Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
The Courts Businesses Data Storage Privacy IT Hardware Your Rights Online

Employee-Owned Devices Muddy Data Privacy Rights 165

snydeq writes "As companies increasingly enable employees to bring their own devices into business environments, significant legal questions remain regarding the data consumed and created on these employee-owned technologies. 'Strictly speaking, employees have no privacy rights for what's transmitted on company equipment, but employers don't necessarily have access rights to what's transmitted on employees' own devices, such as smartphones, tablets, and home PCs. Also unclear are the rights for information that moves between personal and corporate devices, such as between one employee who uses her own Android and an employee who uses the corporate-issued iPhone. ... This confusion extends to trade secrets and other confidential data, as well as to e-discovery. When employees store company data on their personal devices, that could invalidate the trade secrets, as they've left the employer's control. Given that email clients such as Outlook and Apple Mail store local copies (again, on smartphones, tablets, and home PCs) of server-based email, theoretically many companies' trade secrets are no longer secret.'"
This discussion has been archived. No new comments can be posted.

Employee-Owned Devices Muddy Data Privacy Rights

Comments Filter:
  • by vlm ( 69642 ) on Sunday January 08, 2012 @02:57PM (#38631306)

    Who profits by muddied waters? Wasn't this all figured out decades ago when employees got home telephones and occasionally talked business on them?

    • by AvitarX ( 172628 )

      Or at least composed an email using outlook webmail?

      People have been doing business communications from home computers for a long time. AJAX was developed initially to make that work better.

      • by DCTech ( 2545590 )

        AJAX was developed initially to make that work better.

        What? What does AJAX have to do with working from home?

        • You might want to read up on how AJAX came to be.

          • by AvitarX ( 172628 )

            You're right, it was for new updates on MS's homepage initially, it wasn't until the next year it was used for Outlook Web Access.

            A couple years later it was included in Gecko, and the first time it blew my mind was using google maps years later.

        • What does AJAX have to do with working from home?

          If they made Ajax to clean that messy work crap from your computer, that would be something.

    • You can't lose a phone and lose a few thousand customer social security numbers or credit card numbers stored on it.
      • by Moryath ( 553296 )

        Sure you can.

        Phone has an outlook client, automatic email login, and no password.

        Phone can connect to Outlook, where someone emailed an Excel document with a few thousand customer SSN's, credit card numbers or other contact info. Employee checked the "remember password" button, so it automagically logs in.

        Phone gets lost, someone picks it up, downloads document to phone memory. One SD reader later, Excel document is in the hands of someone who has "fun things" to do with the excel document's information.

        Hey

        • by lavagolemking ( 1352431 ) on Sunday January 08, 2012 @04:46PM (#38632100)

          I said phone, not cell phone or smart phone. You know, those ancient analog devices mounted on the wall from the day and age mentioned in GP, before cell phones were widespread. You speak into them, and they don't connect to the internet or remember your recent contacts. We are still talking about

          decades ago when employees got home telephones and occasionally talked business on them

          right? Maybe I'm naive, but I don't seem to remember Outlook from a phone being possible back then.

          Point being, in the time when this figured out, you didn't have to worry about what kind of sensitive data was stored on a device with no storage capability.

        • by SeaFox ( 739806 )

          Sure you can.

          Phone has an outlook client, automatic email login, and no password.

          Phone can connect to Outlook, where someone emailed an Excel document with a few thousand customer SSN's, credit card numbers or other contact info...

          If anything this is an example of why documents with sensitive information shouldn't be sent through email unencrypted at all, even between two addresses on the same corporate server. Make it secure, and make opening the file require use of a system that cannot enter the username/password automatically for the user.

          • by Dan541 ( 1032000 )

            Make it secure, and make opening the file require use of a system that cannot enter the username/password automatically for the user.

            So the user will just choose a weak password.

            I'd rather the user have a strong password set by the IT Department and auto log them in than have an easily cracked password. Having the user enter a pin to unlock the password manager, this protects against casual theft and buys some time until the user credentials can be reset. But if a sophisticated (or even the average /.er) adversary is considered a threat then the user shouldn't be given remote access to email.

    • Who profits by muddied waters? Wasn't this all figured out decades ago when employees got home telephones and occasionally talked business on them?

      Home telephones don't store data (except the occasional phone number), so smartphones add a new aspect. The Uniform Trade Secret Act (UTSA) is pretty much silent on what constitutes "efforts that are reasonable under the circumstances to maintain its secrecy", so there's plenty of room for muddied waters there.

  • by khasim ( 1285 ) <brandioch.conner@gmail.com> on Sunday January 08, 2012 @03:02PM (#38631334)

    If InfoWorld cannot get enough hits on his articles by themselves (see other discussions here) then why does Slashdot have to link to them?

    How to thwart the high priests of IT
    http://it.slashdot.org/story/11/12/18/2154224/how-to-thwart-the-high-priests-in-it [slashdot.org]

    Seriously?

    • by Moryath ( 553296 ) on Sunday January 08, 2012 @03:51PM (#38631694)

      What's really funny is that Galen "I'm a fucking moron" Gruman just wrote this second article, which was the answer to why those supposed "high priests" - really, IT people trying to implement the policies put forth by PHB's high up the chain and legal teams trying to stop the risk of trade secrets going out the door - did the things he didn't like in the first article.

    • Re:Why link to another Galen Gruman article?

      Why? Because he's self-satirizing! He's never had a real IT job, yet he condescends to lecture those with decades of hard-earned "lessons learned" who have seen this plan go belly-up before.

      This is just another pendulum swing. Another 7 years and it'll be swinging the other way due to some highly publicized lawsuits and jail terms.We'll see ol' Galen eat crow then. In the mean time just grin and bear it; it' can't be stopped.

      --
      .nosig

  • by Omnifarious ( 11933 ) * <{gro.suoirafinmo} {ta} {hsals-cire}> on Sunday January 08, 2012 @03:03PM (#38631346) Homepage Journal

    I've kind of felt that personal devices like phones and such should be treated as extensions of your own mind. For example, they should be covered by the fifth amendment.

    This means, from a trade secret standpoint, that transmission of the secret from your device to an unrelated third party should be treated as if you personally wrote out the trade secret and sent it. And if your device was hacked, it should be legally treated the same as if you were conned into revealing the trade secret. But you employer should have absolutely no rights with regards to examining what's on your device. It should be treated as a black box.

    • by lindi ( 634828 ) on Sunday January 08, 2012 @03:26PM (#38631518)
      Perhaps in theory but that's not very realistic today. Malware on a phone can easily leak a lot of data without anybody noticing, that won't happen with your mind.
      • It can happen with your own mind, but it's very hard and require a superbly deft con-artist to accomplish. But yes, I agree, that's a fly in the ointment. We need some major improvements in security technology for software. It's a 'non-trivial' problem.

      • WHy malware? Even the firmware is doing it right now.
      • by sjames ( 1099 )

        Sure it will, at least in some cases. Haven't you ever seen anyone infected with either the Cuervo or Stoli virus? Some are even susceptible to the Coors attack.

    • Comment removed based on user account deletion
      • While I can understand doing that, and sometimes do things that way myself, I find it highly inconvenient and annoying. My personal devices are like my house. I set them up a certain way and expect things in certain places. It's far easier for me if I have my own 'house' to work in. My employer will get higher quality and quantity from me if I do things that way.

  • by sandytaru ( 1158959 ) on Sunday January 08, 2012 @03:04PM (#38631354) Journal
    A few recent submissions to Slashdot have been from end users complaining about miserly IT overlords refusing to allow personal devices onto the network, and telling the end users "No you can't." These articles were all written from the manager's standpoint, whereby they figured if their use of their personal devices was going to allow them to be more productive, then there was no reason to say they couldn't use them. Right? Well, the legal issues surrounding them are a very good way to say "wrong." Between all the compliance issues and security risks that personal devices entail, the legal headaches and challenges that could ensue if something goes awry should be enough of a deterrent for most businesses.
    • by khasim ( 1285 ) <brandioch.conner@gmail.com> on Sunday January 08, 2012 @03:15PM (#38631436)

      A few recent submissions to Slashdot have been from end users complaining about miserly IT overlords refusing to allow personal devices onto the network, and telling the end users "No you can't."

      ...and...

      Well, the legal issues surrounding them are a very good way to say "wrong."

      That series of articles was written by the same guy writing this article.

      Between all the compliance issues and security risks that personal devices entail, the legal headaches and challenges that could ensue if something goes awry should be enough of a deterrent for most businesses.

      Which are exactly the points that everyone here brought up in response to those previous articles.

      And those reasons are the reasons why companies do NOT do what he claims that they ARE DOING now (and the point of his previous articles).

      Who "owns" the work you do for the company on your personal computer? What rights does the company have to your personal computer when you leave?

      Why even get into a discussion of that? The company issues you a laptop to use at home and you are supposed to use that laptop for company work. When you leave, the company gets the laptop back.

      No questions. No problems.

      But simple solutions like that do not generate articles about how companies are allowing employees to bring whatever they want into the company and connect it to the company's private data.

      Even though he had not interviewed a SINGLE CIO from any company in the health-care industry stating that they did what he claimed they did.

      • Then why is Slashdot still accepting stories written by him?

        He is a troll and just an average Joe trying to flamebait his way to hits to CIONetworkWorld mag or whatever it is. He is an idiot and not an actual I.T. visionary, editor, or CIO who is qualified to write a well documented article relevant to I.T. in the enterprise.

        To keep it simple I.T. exists for a reason. It exists to manage computers and networks so the business can make money. If employees manage it then it defeats the purpose of I.T. in the

        • As I've posted before ...

          The purpose of corporate IT is to ...
          allow company approved people to
          access company data
          using company approved apps
          on company approved hardware
          at company approved locations
          with company mandated security methods
          on the company approved IT budget and staffing level
          to keep the company in business and out of court.

          He is an idiot and not an actual I.T. visionary, editor, or CIO who is qualified to write a well documented article relevant to I.T. in the enterprise.

          And I think that is the c

        • by gmhowell ( 26755 )

          Then why is Slashdot still accepting stories written by him?

          He is a troll and just an average Joe trying to flamebait his way to hits to CIONetworkWorld mag or whatever it is. He is an idiot and not an actual I.T. visionary, editor, or CIO who is qualified to write a well documented article relevant to I.T. in the enterprise.

          Much like it drives views to his site, it drives views to Slashdot. It's why we see so many Apple vs. Google vs. Microsoft vs. whatever stories. They drive views and posts, which create ad impressions.

          Far from the story writer being an idiot, he's a genius. Despite knowing dickall, he has tons of people viewing his story. Getting him paid. "Who's the more foolish, the fool, or the fool who reads him?"

  • by JakiChan ( 141719 ) on Sunday January 08, 2012 @03:14PM (#38631426)

    There are a few things that the users who want company (email/data/whatever) on their personal (iCrap/PC/whatever) don't think about.

    1) Is the remote wipe functionality such that if I have to zap your device it will only nuke the company data? Are you willing to lose ALL the data on your phone? I've heard about folks suing their employers over this.

    2) If I suspect you're up to no good and you're using a company device I can take that device and conduct forensic analysis on it. If it's your personal device I can't force you to surrender it.

    3) Are you willing to pay for whatever security software IT mandates?

    I know there are some Mobile Device Management packages out there working on this, and hopefully the best practices will all be sorted out soon. However coming up with these best practices (and buying the software/etc to support them) is not free. So to the employee they think "Hey, this doesn't cost you anything! I bought the phone!" But they don't see the TCO at all.

    • by Kjella ( 173770 )

      1) It's total destruction.
      2) This is their problem, not mine.
      3) No

      The first one I only accepted because well it could get lost or stolen, I should have backups anyway and hopefully it'll be as rare as actually losing the phone. It's remote wipe, not remote control. But I might also not run to IT security until I'm sure it's gone for good. As for the last point, that I have everything on one phone means I'll carry it almost always. If I had to have a separate work phone, well then if I'm not on call with pay

      • by PNutts ( 199112 )

        1) It's total destruction.
        2) This is their problem, not mine.
        3) No

        1) It doesn't have to be
        2) If you're employeer has reason to believe you are a risk then I would say it is your problem. Most data transfer activities can be prevented and logged.
        3) Many people do. Secure e-mail clients for Android are $19. The only reason to use one on an iPhone is if you want to limit the wipe to corporate e-mail and/or don't want a passcode for the phone (just e-mail). This assumes the company has appropriate security policies in place (ActiveSync, etc.).

    • by vlm ( 69642 ) on Sunday January 08, 2012 @03:49PM (#38631680)

      I know there are some Mobile Device Management packages out there working on this, and hopefully the best practices will all be sorted out soon.

      Don't need them. All you need is rdesktop/VNC/SSH. Some companies have been working "in the future" for a couple decades now, some still aren't in the present.

      Is the remote wipe functionality such that if I have to zap your device it will only nuke the company data?

      Yeah.... go ahead, wipe the vmware image my wife connects to via rdesktop. Its not going to affect her phone, desktop, tablet, work laptop, home laptop, etc.

      Its conceptually not much different than allowing remote webmail access.

      • Yeah.... go ahead, wipe the vmware image my wife connects to via rdesktop. Its not going to affect her phone, desktop, tablet, work laptop, home laptop, etc.

        Probably not. But that is only half the question.

        The other half is ... can it leak company information via your wife's "phone, desktop, tablet, work laptop, home laptop, etc".

        And for that answer, you have to postulate massive infection on your wife's device. And a Russian cracker on the receiving end. Can that Russian cracker use the information gathere

    • But if you kept a backup, their remote wipe is ineffective, and companies have no technical means to keep you from backing up their data on your machine (home PC, smart phone, iPad) and no technical means of erasing it or even discovering that it exists.

      For example, the employee may be using one of those web services that backs up all his information to "the cloud." Now the company's info is now on the employee's personal device and there are also and unknown number of copies on servers that neither party

    • by germansausage ( 682057 ) on Sunday January 08, 2012 @04:25PM (#38631952)
      We have a mail app for our (employee owned) iphones which encrypts the message store on the phone, and can be remotely wiped. It's not quite as functional as the built in apple mail app but it's good enough. If you want company mail on your personal phone you have to use the app. You can still have your own personal mail accounts, if we nuke the company mail, (by revoking the encryption key) your personal mail is untouched. Company pays for the app. Employee purchases and owns phone, company splits cost of voice and data plan 50/50 with employee and pays for work related long distance calls. It is sensible, and works ok.
      • It seems like a common-sense workable policy like yours is threatening to some of the IT dinosaurs on this board, who fear the loss of control. What they really fear is change - they were the same people in the early 80s fighting to keep PCs out of the office. In fact, I remember many of the exact same arguments being used (loss of central control, who will be responsible, etc).

        • I think some people choose IT or Engineering because they like black and white answers to everything. You can't BS past the laws of physics. This I-beam meets the load requirements or it doesn't; this cable can carry sufficient current for the motor or it can't, this hard drive can hold all the data or it can't. No nasty grey areas.

          Of course, once you add human beings and their conflicting needs and desires into the mix the grey areas abound. The problem for this kind of person comes comes when they start
      • by dave562 ( 969951 )

        What happens when the company gets sued and the lawyers need to do electronic discovery on the device? Are there backup devices available for employees while their personal devices are forensically imaged and unavailable to them for however long that process takes (usually a couple of days at minimum if they are lucky)?

        Are the employees going to be happy when all of their personal correspondence, family photos, etc are vacuumed up as part of the evidence collection process?

        Of course the photos will never b

    • You are forgetting that there are different rules in different jurisdictions. What might work in your state/country might not work in others. That also has to be considered.
  • Simple, really (Score:5, Informative)

    by cdrguru ( 88047 ) on Sunday January 08, 2012 @03:16PM (#38631454) Homepage

    Many large companies have very simple policies about this for this very reason: ABSOLUTELY NO DEVICES NOT COMPANY SUPPLIED ON THE NETWORK. If the company is counting on trade-secret status for things like customer lists of course this is going to be in jeopardy once the customer list is loaded onto a non-corporate-owned device. It is at least going to open the door sufficiently that it is going to be very expensive to litigate in the future.

    You can easily envision the employee with the customer list on their personally-owned phone walking into their new employer with what they feel is a leg up on all the other sales people. It's on their phone, it is their list of contacts that they have been dealing with for years and now they can offer them new stuff from their new employer. Why not, right? Well, if you do it with paper you are going to get sued. My guess is that if you do it with your phone it is going to be a lot more complicated than it would have been before.

    A large part of the problem is that some companies simply do not understand the ramifications of having their supposedly private, secret information scattered about. They plug in a wireless router on the internal network without thinking it through, perhaps comforted by the knowedge that they used the best 26-character WEP password they could think up.The president brings in a iPad into a completely Windows-centric environment and wants to be able to use it with company data - not knowing that the application makes a static copy of the entire database on the device.

    Yes, there are some nice nifty devices out there that the company hasn't seen fit to buy yet. That doesn't mean they should be on the network. And the whole question of user-owned devices being securely within the trade-secret umbrella or not is one that will only be resolved through a lot of court cases. And some people would do very well to remember that it isn't the successful business that gets to be one of the "first" in litigation.

    • Re:Simple, really (Score:5, Interesting)

      by vlm ( 69642 ) on Sunday January 08, 2012 @03:56PM (#38631738)

      ...ABSOLUTELY NO DEVICES NOT COMPANY SUPPLIED ON THE NETWORK. If the company is counting on trade-secret status for things like customer lists...

      Funny you should mention this, to work around that agony, at a previous financial services employer, the field techs had the customer site data in plain text email as attachments, which the field circus techs had access to via internet webmail. Boss/supvr was gatekeeper and responsible for email forwarding the most recent customer data snapshot to any of his techs that requested it from him.

      The problem with hollywood movie plot based security is that it usually completely misses the mark of real security issues. If it takes 30 minutes of biometric and two factor security to get some data, what happens in the real world is one tech will simply txt message another tech asking him to email the info he needs to his gmail.

    • That's probably close to as good as can't be hoped for, policy-wise. However the previous company i worked for wouldn't allow us access to public databases (of protein structures) so in order to do research we discovered a public wireless network, associated with the local library system, that we could access from within the company offices. Knowing we'd never be permitted to have a specific machine on both networks (wireless and wired) as that would be a grave security problem (...i guess...) we had one
    • Comment removed based on user account deletion
  • by Joe_Dragon ( 2206452 ) on Sunday January 08, 2012 @03:20PM (#38631482)

    That is a big one as well.

  • what about companies that make you buy / pay part of the cost of there system??

    Now if they are forceing you to buy there system then you should be able to install any game or app you want but what about mixed cases where the company and you both pay for the system who own's it and who has the right to data and out of work use?

    • what about companies that make you buy / pay part of the cost of there system??

      I've never here'd of such a thing.

  • The Congress shall rapidly remedy it, in employers' favor. What, are you against campaign financers job creators?

  • by Rob the Roadie ( 2950 ) on Sunday January 08, 2012 @03:30PM (#38631544) Homepage

    ICO issues guidance about private emails [guardian.co.uk], reminding the public sector that the Freedom of Information Act covers private emails if they are used for business matters.

    "Christopher Graham, the information commissioner, said: "It should not come as a surprise to public authorities to have the clarification that information held in private email accounts can be subject to freedom of information law if it relates to official business."

    Not really a device thing... but related none the less.

  • by gnasher719 ( 869701 ) on Sunday January 08, 2012 @03:35PM (#38631576)
    A trade secret hasn't left the control of the company just because it is on my personally owned device - as long as I have a legal duty not to pass it on any further. As an employee, I would have that duty, just as any outside company or person under NDA would have.
    • Re: (Score:3, Insightful)

      by Anonymous Coward

      The employee may unwittingly do so. People don't accidentally blurt out trade secrets, but many people do opt to download and run the occasional Trojan, many run buggy software or software that un-buggily treats some types of caches as not particularly sensitive, or they send home PC's unencrypted drive platters back to manufacturers, or run proprietary software where you (nor they) simply don't have any way of knowing what all it does, or -- countless other things.

      You can say it was still their responsib

  • by Cederic ( 9623 ) on Sunday January 08, 2012 @03:44PM (#38631630) Journal

    Life is pretty fucking simple:
    - the company's data belongs to the company
    - the individual's data belongs to the individual
    - customers' data belongs to the customers and is protected by law

    So don't allow customer data onto insecure personal devices, decide whether you'll allow company data onto those devices and accept that your employees will have data you don't control on them.

    Shit, I work for a bank, I can think of a dozen ways of permitting end user computing in the office without breaking any FSA regulations, the law or unreasonably jeopardising the company.

    • by fred911 ( 83970 )

      Example:
        Say I am an outside sales rep. I do have an office at the company and I receive maybe 10% of my book from company leads. I am 100% commissioned. In my office I have copies of every clients data, invoices, receipts, everything with an emphasis documenting profit, among other things.

        One day I show up and get terminated and my boss says you cant take your records.

        Whos property is it?

      • by Cederic ( 9623 )

        Either it's your data or it's the company's. What the fuck does the underlying device have to do with that? Why the hell didn't you and the company agree on this long ago, back when you were first employed in that role?

        Those issues are not end user computing related.

      • Back it up externally, just to be sure. Possession is 9/10ths of the law.

    • You will have plenty of people who would argue that there is no such thing as data ownership. Many of them here.

    • by Lumpy ( 12016 )

      but it does not let the Corporation push off the costs of a smartphone onto the worker without compensating them for it.
      how are we going to afford the CEO's new diamond inlaid business cards? Actually BUY tools for the employees? are you mad?

      Only companies run by idiots try and con the employees into supplying their own tools for work. If it's their tools they control what is on them not the company. If you want control, purchase and maintain ownership of all tools the employees use.

      When I leave my jo

  • by sribe ( 304414 ) on Sunday January 08, 2012 @03:50PM (#38631684)

    When employees store company data on their personal devices, that could invalidate the trade secrets, as they've left the employer's control.

    Bullshit. You might as well claim that trade secrets are invalidated if the employee takes written notes home from a meeting because, after all, "they've left the employer's control". Except that employee still has a legal obligation to not spread those trade secrets to unauthorized parties...

  • by Todd Knarr ( 15451 ) on Sunday January 08, 2012 @04:17PM (#38631896) Homepage

    I think the argument that trade secrets are revealed because the employee's device is outside the company's control is somewhat invalid. The device may be outside the company's direct control, but technically so is the employee's brain and mouth. The employee, however, is within the company's control, thanks to the agreement the employee signed about how they'd handle the company's secrets. Since the employee's device is within the employee's control, and the employee's agreed to handle secrets in an appropriate way, the company's got sufficient indirect control to keep the secrets secret. If that weren't the case then telling the employee the secret in the first place would expose it, since the employee's mind isn't under the company's direct control and the only control exerted is the same agreement about how the employee will handle those secrets.

    Cloud storage is another matter, but solving that will require a massive change in the law: making it so my e-mail is mine, period, and you can't serve a subpoena on the server operator to gain access to my e-mail, you have to serve the subpoena on me.

  • It doesn't muddy the rights. All the potential problems involve unintentional (on the part of the company) release of the information to third parties. The employees are supposed to have access to company information, but aren't allowed to disclose it to third parties without permission.

  • Simple fact, Ajaxco might very well make the best widgets out there at a fair price, but NOBODY gives a crap about it's email. NOBODY.

    Some people might care about customer credit cards, and so those shouldn't be on ANY mobile device, no matter who owns it.

    If somebody finds a lost cellphone, they will do one of 3 things.

    1. Return it to it's owner. Cool, no problem
    2. Wipe it and use it as their own. Not preferred, but the data's wiped.
    3. Wipe it and fence it off to someone else. Same as 2.

    What they won't do is try

  • My device, My data. if you want control over it, then stop being a cheap bastard and buy me a iPhone and you pay for the data plan and cellphone service.

    If you want control, you have to pay all the costs. Otherwise, stuff it in your gold plated urinal.

  • I think this is quite straightforward. A company can be responsible for the interfaces that are provided to internal data to none-company devices and the data on company devices. Outside of that the responsibility stops with the end user (employee/customer/guest/consultant/whoever) and the company's usage policies should mirror this and breach of these constitutes breach of contract and therefore liability for damages.
  • If the device (phone, Tablet or PC) does not belong to us, it is not getting connected to our network. This is absolute - for secretaries, doctors, nurses or whoever else you care to mention.

    Sometimes we get new starters showing us their BlackBerry/new iPad/laptop/whatever but we just show them the documentation and that is usually the end of the story.

    Our "Service Desk" (Help Desk) know this and tell people. It is interesting that those at the top of the tree and those nearer the bottom both seem to be a

  • this is just because IT can't control it, they start to scream
  • Not everybody has the talent to be a good author (I don't fool myself). Some writings get muddled, and some responders simply interject confusions. The topic(s) of ‘data privacy rights’, why they are needed, and including who is subject to adhere to regulations concerning them, why they are subject, when they are subject, and the regulations themselves, all deserve to be logically discussed .. . .. .Because there ARE regulations. -Regulations concerning information that a person or other enti

Your own mileage may vary.

Working...