Dear Members and Colleagues:
As the year comes to a close, you may be interested in the following update of NCISS legislative and governmental activities during 2008.
Congress has presently been occupied handling the current financial mess, “bail-outs” and similar issues during the current “lame duck” session.
None of the federal bills of concern to our profession, which I have mentioned in previous issues of the NCISS Report, have yet to be passed during the waning days of this two-year session of the 110th Congress. Had any been enacted, such would have severely limited access to sources of information private investigators routinely use. “Credit headers” would have been closed! All of the detrimental legislation that our profession was successful in defeating in 2008 will have to be re-introduced if the sponsors wish to press their cause, as each session of Congress lasts just two years and then concludes. The next session will be the 111th Congress and will commence in January 2009.
In 2009, I expect we will again be faced with legislation calling for limited access of personal information, restrictions on the dissemination of records containing SSNs, data security breach bills, ID theft and anti-spoofing bills, and attempts to ban the use of pretexts. Present expectations of Democrats controlling both the Senate and House, along with the Presidency, will present challenges for NCISS on the legislative and regulatory fronts.
President’s Task Force of ID Theft:
In 2007, NCISS submitted a paper to the Federal Trade Commission entitled “SSN’s in the Private Sector.” It outlined our profession’s need for continued access to personal identifying information. That was followed by a public hearing held at the FTC, which NCISS monitored, from which information was developed for consideration by the President’s Task Force. Follow-up visits were made to the FTC in January 2008 with regard to this subject as well.
American Bar Association: Position on Regulation of Computer or Digital Forensic Investigators:
The ABA’s section of Science and Technology Law passed Resolution 301 in response to a recent trend of state legislatures and regulatory bodies requiring that persons engaged in providing computer or digital forensic and network testing services, including expert testimony, be state-licensed private investigators. This is based , in their judgment, that the “traditional role of private investigators is significantly different from that of a computer forensic or network testing professional and many licensed private investigators have little or no training in those areas.”
The ABA is particularly concerned with a Texas Department of Public Safety’s Private Security Bureau definition of the term “private security consulting company” to include firms engaged in network scans and vulnerability testing, as well as other state laws requiring the licensing of computer forensic investigators. I have discussed this issue with representatives of International Association of Security and Investigative Regulators and the Texas Association of Licensed Investigators. The main thrust of the ABA argument is that private investigator licenses are not needed to ensure reliable evidence in litigation and that trial judges can best determine whether court testimony is relevant and reliable, negating the need of state licensing requirements. Furthermore, they state that “a patchwork of differing state licensing requirements for computer forensic and network testing assistance will create jurisdictional complexities that will hamper business operations and court proceedings, disadvantage litigants, and may deprive courts of hearing the best available evidence.”
An underlying motive of Resolution 301 is to enable a number of organizations to engage in testing the qualifications of computer forensic investigators. The resolution not only urges state regulatory agencies to refrain from requiring private investigator licenses but supports efforts to establish professional certification or competency requirements based on the current state of technology and science.
In November I attended the annual conference of the International Association of Investigative and Security Regulator in Orlando, Florida. There the Chair of the ABA’s section on Science and Technology Law gave an articulate presentation, along with two computer forensic experts, advancing the position that state private investigator licenses should not be required for conducting computer or digital forensic examinations. When questioned about the speed in which the ABA approved Resolution 301, the chairwoman stated that litigation involving the Recording Industry Association of America and Media Sentry were significant factors in the resolution’s speedy passage.
I believe in the future, questions to be resolved by state regulators will be addressed on an individual case by case basis as to whether or not a particular computer forensic examination falls within the purview of requiring a private investigator’s license.
Model Private Investigator Act:
In December Nicole Bocra, a member of the NCISS board, and I were invited to attend a conference held by the American Legislative Exchange Council in Washington, DC. They too, were addressing this same licensing issue of computer forensic investigators, along with that of endorsing a Model Private Investigators Licensing Act. We were there to offer insight before ALEC’s meeting of its Criminal Justice & Homeland Security Task Force. The Model Private Investigators Act, authored by Jordan Ulery and John Healy of New Hampshire, was tabled for additional study after all presentations had been made. We were requested to assist that committee in the future.
Acquisition of ChoicePoint by Lexis-Nexis:
The Federal Trade Commission entered into a consent agreement with Reed Elsevier and ChoicePoint. In a complaint, the FTC charged that the Reed Elsevier’s proposed $4.1 billion acquisition of ChoicePoint Inc. would be anticompetitive and in violation of Section 5 of the FTC Act and Section 7 of the Clayton Act, as it would combine the two largest providers of electronic public record services to U.S. law enforcement customers. Reed Elsevier is the parent company of Lexis-Nexis.
Thus, the FTC will require Reed Elsevier to divest assets related to ChoicePoint’s AutoTrackXP and Consolidated Lead Evaluation and Reporting (CLEAR) electronic public record services to West Law of Thomson Reuters Legal Inc after the proposed acquisition is consummated.
NCISS submitted a letter to the FTC opposing this acquisition unless they assure us that private sector users of the records sold by the above firms get the same benefit as government agency users. In the past decade ChoicePoint acquired many businesses that had long been providers of critical information to investigators. Now that information may very well become unavailable to us as a future source as the major providers consolidate and become direct competitors of the private sector in providing their own background investigation and pre-employment screening services.
The consent order requires Reed Elsevier to provide transitional services to West for up to two years, maintain viability and marketability of AutoTrackXP and CLEAR prior to the divestiture, and allows for the appointment of an interim monitor to ensure that Reed Elsevier meets its divestiture obligations and files periodic reports.
In October NCISS conferred with FTC attorneys in Washington. They stated that it was their belief that we would still have access to the information products that will be spun-off to West. They further indicated that the Lexis-Nexis acquisition of ChoicePoint would result in new products being rolled out that would be similar to ChoicePoint’s former AutoTrackXP and Consolidated Lead Evaluation and Reporting (CLEAR), which would now be divested. They also felt that West would continue selling their newly acquired product to private investigators.
We expressed in strong terms our fear that the proposed consent order did not address the concerns of private sector customers, which would likely suffer from the effects of this merger. They advised that should the fears we envision come to light, they would investigate any situation that lessened competition or might tend to create a monopoly. We stressed the fact that Lexis-Nexis, ChoicePoint and Westlaw all competed directly with our members in various fashion. It is important that you immediately pass along to NCISS any information regarding the closure of access or changes in contracts and agreements you may presently have with data information providers.
I hope that readers of this legislative report who are pleased with the longstanding success of NCISS in protecting their interests on the federal legislative and regulatory fronts will financially support our efforts, as well. Let me also take this opportunity to thank those of you who have sent letters to Congress when requested to do so. Thank you.
Bruce H. Hulme, CFE
NCISS Legislative Director
P.O. Box 3392, Church St. Sta.
New York, NY 10008-3392
Tel: (212) 962 4054