1/3. The U.S. District Court (EDMich) unsealed an indictment that charges Alan M. Ralsky and ten other persons with violation of criminal prohibitions of the federal CAN SPAM Act (18 U.S.C. § 1037), violation of the federal Computer Fraud and Abuse Act (CFAA) (18 U.S.C. § 1030), and other federal crimes, but not any federal securities laws, in connection with the operation of a pump and dump securities fraud operation.

The most significant aspect of this matter is that the defendants are alleged to have operated a pump and dump securities fraud scheme from which they profited, and investors were harmed, in the millions of dollars. Yet, the indictment does not charge securities fraud.

Rather, it charges that the pumping of stocks by sending fraudulent bulk unsolicited commercial e-mail violates the federal anti-spam statute. It also charges that the pumping of stocks was accomplished in violation of the federal computer hacking statute by a result of the use of botnet distribution of e-mail messages.

The Department of Justice (DOJ) stated in a release that the defendants operated "a sophisticated and extensive spamming operation that ... largely focused on running a stock ``pump and dump´´ scheme, whereby the defendants sent spam touting thinly traded Chinese penny stocks, drove up their stock price, and reaped profits by selling the stock at artificially inflated prices."

It adds that "the defendants used various illegal methods in order to maximize the amount of spam that evaded spam- blocking devices and tricked recipients into opening, and acting on, the advertisements in the spam. These included using falsified ``headers´´ in the email messages, using proxy computers to relay the spam, using falsely registered domain names to send the spam, as well as making misrepresentations in the advertising content of some of the underlying email messages."

False E-Mail Header Information. The indictment alleges the use of forged header information in e-mail messages. Section 1037(a)(3) provides that "Whoever, in or affecting interstate or foreign commerce, knowingly ... materially falsifies header information in multiple commercial electronic mail messages and intentionally initiates the transmission of such messages ... or conspires to do so, shall be punished ..."

Fraudulent Domain Name Registration. The indictment also alleges the fraudulent registration of domain names. Section 1037(a)(4) provides that whoever knowingly "registers, using information that materially falsifies the identity of the actual registrant, for five or more electronic mail accounts or online user accounts or two or more domain names, and intentionally initiates the transmission of multiple commercial electronic mail messages from any combination of such accounts or domain names" shall be punished.

Use of a Botnet. The indictment also alleges the use of a botnet. Botnet is a slang term of recent origin derived from the words robot network. It is used to describe a collection of software robots that reside on a collection of compromised computers, almost always without the authority or knowledge of the owners or operators, that are controlled remotely for various nefarious purposes. The compromised computers are often referred to as zombies. The purposes for forming botnets include sending spam, running denial of service attacks, committing click fraud, and spyware. In the present case, the indictment alleges the use of a botnet to send the spam messages that pumped stocks.

The indictment states that a botnet "is a network of computers infected with malicious software that allows a third party to control the entire computer network without the knowledge or consent of the computer owners. Each of the infected computers is referred to as a "bot". A botnet can be used by spammers to send spam through the network of infected bot computers, using each of the infected computers to transmit the spam e-mail, in order to hide the true origin of the spam and helping the spammer to remain anonymous, and evade anti-spam filters and other blocking techniques."

The indictment alleges violation of three statutory sections. First, it alleges violation of Section 1037(a)(1), which provides that whoever knowingly "accesses a protected computer without authorization, and intentionally initiates the transmission of multiple commercial electronic mail messages from or through such computer" shall be punished. Second, it alleges violation of Section 1037(a)(2), which provides that whoever knowingly "uses a protected computer to relay or retransmit multiple commercial electronic mail messages, with the intent to deceive or mislead recipients, or any Internet access service, as to the origin of such messages" shall be punished.

Third, it alleges violation of Section 1030(a)(5)(A)(i) and 1030(a)(5)(B)(i), which provide that whoever "knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer" and thereby causes "loss to 1 or more persons during any 1-year period ... aggregating at least $5,000 in value" shall be punished.

While the DOJ has obtained an indictment under three statutory sections in connection with the use of botnets, various tech sector trade groups and members of Congress are arguing for amendment of Section 1030 on the grounds that it does not adequately enable prosecutors and private litigants to pursue botnet creators, operators and users.

For example, on May 14, 2007, Rep. Adam Schiff (D-CA), Rep. Steve Chabot (R-OH) and others introduced HR 2290, [LOC | WW], the "Cyber-Security Enhancement Act of 2007" to, among other things, address the problems associated with botnets.

The broadest prohibition of Section 1030 is found in 1030(a)(5). The present indictment charges violation of 1030(a)(5). 1030(a)(5)(A) lists three types of criminal acts. Then, 1030(a)(5)(B) enumerates five types of damage that are sufficient to sustain a prosecution. Several are specialized types of damage (government or health care computers, resulting in physical injury, or creating a threat to public safety). The fifth type of damage is broad, but requires a minimum loss of $5,000. The present indictment relies upon the $5,000 in damages item.

Rep. Schiff's bill would add a sixth type of damage, "damage affecting ten or more protected computers during any 1-year period". The damage could be of any kind. The damage need not have any minimum monetary value. This would extend the reach of 1030(a)(5) to anyone who creates, herds, or takes over even the smallest of botnets.

See also, story titled "Rep. Schiff and Rep. Chabot Introduce Bill to Expand § 1030" in TLJ Daily E-Mail Alert No. 1,583, May 18, 2007.

Other Charges. The indictment also alleges criminal conspiracy (18 U.S.C. § 371), criminal fraud (18 U.S.C. § 1341), wire fraud (18 U.S.C. § 1343), money laundering (18 U.S.C. § 1956 and 18 U.S.C. § 1957), and lying to federal agents (18 U.S.C. § 1001). The indictment also seeks forfeiture.

The indictment does not charge violation of the federal Racketeering Influenced and Corrupt Organizations (RICO) statute, which is codified at 18 U.S.C. § 1961, et seq. It could not. Neither the CAN-SPAM Act nor the CFAA are predicate offenses for RICO prosecutions. However, HR 2290 would make Section 1030 a predicate offense.

The DOJ release lists other agencies that worked with the DOJ in this case. It does not list the Securities and Exchange Commission (SEC). The SEC does not have criminal enforcement authority. However, it works with the DOJ, which brings criminal securities cases. The SEC also often brings parallel civil actions. The SEC has not announced any action action Ralsky. TLJ spoke with a SEC spokesman who said that the SEC does not talk about cases that it has not brought.

The DOJ did not promptly run a phone call from TLJ.

12/31. The Department of State (DOS) published a notice in the Federal Register that announces, describes, recites, and sets the effective date (February 1, 2008) for, its final rule regarding the use of radio frequency identification (RFID) technology in passport cards. See, Federal Register, December 31, 2007, Vol. 72, No. 249, at Pages 74169-74173.

This notice acknowledges that the DOS received numerous comments criticizing the use of vicinity RFID chips in passport cards, including from Senators and a Representative from border states.

The notice presents the argument that "The vicinity RFID electronic chip contains only one item of information--a unique identifying number that has meaning only inside the secure CBP computer system. No other form of personally identifiable information, such as name, date of birth, SSN, place of birth etc., will be electronically stored on the passport card or transmitted through RFID. All personal information will be contained in DHS systems and will only be accessible by authorized personnel through secure networks. Upon receipt of the passport card number, the border crosser's personal information will be downloaded from the CBP system and provided to the CBP officer. The CBP officer will then interview the individual, verify their identities, and determine the appropriate action to take.

The Center for Democracy and Technology (CDT) wrote in its web site that "The new rule calls for the use of ``vicinity read´´ RFID technology without the use of encryption. This means the card will be able to be read remotely, at a long distance. CDT strongly objected to the use of this technology -- developed for tracking inventory, not people -- because it is inherently insecure and poses threats to personal privacy, including identity theft, location tracking by government and commercial entities outside the border control context, and other forms of mission creep."

The new rules take effect on February 1, 2008.

1/3. Attorney General Michael Mukasey appointed four new members, and reappointed four current members, to his Attorney General's Advisory Committee of United States Attorneys. See, Department of Justice (DOJ) release.

1/3. Former Rep. Nancy Johnson (R-CT) was named Co-Chair of the Information Technology and Innovation Foundation Board. She replaces former Rep. Jennifer Dunn (R-WA), who died last year. The other Co-Chair remains former Rep. Cal Dooley (D-CA). Johnson and Dunn were both members of the House Ways and Means Committee.

1/2. Rep. Tom Lantos (D-CA) announced that he will not seek re-election. See, release. He is the Chairman of the House Foreign Affairs Committee. He is also a cosponsor and leading proponent of HR 275 [LOC | WW], the "Global Online Freedom Act of 2007". See, story titled "House Committee Approves Global Online Freedom Act" in TLJ Daily E-Mail Alert No. 1,662, October 25, 2007, and story titled "House Committee Grills Yahoo Executives" in TLJ Daily E-Mail Alert No. 1,671, November 7, 2007.

Tech Law Journal publishes a free access web site and subscription e-mail alert. The basic rate for a subscription to the TLJ Daily E-Mail Alert is $250 per year. However, there are discounts for subscribers with multiple recipients. Free one month trial subscriptions are available. Also, free subscriptions are available for journalists, federal elected officials, and employees of the Congress, courts, and executive branch. The TLJ web site is free access. However, copies of the TLJ Daily E-Mail Alert are not published in the web site until one month after writing. See, subscription information page.

Contact: 202-364-8882.
P.O. Box 4851, Washington DC, 20008.

Privacy Policy
Notices & Disclaimers
Copyright 1998-2008 David Carney, dba Tech Law Journal. All rights reserved.

The House will not meet. It will return from recess on Tuesday, January 15, 2008.

The Senate will not meet. It will return from recess on Tuesday, January 22, 2008.

Extended deadline to submit initial comments to the Federal Communications Commission (FCC) in response to its Notice of Proposed Rulemaking (NPRM) regarding its program access and retransmission consent rules and whether it may be appropriate to preclude the practice of programmers to tie desired programming with undesired programming. The FCC adopted this NPRM on September 11, 2007, and released the text [144 pages in PDF] on October 1, 2007. It is FCC 07-169, in MB Docket No. 07-198. See also, story titled "FCC Adopts R&O and NPRM Regarding Program Access Rules" in TLJ Daily E-Mail Alert No. 1,640, September 17, 2007. The original comments deadlines were November 30 and December 17, 2007. See, original notice in the Federal Register, October 31, 2007, Vol. 72, No. 210, at Pages 61590-61603. See, also notice of extended deadlines, Federal Register, December 28, 2007, Vol. 72, No. 248, at Pages 73744-73745.

The House will not meet.

The Senate will meet momentarily in pro forma session. The Senate Democratic leadership holds these pro forma sessions to maintain the procedural fiction that it is not in recess. It does so to preclude President Bush from making recess appointments, based upon the fiction that the Senate is unavailable to confirm nominees.

8:30 AM - 6:00 PM. Day one of a three day meeting of the Architectural and Transportation Barriers Compliance Board's (ATBCB) Telecommunications and Electronic and Information Technology Advisory Committee (TEITAC). Section 508 of the Rehabilitation Act of 1973, as amended, provides at 29 U.S.C. § 794d that each federal agency "developing, procuring, maintaining, or using electronic and information technology" must provide comparable access to disabled federal employees, and to disabled members of the public who have access to and use of information and data of that agency; it further provides that each agency must comply with disability access regulations written by the ATBCB. For more information, contact Timothy Creagan at 202-272-0016 or creagan at access dash board dot gov. See, notice in the Federal Register, December 18, 2007, Vol. 72, No. 242, at Pages 71613-71614. Location: National Science Foundation (NSF), 4121 Wilson Boulevard, Arlington, VA.

10:00 AM. The U.S. Court of Appeals (FedCir) will hear oral argument in International Rectifier v. IXFS, a patent infringement case involving silicon semiconductor wafer technology, App. Ct. No. 2007-1063. Location: Courtroom 201, 717 Madison Place, NW.

10:00 AM. The U.S. Court of Appeals (FedCir) will hear oral argument in Finisar Corporation v. Directv Group, a patent infringement case, App. Ct. No. 2007-1023. This is an appeal from the U.S. District Court (EDTex), D.C. No. 1:05-CV-264. Location: Courtroom 203, 717 Madison Place, NW.

10:00 AM. The U.S. Court of Appeals (FedCir) will hear oral argument in Sitrick v. Dreamworks, a patent infringement case, App. Ct. No. 2007-1174. Location: Courtroom 203, 717 Madison Place, NW.

CANCELLED. 12:00 NOON - 2:00 PM. The DC Bar Association will host a program titled "The Foreign Corrupt Practices Act: Part I". For more information, call 202-626-3463. See, notice. Location: DC Bar Conference Center, B-1 Level, 1250 H St., NW.

Deadline to submit initial comments to the Federal Communications Commission (FCC) in response to its Notice of Proposed Rulemaking (NPRM) regarding allowing AM stations to use FM translator stations to rebroadcast the AM signal locally. This NPRM is FCC 07-144 in MB Docket No. 07-172. See, notice in the Federal Register, November 6, 2007, Vol. 72, No. 214, at Pages 62616-62622.

Deadline to submit reply comments to the Federal Communications Commission (FCC) in response to its Notice of Proposed Rulemaking (NPRM) regarding hearing aids and wireless handsets. This item is FCC 07-192 in WT Docket No. 07-250. See, notice in the Federal Register, November 21, 2007, Vol. 72, No. 224, at Pages 65494-65508. See also, story titled "FCC Releases 2nd Report and Order and NPRM on Hearing Aids and Wireless Handsets" in TLJ Daily E-Mail Alert No. 1,672, November 8, 2007.

8:30 AM - 6:00 PM. Day two of a three day meeting of the Architectural and Transportation Barriers Compliance Board's (ATBCB) Telecommunications and Electronic and Information Technology Advisory Committee (TEITAC). See, notice in the Federal Register, December 18, 2007, Vol. 72, No. 242, at Pages 71613-71614. Location: National Science Foundation (NSF), 4121 Wilson Boulevard, Arlington, VA.

9:00 AM - 4:00 PM. The President's Council of Advisors on Science and Technology (PCAST) will hold an open meeting. The agenda includes a discussion of the National Nanotechnology Initiative (NNI), a panel on research partnerships among universities and the private sector, and a panel on personalized medicine. See, PCAST agenda [PDF] and notice in the Federal Register, December 19, 2007, Vol. 72, No. 243, Page 71908-71909. Location: Room 100 at the Keck Center of the National Academies at 500 5th St., NW.

10:00 AM. The U.S. Court of Appeals (FedCir) will hear oral argument in Microprocessor Enhancement Corp. v. Texas Instruments, a patent infringement case involving the architecture of digital signal processing chips, App. Ct. No. 2007-1249. This is an appeal from the U.S. District Court (CDCal). Location: Courtroom 203, 717 Madison Place, NW.

10:00 AM. The U.S. Court of Appeals (FedCir) will hear oral argument in Aristocrat Technologies Australia v. Multimedia Games, , App. Ct. No. 2007-1201, and Aristocrat Technologies Australia v. International Game Technology, App. Ct. No. 2007-1419, patent cases involving the authority of the U.S. Patent and Trademark Office (USPTO) to revive unintentionally late national stage applications. Location: Courtroom 201, 717 Madison Place, NW.

10:00 AM. The U.S. Court of Appeals (FedCir) will hear oral argument in In Re Lee, App. Ct. No. 2007-1191. Location: Courtroom 203, 717 Madison Place, NW.

8:30 AM - 6:00 PM. Day three of a three day meeting of the Architectural and Transportation Barriers Compliance Board's (ATBCB) Telecommunications and Electronic and Information Technology Advisory Committee (TEITAC). See, notice in the Federal Register, December 18, 2007, Vol. 72, No. 242, at Pages 71613-71614. Location: National Science Foundation (NSF), 4121 Wilson Boulevard, Arlington, VA.

10:00 AM. The U.S. Court of Appeals (FedCir) will hear oral argument in Dominant Semiconductor v. Osram, a patent infringement case, App. Ct. No. 2007-1456. Location: Courtroom 201, 717 Madison Place, NW.

10:00 AM. The U.S. Court of Appeals (FedCir) will hear oral argument in Fuji America v. U.S., App. Ct. No. 2007-1653, an appeal from the Court of International Trade. Location: Courtroom 203, 717 Madison Place, NW

10:00 AM. The U.S. Court of Appeals (FedCir) will hear oral argument in Zenith Electronics v. PDI, App. Ct. No. 2007-1288. Location: Courtroom 203, 717 Madison Place, NW.

11:00 AM. The National Science Foundation's (NSF) National Science Board's (NSB) Committee on Programs and Plans will hold a teleconferenced public meeting. See, notice in the Federal Register, December 31, 2007, Vol. 72, No. 249, at Page 74347. Location: 4201 Wilson Blvd., Arlington, VA.

12:30 - 1:30 PM. The DC Bar Association will host a closed event titled "2008: Washington’s View of the Year for Telecom, Media and IT". The speakers will be Carolyn Brandon (CTIA), Jessica Rosenworcel (Senate Commerce Committee staff), Brian Huseman (FTC Chief of Staff), Jessica Zufolo (Medley Global Advisors), David Murray (NTIA Senior Advisor), Bruce Gottleib (advisor to FCC Commissioner Michael Copps). The price to attend ranges from $15 to $30. For more information, call 202-626-3463. See, notice. Location: DC Bar Conference Center, B-1 Level, 1250 H St., NW.

No events.

12/27. The Cato Institute's Sallie James wrote a short article on the possible impact upon intellectual property rights of the World Trade Organization's (WTO) remedies decision in the Antigua and Barbados versus United States internet gambling case.

1/2. The Department of Commerce's (DOC) Bureau of Industry and Security (BIS) published a notice in the Federal Register that announces, describes, recites, and sets the effective date (January 2, 2008) for, various changes to its Export Administration Regulations (EAR). See, Federal Register, January 2, 2008, Vol. 73, No. 1, at Pages 32-38.

12/31. The Federal Communications Commission (FCC) published a notice in the Federal Register that belatedly announces the start date for filing applications for nationwide non-exclusive licenses in the 3650-3700 MHz band in November 15, 2007. See, Federal Register, December 31, 2007, Vol. 72, No. 249, at Pages 74283-74288. The relevant FCC proceedings are ET Docket No. 04-151 and WT Docket No. 05-96. See also, FCC notice numbered DA 07-4605.

1/2. The Office of the Director of National Intelligence (ODNI) published a notice in the Federal Register that announces a notice of proposed rulemaking regarding ODNI policies for collecting and maintaining personally identifiable records and processes for administering requests for records under the Privacy Act of 1974, which is codified at 5 U.S.C. § 552a(b). See, Federal Register, January 2, 2008, Vol. 73, No. 1, at Pages 113-125. These proposed rules allow for the disclosure of information to courts, government agencies, Congress, any Congressional committee or subcommittee, and a consumer reporting agency (in accordance with 31 U.S.C. § 3711(e)). These proposed rules also enumerate numerous exemptions of records systems under the Privacy Act. The deadline to submit comments is February 11, 2008.

12/28. The Office of the Director of National Intelligence's (ODNI) National Counterterrorism Center (NCTC) published a notice in the Federal Register that announces, recites, and sets the effective date (February 6, 2008) for, its rules establishing several systems of records subject to the Privacy Act of 1974. See, Federal Register, December 28, 2007, Vol. 72, No. 248, at Pages 73887-73898.

12/28. The Office of the Director of National Intelligence's (ODNI) Office of the National Counterintelligence Executive published a notice in the Federal Register that announces, recites, and sets the effective date (February 6, 2008) for, its rules establishing a system of records subject to the Privacy Act of 1974. See, Federal Register, December 28, 2007, Vol. 72, No. 248, at Pages 73898-73899.

12/28. The Office of the Director of National Intelligence's (ODNI) Office of the Inspector General published a notice in the Federal Register that announces, recites, and sets the effective date (February 6, 2008) for, its rules establishing several systems of records subject to the Privacy Act of 1974. See, Federal Register, December 28, 2007, Vol. 72, No. 248, at Pages 73899-73904.