Legal honey

[Life is hard, moose style (i.e., no Tim Horton in sight)]

Hey has anyone ever investigated the various legal ramifications re honeypots? Because, there’s two elements at play:

  • Usually, one would put a honeypot in place to gather evidence of a crime under way – not fixing any leak but redirecting it. In some (many?) jurisdictions (where the Internet reaches, i.e., where you are), one would be required to stop any crime one is aware of, when reasonably possible; as a generic citizen’s obligation. Just diverting traffic to a honeypot for evidence gathering, and not destroying the original context to be able to tap evidence, may not be allowed… This doesn’t concern honeypots only, by the way; for insurance purposes one sometimes would have to gather as much evidence as possible also, even when damages tallies run high(er and higher).
  • In many jurisdictions, entrapment is illegal except by officials under very strict control of warrants, etc., if at all. A honeypot is just that; entrapment – where the strict control by/over officials, isn’t. Your court case may crumble due to this illegal obtainment of evidence…

Or …? Your advice, please.

About maverisk

Maverisk Consultancy, IS Audit and Advisory services: Wikinomics meets governance and audit; otherwise, see my personal LinkedIn profile
This entry was posted in Information Risk Management, Information Security. Bookmark the permalink.

Your comments are welcomed!

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s