Lawyering tip: Don't post pictures of your client's underwear on your social networking pages

The Miami Herald reports that a Miami judge declared a mistrial in a murder case after the public defender posted a picture of the defendant's leopard print underwear on her Facebook page. While the defendant's clothes for trial were being inspected by law enforcement, his attorney took a picture. She later posted the image on Facebook, suggesting that the garment (chosen by the defendant's family) was not "proper attire for trial." The image could only be viewed by the attorney's friends, but one of them reported it to the judge. The defendant...

Read More

FTC settles with rent-to-own retailers over tracking buyers' locations and collecting keystrokes

Several retailers settled yesterday with the Federal Trade Commission on allegations of "capturing screenshots of confidential and personal information, logging their computer keystrokes, and in some cases taking webcam pictures of people in their homes." The companies allowed buyers to rent-to-own the computers, and the software may have collected information on as many as 420,000 customers. The software installed on the computers allowed...

Read More

IEEE information disclosure disaster - if you thought LinkedIn was bad...

Update: Not unexpectedly (always assume a breach occurred - my liar to truth ratio on these subjects hovers around 1:90, respectively) ieee.org has confirmed the breach, per ZDNET - see here: IEEE admits password leak, says problem fixed. A Russian computer programmer claims to have had access to logs from the IEEE ftp server, logins and passwords, and additional information. If the claim is true, this incident raises the bar on institutional negligence. See more information about the story, here. The users of the site are quite unique (and...

Read More

Minnesota court affirms CP conviction over argument the crimes were presented as strict liability crimes, reverses possession charges as lesser-included offenses

In State v. McCauley, No. A11-0606 (Minn. Ct. App. 2012), the Minnesota Court of Appeals reversed two convictions for possession of child pornography because they were lesser-included offenses of dissemination convictions. However, the court affirmed otherwise over an argument that the crimes were erroneously presented as strict liability crimes to the jury. After observing that a Limewire user had downloaded what appeared to be child pornography, a local police officer obtained a search warrant to search the defendant's home. During the...

Read More

Article discusses pedophilia studies, societal response

For those of you who work in the cybercrime field, you are likely forced to deal with that one type of case that everyone hates to mention - crimes against children such as child pornography or exploitation. I have often told people that I study cybercrime, and they immediately ask what exactly that entails. It's easy to give a spiel listing crimes like identity theft and hacking, but mentioning child pornography is much too taboo for small talk. I often never mention it or it comes out in a whisper - despite it being a large part of our discussions...

Read More

Arizona appeals court holds no expectation of privacy violation for GPS surveillance, dissent argues otherwise

In State v. Estrella, No. 2 CA-CR 2011-0076 (Ariz. Ct. App 2012), the Arizona Court of Appeals held that the use of a GPS device on a vehicle without a warrant does not violate an individual's reasonable expectation of privacy. The defendant was convicted of multiple drug crimes, and on appeal, he argued that the convictions should be reversed because of the warrantless use of a GPS device on a vehicle driven by him. The van was owned by his employer, and the device was placed on it while in a public parking lot. His motion to suppress...

Read More

District court finds no duty owed to copyright holders for unsecured wireless network owners

In AF Holdings, LLC v. Doe, No. C 12-2049 (N.D. Cal. 2012), the court held that a person owes no duty in securing their wireless network to a copyright holder whose works are illegally downloaded over the network.AF Holdings claimed that Doe illegally downloaded their copyrighted video using an unsecured wireless network belong to Hatfield, Doe's co-defendant. Because Hatfield failed to secure his wireless network, AF Holdings sued him for negligence, arguing he "had a 'duty to secure his Internet connection,' and that he 'breached that duty...

Read More

Louisiana appeals court finds expectation of privacy for text messages

In State v. Bone, No. 12-KA-34 (La. Ct. App. 2012), the Louisiana Court of Appeal held that where a person is the "exclusive user of a cell phone," they are entitled to a reasonable expectation of privacy in text messages sent and received from the phone. However, the mistake in denying evidence suppression was harmless error, and the conviction was affirmed. The defendant was a suspect in a murder case, and law enforcement obtained a subpoena duces tecum to receive a printout of text messages he had sent and received from his phone. Several of...

Read More

District court okays pre-Jones GPS use despite lack of binding precedent

In United States v. Oladosu, No. 10-056-01 S. (D.R.I. 2012), the Rhode Island federal district court held that pre-Jones use of a GPS device to track the defendant is saved by the Davis good faith rule despite a lack of binding precedent in the jurisdiction. State police had installed a GPS device on the defendant's car and did not obtain a warrant prior to doing so. When asked why, the detective responded: I'm not aware of any rules, regulations or laws that require us to obtain a search warrant prior to applying this GPS device....

Read More

Student's suit for forced Facebook disclosure survives motion to dismiss; court finds reasonable expectation of privacy in Facebook messages

In R.S. v. Minnewaska Area Sch. Dist. No. 2149, 2012 U.S. Dist. LEXIS 126257 (D. Minn., Sept. 6, 2012), a federal district court refused to dismiss the case of a 12-year-old against a Minnesota school district for allegedly punishing her for statements made on her Facebook wall and forcing her to disclose her Facebook password to search through her profile.  The case involves multiple causes of action, most of which survived the motion to dismiss, including the First and Fourth Amendment claims. A summation of the facts can be found...

Read More

GoDaddy gets torpedoed - Anonymous claims responsibility

GoDaddy's website and sites that it hosts have gone down as the result of an alleged attack by Anonymous. It's a pretty significant Denial of Service (DOS) attack and this incident is surely going to result in an FBI investigation - remember what happened after the Paypal DOS - Feds Arrest 14 ‘Anonymous’ Suspects Over PayPal Attack, Raid Dozens More. Hopefully, if they do find, arrest, and prosecute the offenders, they will do a better job of handling the evidence than they did in the Paypal case - see my post about that here: In Paypal...

Read More

Rhode Island court finds expectation of privacy in text messages, orders suppression for nearly all of state's evidence

In State v. Patino, P1-10-1155A (R.I. Super. Ct. 2012), the court ordered suppression of text messages sent by the defendant on a cell phone belonging to another person. The defendant had standing to challenge the search which, according to the court, was conducted in violation of the Fourth Amendment and not saved by any exception. The case concerned the murder of the defendant's six-year-old son. The child's mother called 911 to report that her son was not breathing. An ambulance took the child to the hospital, and police remained...

Read More

Civil liberties groups file amicus brief in recent Sixth Circuit cell phone pinging case

Last month, a Sixth Circuit panel held in United States v. Skinner that repeatedly pinging a cell phone in order to obtain its GPS coordinates was not a Fourth Amendment search. This week, the ACLU, CDT, EFF, and EPIC filed an amicus brief asking the Sixth Circuit to reconsider the case en banc. Greg Nojeim, senior counsel for the Center for Democracy & Technology, wrote on CDT's blog that the panel decision was based on a misunderstanding that cell phones normally "give off" GPS location information. Instead, mobile providers have...

Read More

Jones II: DOJ files opposition to motion to suppress Jones's cell site data

Several months back, I mentioned that Antoine Jones, the defendant in the Supreme Court's Jones decision, is back in trial court after the high court's remand. The DOJ is now seeking to do with cell site data what it is not allowed to do with GPS information. On Tuesday, the government filed its opposition to Jones's motion to suppress. Here's the summary of the government's argument: Defendant’s motion to suppress cell-site location records cannot succeed under any theory. To begin with, no reasonable expectation of privacy exists in the...

Read More

Romney's tax returns allegedly hacked - let the spin begin

Politics and cybercrime have frequently gone hand in hand, and apparently the trend continues. An unidentified hacking group claims to have "hacked" (as in duped) the facility that houses Romney's 1040s -  PricewaterhouseCooper - and obtained his records. The hacking group has posted a message on pastebin with information which can be found here.  There also appears to be an extortion attempt involved (although based on the money floating around political circles, this shouldn't be a high bar to meet if true). A tactic such as this is...

Read More

Highlighted Paper: "The Law of Cyber-Attack"

Furthering scholarship in this area, I'd like to draw attention to a new paper, revised today, entitled The Law of Cyber-Attack, which was written by a Yale grad, and has a great overview of the current landscape of cyber-attacks. It will be published in an upcoming issue of the California Law Review and deals specifically with nation-state attacks and national security issues - all intertwined with the current cyberlaw jurisprudence. It also includes normative proposals: The abstract: Cyber-attacks have become increasingly common in recent years....

Read More

Federal court addresses applicability of Wiretap Act to wireless network packet sniffing, holds data is "publicly available"

An Illinois federal district court recently analyzed the Wiretap Act as it applies to packet sniffing and held that "the interception of communications sent over unencrypted Wi-Fi networks" does not violate the statute. In re Innovatio IP Ventures, LLC Patent Litigation, No. 11 C 9308 (N.D. Ill. 2012). The plaintiff, Innovatio IP Ventures, LLC, brought suit against multiple companies for various patent infringement claims concerning the use of wireless Internet technology in the defendants' businesses (such a hotels and coffee shops)....

Read More

Slides from our recent webinar on encryption

Thanks to those of you who participated in our recent webinar on encryption technology and legal issues. For those of you who were unable to attend, below is a link to a PDF of the slides from the presentation. Please feel free to contact Justin or me if you have any questions. Click here for the PD...

Read More

Lawyer removed as counsel, alleged to have encouraged client to install spyware to aid custody/divorce proceeding

In Zang v. Zang, 2012 U.S. Dist. LEXIS 123383 (S.D. Ohio, August 30, 2012), the defendant's motion to disqualify plaintiff's counsel was granted due to Donald Roberts, the lawyer of the plaintiff (and former lawyer/brother-in-law of the defendant), allegedly being involved in encouraging the defendant to install spyware to aid in custody and divorce proceedings. The plaintiff (wife) in this matter is "asserting claims under the federal Wiretap Act, 18 U.S.C. § 2510 et seq., together with state law claims for invasion of privacy,...

Read More

Another post-Jones GPS case on the calendar this week

This week, on September 6th, the Wisconsin Supreme Court is faced with a GPS tracking case - State v. Brereton. The issues are unique, and include a pre-textual stop to install the GPS tracking, seizure of the car, lies by law enforcement to conceal the process of installing the GPS tracker, and the interaction of GPS tracking with the holding of the United States Supreme Court in United States v. Jones. I encourage you to read the case briefs. I am cited in the AG's response brief for a point that I noted as relevant but was certainly not...

Read More

Revised federal model jury instructions address use of social media, Internet research

Last week, model jury instructions were released in an attempt to deter jurors from using social networking websites during trial. "The judges recommended that jurors frequently be reminded about the prohibition on social media before the trial, at the close of a case, at the end of each day before jurors return home, and other times, as appropriate," said Judge Julie A. Robinson, chair of the Conference Committee on Court Administration and Case Management. The new instructions include provisions warning jurors not to use the Internet...

Read More

Five security tips IT personnel wish students knew

Security News Daily interviewed me for a piece on what I wished students knew about IT security, and I think it has great advice not just for students, but for anyone accessing the internet in general. It can be found here: 5 Security Tips IT personnel wish students knew. The easiest way to stop cyber crime is to reduce the number of targe...

Read More