Total Tests:

Media Claims of Law Enforcement Agencies Purchasing Breach Data, How Serious Is It?

By Scott Ikeda for CPO Magazine
Wednesday, July 22, 2020

There is certainly general reason for wariness about what might be going on here. Given that the exact data that SpyCloud is selling cannot be pinpointed, however, it is difficult to evaluate how much of a public concern this actually is.

Legal obstacles

There are a number of legal restrictions that would prevent law enforcement agencies from simply purchasing stolen data from criminals and using it in investigations, as Ilia Kolochenko, Founder & CEO of web security company ImmuniWeb, points out: “These sales statements sound a bit exaggerated and overhyped. In courts of many jurisdictions, use of stolen, or otherwise unlawfully obtained data or evidence, is expressly prohibited by law … As a matter of practice, some law enforcement organizations and police units indeed occasionally buy stolen data from various sources. The data may then be used for a wide spectrum of monitoring, preventive or investigative purposes. Its usage, however, rarely becomes official and mostly serves different “in-house” purposes. Therefore, I doubt that Western law enforcement agencies would buy this stolen data from commercial companies or vendors … normally much of this data may be easily and lawfully subpoenaed from service providers and technology companies for the purpose of an ongoing criminal investigation … (subpoenaed data) won’t pose problems for law enforcement officers later.” Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential