would be the same as requiring anyone doing work in your house to have a PI license and require them to report any suspicious activity. It seems like a painfully obvious and egregious violation of privacy.

Re:Slaughterhouse Cases

[dryeo]

In BC they also published and shipped to every household a pretty good book on minor medical problems. I know my household has used the book quite a bit, especially when my son was quite young. And this has led to us not going to the doctor for minor problems.

Re:Slaughterhouse Cases

[DaveWick79]

The law very specifically states that it applies to companies doing work as a private security consultant. As a PC service shop, I certainly don't position or consider myself to be in the place of a private security consultant. Even if my customer asks me to do simple data recovery tasks, this does not fall under the umbrella of security consulting, or review and analysis of data. I may recommend security solutions or implement those solutions, but I am not providing the solutions, those are provided by 3rd party software companies. I may recommend security guidelines but I am not ultimately responsible for the carrying out of those guidelines.
From what I read in the law, it is meant to prevent a company from telling customers they are providing a security solution when in fact they know nothing about security. If I was in the business of doing sitewide security analysis and consulting, maybe I could see the need for some regulation, as the state doesn't want customers getting ripped off by people promising security solutions and not really making anything secure.

Re:Slaughterhouse Cases

[A nonymous Coward]

He said it's cheap to force them to get PI Licenses, not that it's cheap to get PI licenses.

Re:Slaughterhouse Cases

[afidel]

Exactly, is owning a copy of TreeSize Pro without a PI license now a criminal offense in Texas, because by nature of using the production you are involved in the review and analysis of materials stored on a computer. That was just the first tool I randomly selected on my work PC that falls under that definition.

E-Discovery

[cjacobs001]

E-Discovery . . . On 12-1-2006 The Federal Court enacted new rules of procedure which not only recognize and legitimize electronically stored information as being equally as "discoverable" as information contained in all other traditional forms of communications, for all cases heard in the Federal courts, but it also placed requirements on all parties to litigations in the Federal Courts to preserve and to produce as evidence when required, except in limited situations unless otherwise required by the Court, all relevant electronically stored information. This has included all metadata and even the information contained in RAM. So, considering the volatile nature of electronically stored information, a requirement for an investigator's license along with forensics expertise [ when conducting investigations and\or collecting the electronically stored information for possible presentation as evidence ] can only benefit all parties, the courts, and the taxpayers. Traditionally, for uniformity and recognition, the State courts have looked to the Federal Court for direction.

Re:French influence.

[jd]

Basically, the Napoleonic code worked like a cross between a court martial and a Congressional inquiry. The stated objective was to get to the truth of the matter by means of inquisitors. The problem with the system is that it was designed by militaristic megalomaniacs in the Roman era and perfected by a militaristic megalomaniac in France. Inquisitor-based justice is more easily abused than other forms, to the point where the word "inquisition" has entered the English language in a very negative sense.

The Anglo-Saxon system was basically invented by Alfred the Great (the only king of England to earn the title of "great", such was his achievements) but was merged to some degree from Danelaw, the Danish legal system brought over by Nordic invaders. This legal code asserted certain rights and certain responsibilities for all. This was properly codified under the Magna Carta, which asserted limits to power, the right of an individual to a trial by peers, the right of an individual to not be convicted on unsubstantiated testimony, the prohibition of fines or penalties which denied a person their livelihood and the diplomatic immunity of foreign merchants except at times of war. In all cases, though, it was a trial between a prosecutor and a defendant in which the event in question was less important than whether the defendant should be punished. (Prior to King Alfred, law was whatever the elders or the local leaders decided it was, it was not uniform and there were no established rights or bounds. Prior to the Magna Carta, rulers could not be held to account for abuse of power, and even afterwards it was rare, but in theory it withdrew much immunity from Barons, Lords and the King himself. Each layer asserted stronger rights with stronger bounds and stronger protections.)

Really, a future legal system needs to borrow ideas from both. It's unsound to prosecute a case before establishing what the facts of the case are. Facts should be studied in a more neutral light, only getting into the spin doctoring once the jury knows what is being spun. The Anglo-Saxon system, by being very formalized and definite in rights, works wonderfully if the jury is swayed more on an intellectual basis than an emotional one, far more so than the Napoleonic system. It is easy to corrupt, though, if information is denied and one side plays dirty.

In England, you'll sometimes see a mix of the two concepts, where there is a public inquest followed by a trial, where the inquest establishes the facts and the trial then prosecutes on the basis of those facts. That's a good arrangement - not perfect, but a lot better than most.

Re:Slaughterhouse Cases

[dougisfunny]

The only real difference between a NP (or PA) and a physician is ~2 extra years of school, and 3-4 years of residency. And liability. A resident is more similar to a NP or PA, but they're still going through training.

Confusing...

[catdevnull]

I read through the primary source document listed and did not see "computer technician" specifically listed in the language. I just cruised over it and searched for "computer" and "technician" but it only referred to persons who install security equipment such as alarms and surveillance devices.

Can somebody with better eyes point out the article or section that supports the blogger's statement?

Re:Slaughterhouse Cases

[mrchaotica]

Here on Slashdot, you shouldn't expect anybody to even notice your screen name, let alone infer your gender from it. Remember, this is the Internet: men are men, women are men, and little girls are FBI agents.

Also, in English, "he" is the correct pronoun to use to refer to a singular person of unknown gender.

Re:Slaughterhouse Cases

[xalorous]

Also, in English, "he" is the correct pronoun to use to refer to a singular person of unknown gender.

Not any more.

Re:Slaughterhouse Cases

[syousef]

No argument there. I certainly expect my doctor to have medical training

Actually, and I'm being quite serious, I've found that assumption to be dangerous. Personal experience with myself and immediate family.

- Neurologist prescribing a medication for seizures, then continually increasing the dosage when one of the contraindications for giving it is seizures. Patient went from an occasional seizure to seizing on average every 2 days. When he was shown this information he replied, "oh okay, maybe it's contributing, let's cut it out" without bothering to read that immediately cutting out this med has been known to make normal patients suicidal. Thank fuck for Google. Anyone who says you shouldn't self-diagnose can go fuck themselves.

- 2 lung specialist doctors insisting that wheezing flemy pregnant woman with bronchitis has just picked up "bad breathing techniques". The shallow breathing couldn't possibly be caused by the pregnancy. The woman couldn't possibly be emotional because she's had to sleep sitting up for weeks lest she cough and splutter. While you're at it have a dig at the patient's weight despite her recent injury (hit by a car, bulging disc and nerve damage) and pregnancy. Yeah really wonder why she might get emotional.

- Head orthopod at a large suburban hospital insisting a shoulder isn't dislocated despite an obvious bulge because he's failed to take an axial view (required to show posterior dislocations, and the patient had a long history of them).

- Hearing specialist refusing to believe there is a hearing problem and instead blaming it on being in the patient's head because he couldn't get a consistent reading asking her to listen to tones. Turns out when he did a hearing test that did not require the patient to tell him when tones sounded there was a significant hearing loss. But hey it's easier to suggest your patient sees a psychiatrist.

- Dentist doing such a poor job on a root canal that another detentist was horrified. The tooth was lost (after a couple of thousand spent on the procedures).

- Patient's first visit with a doctor. First high blood pressure reading found. Patient is overweight and has an ankle injury. Suggestion isn't blood pressure meds and exploring moderate weight loss options. No within 5 minutes of seeing this patient the doctor wants to do stomach banding.

That's just in the last 5 years. Guess what country I live in? No it's not 3rd world. It's Australia. Private health cover too in several instances above. If you complain you risk getting no care when you need it. Best bet is to not get sick. Failing that check everything you're told and make sure you're earning big money because you may end up with a few $300+ bills for a 15 minute chat and a misdiagnosis or an insult.

Re:Slaughterhouse Cases

[Petaris]

I moved from Quicken 2000 to Moneydance with no issues. It has full support for importing the Quicken files or Quicken backup files. I know this is off topic, but as you stated that it is so difficult I thought I might trow you a simple solution. Moneydance is well worth the $40, and it works on Lin/Win/OSX nativly. :)

http://moneydance.com/ [moneydance.com]

Re:Slaughterhouse Cases

[i_am_so_tired]

Nope, no license of any kind is required to keep a gun on you in your place of business if you own the property. Heck at your place of business, you can carry openly.

If you're renting though, you might run it by your landlord and ask first :)

Now, if you want to keep your handgun in a holster and under a jacket, and step outside, then you need a concealed carry permit.
http://www.txdps.state.tx.us/administration/crime_records/chl/chlsindex.htm [state.tx.us]

Re:This only cements my opinion even further:

[Anonymous Coward]

You don't appear to understand what the word "substantiated" means. It doesn't mean "fake." It means you provided no evidence. If you wanted people to believe you, you should've linked to a news story to back up your claims; just throwing a wild statement out there like that is, in fact, flamebait. It's not the moderators' jobs to verify the facts in your posts. It's also possible to express your opinion without being hostile. You didn't do so.

Also, the fact that one particular court in Texas is particularly friendly does not mean there is anything wrong with Texas law. It means there is one particular court that has its priorities screwed up. It could happen anywhere in the US -- and rest assured that if that court was shut down, patent trolls would find another one in some other state that they'd all flock to.

Re:Slaughterhouse Cases

[h3llfish]

I didn't say difficult for me. I said difficult for the typical user who hires me. I have no doubt that it's easy for you too, but you're a /. reader. My small business owners are AOL users who cry out in fear if their computer makes a strange beep. But I do appreciate your recommendation of software, so thanks.