2/9. The Department of Justice's (DOJ) Office of the U.S. Attorney for the Northern District of California (USAO/NDCal) charged Christopher Kennedy by criminal information [PDF] with one count of conspiracy to commit wire fraud in connection with his alleged creation and sale of a computer cookie stuffing program directed at eBay that enables users of the program to obtain referral income from eBay to which they are not entitled.

The information alleges that eBay compensates web site operators who place eBay advertisements in their web sites when internet users visit those web sites, click on the eBay advertisements, and then engage in a revenue transaction at the eBay web site. It further alleges that eBay tracks this through the use of cookie technology. However, the information alleges, Kennedy created a program that places cookies on visitors' computers that enable the program users to obtain referral revenue from eBay even when there has been no click on an eBay ad.

The information states that "eBay maintains an advertising and promotion program, known as the eBay Partner Program ("EPN"), through which website that display eBay advertisements are reimbursed for referrals. Under the EPN, eBay will pay a referral fee to an affiliate when an advertisement on that affiliate's website directs a web user to the eBay website. When that user accesses the eBay website, a text string of code ("cookie") is deposited on the user's computer. This cookie contains information identifying the referring website ("EPN ID") and may be used to track whether and when the user returns to the eBay website. A subsequent visit to the eBay website may result in payment of a referral fee if the user engages in a revenue action, which occurs when the user utilizes eBay's action service. If multiple cookies are present on the user's computer, which may occur if the user has clicked on several different advertisements before engaging in a revenue action, the most recently deposited cookie (and it corresponding affiliate website) will be credited for any revenue action. Many users of eBay's website without being referred by an affiliate and the revenue actions performed by such users do not result in a commission payment." (Parentheses in original.)

The information alleges that Kennedy "created" a "cookie stuffing" program titled "saucekit".

The information defines cookie stuffing as "the act of depositing a cookie containing an affiliate website's EPN ID onto an individual's computer without that individual having to click on an advertisement or link. Cookie-stuffing occurs when an individual visits an affiliate website or webpage, such as an eBay auction page, and without clicking on an advertisement or link (and in some cases, without ever seeing an advertisement), a cookie containing the affiliate website's EPN ID is placed onto the individual's computer. The cookie remains on that individual's computer for a period of time and, if that individual engages in a revenue action, eBay will credit the affiliate. As a result, eBay will pay referral fees to an affiliate, even though the individual who visited the affiliate website or webpage had not been referred to eBay by that website or webpage."

The information further alleges that Kennedy offered for sale over the internet the saucekit program.

There is no federal cookie stuffing statute.

The crime of conspiracy, which the information charges, is codified at 18 U.S.C. § 371. The wire fraud statute, which is codified at 18 U.S.C. § 1343, does not reference cookies, web technology, or the internet. It provides, in relevant part, as follows:

"Whoever, having devised or intending to devise any scheme or artifice to defraud, or for obtaining money or property by means of false or fraudulent pretenses, representations, or promises, transmits or causes to be transmitted by means of wire, radio, or television communication in interstate or foreign commerce, any writings, signs, signals, pictures, or sounds for the purpose of executing such scheme or artifice, shall be fined under this title or imprisoned not more than 20 years, or both."

The information does not allege plain fraud, which is codified at 18 U.S.C. § 1341.

Nor does the information allege violation of 18 U.S.C. § 1030, which bans computer hacking, and unauthorized access to a protected computer system. Were the DOJ to bring a Section 1030 charge, the theory might be that the the web site operators who run the saucekit program on their web sites engage in unauthorized access to the computers of visitors to their web sites by placing cookies thereon that are designed to fool the eBay referral compensation program.

However, there are also reasons for not proceeding under Section 1030. First, there is the matter of proving lack of authority, or exceeding authority.

Second, in the case of access to non-governmental computers, under most subsections of Section 1030, the prosecution must prove acquisition of information from, damage to, or loss to, the protected computer. But, the protected computer owners suffer no loss or damage under this cookie stuffing scheme. Instead, eBay does. And, most provisions in Section 1030 do not criminalize conduct that only harms third parties, such as eBay.

However, subsection 1030(a)(4) provides that "Whoever ... knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value ... shall be punished ..."

The OUSA declined to comment on the selection of charging statutes, the history of prosecutions for cookie stuffing schemes, or other questions put to it by TLJ. eBay did not promptly return a phone call from TLJ.

2/3. The Department of Justice's (DOJ) Office of the U.S. Attorney for the District of New Jersey (USAO/NJ) announced in a release that Edwin Andres Pena pled guilty in U.S. District Court (DNJ) to one count of conspiracy to commit computer hacking and wire fraud, and one count of wire fraud.

The USAO stated that Pena is the "first individual ever charged with hacking into the networks of Voice Over Internet Protocol (VOIP) providers and reselling hacked VOIP services for a profit".

The USAO explained that "Pena was indicted for conspiracy to secretly hack into the computer networks of unsuspecting VOIP phone service providers; conspiracy to commit wire fraud by transmitting telephone calls over the victims’ networks; and individual hacking and wire fraud counts. At his plea hearing, Pena, who purported to be a legitimate wholesaler of these Internet-based phone services, admitted that he sold discounted service plans to his unsuspecting customers. Pena admitted that he was able to offer such low prices because he would secretly hack into the computer networks of unsuspecting VOIP providers, including one Newark-based company, to route his customers’ calls. Through this scheme, Pena is alleged to have sold more than 10 million minutes of Internet phone service to telecom businesses at deeply discounted rates, causing a loss of more than $1.4 million in less than a year."

The prohibition of computer hacking is codified at 18 U.S.C. § 1030; conspiracy is codified at 18 U.S.C. § 371; and wire fraud is codified at 18 U.S.C. § 1343.

See also, column titled "Tech Crime Report" in TLJ Daily E-Mail Alert No. 2,006, October 21, 2009.

2/8. The Department of Justice's (DOJ) Office of the U.S. Attorney for the Northern District of California (USAO/NDCal) announced in a release that Sweden "accepted the request to transfer the prosecution" of Philip Gabriel Pettersson to the United States.

On May 5, 2009, the U.S. District Court (NDCal) returned an indictment [6 pages in PDF] that charges Pettersson with intentionally causing damage to a protected computer in violation of 18 U.S.C. § 1030, and misappropriation of trade secrets in violation of 18 U.S.C. §§ 1832(a)(2) and (a)(4). See, story titled "Cisco and NASA Hacker Indicted" in TLJ Daily E-Mail Alert No. 1,936, May 7, 2009.

The events which give rise to this case occurred in 2004. The indictment alleges that Pettersson is a resident of Sweden who hacked into the computer systems of Cisco Systems and stole its confidential and proprietary source code for its Internetwork Operating System (IOS), with "intent to convert trade secrets belonging to Cisco to the economic benefit of someone other than" Cisco.

The USAO release adds that "this is one of the few computer crime cases in which a transfer has been accepted in recent years".

This case is U.S.A. v. Philip Gabriel Pettersson, U.S. District Court for the Northern District of California, D.C. No. CR 09-0471 RMW.

1/19. The Department of Justice's (DOJ) Criminal Division sent a letter with attached documents [12 pages in PDF] to Christopher Soghoian in response to a request for records that he submitted to the DOJ on December 6, 2009, pursuant to the federal Freedom of Information Act (FOIA), which is codified at 5 U.S.C. § 552.

This documents contain data on the number of pen register and trap and trace device orders obtained by the various components of the DOJ in 2004, 2005, 2006, 2007, and 2008.

These documents, which contain data gaps, nevertheless reveal the increasing usage of pen registers and trap and trace devices by the DOJ.

These are both old telephone industry terms, that now also apply to internet communications. Previously, pen registers were merely devices that recorded telephone numbers that are dialed or punched. Trap and trace devices merely recorded the telephone numbers of incoming calls.

Then, Title II of HR 3162 (107th Congress), the surveillance act of 2001, expanded law enforcement agencies' authority with respect to the use of pen registers and trap and trace devices. Prior law covered "wire" communications. The surveillance act provides that the concept of a pen register is expanded from merely capturing phone numbers, to capturing routing and addressing information in any electronic communications, including internet communications. The surveillance act similarly expands the concept of trap and trace devices.

See also, short piece by the Cato Institute's Julian Sanchez titled "Fresh Surveillance Data Show Spike in Traffic Tracking".

2/8. The U.S. District Court (CDCal) sentenced Dongfan Chung, a former employee of Rockwell International and Boeing, to serve 188 months in prison following his plea of guilty to one count of conspiracy to commit economic espionage, six counts of economic espionage to benefit a foreign country, one count of acting as an agent of the People's Republic of China (PRC), and one count of making false statements to the FBI. The Department of Justice's (DOJ) Office of the U.S. Attorney for the Central District of California (USAO/CDCal) stated in a release that "Chung stole Boeing trade secrets relating to the Space Shuttle and the Delta IV rocket".

2/5. The Department of Justice's (DOJ) Office of the U.S. Attorney for the Western District of Washington USAO/WDWash) announced in a release that the U.S. District Court (WDWash) sentenced Gabriel Jang to serve eight and one half years in prison, and pay restitution, for aggravated identity theft (18 U.S.C. §1028A), conspiracy to commit bank and wire fraud, access device fraud, and structuring currency transactions. He and fellow defendants stole credit cards from gym lockers, immediately made counterfeit identifications, and then used the stolen cards to make high end electronics purchases, before the thefts were reported. The group then sold the electronics items via the eBay auction web site. The District Court sentenced co-defendant Billy Morris Britt on November 13, 2009. See, story titled "Court Sentences Member of Credit Card and ID Theft Ring" in TLJ Daily E-Mail Alert No. 2,017, November 23, 2009.

2/4. The U.S. District Court (NDIll) sentenced Benjamin Rowner and Jay H. Soled, former owners of DeltaNet Inc., to serve 27 months in prison, and to pay $271,716 in restitution, jointly and severally, to the Federal Communications Commission's (FCC) Universal Service Administrative Company (USAC) in connection with their defrauding of the FCC's frequently defrauded e-rate tax and subsidy program. See, FBI release.

1/29. The Department of Justice's (DOJ) Office of the U.S. Attorney for the Southern District of California (USAO/SDCal) announced in a release that Jung Kwak, Phillip Allison, and Robert Ward were sentenced to serve time in prison following their pleas of guilty to conspiring to violate the Digital Millenium Copyright Act (DMCA) in connection with their efforts to crack the Dish Network's Nagra 3 encryption. The USAO stated that the three "determined to hire computer hackers to break the latest DISH Network encryption scheme, known as Nagra 3, so that the line of satellite receiver boxes sold by Mr. Kwak would continue to have a market". Kwak's company imports and sells free to air (FTA) satellite receiver boxes. The USAO explained that "To illegally decrypt the DISH network signal, the FTA boxes must appear to have DISH smart cards. That is done by reverse-engineering DISH smart cards and creating computer code which, when downloaded to an appropriate FTA box, will emulate the existence of a smart card and trick the system. In the past, as DISH encryption and countermeasures were defeated, the code has been posted on the Internet and made available for download to anyone." The USAO release lists several actions taken by the defendants to crack Nagra 3 encryption. However, it does not state that they succeeded. The crime of conspiracy, to which the defendants pled guilty, is codified at 18 U.S.C. § 371. The DMCA, at 17 U.S.C. § 1204, criminalizes violation of the anti-circumvention section of the DMCA, which is codified at 17 U.S.C. § 1201.

1/29. A trial jury of the U.S. District Court (EDCal) returned verdicts of guilty against Karen Jean Freyling and Steven Walter Butts on charges of wire fraud, mail fraud, importing goods into the U.S. by means of false statements, smuggling, and trafficking in counterfeit labels, documentation, or packaging. The Department of Justice (DOJ) stated in a release that they imported counterfeit DVDs from the Philippines, and sold them online in the U.S.

1/28. The Senate Judiciary Committee (SJC) amended and approved S 1749 [LOC | WW], the "Cell Phones Contraband Act". Steve Largent, head of the CTIA, stated in a release that "Inmates who possess contraband phones and those who supply them should be penalized severely and CTIA commends the Senate Judiciary Committee for approving Senator Feinstein's bill. Our members have no interest in seeing inmates use wireless services to conduct unlawful activities or harass and intimidate the public. We hope the full Senate will act on S. 1749 soon." See also, story titled "Senate Judiciary Committee to Consider Cell Phones in Prisons" in TLJ Daily E-Mail Alert No. 2,038, January 25, 2010.

1/25. The U.S. District Court (CDCal) sentenced Morocco Curry to serve 102 months in prison following his plea of guilty to identity theft and organizing a bank fraud scheme, which involved using a phone in prison. The Office of the U.S. Attorney (OUSA) for the Central District of California stated in a release that he was sentenced for crimes committed while incarcerated at the California State Prison in Centinela for conspiracy to commit bank fraud and aggravated identity theft. The OUSA stated that "Operating from inside the prison near El Centro, Curry orchestrated a scheme in which he used three-way phone calls arranged by co-schemers outside of prison to convince credit card issuers to send ``replacement´´ cards to members of the ring."

1/25. Brian Thomas Mettenbrink agreed to plead guilty in the U.S. District Court (CDCal) to a misdemeanor charge of unauthorized access of a protected computer, in violation of 18 U.S.C. § 1030, and to serve one year in prison, in connection with his distributed denial of service (DDOS) attacks on the web sites of the Church of Scientology. The Office of the U.S. Attorney for the Central District of California stated in a release that these attacks "impaired the integrity and availability of those websites". This release adds that "A DDOS attack occurs where a large amount of malicious Internet traffic is directed at a website or a set of websites. The target websites are unable to handle the high volume of Internet traffic and therefore become unavailable to legitimate users trying to reach the sites."

There will be no votes in the House on February 10, 11 or 12. The House will be in recess the week of February 15. The next votes in the House will be February 22 at the earliest. The House will meet at 10:00 AM for legislative business. See, Rep. Hoyer's schedule for the week of February 8.

The Senate will not meet.

POSTPONED. 9:30 AM. The Senate Homeland Security and Government Affairs Committee (SHSGAC) will hold a hearing on President Obama's FY 2011 budget proposal for the Department of Homeland Security (DHS). The witness will be Janet Napolitano. See, notice. Location: Room 342, Dirksen Building.

? 9:30 AM. The Department of Commerce's (DOC) Bureau of Industry and Security's (BIS) Transportation and Related Equipment Technical Advisory Committee will hold a partially closed meeting. See, notice in the Federal Register: January 26, 2010, Vol. 75, No. 16, at Page 4047. The open portion of this event will be teleconferenced. Location: Room 6087B, DOC, Hoover Building, 14th St., NW.

POSTPONED. 10:00 AM. The Senate Judiciary Committee will hold a hearing titled "Combating Cyber Crime and Identity Theft in the Digital Age". The witnesses will be Lanny Breuer (Assistant Attorney General in charge of the Department of Justice's Criminal Division), Ari Schwartz (Center for Democracy and Technology), and Vincent Weafer (Symantec). The SJC will webcast this event. See, notice. Location: Room 226, Dirksen Building.

CANCELLED. 10:00 AM. The House Judiciary Committee (HJC) will hold a hearing titled "Sharing and Analyzing Information to Prevent Terrorism". The HJC will webcast this event. See, notice. Location: Room 2141, Rayburn Building.

POSTPONED. 11:00 AM - 12:00 NOON. The Federal Communications Commission's (FCC) Advisory Committee for the 2012 World Radiocommunication Conference will meet. See, notice in the Federal Register, January 14, 2010, Vol. 75, No. 9, at Page 2141. Location: FCC, Commission Meeting Room, 445 12th St., SW. See, notice of postponement.

POSTPONED. 2:00 - 4:00 PM. The Federal Communications Commission's (FCC) Public Safety and Homeland Security Bureau will host a forum titled "creation of an emergency response interoperability center for public safety broadband communications". See, notice. See, notice of postponement.

POSTPONED. 4:00 PM. The Senate Judiciary Committee (SJC) will hold a hearing on pending nominations. The SJC will webcast this event. See, notice. Location: Room 226, Dirksen Building.

There will be no votes in the House. The House will meet at 10:00 AM for legislative business. See, Rep. Hoyer's schedule for the week of February 8.

The Senate will meet at 2:30 PM.

? 10:00 AM. The Department of Commerce's (DOC) Bureau of Industry and Security's (BIS) Materials Technical Advisory Committee will hold a partially closed meeting. See, notice in the Federal Register: January 26, 2010, Vol. 75, No. 16, at Page 4047. The open portion of this event will be teleconferenced. Location: Room 6087B, DOC, Hoover Building, 14th St., NW.

TIME CHANGE. 10:00 AM. 2:15 PM. The Senate Judiciary Committee (SJC) may hold an executive business meeting. It may consider the nomination of Dawn Johnsen to be Assistant Attorney General for the Office of Legal Counsel (OLC). It may also consider several District Court nominees: Nancy Freudenthal (USDC/DWyo), Denzil Marshall (USDC/EDArk), Benita Pearson (USDC/NDOhio), and Timothy Black (USDC/SDOhio). The SJC rarely follows its published agendas. The SJC will webcast this event. See, notice. Location: Room 226, Dirksen Building.

POSTPONED. The House Homeland Security Committee (HHSC) will hold a hearing titled "The President’s FY 2011 Budget Request for the Department of Homeland Security". Location: Room 311, Cannon Building.

POSTPONED TO FEBRUARY 18. The Federal Communications Commission (FCC) will hold an event titled "Open Meeting". Location: FCC, Commission Meeting Room, 445 12th St., SW. See, notice of postponement.

RESCHEDULED FROM FEBRUARY 10. 11:30 AM. The Senate Judiciary Committee (SJC) may hold a hearing on pending nominations. The SJC will webcast this event. See, notice. Location: Room 226, Dirksen Building.

POSTPONED. 2:00 PM. The House Foreign Affairs Committee (HFAC) will hold a hearing titled "U.S.-Japan Relations: Enduring Ties, Recent Developments". See, notice. Location: Room 2172, Rayburn Building.

Deadline to submit initial nominations for membership on the National Institute of Standards and Technology's (NIST) Smart Grid Advisory Committee. See, notice in the Federal Register, January 12, 2010, Vol. 75, No. 7, at Pages 1595-1596.

There will be no votes in the House.

5:00 PM. Deadline to submit comments to the U.S. Patent and Trademark Office (USPTO) regarding its proposal to revise its rules of practice before the Board of Patent Appeals and Interferences (BPAI) in ex parte patent appeals. See, notice in the Federal Register, December 22, 2009, Vol. 74, No. 244, at Pages 67987-68004. See also, story titled "USPTO Seeks Comments on Rules of Practice before the BPAI in Ex Parte Appeals" in TLJ Daily E-Mail Alert No. 2,026, December 22, 2009.

Deadline to submit reply comments to the Federal Communications Commission (FCC) in response to its Further Notice of Proposed Rulemaking (FNPRM) [25 pages in PDF] regarding universal service and the High-Cost Universal Service Support. The FCC adopted and released this FNPRM on December 15, 2009. It is FCC 09-112 in CC Docket No. 96-45 and WC Docket No. 05-337. See, notice in the Federal Register, December 29, 2009, Vol. 74, No. 248, at Pages 68763-68774, and story titled "FCC Releases FNPRM Regarding High Universal Support" in TLJ Daily E-Mail Alert No. 2,027, December 24, 2009.

The National Association of Regulatory Utility Commissioners (NARUC) will host a four day event titled "Winter Committee Meetings". See, notice. Location: Renaissance Washington Hotel, 999 9th St., NW.

The House will not meet the week of February 15-19, 2010. See, 2010 House calendar.

The Senate will not meet the week of February 15-19, 2010. See, 2010 Senate calendar.

Washington's Birthday. This is a federal holiday. See, Office of Personnel Management's (OPM) web page titled "2010 Federal Holidays".

Second of four suggested dates for submitting "white papers" to the National Institute of Standards and Technology (NIST) regarding the NIST's Technology Innovation Program (TIP). The other remaining suggested submission dates are May 10, 2010, and July 12, 2010. The final deadline is September 30, 2010. See, notice in the Federal Register, September 4, 2009, Vol. 74, No. 171, at Pages 45823-45825.

5:00 PM. Deadline to submit applications to the National Institute of Standards and Technology (NIST) for participation in its 2010 SURF grant programs. These are the NIST's Gaithersburg Summer Undergraduate Research Fellowship Program, and Boulder Summer Undergraduate Research Fellowship Program. The NIST distributes grants for, among other topics, electronics and electrical engineering, and information technology. See, notice in the Federal Register, December 15, 2009, Vol. 74, No. 239, at Pages 66291-66296.

Deadline to submit comments to the Judicial Conference of the United States' Committee on Rules of Practice and Procedure regarding proposed changes to the Federal Rules of Criminal Procedure (FRCrP), Federal Rules of Bankruptcy Procedure (FRBP), and Federal Rules of Evidence (FRE). The numerous changes to the FRCrP pertain to the use of new information technologies, including use of video conferencing, and consideration of electronically submitted information in the issuance of complaints, arrest warrants, and summonses. See, notice in the Federal Register, December 1, 2009, Vol. 229, No. 74, at Page 62821.

5:00 PM. Deadline for all commenters (except foreign governments) to submit comments to the Office of the U.S. Trade Representative (OUSTR) to assist it in making determinations that identify countries that deny adequate and effective protection of intellectual property rights (IPR) or deny fair and equitable market access to U.S. persons who rely on intellectual property protection. The OUSTR is required to make these Special 301 determinations by Section 182 of the Trade Act of 1974, which is codified at 19 U.S.C. § 2242. See, notice in the Federal Register, January 15, 2010, Vol. 75, No. 10, at Pages 2578-2580.

12:15 - 1:30 PM. The Federal Communications Bar Association's (FCBA) International Telecommunications and Young Lawyers Committees will host a brown bag lunch titled "Developing a Career in International Communications". The speakers will be Steven Lett (Department of State), John Giusti (Chief of Staff and Legal Advisor to FCC Commissioner Michael Copps), Janet Hernandez (Telecommunications Management Group, Inc.), and Gonzalo de Dios (Intelsat Corporation). For more information, contact Jennifer Hindin at jhindin at wileyrein dot com or Micah Caldwell at mcaldwell at fh-law dot com. Location: Wiley Rein, 10th floor, 1750 K St., NW.

Statutory deadline for the Federal Communications Commission (FCC) to submit a report titled "National Broadband Plan", as required by HR 1 [LOC | WW]. FCC Chairman Julius Genachowski stated in letters on January 7, 2010 that the FCC will complete this report on March 17, 2010.

Tech Law Journal publishes a free access web site and a subscription e-mail alert. The basic rate for a subscription to the TLJ Daily E-Mail Alert is $250 per year for a single recipient. There are discounts for subscribers with multiple recipients.

Free one month trial subscriptions are available. Also, free subscriptions are available for journalists, federal elected officials, and employees of the Congress, courts, and executive branch. The TLJ web site is free access. However, copies of the TLJ Daily E-Mail Alert are not published in the web site until two months after writing.

For information about subscriptions, see subscription information page.

Tech Law Journal now accepts credit card payments. See, TLJ credit card payments page.

TLJ is published by David Carney
Contact: 202-364-8882.
carney at techlawjournal dot com
P.O. Box 4851, Washington DC, 20008.

Privacy Policy
Notices & Disclaimers
Copyright 1998-2010 David Carney. All rights reserved.