A.1.2. Human Rights Act
In 1998, the UK incorporated the European Convention on Human Rights into its own legislature and this came into effect mostly in 2000. The majority of the Human Rights Act is not terribly interesting to us, but Article 8 is profoundly relevant.
Article 8 of the Human Rights ActRight to respect for private and family life
|
An example of how this can be a problem for a penetration tester is this: It might be necessary as part of a penetration test to perform network-level snooping or 'sniffing' (in order to gather passwords, for example). This can be a fairly indiscriminate activity and it's very easy to pick up on things that you shouldn't see. If you happen to intercept an email from a member of staff to her husband, for example, then you have clearly violated the first clause of Article 8 – the right to privacy in correspondence. The fact that the security policy might dictate that company systems are not to be used for private correspondence is totally ...
Get Unauthorised Access: Physical Penetration Testing For IT Security Teams now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.