Georgia court finds probable cause though investigator did not contact person who discovered CP

The Georgia Court of Appeals held in Manzione v. State that the failure of a Georgia investigator to contact the Yahoo! employee who reported child pornography to NCMEC did not invalidate a search warrant. 719 S.E.2d 533 (2011).

An employee at Yahoo! discovered four images of child pornography and tracked the IP address to Athens, Georgia. The employee reported this information to the National Center for Missing and Exploited Children (NCMEC) where the images and information were forwarded to the Georgia Bureau of Investigations. An agent then tracked the IP address to the defendant's address and obtained a search warrant.

On appeal, Manzione contested admission of evidence on the grounds that probable cause did not exist because the information obtained by the agent was hearsay "and that NCMEC was an unreliable source" as the agent should have directly contacted the Yahoo! employee. The court found "that NCMEC was nothing more than a pass-through entity" and though the agent probably should have contacted Yahoo!, the information could have been presumed reliable. Therefore, sufficient probable cause existed for the search.

RELATED CASE: Almost the same situation arose in another Georgia appellate case involving a report from Google to NCMEC in James v. State, 312 Ga. App. 130 (2011).

Read More

Comedian Louis CK weighs challenges of piracy and profit in new video release

Louis CK posted his PayPal account page to his website.

I do not dedicate a lot of time to discussing music, movie, or software piracy on this blog as those topics are covered extensively on other blogs. However, I did want to bring up a story I read concerning comedian Louis CK's new video. The comedian decided to forego digital rights management and traditional advertising. Instead, the download is simply for sale on his website.

"The experiment was," wondered Louis CK, "If I put out a brand new standup special at a drastically low price ($5) and make it as easy as possible to buy, download and enjoy, free of any restrictions, will everyone just go and steal it? Will they pay for it? And how much money can be made by an individual in this manner?"

The result was spectacular - over $1 million in just twelve days. Perhaps if people didn't have to pay $30 for a movie, there would be less piracy.

Read More

First Circuit vacates CP convictions after FBI agent makes improper statements

The First Circuit recently reversed a child pornography conviction after admission of improper testimony. United States v. Vázquez-Rivera, 665 F.3d 351 (1st. Cir. 2011). The FBI had conducted a chatroom operation, posing as a 14-year-old girl. After sending video to the "girl" of a man (no face identifiable) masturbating, the FBI tracked the IP address back to the home of the defendant. Over 100 images of child pornography were found on the home computer, which was apparently accessible by seven people.

The first issue on appeal was whether test FBI Agent Segarra's testimony was improper overview testimony. Such testimony is usually presented "early during trial to describe the government's general theory of the case." The problem is when the witness provides an overview of the entire investigation "including aspects ... the witness did not participate in, before the government has presented evidence." However, the court found that the agent's testimony was not improper overview because the agent was the "penultimate witness on the first day of a five-day trial and, as such, did not "preview" the government's case."

On the stand, Segarra was asked to identify the person who was found to have been using the screen name at issue, and she responded with the defendant's name. The admission of this statement was plain error because it addressed the ultimate issue before the jury. Only circumstantial evidence existed to show a connection between the defendant and the chats. Further, the testimony was based "on the overall investigation rather than her personal observations." Here's the exchange:

Q: And just to make -- to clarify, IncestoPR is the same person as Secreto, correct?
A: Correct.
Q: And Secreto is the same person at Bienhotpr@hotmail.com?
A: Correct.
Q: And throughout your investigation, who did you identify that person to be?
. . . .
A: We identified him as William Vazquez-Rivera.

The court also addressed the specific wording of the testimony by Segarra: "we ended up identifying [the subject] as William Vazquez Rivera." This statement is also improper because it involves the opinion of other unidentified officers and because it declares the defendant to have "sent the illicit material and was therefore guilty."

She also testified regarding the video that has been sent. The defendant was wearing pajama pants in the video and was wearing those same pants the day that Segarra and others arrived at the defendant's home to execute a search warrant. Because she connected the pants to identify the defendant as the same person in the video, this testimony was improper.

This goes on and on with various other statements made by the agent, and the court strikes each down as improperly admitted. The court found that the "repeated and extensive use of improper testimony may have influenced the jury" and because the evidence was not "sufficiently compelling to assuage this concern," the conviction should be vacated.

Read More

EFF releases guide to help international travelers protect files

Last week, the Electronic Frontier Foundation (EFF) released a 21-page guide titled "Defending Privacy at the U.S. Border: A Guide for Travelers Carrying Digital Devices." It contains information on how travelers should backup their data, minimize what they carry with them, and encrypt files.

There are several exceptions to the warrant requirement of the Fourth Amendment, one being the border search exception. At least one federal appellate court has held that there is no requirement of suspicion of criminal activity in order to search technological devices as a person travels to or from the United States. See United States v. Arnold, 533 F.3d 1003 (9th Cir. 2008).

Read More

Tech Watch: How to track Internet activity back to a user

Be sure to visit Cybercrime Review's YouTube channel in the future for more videos like this. If you have any suggestions for video topics, post your ideas in the comments below.

Read More

Fourth Circuit vacates CP transportation convictions as multiplicitous

The Fourth Circuit vacated 26 convictions for transporting child pornography as plain error of multiplicity in United States v. Buczkowski, 2011 U.S. App. LEXIS 25190 (4th Cir. 2011).

The defendant had been charged with possession and transportation of child pornography after a computer repairman found 27 images of child pornography on defendant's computer. The images were of his niece, some of which were pictures of the defendant and niece engaging in sexual acts. The defendant had been working for a military contractor in Iraq, and because he transported the images "using any means ... of foreign commerce", he was subject to the transportation charge.

At trial, he was convicted of 27 counts of transportation, but on appeal, he argued that the additional counts were multiplicitous. The court found that "[t]he central focus of the statute is the act of transporting, not the number of individual images transported." Therefore, only one count should have been charged. Because the defendant raised the issue for the first time on appeal, the court reviewed under plain-error, and found that the convictions should be vacated.

Read More

CDA claim against Facebook's "Sponsored Stories" feature survives motion to dismiss

When Facebook released its Sponsored Stories feature in January, many users instantly began complaining. Yesterday, a lawsuit concerning the feature survived Facebook's motion to dismiss.

Sponsored Stories connects a Facebook user's likes and check-ins to paid advertising. For example, if a user likes Nike, their name may appear on Nike's website when one of the user's Facebook friends visits the site. Though users can opt-out from being used in Sponsored Stories, it was automatically enabled for all users when released.

In Fraley v. Facebook, Inc., 2011 U.S. Dist. LEXIS 145195 (N.D. Cal. 2011), the plaintiffs allege violations of the Communication Decency Act (CDA), among others. While Facebook argued in its motion to dismiss that the CDA "provides broad immunity" to websites like themselves, the court found that the statute may not extend to Facebook's actions in Sponsored Stories. The plaintiffs allege that that "Facebook creates content by deceptively mistranslating members' actions," making it an information content provider and, thus, not immune under the CDA.

ADVERTISEMENT If you have a passion for preventing cyber crime and would like to make a career out of it, a masters programs in criminology can help you find the job you are looking for.

Read More

No probable cause to search home after sex offender conducts possible CP search at work

In United States v. Busby, the defendant's employer noticed that the computer assigned to him was performing searches such as "young-angels" and downloading torrents like "Pthc-Russia10Yo-11Yo-Little-Brother-And-Sister-2BoyGirls-Fucking-Just-Posing-Or-Naked-Pthc-R." 2011 U.S. Dist. LEXIS 145217 (N.D. Cal. 2011). The employer contacted the police and the laptop was seized. The following day, a search warrant was obtained for the defendant's residence because the laptop had also been used at the defendant's  home and contained images "of females in their mid-to-late-teens posing in a sexually suggestive manner." The defendant was also registered as a sex offender.

The court found that while the defendant may have had a subjective expectation of privacy in the laptop, he had signed a policy stating that "[u]sers have no explicit or implicit expectation of privacy" in the laptop. Thus, the employer's consent to search and seize the laptop was permissible. The search of the defendant's home, however, was unconstitutional and warranted suppression of evidence. The websites visited were only suspected of containing child pornography, but as the court pointed out, the photos in question may have been of young adults (18 or 19 years old) and not child pornography. Further, the fact that he was a registered sex offender does not help establish probable cause under these facts.

Read More

Conviction reversed after juror uses Twitter during trial

An Arkansas juror tweeted during trial, “Choices to be made. Hearts to be broken. We each define the great line.” It was brought to the attention of the court after counsel discovered it and realized a reporter was following the juror. Ultimately, the trial judge found that the juror disregarding a specific instruction not to tweet was not a material breach of the juror's oath. Then, the juror continued to tweet in a similar manner despite constant reminders not to do so.

On appeal before the Arkansas Supreme Court, the court reversed and remanded the conviction as a result of this juror's misconduct (and another juror who slept throughout parts of the trial) (Dimas-Martinez v. State, 2011 Ark. 515 (2011)). The court also ordered a committee to examine limiting juror's access to mobile phones during trial.

Other cases that have dealt with the issue of juror use of social media include:

• Pennsylvania juror updated his Facebook status throughout the trial with comments such as "can't believe tomorrow may actually be the end." The updates were shown on local television news, but the court found there was no outside influence or prejudice. United States v. Fumo, 655 F.3d 288 (3rd Cir. 2011)
• Facebook statuses such as "I may get 2 hang someone" and "Guinness for lunch break," and the juror becoming friends with another juror was not enough to demonstrate prejudice or bias. United States v. Ganias, 2011 WL 4738684 (D. Conn. 2011)
• Juror friending the plaintiff on Facebook and sending pictures from the account to the plaintiff's lawyer that allegedly showed drug use was not improper because testimony indicated the trial had been over prior to the friending. Wilgus v. F/V Sirius, Inc., 665 F. Supp. 2d 23 (D. Me. 2009)

Read More

Fifth Circuit reverses CP charge because computer was shared, dissent suggests argument is 'nonsense'

In United States v. Moreland, 665 F.3d 137 (2011), the Fifth Circuit dealt a crushing blow to prosecutors, finding that where a computer is shared between multiple users and no evidence clearly proves which user viewed child pornography found on it, a conviction will not stand.

The defendant lived with his wife and father. The three shared two computers, and the defendant's father often used them late at night. In September 2007, the wife found Internet history that indicated viewing of child pornography, and she reported it to police. In January 2008, the father died, and in May 2008, the defendant was charged with possession of child pornography. Testimony at trial indicated that there was no way to know the download dates of the images presented to the jury, and it was impossible to distinguish use of the computer between the three. The defendant's family testified that the father had long been a viewer of pornography.

With regard to custody of the computers, the court found that the prosecution offered no evidence to show that the defendant knew of the images and had control over them. Further, even exclusive possession of a computer without evidence showing defendant's knowledge and control over the images is insufficient for a possession conviction. Therefore, the court reversed the conviction.

In his snarky dissent, Judge Jolly wrote, "The record does not reflect whether the jury box had more than twelve chairs, but we do know—and we know for sure—that two more jurors are trying to crowd into the box." Jolly argued that there was sufficient evidence to support the conviction and that the "'[m]y dead Daddy did it' defense was deceitful and fictional nonsense." If you want to get schooled in deference to a jury's verdict and proper standards of review, this dissent is an excellent read.

It will be interesting to see whether the Fifth Circuit rehears the case en banc. Meanwhile, I would imagine defense attorneys certainly appreciate the gift.

Read More

Electronic evidence authenticated by pictures, greetings, and stated interests

In previous posts, I have attempted to list what courts look for when authenticating digital evidence. A recent California case almost adds a new one to the list. I may be reading too much into the opinion, but it's a worthwhile argument nonetheless.

The issue concerned authentication of a printed MySpace profile. People v. Valdez, 201 Cal. App. 4th 1429  (2011). It contained the following that was attributable to the alleged author: his pictures, greetings addressing him by name or relation, and stated interest in gangs and a picture of him "forming a gang signal with his right hand."

The profile was used to tie the defendant to gang activity, and the relevant data had been posted more than a year before the crime, making it inconceivable that anyone would have fabricated the information that early. Thus, implicit in this decision is a rule that electronic evidence can be authenticated if it appears that the supposed author has continued to update the profile. If they had not authored certain data on the page, they obviously would have deleted those postings (assuming, of course, that they saw them).

Read More

Derogatory statements toward "enthroned tulku" labeled free speech, defendant compared to Colonists

The case of United States v. Cassidy (2011 WL 6260872) has made headlines in recent days for many reasons. Cassidy was charged under the federal stalking statute (18 U.S.C. § 2261A(2)(A)) for actions on  Twitter and a blog. Cassidy met the victim, "an enthroned tulku or reincarnate master who was enthroned in 1988 as a reincarnate llama" after claiming to be a tulku. Cassidy worked with the victim for two weeks, and upon termination, went to cyberspace to complain. 

In total, the victim claims that over 7,000 tweets were directed at her. Other derogatory statements were made on a blog titled "Digital Tibetan Buddhist Altar." The tweets included:

• "you are a liar & a fraud & you corrupt Buddhism by your very presence: go kill yourself."
• "that ho b*tch so fat if she falls & breaks her leg gravy will spill out."
• "Rain tomorrow should cover the tracks..."

The victim did not leave her house for a year and a half after these acts, except for visits to a psychiatrist.

After extensive analysis, the court found the statements protected by the First Amendment. The victim was "a well-known religious figure" and "challenge[d] her character and qualifications." Further, "the Government's interest in criminalizing speech that inflicts emotional distress is not a compelling one."

Continue reading after the jump to see how the judge compared Cassidy's posts to how our Founding Fathers might have put up signs in their front yard.

Read More

Asking "u free tonight" not a substantial step under federal enticement statute

The Court of Appeals for the Armed Forces recently addressed whether a chat room conversation fell under the underage enticement statute by the question "u free tonight" being a substantial step. Finding it not to be, the decision was reversed. United States v. Winckelmann, 70 M.J. 403 (2011).

The defendant was charged with attempted enticement of a minor under 18 U.S.C. § 2422(b) (among other charges) for a chat room conversation in which he thought he was chatting with a 15-year-old male. When asked if he would have sex with 15-year-olds, he replied "if they want." After asking the "boy", "u free tonight", he told the boy, "e-mail me u want to get together."

The statute (in relevant part) allows fine and imprisonment not less than 10 years if one knowingly entices (or attempts to do so) any individual under age 18 to engage in sexual activity using a means of interstate commerce. Courts have held that the defendant must take a "substantial step toward enticement" in order to be guilty. United States v. Young, 613 F.3d 735, 742 (8th Cir. 2010); United States v. Barlow, 568 F.3d 215, 219 (5th Cir. 2009); United States v. Brand, 467 F.3d 179, 202 (2d Cir. 2006). "[T]he substantial step must 'unequivocally demonstrat[e] that the crime will take place unless interrupted by independent circumstances." United States v. Goetzke, 494 F.3d 1231, 1237 (9th Cir. 2007).

The Winckelmann court found that asking "u free tonight" was not a substantial step as "[t]here was no travel, no 'concrete conversation,' such as a plan to meet, and no course of conduct equating to grooming behavior."

Read More

Probable cause existed where teenager used images of CP to turn in his father

In United States v. Wilker, the court found that probable cause existed where the defendant's son took evidence of defendant's child pornography collection to the police. 2011 U.S. Dist. LEXIS 144264 (N.D. Iowa). The evidence included two images and two VCR tapes alleged as being from a hidden camera kept in the defendant's bathroom. Going by the testimony of the son and the son's friend, law enforcement obtained a warrant to search the defendant's house.

The defendant argued that probable cause would not have existed if law enforcement had disclosed information regarding the son's credibility to the magistrate. In the interview, the son "admitted that he wished to live with his mother instead of Defendant, that he and Defendant often argued and that, just days before [the son] reported Defendant to the police, Defendant had threatened to send Stephen to a 'boys home.'" The court found this to be a non-issue because the son "was a known informant and police could have held him accountable," and "he had 'an exceptionally strong basis of knowledge'" because he had personally discovered the images and tapes.

A second argument against probable cause concerned the fact that the son had told the officer he had not seen child pornography on the defendant's computer in at least a year, and thus probable cause did not "exist when [the] warrant [was] issued" with regard to the computer. However, because of the other evidence, it was reasonable to assume that the defendant "had used his computer in the past to store child pornography," and it should have been searched.

Read More

Court applies exception provision of federal Wiretap Act

In a recent wiretapping case, the court made a brought up an important Wiretap Act provision that should be clarified. The plaintiff learned that his conversation with a J.P. Morgan Chase Bank employee had been recorded by the company. The court holds that under the federal Wiretap Act, the plaintiff cannot state a claim. "The statute prohibits an interception that is 'for the purpose of committing any criminal or tortious act in violation of the Constitution or laws of the United States or of any State.' 18 U.S.C. § 2511(2)(d). Courts have interpreted this provision to require that the 'interceptor intend to commit a crime or tort independent of the act of recording itself.' Caro v. Weintraub, 618 F.3d 94 (2d Cir. 2010).

While the court is correct in its analysis, it is important to mention that Caro and the Wiretap Act both state this requirement only "where [the wiretapper] is a party to the communication or where one of the parties to the communication has given prior consent to such interception." 18 U.S.C. § 2511(2)(d). Thus, if a party to the conversation records it for the purpose of committing a crime or tort, they have also violated the federal Wiretap Act.

The case is Berk v. J.P. Morgan Chase Bank, N.A., 2011 U.S. Dist. LEXIS 143510 (E.D. Pa. 2011).

Read More

No suppression for CP found during TSA search

In United States v. McCarty, the Hawaii federal district court reconsidered a child pornography case after it had been vacated and remanded from the Ninth Circuit. When the defendant's luggage was scanned at an airport, a mass was noticed around his laptop. Fearing explosives, the TSA employee opened the bag, pulled out an envelope of photos, and several photos fell out. By normal procedure, the agent must flip through the photos for explosives material. The photos ranged from newspaper clippings of children's underwear ads to images of nude children, 57 images total of minor children. None of the images were technically child pornography, but taken together, they looked far from innocent.

The Ninth Circuit had extensively analyzed the search under administrative search doctrine, noting that "[t]he TSA search scheme ... was focused solely on the discovery of threats to air travel safety," and "the scope of the permissible search ... was defined by the point at which the screener was convinced the bag posed no threat to airline safety." The court found that while the agent acted, in part, outside the scope of the administrative search (violating the defendant's Fourth Amendment rights), she never abandoned the search entirely. The decision was remanded for the trial court to decide whether probable cause existed for arrest and whether evidence suppression was needed.

On remand, the district court found that probable cause existed because of several of the images individually because of their explicit nature. Each "would be 'sufficient to warrant a prudent man to believe that [defendant] had committed'" an illegal act, and the collection further solidified that conclusion. Further, none of the evidence should be suppressed as the search was justified under the administrative search or inevitable discovery.

The original 2008 district court opinion is available here, the Ninth Circuit opinion here, and the new district court opinion is available at United States v. McCarty, 2011 U.S. Dist. LEXIS 143220 (D. Haw. 2011).

Read More

Site tracks torrent users by IP address, allows database search

A new website has file sharers terrified. Somewhat. Maybe. Not really.

The website, www.youhavedownloaded.com, tracks torrent downloads against the downloader's IP address. A visit to the website will automatically display files downloaded using your current IP address. You can also do a search for a specific IP, torrent, or filename.

This Minnesota IP address downloaded
two episodes of the new tv show, New Girl.

Of course, if you have a dynamic IP assigned by your ISP, it may come back with files downloaded by others. The website claims to be able to track about 20% of downloaders, and the database contains about 52 million users. Read about IP addresses here.

The purpose of the site is to encourage users to improve their security by the use of VPNs, proxy servers, or seedboxes. For more information about these topics, read an earlier post here.

Read More

Tech Watch: MAC addresses vs. IP addresses

The differences between MAC addresses and IP addresses remain an issue of confusion. After a recent discussion I observed that confused the two, I thought I would try to explain how each works.

The computer first sends data to the network's router, using its local network IP address and MAC address. Each packet contains the computer's MAC address. Once the data leaves the network, it drops the MAC address and sends the data through the IP address assigned by the ISP.

MAC Addresses
A MAC (Machine Access Control) address is a unique number assigned to a network adapter. My laptop, for example, has two network adapters - one for a wired, ethernet connection and another for wireless. Thus, my laptop has two MAC addresses that are tied directly to the hardware. Reformatting my hard drive or changing how I connect to the Internet will not change the numbers. Further, no other adapter is supposed to have the same number.

Read More

Maine SC finds chat log properly authenticated by detective testimony

The Maine Supreme Court recently held that a chat conversation between the victim and defendant was properly authenticated after a detective who witnessed the conversation testified to its legitimacy (State v. Churchill,   32 A.3d 1026 (2011).

The victim, a 12-year-old girl, used instant messaging software to converse with the defendant while detectives monitored the conversation. After the chat was over, the victim emailed a transcript to one of the detectives. The trial court admitted a printout of the conversation after the detective testified that the printout was what appeared on the computer screen and that the text had not been changed.

The Maine Supreme Court found these additional factors relevant to the authentication of the chat log:

• The e-mail was sent while the officers were at the victim's home and was received on the detective's phone while there.
• The detectives monitored the entire chat and closely supervised the victim while she e-mailed the log.
• The "time stamps on each message show[ed] an uninterrupted sequence, the messages respond[ed] logically to one another, and Churchill's messages respond[ed] directly to statements the victim made over the telephone."

Authentication can sometimes be tricky when presenting digital evidence, but courts usually defer to testimony of law enforcement in cases like this. See Stearman v. State, 2010 Ind. App. Unpub. LEXIS 1115 (2010); Jackson v. State, 320 S.W.3d 13 (Ark. Ct. App. 2009). Of course, this situation is slightly different than other cases because the detective simply observed the conversation - in Stearman and Jackson, the officers were a party to the chat.

For other posts dealing with authentication of digital evidence, click here.

Read More

5th Circuit addresses CP sentencing, terms of release

The Fifth Circuit released a 38-page opinion today regarding sentencing enhancements and terms of supervised release in a child pornography case, United States v. Miller, 665 F.3d 114 (5th Cir. 2011). Miller appealed his 220-month sentence and release terms, but the judgment was affirmed by the appellate court.

Miller had pled guilty to the knowing transportation or shipment of child pornography. For sentencing purposes, the court found that he had possessed 495 images, engaged in sexually explicit chats with children, and requested child pornography exchanges via e-mail. The sentencing guidelines called for a range of 188 to 235 months in prison, and he was sentenced to 220 months. Before the Fifth Circuit, he argued that that sentence was unreasonable and was longer than necessary to satisfy the sentencing goals.

As part of his argument, he cited United States v. Dorvee (616 F.3d 174 (2d Cir. 2010)), a Second Circuit case that held Dorvee's sentence to be unreasonable because it would require more time in prison for distributing child pornography than for a person "actually engaged in sexual conduct with a minor." Addressing Dorvee, the Fifth Circuit held, "the Guidelines remain the Guidelines" and that "[i]t is for the Commission to alter or amend them."

Read More

New cybercrime textbook released

I would like to take a post to congratulate Professor Thomas K. Clancy on the publication of his new textbook, Cyber Crime and Digital Evidence: Materials and Cases, published by Lexis. Professor Clancy "test drove" his text in our Cybercrime class last fall, and my copy remains an excellent reference tool. Unfortunately, I've already maxed out on classes offered by him so this brown nosing does me no good.

Clancy is the director of the National Center for Justice and the Rule of Law (where he developed, among other projects, the Cyber Crime Initiative) and is a research professor at the University of Mississippi School of Law.

Read More

Va. court sanctions attorney for frivolous SCA claim

A Virginia circuit court recently denied a claim under the Stored Communications Act where plaintiff alleged an SCA violation regarding Facebook accounts where the information was publicly accessed. Womack v. Yeoman, 2011 Va. Cir. LEXIS 143.

The case concerned plaintiff's injuries sustained from a vehicle accident. The defense counsel used MySpace and Facebook to research the plaintiff and her family to learn more about the damages, looking over various postings. The plaintiff's counsel did not perform similar research but was assured the profiles were private (the court found this to be an unreasonably sufficient inquiry).

Plaintiff's counsel accused the defense of engaging in "unethical and illegal conduct by 'hacking' into" the accounts and that the act "violate[d] Plaintiff's and her families (sic) right to privacy under the [SCA]." The court found that all information obtained by the defense was publicly available and no violation of the SCA had occurred. Further, the defense was awarded attorneys' fees as sanctions for the claim.

But consider this: what settings are required to make something "private?" Here's a depiction of nearly every level to which access to one's Facebook information can be restricted:

To the left, you have the group of people that will be unavailable to access postings because they have neither Internet access or a Facebook account. Since both are required to access the majority of FB data, does this make it such an exclusive group that it is not public? Obviously not. But suppose the defense attorney was a "friend of a friend" of the plaintiff, and the settings then allowed him to obtain her postings. The plaintiff had not specifically approved the lawyer, but their relation gave him access. Or taking it to the extreme, is "private" only the information which the user shares with no one other than themselves? Possibly.

Read More

Tech Watch: New privacy add-ons and services

There are always new browser add-ons or other services being introduced to provide more privacy and security while online. Though I have never tried any of these (and also do not endorse them or guarantee how well they work), the concepts may be helpful for us to understand how they might be used.

• A service called BTGuard allows BitTorrent users to download files from the file sharing network with anonymity. The service "gives you a[n] anonymous IP address and encrypts your downloads" for $6.95 per month. Or, upgrade to a virtual private network (VPN) for $9.95 and have all of your Internet activity anonymized.
• Seedboxes have become popular in the P2P world because it provides great privacy to file sharers. All uploads and downloads are handled through an overseas server. Users may connect to the server through FTP or HTTP to find the files they set the server to download. One of the more popular services, ExtremeSeed, has services starting at $20 per month.
• Just to clarify, this means that instead of someone showing up in America as downloading illegal files, their files would show up in Luxembourg, for example. They would then enter an FTP site to download their files.
• Several browser extensions allow users to set certain domains or topics to automatically load in the browser's private browsing feature. Ghost Incognito for Chrome is preset to do this with all .xxx domains.

Have you heard of a notable extensions or privacy apps recently or do you have a question about how they work? Send an e-mail to .

Read More

Cal. court modifies probation conditions for CP possessor

A California appellate court modified conditions of probation in a child pornography case (People v. Kinley, 2011 Cal. App. Unpub. LEXIS 9410 (2011)). Kinley had taken his computer for repairs, and employees found a screen saver displaying child pornography.

• The requirement not to "reside near" parks, schools, etc. was modified to state "reside within 2,000 feet" because it was too vague. 
• A ban on possession of toys, stuffed animals, and games without permission from the probation officer was constitutional. "It is not unreasonable to require written approval from the probation department in the unusual event that this 60-year-old single, childless male can demonstrate a need to have children's clothing, a stuffed animal, or toy."
• A general requirement of disclosure of the conviction to romantic partners (and getting informed, written consent) was struck down, but such disclosure is required if they have "regular contact with minors."
• Requirement that Kinley "not use a computer that is connected to any computer or computer device capable of being connected to a computer" was deleted, but another term limiting computer use to education and employment was kept.

See a related post here.

Read More

Restitution under § 2259 awarded by NY District Court

Several recent court opinions have dealt with restitution damages under 18 U.S.C. § 2259, and you can find earlier postings on this blog regarding these cases here.

In United States v. Hagerman, 2011 U.S. Dist. LEXIS 141231 (N.D.N.Y. 2011), the court addressed these same issues in a lengthy opinion. Here's a brief (as brief as I could make it!) outline of the arguments:

• Evidentiary hearings are not necessary to determine restitution under § 2259.
• The victim of the child pornography was such because:
• The materials are a permanent record of the harm.
• The images are an invasion of the child's privacy.
• The child pornographer instigated an economic motive in the CP industry.
• The statute's use of semicolons (instead of commas) and applying "the rule of the last antecedent," there is no proximate cause requirement for the first five losses (lost income, attorneys' fees, medical care, etc.).
• Also, the statute is remedial in nature and doesn't have the goal of punishing the "defendant for harm that he proximately caused."
• Despite the lack of need for proximate cause, it existed. The losses were reasonably foreseeable, and the losses and the defendant's actions had a direct causal connection.
• There is no requirement that the defendant know the victim.
• The injuries stem "from the fact that she did not know who was downloading" the images.
• Such a requirement would make it extremely difficult to grant restitution.
• The requirement would violate the "spirit" of the law (as it would require testimony).
• There is no need to precisely quantify the amount of harm the defendant caused.
• All of the losses were due to the victim's revictimization.
• Mathematical precision is not required to show causation. Even if it must be quantified, it need only be reasonably quantified. In this case, that amount is .68% (146 defendants have been identified with this series).
• Restitution amounts
• Future counseling expenses of $108,975 are reasonable and established.
• Education and vocational counseling needs of $147,830 are reasonable and established.
• Lost wages and benefits of $722,511 are reasonable and established.
• Attorneys' fees of $203,140 and out-of-pocket expenses of $42,241.04 are reasonable and established.
• The total amount should be offset by losses already recovered.
• The defendant is jointly and severally liable for the restitution. The payments should be tracked to ensure that the victim is not awarded "double recovery."

The opinion included many more sections and arguments than I mentioned here. If you are just learning about restitution under this Section 2259, it's a good place to start. Thanks, Judge Suddaby, for this excellent opinion on the subject.

Read More

Sanctions may be ordered where employee reformatted drive to remove CP

In Océ North America v. MCS Servs., 2011 U.S. Dist. LEXIS 141209 (D. Md. 2011), the court held that an employee wiping a hard drive that contained child pornography was a violation of the company's discovery obligations.

Océ was involved in a lawsuit and was under a preservation order. The company had sent e-mails to every employee ordering them not to delete any information from their computers. One employee, however, used software to remove data from his computer. Océ argued that the employee's intent was to delete child pornography on the hard drive - as opposed to company data - and that removing data possibly subject to discovery was not done with a culpable state of mind required for sanctions.

The court found that the employee's negligent conduct would satisfy the culpability element of spoliation, subjecting Océ to possible sanctions.

Read More

ICANN to create additional top-level domains

A Senate committee has asked ICANN to slow the release of new top-level domains (TLDs). ICANN is a nonprofit organization that handles Internet domain name issues.

A top-level domain is the last part of a domain name, as shown here:

Many TLD's exist now - .com, .gov, .org, .edu, .biz, etc. In the past, these limits have forced some businesses to get less desirable domain names because their desired .com was already taken.

The organization has recently considered loosening restrictions on TLDs, which might open up many new options directed at specific business types (.hotel) or a specific city (.london). Another proposal would allow a company to purchase their own TLD at a cost of $185,000. Adding more TLDs allows a business to find more ways to distinguish itself. For example, if a San Francisco business named "Jim Bob's Burger Shack" wanted the .com, but it was already taken by a New York restaurant, it would be out of luck. But if San Fran got its own TLD, they could get jimbobsburgershack.sf.

One of the many problems with this has shown up with the new .xxx TLD, discussed here in a previous post. Many businesses and other institutions have feared that pornographic websites will show up at a domain related to them. For that reason, many universities have spent thousands of dollars reserving domain names like www.KUnurses.xxx or www.hoosiers.xxx. Click here for recent commentary on the .xxx TLD from Mashable and here for CNN commentary.

Despite these issues and the senators' pleas, the new policies may begin as early as January 2012.

Read More

Mass. court finds lack of probable cause in e-mail account with CP

The Appeals Court of Massachusetts struck down a search warrant for lack of probable cause in Commonwealth v. Finglas,  957 N.E.2d 1132  (2011).

Investigators had been contacted by America Online (AOL), reporting that the account of user "NATALY20" contained five images of child pornography. The images had been received from another e-mail account. NATALY20's account was tracked to the defendant. Law enforcement obtained a search warrant and executed it.

The problem, as the court noted, was that there was nothing to show that the images were sought by the defendant, but instead, may have been unsolicited. Further, there was no information to show whether the "images were accessed, viewed, and/or saved."

Read More

Cal. court reverses CP possession conviction

California courts have held that possession of multiple images of child pornography constitute only a single act of possession (People v. Hertzig, 156 Cal. App. 4th 398 (2007)). Also, the simultaneous possession of child pornography in multiple containers (hard drives, DVDs, etc.) in the same location is also only one act (People v. Manfredi, 169 Cal. App. 4th 622 (2008)).

In a recent case, People v. Sample, the defendant was convicted of two counts of possession of child pornography - one each for a laptop in his backpack, an external hard drive in his backpack, and a computer in his storage shed. Because the external hard drive was found in the same location as the laptop, it was not a separate act of possession. (200 Cal. App. 4th 1253 (2011)). Therefore, the appellate court reversed one of the two convictions under the statute.

Read More

SCA minimum damages only awarded with actual damage

An Illinois blogger was injured in a car accident, and while in the hospital, her employer obtained access to her personal Facebook and Twitter accounts and used them to promote the employer's website (she had a large personal following). When she became aware this was happening, she asked her employer to stop. They failed to do so, requiring her to change her passwords. In her lawsuit, she alleged (among other arguments) that her employer had violated the Stored Communications Act (SCA).

The evidence showed hat the employer did, in fact, access the accounts, accept multiple friend requests, and post 17 tweets. Therefore, the defendants "exceeded their authority in obtaining access" to the accounts under the statute. The question here is whether she is entitled to damages.

The SCA allows an award for "actual damages suffered by the plaintiff and any profits made by the violator as a result of the violation, but in no case shall a person entitled to recover receive less than the sum of $1,000." The court, however, found (as others have) that actual damages are required in order to get the minimum statutory damages. (The court was deciding motions for summary judgment; damages in this case will be examined in discovery.)

What do you think about this rule? It just seems strange to have a "privacy statute" that would allow unauthorized access of a Facebook, e-mail, or other account with only a remedy when actual damages exist. If someone only read all of the messages, a victim may get nothing, but if $1 worth of damage is done, they are awarded $1,000.

The case is Maremont v. Susan Fredman Design Group, Ltd., 2011 U.S. Dist. LEXIS 140446 (N.D. Ill. 2011).

Read More

Fourth Circuit examines image requirement for probable cause, subjective "obscenity"

In United States v. Wellman, the Fourth Circuit held that an image of child pornography was not required to show probable cause and that a requirement of "obscenity" is not subjective.  663 F.3d 224 (4th Cir. 2011).

West Virginia's ICAC identified an IP address using Gnutella that had shared five images determined to be child pornography according to their hash values. Police tracked the IP address to Wellman (who had also been convicted of sexual abuse of a child in 1987 and was not registered as a sex offender as required by law).

Wellman argued that the warrant was defective because it did not contain the alleged images or descriptions of them. The court declined to require that the search warrant include an image to be valid. "While the inclusion of such material certainly would aid in the probable cause determination, we do not impose a fixed requirement or a bright-line rule, because law enforcement officers legitimately may choose to include a variety of information when submitting a search warrant application."

The defendant also argued that the "minors engaged in sexually explicit conduct were obscene" requirement placed a subjective knowledge requirement on the word "obscene." The court readily struck this down, however.

RELATED CASE: The Fifth Circuit recently held that probable cause existed where the only pre-search evidence of child pornography was knowledge of "partially nude" images of children. From that, an investigator testified that "people who collect child pornography collect child erotica as well." United States v. Gove, 2011 U.S. App. LEXIS 24175 (5th Cir. 2011).

Read More

Yahoo! awarded over $600 million for CAN-SPAM violations

In Yahoo! Inc. v. Xyz Cos., 2011 U.S. Dist. LEXIS 139848 (S.D.N.Y. 2011), Yahoo! alleged that the defendant sent hoax emails using the Yahoo! name and mark notifying the individuals that they had won a lottery. In all, 11,660,790 emails were estimated to have been sent. A default judgement was entered for Yahoo! after a finding of violations of the CAN-SPAM Act and trademark counterfeiting, awarding damages of $610,039,500 plus attorneys' fees.

The CAN-SPAM Act, 15 U.S.C. § 7701. et seq. allows liability where an e-mail contains headings that are misleading, does not contain an unsubscribe feature, and is not clearly identified as an advertisement.

Yahoo! originally requested the statutory maximum of $100 per violation of CAN-SPAM ($100 per e-mail) and trebling because the act was willful for a total of approximately $3.5 billion. However, the court found $50 per violation sufficient and trebling unnecessary because of the large amount of the award.

Read More

Facebook download feature useful in ESI discovery

Though it came out about a year ago, I have just now used the "Download Your Information" feature to do just that with my account. It allows a user to download nearly all activity they have had since joining Facebook into a single ZIP file.

While it doesn't include what I have done on other's profiles and posts, everything that has ever been posted on my wall is there - all the way back to the first wall post on March 5, 2005 (Facebook was so much simpler back then!). It's all collected into a single HTML file along with all of the pictures that others and myself have posted. A separate page contains links to all of the pictures and videos I've uploaded to Facebook. A list of friends (alphabetical by first name) is included as well as another page that lists every message I have ever sent or received.

As you might imagine, this service could be very useful during discovery. In several cases, judges have ordered parties to share their Facebook password with the other side. Simply downloading your client's information and passing it along would be a much easier process and when done early, it would ensure preservation of the data. There is no guarantee, however, that this file will contain deleted data, which Facebook only keeps for 90 days. That information may need to be obtained via subpoena directly from Facebook.

To try it out for yourself, open Facebook, click the arrow in the upper-right corner, and select "Account Settings." Then click "download a copy" near the bottom of the page. Once you get the process started, you'll be able to return in a couple hours to download the file.

Read More

Plans to manually cancel CP downloads did not negate intentional distribution

The defendant in a recent Third Circuit case argued he should have been given a two-level sentencing enhancement, rather than a five-level, because he did not intentionally distribute child pornography. He admitted to configuring his file sharing program to share images of child pornography, but he claimed that he planned to "intervene and manually [] cancel each attempted upload." Unfortunately for him, at least one image was downloaded by another user.

This argument was rejected because he could have configured the program not to share the files or he could have just not opened the program. The case is United States v. Corbett, 453 Fed. Appx. 226 (3rd Cir. 2011).

Read More

Tech Watch: New USB drive has combination case and 256-bit encryption

There's a new USB flash drive that's soon to be on the market that has some features you've only seen in movies. Meet the Crypteks USB. It comes in an ultra-high-grade aluminum alloy combination lock case with 14,348,907 possible combinations. Once you get it open, it has 256-bit AES hardware encryption. And there's more - you also get to set the number of password wrong attempts before it reformats itself. It isn't out yet (probably later this month), but the price will be around $130.

Read More

Advocacy group releases child sex trafficking report

Shared Hope International released report cards yesterday for each state with regard it its attempts to eliminate demand for child sex trafficking and to identify and assist victims. Only four states received a "B" grade (there were no "A's", while 25 received an "F". Texas has the highest grade at 83.5, while Wyoming received the lowest at 29.5.

The rating is basted on six factors:

• Criminalization of domestic minor sex trafficking
• Criminal provisions addressing demand
• Criminal provisions for traffickers
• Criminal provisions for Facilitators
• Protective provisions for child victims
• Criminal justice tools for investigation and prosecution

Each report card summarizes the laws of the state in these various categories and suggests what the state must do to improve its fight against sex trafficking.

The National Association of Attorneys General's (NAAG) presidential initiative under Washington Attorney General Rob McKenna is focused on human trafficking. More information about their "Pillars of Hope" program can be found here. Shared Hope International will discuss their findings with NAAG at its November meeting.

Read More

10th Circuit affirms conviction in Craigslist scam

The Tenth Circuit has affirmed a conviction of wire fraud and identity theft and various sentencing enhancements. The defendant, an Oklahoma citizen, had posted multiple ads on Craigslist soliciting people with a great deal of debt. He told them that if they paid him half the amount, the rest would be taken care of through a debt-assistance program. Once someone contacted them, the defendant used stolen credit cards and bank account numbers to pay the bills. When the payments were discovered to be fraudulent and were reversed, the victims contacted the defendant, whose number (a prepaid cell phone) had been disconnected.

While the defendant was not the one who posted all of the ads, others used his alias in relation to the act, supporting the aiding and abetting charge. Another ad was posted from a local library, but it was reasonably attributable to the defendant. The court also upheld the identity theft charge, finding that although the defendant did not actually steal the information, he knowingly used it to make payments.

Sentencing enhancements were also made for being the leader or organizer of the act and obstruction of justice.

The case is United States v. Lawrence, 449 Fed. Appx. 713 (9th Cir. 2011) (affirming United States v. Lawrence, 2010 WL 1875647 (W.D. Okla. 2010).

Craigslist is an online, classified advertising website. Typically, ads can be placed for free without creating an account - users simply provide contact information for those interested. Job posts, apartment rentals, and therapeutic services may have posting fees depending on location. The website has before run into several legal issues including alleged sex trafficking and prostitution. As a result, Craigslist closed its erotic services board in September 2010.

Read More

Washington court reverses sexual exploitation of minor conviction

The Washington Court of Appeals recently reversed a sexual exploitation of a minor conviction because the defendant only asked a child to send a nude photograph, but the child never took or sent the picture. Throughout the e-mail exchange, the defendant repeatedly asked the child to send nude pictures, but she refused to do so.

The statute makes it a crime if a person “[a]ids, invites, employs, authorizes, or causes a minor to engage in sexually explicit conduct, knowing that such conduct will be photographed or part of a live performance.” The court distinguished the statutory text of "will be" from the alternate "could be," finding that simply asking a child to take and send nude images was not illegal under this statute.

Stribling was also convicted of attempted possession of depictions of a minor engaged in sexually explicit conduct conviction and six counts of felony communication with a minor for immoral purposes.

The case is State v. Stribling, 267 P.3d 403 (Wash. Ct. App. 2011).

Read More

Cal. cybercrime investigator's e-mails exposed

Last week, hacker group Anonymous published the private e-mails, home address, and telephone number of the special agent supervisor for computer crime investigations in California's Department of Justice. They also accessed his voicemail, text messages, and Google Voice account.

Posts from the International Association of Computer Investigative Specialists's private discussion list were included in the 38,000 e-mails.

The release is a part of Operation Antisec, a joint effort between Anonymous and LulzSec, in response to investigations concerning Occupy Wall Street and general censorship of the Internet.

Shortly after the release, the group wrote, "You want to keep mass arresting and brutalizing the 99%? We'll have to keep owning your boxes and torrenting your mail spools, plastering your personal information all over teh internets [sic]."

Antisec also released a video, detailing their mission (note: contains some explicit language).

Read More

Defendant may have had authority to access electronic storage

In Shefts v. Petrakis, 2011 U.S. Dist. LEXIS 136538 (C.D. Ill. 2011), a court denied summary judgment where a business partner accessed an employee's e-mail in violation of the SCA because he may have had authority to do so.

The plaintiff and defendant were two of four partners in a business. After hearing various reports of wrongdoing by the plaintiff (including sexual harassment of employees), the defendant asked their computer technician to have a copy of plaintiff's e-mail account copied to his laptop. The plaintiff argues that this was a violation of the SCA.

The court first finds that this was "access" under the SCA when the copy was made - it was irrelevant whether the defendant actually opened or read any of the e-mails. And although he did not personally "access" the account, he caused it to be accessed.

Whether he had accessed communications in "electronic storage" was the second issue addressed. The defendant cited the district court opinion in Fraser (135 F.Supp.2d 623 (E.D. Pa. 2001)), arguing that the e-mails were in post-transmission storage, but the court rejected it under Theofel's reasoning (Theofel v. Farey-Jones, 359 F.3d 1066 (9th Cir. 2004)).

Ultimately, the case comes down to authority. Since the e-mails were stored on a company server, the rules are slightly different. They had no policy on the matter, so each side argues that favors them. The board had not given the defendant any express authorization to access others' emails, though the court argues that firing the plaintiff may have been after-the-fact consent depending on what the board knew. The defendant also claims that the plaintiff knew he was accessing the account, and his continued use was consent. Because of this disputed issue, summary judgment was denied.

Read More

Facebook, FTC settle on privacy concerns

An agreement was reached today between Facebook and the Federal Trade Commission (FTC) regarding concerns about Facebook users' privacy. The settlement requires Facebook to develop a comprehensive privacy program and have outside audits conducted for the next 20 years.

The FTC complaint alleged that Facebook shared users' personal information with third parties and advertisers without their knowledge or consent, changed privacy policies without informing users, continued sharing data after users deactivated or deleted their accounts, and did not properly verify the security of apps.

Facebook will now be required to get users' permission before making changes to the way it shares information. They are also required to prevent access to a user's data no more than 30 days after their account is deleted. Violations of the agreement results in a fine of $16,000 per violation per day.

Many have criticized the deal. Noting that Facebook has "two former members of the Federal Trade Commission on payroll," Gawker declared, "This settlement makes a mockery of the idea of holding corporations accountable for their actions."

CEO Mark Zuckerberg addressed the settlement in a blog post. Facebook currently has over 800 million users.

Read More

SCOTUS denies cert in case on CP victim restitution

The Supreme Court yesterday denied certiorari in Amy, the Victim in the Misty Child Pornography Series v. Monzel, 181 L. Ed. 2d 508 (2011) (an appeal from United States v. Monzel, 641 F.3d 528 (2011)) which could have resolved a circuit split regarding child pornography victim restitution.

In April, the DC Circuit denied that "Amy", a victim of child pornography that has been spread around the globe, was entitled to no more than nominal damages under Section 2259 and the CVRA.

The issue is whether defendants must pay only nominal damages or full restitution when they did not actually know the victim, but simply possessed images of them (and therefore were not the proximate cause of the victim's damages). The Second, Ninth, Tenth, Eleventh, and DC Circuits have each held that the defendant must be the proximate cause of the damages in order to be forced to pay restitution. The Fifth Circuit, however, has held otherwise.

Though most side with the circuit court plurality, several lower courts have awarded restitution to Amy in amounts up to $3,680,153 (U.S. v. Staples, 2009 WL 2827204 (S.D. Fla. 2009)).

In her impact statement, Amy wrote, "I am being exploited and used every day and every night somewhere in the world by someone. How can I ever get over this when the crime that is happening to me will never end? How can I get over this when the shameful abuse I suffered is out there forever and being enjoyed by sick people?” More than 700 claims of restitution have been filed on Amy's behalf, each seeking more than $3 million.

See other posts about restitution here.

Read More

Wired.com explains how Big Brother is watching you

Wired.com recently published an article titled "9 Reasons Wired Readers Should Wear Tinfoil Hats" which hypothesized the many ways in which the government tracks us electronically. The post explains how the government [probably] uses wiretapping, tracking devices, border search, fake cell phone towers, government malware, and more. Some of it is simply written to entertain conspiracy theorists, but it is interesting to ponder nonetheless.

It's a little more hypothetical than I'd usually post, but the best part of the article is the graphic (at right) showing how long cell phone companies keep text messages, call records, and Internet activity.

Just last week, confidential guidelines were released detailing how long Facebook, Microsoft, and AOL keep IP logs and data.

RELATED NEWS: NPR released a story detailing how LAPD has a new computer program that predicts the location of future crimes based on past crime patterns. "[C]rime, especially property crime, happens in predictable waves."

Read More

6th Circuit vacates pornography ban as condition of release

This summary is not available. Please click here to view the post.

Read More

Military court finds Facebook messages authenticated

The United States Air Force Court of Criminal Appeals held in United States v. Grant, 2011 CCA LEXIS 217 (A.F. Ct. Crim. App. 2011) that Facebook correspondence admitted into evidence in a court-martial proceeding were properly authenticated by testimony from the recipient. As I discussed here, authenticating messages from Facebook can be a tricky process.

The court listed several reasons for its decision:

• Messages contained the defendant's name and profile picture
• A witness testified that:
• She had just met the defendant when he requested her to be his friend
• He gave her his cell phone number, and they used it to text message each other
• She and the defendant made plans over Facebook messaging

While the appellate court used the testimony to authenticate the messages, usually this is done with the evidence itself. It contained unique information (Commonwealth v. Purdy, 945 N.E.2d 372 (Mass. 2011)), and the continued conversations through the defendant's cell phone and making plans properly connected the defendant to the Facebook conversation (Commonwealth v. Amaral, 78 Mass. App. Ct. 671 (2011)).

RELATED CASE: In State v. Mosley, 2011 Wash. App. LEXIS 2644 (2011), the court upheld authentication of photos that were printed from MySpace because an officer recognized the people in the picture. Some courts have not been so trusting, such as People v. Lenihan, 911 N.Y.S.2d 588 (2010) which declined to do so because of the ability to "photoshop" images.

Read More

Company alleges SCA, Wiretap, and CFAA claims against former VP

In Exec. Sec. Mgmt. v. Dahl, 2011 U.S. Dist. LEXIS 132538 (C.D. Cal. 2011), The APEX Group (an event security firm) alleges that former employees (one was a VP and board member) made misrepresentations that caused them to lose a contract with the PGA. The ten claims include violations of the SCA, Wiretap Act, and the CFAA. The defendants moved for summary judgment.

The SCA claim is the most interesting. Apex argues two violations - unauthorized access to e-mail and deletion of information on Apex laptops. The latter argument was struck down because defendants had not "accessed a facility," among other issues. However, defendants argue that they were administrators of the Apex e-mail accounts. The issue at hand is whether they, as administrators "with authorization to access the facility, ... accesse[d] unauthorized information." Thus, summary judgment was denied on the e-mail issue.

The Wiretap Act claim appears to be based on defendants setting up their cell phones to download e-mails from accounts not their own through a POP3 account. The court denied this to be "interception" under the statute because the e-mails were not "halt[ed]"; they simply read "emails not intended for their eyes."

With the CFAA claim, Apex argues that defendants used an "erasure program" to delete information from company computers. To satisfy the mandatory $5,000 damage requirement, they argue that this violation ultimately caused the PGA to terminate its relationship with Apex at a cost of over $118,000. As noted here, CFAA damages can be hard to demonstrate, but the court decided to send both arguments to the jury.

This case has nothing extremely profound in it (though the VP being the e-mail administrator presents an interesting question). But if you are interested in learning the basics of these three statutes, Judge Snyder does an excellent job of explaining how these claims work.

Read More

Court finds cell site location data to be protected by Fourth Amendment

A federal district court held that cell site location data obtained without a search warrant to be unconstitutional, bringing the number of such holdings to more than a dozen, according to the Wall Street Journal.

In a one page opinion, Judge Lynn Hughes (S.D. Tex.) ruled that "[w]hen the government requests records from cellular services, data disclosing the location of the telephone at the time of particular calls may be acquired only by a warrant issued on probable cause."

The government had argued that the location data was a business record, and thus does not fall within the protections of the Fourth Amendment.

Such records are theoretically obtainable under the Stored Communications Act (SCA) without a warrant as are call records, text messages, subscriber information, etc., but because cell site location data may allow the government to track a person's every movement, some courts require a higher standard.

The great showdown for the government's ability to track without a search warrant will come when the Supreme Court releases its decision in United States v. Jones, heard last week by the high court concerning the government's ability to place a GPS device on a vehicle and track its movements without probable cause.

Read More

Defendant wins on restriction not to live near school in CP possession case

The defendant in United States v. Schweizer, 2011 U.S. Dist. LEXIS 132065 (D. Nev. 2011) challenged the sentencing requirement that forbade him from living within 200 yards of a school, park, or other location children may congregate after being convicted of possession of child pornography. The defendant and his wife have lived near a middle school for nearly twenty years, and this requirement would require them to sell their home.

The court modified the requirement to exempt their current home. As justification, the court noted that he is 62 (and will be 65 by the time of release from prison), has documented health problems, and will face a lifetime term of supervised release. They also acknowledged that the real estate market in Nevada is bad, and the requirement would have great economic consequences for the defendant and his wife.

RELATED CASE: In a California CP possession case, the defendant was required to "inform all persons with whom he/she has a significant relationship about his/her criminal history." An appellate court found this to be vague and struck it from the probation requirements. People v. Ebersold, 2011 Cal. App. Unpub. LEXIS 8761 (Cal. Ct. App. 2011).

Read More

FTC settles with website violating COPPA

The Federal Trade Commission recently settled a case with www.skidekids.com, a website promoted as a "Facebook and Myspace for kids," after the website illegally collected information from thousands of children in violation of the Children's Online Privacy Protection Act (COPPA), 15 U.S.C. § 6501. Skid-e-kids targets children ages 7-14 and seeks to create a Facebook-type environment that is child-friendly.

The settlement requires the company to destroy all data collected in violation of COPPA and pay a fine of $100,000 (with all but $1,000 suspended under the terms of the settlement), among other agreements.

COPPA forbids websites from collecting personal information from children under the age of 13 without the consent of a parent. Websites have struggled to comply with the law as children often falsify information on websites that do not allow users under that age (such as Facebook). Skid-e-kids now requires parents to register first using their Facebook account which will then let them register their children on the site and monitor their child's activity.

RELATED NEWS: The FTC recently proposed rule changes for COPPA and is seeking comments through the end of the month.

Read More

International Cybercrime Roundup

Here's a look at recent news in the cybercrime field from other countries:

• CANADA - The case of a convicted child pornographer who possessed 4.5 million images (the largest ever in Canada) has set the sentencing "benchmark ... at the maximum." How long exactly? Five years.
• CHINA - A website hosting illegal copies of Windows operating systems was recently shutdown. Over 4,000 copies were downloaded in 2011 alone.
• SERBIA - Police broke up a child pornography ring of more than 80 people in an operation known as Armagedon.
• UNITED KINGDOM - Northern Ireland schools participate in week of cyberbullying awareness.

Read More

WiFi hotspots to increase 350% by 2015

The Wireless Broadband Alliance (WBA) released a study projecting WiFi hotspots to increase by 350% to a total of 5.8 million by 2015. The increased use of data by smartphones is the predominant reason for the expansion as use of smartphones continues to increase. Already in the United States, smartphones outnumber laptops on WiFi hotspots.

The WBA membership includes Comcast, Time Warner, Google, AT&T, Cisco, Intel and other leading technology companies. The full report is available here.

Read More

'Seize-it-all-and-sort-it-out-later warrant' struck down by court

In United States v. Schesso, 2011 U.S. Dist. LEXIS 129993 (W.D. Wash. 2011), a search warrant was struck down for being too broad after applying CDT III.

German authorities discovered an IP address in the U.S. sharing child pornography in October 2008, and a search warrant was obtained in June 2010. The application sought "broad authorization to seize and examine every sort of computer storage device." Applying Ninth Circuit precdent in U.S. v. Comprehensive Drug Testing, Inc., 621 F.3d 1162 (9th Cir. 2010) (referred to as CDT III), the court found that the general search in the case was not justified by the application. "To rule to the contrary would be to say that if any person ever had a child pornography file or made such a file available to download on a peer-to-peer network, that person is subject to a general search of all of that person's computer-related equipment without reference to the particular crime or crimes that are known to law enforcement."

Let's look at the errors made as determined by the court:

• Waiting 20 months
• Lack of information connecting generic child pornographers to the defendant
• Lack of information showing that the named storage devices sought are those typically used with peer-to-peer file sharing
• Not naming specific crimes (though they did cite violations of two statutes)

The court also found a lack of good faith and required exclusion of the evidence (six images of the defendant's prepubescent niece and over 3,400 other images of child pornography).

Read More

2703(d) order challenged in Wikileaks investigation

Information related to three Twitter accounts was recently obtained by the government by a 2703(d) order in an investigation related to Wikileaks. The account holders made many claims including: (1) they had a § 2704 right to challenge the order, (2) the release of IP address information violated their Fourth Amendment rights, (3) the order violated their due process rights, and (4) the order violated their First Amendment rights. Finding no violation of § 2704 or any constitutional arguments, the court upheld the order. There is not really anything profound in the case, but the parties were represented by the Electronic Frontier Foundation (EFF) and the American Civil Liberties Union (ACLU) and presented some interesting arguments.

For those of you not very familiar with the section (like myself before reading this case), under 18 USCS § 2704 details how a user can challenge a subpoena or 2703(d) order under the SCA. It's actually very simple - when the user gets notice, they can challenge it. But the problem presented in this case is that notice is often delayed under § 2705 for fear of destruction of evidence and other considerations. The question raised is whether one should always have the right to challenge before execution of the order. As the court held - and understandably - the answer must be no. Otherwise, the delayed notice provision would be invalidated.

The Twitter users also argue that by revealing their IP addresses to the government, they are giving away their location, making a Karo tracking beeper analogy. The court strikes this argument down because disclosure of phone numbers may give away one's location and does not violate the Fourth Amendment and regardless of tracking abilities, the data was obtained by a non-governmental entity. Plus, there's the third party doctrine (which the court discusses in great detail).

They also argue a right to challenge under due process because "the SCA threatens the rights of any subscriber who cannot oppose an order because the individual does not know about it." However, the court finds that judicial review of the order satisfies due process rights.

Finally, the First Amendment claim argued that the order "has chilled [the users'] rights of association and speech." Despite good arguments, the claim didn't hold up because content wasn't requested in the order, and even if it was, the content was accessible by the public.

The case is In re United States, 2011 U.S. Dist. LEXIS 130171 (E.D. Va. 2011).

Read More

Court awards nominal restitution under § 2259

In United States v. Aumais, 656 F.3d 147 (2d Cir. 2011), the Second Circuit reversed restitution in a child pornography possession case. Aumais had no connection to the victim, "Amy", in the pornography nor did she know of his existence. Amy's impact statement made no mention of Aumais and was written before he was arrested. The court held that "where the Victim Impact Statement and the psychological evaluation were drafted before the defendant was even arrested--or might as well have been-- ... the victim's loss was not proximately caused by a defendant's possession."

The same photos arose in a recent Ohio case, United States v. Klein, 2011 U.S. Dist. LEXIS 129761 (S.D. Ohio 2011). Like in Aumais, the 2008 Victim Impact Statement was presented although Klein was arrested in 2010. Here, the government argued that these "images are being found almost on a daily basis and it would be unreasonable for the victims to have to update their request for restitution daily." While the court reasoned that there was no probable cause to show calculable damages caused by Klein, the court awarded $5,000 in nominal damages which "are designed to vindicate legal rights 'without proof of actual injury.'"

The Klein court is not alone in finding that 18 U.S.C. § 2259 requires a nominal damage award were proximate cause does not exist. See United States v. Church, 701 F.Supp.2d 814 (W.D. Va. 2010). Read Aumais to better understand the § 2259 circuit split on whether proximate cause is required or whether general causation is allowed in issuing restitution.

Read More