May 8th 2012, 1:05:41
yeah, I agree with you on that. My original post pointed out that this is about the lowest rung on the priority ladder as far as law enforcement is concerned, and probably should be when you consider all the other things law enforcement has to deal with :)
In the situation I dealt with this on there were no monetary damages that could be proved, just damage to data integrity by modifying database entries. However, I worked for a fortune 500 company, which would have had a lot more pull with law enforcement, as well as a legal team perusing it, so the priority was a bit higher, and they got results (the perpetrator was fined and given probation). However, there was a lot of foot dragging, and I got the feeling that a lot of pressure was being exerted to get it dealt with. I purely worked on it from a technical point of view, compiling logs and coordinating with agents about technical evidence.
I'm not sure on your question of monetary damages. For many laws there is that requirement, and for civil action you typically have to have some monetary damage to base a judgement on (though moneys are awarded from time to time for 'pain and suffering', my impression is that those cases are few and far between). But there is no mention that monetary damages are required by the section of the code I referenced, and the definition of damages does not mention money at all, purely a disruption of data or information. There are certainly crimes which do not require monetary damages (mail tampering comes to mind), but we're basically getting beyond where I feel I could give any sort of authoritative answer. For those questions I would usually just suggest that someone speak to an attorney, as the answer likely lies in some unrelated court opinion.
But in general I do agree with you, Anonymous, and I appreciate the thought out response!
In the situation I dealt with this on there were no monetary damages that could be proved, just damage to data integrity by modifying database entries. However, I worked for a fortune 500 company, which would have had a lot more pull with law enforcement, as well as a legal team perusing it, so the priority was a bit higher, and they got results (the perpetrator was fined and given probation). However, there was a lot of foot dragging, and I got the feeling that a lot of pressure was being exerted to get it dealt with. I purely worked on it from a technical point of view, compiling logs and coordinating with agents about technical evidence.
I'm not sure on your question of monetary damages. For many laws there is that requirement, and for civil action you typically have to have some monetary damage to base a judgement on (though moneys are awarded from time to time for 'pain and suffering', my impression is that those cases are few and far between). But there is no mention that monetary damages are required by the section of the code I referenced, and the definition of damages does not mention money at all, purely a disruption of data or information. There are certainly crimes which do not require monetary damages (mail tampering comes to mind), but we're basically getting beyond where I feel I could give any sort of authoritative answer. For those questions I would usually just suggest that someone speak to an attorney, as the answer likely lies in some unrelated court opinion.
But in general I do agree with you, Anonymous, and I appreciate the thought out response!