If you repair computers in Texas and come in contact with data, you could be breaking the law. Unless, that is, you are also a licensed Private Investigator.
Unbelievable but true, in 2007 Texas decided that anyone employed as a computer repair technician needed to also have a Private Investigator's license if they take any action that the government would consider "an investigation." Because the law is so broadly worded, that could literally mean that I could replace your hard drive but not repair it. Nor could I retrieve your data. In order to comply with the law and obtain a PI license, I would have to quit supporting computers for three years and serve an apprenticeship under a licensed PI or attain a criminal justice degree. Either way, that would be several years away from technology that refreshes itself every 18 months or so.
According to the author of the law, state Representative Joe Driver, R-Garland, technicians are misinterpreting the law. Driver told the Houston Chronicle that the law was sought by the private security industry and would not apply to people who do nothing but repair hardware. It would only apply to those who retrieve data for the purposes of analysis to create a report for a third party.
According to Driver, a current class action lawsuit against the Texas Private Security Board is nothing more than a publicity stunt on the part of the Institute for Justice. But Matt Miller of the Institute for Justice says that the law is so vaguely worded that it could be enforced broadly.
The Texas Private Security Board has interpreted the law as being "data retrieval for a potential civil or criminal matter." According to Miller, that could apply to a technician searching for the source of a virus, parents seeking to find out the names of the people their child emails or messages, or people employed by companies to determine what employees are doing on their work computers during working hours. The result of any of that kind of data retrieval and analysis could be considered potentially usable in a civil or criminal matter.
I look at it from the standpoint of having been there, done that. I have found all manner of things on a client's PC in the course of doing a seemingly unrelated job. I have, as a part of my job, been required to provide detailed reports on user Internet activity to seniors. Probably a good thing I don't work in Texas.
Another aspect of the law that should also be considered is that anyone in violation can be subject to criminal penalties up to a year in jail and a $4,000 fine in addition to civil penalties of up to $10,000. And that doesn't just apply to the technician. Any consumer who knowingly uses an unlicensed company faces the same penalties.
In my opinion, the Institute for Justice is taking the right path. By forcing attention on this law, hopefully the end result will be clarification of who may do what. Perhaps this time through, Mr. Driver will consider asking an average computer technician what kinds of work they do and possibly gain consensus on what should be acceptable and what should not. I can understand the Texas Private Security Board wanting to act to protect people's privacy but I believe that this law may be a step too far.
Share your thoughts. In the course of your day would a law like this impact you? How?
Thanks to OnTheRopes for pointing this out!