Cal. cybercrime investigator's e-mails exposed

Last week, hacker group Anonymous published the private e-mails, home address, and telephone number of the special agent supervisor for computer crime investigations in California's Department of Justice. They also accessed his voicemail, text messages, and Google Voice account. Posts from the International Association of Computer Investigative Specialists's private discussion list were included in the 38,000 e-mails. The release is...

Read More

Defendant may have had authority to access electronic storage

In Shefts v. Petrakis, 2011 U.S. Dist. LEXIS 136538 (C.D. Ill. 2011), a court denied summary judgment where a business partner accessed an employee's e-mail in violation of the SCA because he may have had authority to do so. The plaintiff and defendant were two of four partners in a business. After hearing various reports of wrongdoing by the plaintiff (including sexual harassment of employees), the defendant asked their computer technician to have a copy of plaintiff's e-mail account copied to his laptop. The plaintiff argues that this was...

Read More

Facebook, FTC settle on privacy concerns

An agreement was reached today between Facebook and the Federal Trade Commission (FTC) regarding concerns about Facebook users' privacy. The settlement requires Facebook to develop a comprehensive privacy program and have outside audits conducted for the next 20 years. The FTC complaint alleged that Facebook shared users' personal information with third parties and advertisers without their knowledge or consent, changed privacy policies without...

Read More

SCOTUS denies cert in case on CP victim restitution

The Supreme Court yesterday denied certiorari in Amy, the Victim in the Misty Child Pornography Series v. Monzel, 181 L. Ed. 2d 508 (2011) (an appeal from United States v. Monzel, 641 F.3d 528 (2011)) which could have resolved a circuit split regarding child pornography victim restitution. In April, the DC Circuit denied that "Amy", a victim of child pornography that has been spread around the globe, was entitled to no more than nominal damages under Section 2259 and the CVRA. The issue is whether defendants must pay only nominal...

Read More

Wired.com explains how Big Brother is watching you

Wired.com recently published an article titled "9 Reasons Wired Readers Should Wear Tinfoil Hats" which hypothesized the many ways in which the government tracks us electronically. The post explains how the government [probably] uses wiretapping, tracking devices, border search, fake cell phone towers, government malware, and more. Some of it is simply written to entertain conspiracy theorists, but it is interesting to ponder nonetheless. It's...

Read More

6th Circuit vacates pornography ban as condition of release

This summary is not available. Please click here to view the po...

Read More

Military court finds Facebook messages authenticated

The United States Air Force Court of Criminal Appeals held in United States v. Grant, 2011 CCA LEXIS 217 (A.F. Ct. Crim. App. 2011) that Facebook correspondence admitted into evidence in a court-martial proceeding were properly authenticated by testimony from the recipient. As I discussed here, authenticating messages from Facebook can be a tricky process. The court listed several reasons for its decision: Messages contained the defendant's name and profile picture A witness testified that: She had just met the defendant when he requested her...

Read More

Company alleges SCA, Wiretap, and CFAA claims against former VP

In Exec. Sec. Mgmt. v. Dahl, 2011 U.S. Dist. LEXIS 132538 (C.D. Cal. 2011), The APEX Group (an event security firm) alleges that former employees (one was a VP and board member) made misrepresentations that caused them to lose a contract with the PGA. The ten claims include violations of the SCA, Wiretap Act, and the CFAA. The defendants moved for summary judgment. The SCA claim is the most interesting. Apex argues two violations - unauthorized access to e-mail and deletion of information on Apex laptops. The latter argument was struck...

Read More

Court finds cell site location data to be protected by Fourth Amendment

A federal district court held that cell site location data obtained without a search warrant to be unconstitutional, bringing the number of such holdings to more than a dozen, according to the Wall Street Journal. In a one page opinion, Judge Lynn Hughes (S.D. Tex.) ruled that "[w]hen the government requests records from cellular services, data disclosing the location of the telephone at the time of particular calls may be acquired only by a warrant issued on probable cause." The government had argued that the location data was a business...

Read More

Defendant wins on restriction not to live near school in CP possession case

The defendant in United States v. Schweizer, 2011 U.S. Dist. LEXIS 132065 (D. Nev. 2011) challenged the sentencing requirement that forbade him from living within 200 yards of a school, park, or other location children may congregate after being convicted of possession of child pornography. The defendant and his wife have lived near a middle school for nearly twenty years, and this requirement would require them to sell their home. The court modified the requirement to exempt their current home. As justification, the court noted that he is 62...

Read More

FTC settles with website violating COPPA

The Federal Trade Commission recently settled a case with www.skidekids.com, a website promoted as a "Facebook and Myspace for kids," after the website illegally collected information from thousands of children in violation of the Children's Online Privacy Protection Act (COPPA), 15 U.S.C. § 6501. Skid-e-kids targets children ages 7-14 and seeks to create a Facebook-type environment that is child-friendly. The settlement requires...

Read More

International Cybercrime Roundup

Here's a look at recent news in the cybercrime field from other countries: CANADA - The case of a convicted child pornographer who possessed 4.5 million images (the largest ever in Canada) has set the sentencing "benchmark ... at the maximum." How long exactly? Five years. CHINA - A website hosting illegal copies of Windows operating systems was recently shutdown. Over 4,000 copies were downloaded in 2011 alone. SERBIA - Police broke up a child...

Read More

WiFi hotspots to increase 350% by 2015

The Wireless Broadband Alliance (WBA) released a study projecting WiFi hotspots to increase by 350% to a total of 5.8 million by 2015. The increased use of data by smartphones is the predominant reason for the expansion as use of smartphones continues to increase. Already in the United States, smartphones outnumber laptops on WiFi hotspots. The WBA membership includes Comcast, Time Warner, Google, AT&T, Cisco, Intel and other leading technology companies. The full report is available he...

Read More

'Seize-it-all-and-sort-it-out-later warrant' struck down by court

In United States v. Schesso, 2011 U.S. Dist. LEXIS 129993 (W.D. Wash. 2011), a search warrant was struck down for being too broad after applying CDT III. German authorities discovered an IP address in the U.S. sharing child pornography in October 2008, and a search warrant was obtained in June 2010. The application sought "broad authorization to seize and examine every sort of computer storage device." Applying Ninth Circuit precdent in U.S. v. Comprehensive Drug Testing, Inc., 621 F.3d 1162 (9th Cir. 2010) (referred to as CDT III),...

Read More

2703(d) order challenged in Wikileaks investigation

Information related to three Twitter accounts was recently obtained by the government by a 2703(d) order in an investigation related to Wikileaks. The account holders made many claims including: (1) they had a § 2704 right to challenge the order, (2) the release of IP address information violated their Fourth Amendment rights, (3) the order violated their due process rights, and (4) the order violated their First Amendment rights. Finding no violation of § 2704 or any constitutional arguments, the court upheld the order....

Read More

Court awards nominal restitution under § 2259

In United States v. Aumais, 656 F.3d 147 (2d Cir. 2011), the Second Circuit reversed restitution in a child pornography possession case. Aumais had no connection to the victim, "Amy", in the pornography nor did she know of his existence. Amy's impact statement made no mention of Aumais and was written before he was arrested. The court held that "where the Victim Impact Statement and the psychological evaluation were drafted before the defendant was even arrested--or might as well have been-- ... the victim's loss was not proximately caused...

Read More

Pew Internet report outlines teen SNS usage, cyberbullying activity

A Pew Internet study released today on teen usage of social networking sites (SNS) addresses online behavior and privacy and security concerns. Highlights among the study include: 25% of teens have had an experience on an SNS site that resulted in a face to face argument or confrontation with someone Nearly 70% witness cruelty to others online at least "every once in a while" Teens from lower-income households are much less likely to witness...

Read More

Warrant in CP case may have violated Fourth Amendment

Imagine this set of facts: Law enforcement receives a tip of a website containing child pornography. Yahoo e-mail account qek9pj8z9ec@yahoo.com is the suspect, and the IP address used to create the account is provided. Detectives connect the account with Nicole Chism living in Washington (but the account registration says she lives in Chile). Her credit card was used to pay for hosting of the website. The IP addresses used to create and access the account were tracked to two other people - both living in Washington, but hundreds of miles from...

Read More

Divorce, Spyware, and Wiretaps, oh my!

Well, it happened again. A Tennessee woman used "spyware" to investigate her husband's online activities. The court says that it allowed her "to intercept his incoming and outgoing e-mail and to monitor his activities on the internet" and ultimately denied wife's 12(b)(6) and summary judgment motions on the issue of a Wiretap Act violation. The short opinion released by the court in Klumb v. Goan, 2011 U.S. Dist. LEXIS 127880 (E.D. Tenn. 2011), leaves much to be desired with regard to the facts of the case. However, based on what the court says,...

Read More

Tech Watch: Introduction to Tumblr

Blogging has been around since the late 90's, but a new form, microblogging, is quickly taking hold of the Internet world. Rather than long-winded posts (not too much unlike my own), microbloggers post small bits of information - maybe a quote, picture, video, or link. Because of the ease in microblogging, a picture can spread to millions of people in a matter of seconds. Tumblr, the most popular microblogging service, hosts over 33...

Read More

Anonymous posts 190 IP addresses from child pornographers

This map shows the locations of those "caught" by Anonymous. Anonymous, famous for their online protests and "hacktivism" has just released 190 IP addresses of child pornographers. The operation, called "Operation Paw Printing", was based around a Tor update released last week, and they knew that Tor users would want to immediately update their software. The group edited the code to allow them to track a user's online activity for 24 hours and...

Read More

International Cybercrime Roundup

Here's a look at recent news in the cybercrime field from other countries. UNITED KINGDOM - A British court has ruled that the country's largest broadband Internet provider must block a website that allows visitors to download copyrighted material. CANADA - Peer-to-peer networks accessible only to university students at various Canadian schools has recently come to the government's attention. NEW ZEALAND - Three strikes copyright violation law...

Read More

.XXX TLD sunrise period closes with 80,000 applications

The .XXX TLD went into effect April 15, 2011. The newly approved .xxx top level domain's sunrise period ended yesterday, October 31, with over 80,000 applications for domain names, according to a press release by the ICM Registry. The sunrise period was set to allow trademark and brand holders to purchase their corresponding names before sales go public on December 6, 2011. Initially, the sunrise period was set to end October 28, but the sale...

Read More