Judge Rejects Guilty Plea From AOL Employee

The Hobo writes "Newsday has a story on a New York judge who rejected Jason Smather's guilty plea. Smathers, covered previously on Slashdot, was the AOL employee who stole and sold AOL addresses to spammers. The judge himself apparently cancelled his AOL subscription due to receiving too much spam. While he didn't like what Jason did, he wasn't convinced a crime had been committed under the CAN-SPAM law, which requires that a person be deceived."

Shouldn't he recuse himself?

He doesn't seem unbiased.

Re:Shouldn't he recuse himself?

[techno-vampire]

Actually, it looks like he's doing everything he can to avoid even the appearance of bias. He rejected the guilty plea because he's not convinced that the accuse's actions fit the requirements of the CAN-SPAM act. If he were biased, he'd just let the guy plead guilty and be done with it.

Re:Shouldn't he recuse himself?

[zoobaby]

Recusing is used for when a judge has a personal interest or may have a conflict of interest in the matter. Where does it say anything in the article that the judge has a conflict of interest or personal interest in the matter?

Re:Shouldn't he recuse himself?

[the_mad_poster]

That's not quite true.... you can be biased and still hand down decisions on an issue that aren't biased. The problem, however, is that if someone doesn't like your decision, and you are biased, even if you didn't let that bias affect your decision, they can still pinpoint that as a reason not to accept your judgement.

Re:Shouldn't he recuse himself?

He doesn't seem unbiased becuase he didn't hand down a ruling you agree with?

Re:Shouldn't he recuse himself?

[ScrewMaster]

Yeah. Can you say, "Microsoft Antitrust lawsuit"?

Re:Shouldn't he recuse himself?

[Ithika]

Yes, we can all say these simple phrases. Now get over it you damn idiots! Who the hell started this stupid phrase? I'd rather sit through pages of beowulf-clustered, linux-running insensitive korean clod jokes in soviet russia than read another damn "can you say X" line.

Re:Shouldn't he recuse himself?

[ScrewMaster]

You forgot "profit!"

And, as it happens, I believe it was Mr. Rogers who started the "Can you say xxxxx? I knew you could!"

You seem like a very uptight, irritable person. I suggest reducing your caffeine intake, or perhaps smoking another cigarette while reading Slashdot posts.

Re:Shouldn't he recuse himself?

[KinkifyTheNation]

Yeah. Can you say, "Microsoft Antitrust lawsuit"?

Microsoft Antitrust Lawsuit.

Re:Shouldn't he recuse himself?

[Ithika]

My apologies to you if I offended. Your post was the straw that broke the camel's back. On the subject of substance abuse I don't smoke and rarely drink coffee, so that can't be the problem. Perchance it's all the time spent staring at Slashdot waiting for an interesting story to appear?

I hadn't heard of this Mr Rogers person, not being a yank and being but young in years, but having done a search for him and his catch-phrase I'm happy to say that any appeal it may have held has long since been squeezed out of me by the users of Slashdot. Thanks guys! :)

Re:Shouldn't he recuse himself?

"I'd rather sit through pages of beowulf-clustered, linux-running insensitive korean clod jokes in soviet russia than read another damn "can you say X" line."

Can you say "thin skin"?

Re:Shouldn't he recuse himself?

[anthony_dipierro]

Well, it says he himself received enough spam at his AOL address to cancel his account, and presumably some of it was due to the defendants actions, but I don't see that as enough of a basis for a recusal, especially if neither the prosecution nor the defense asks for one.

Re:Shouldn't he recuse himself?

[PastaLover]

I think what the judge is basically saying to the prosecution is "you're prosecuting this guy under the wrong law, pick another one". There must be some laws on privacy at least that this guy broke. Not to mention the contract with his employer, that hopefully forbids exactly this kind of activity.

Does not compute

[October_30th]

Authorities said Smathers, who was fired by AOL in June, used another employee's access code to steal the list of AOL customers in 2003 from its headquarters in Dulles, Va., and sold it to spammers for more than $100,000.

I don't understand how this is not deceptive, fraudulent and illegal...

Re:Does not compute

[The+Only+Druid]

It doesn't matter if its deceptive or fradulent, because the charge was specifically done under a particular law: the can-spam act, which has specific requirements. The judge determined that the charge failed to allege an actual violation of that law.

Essentially, the judge instituted a 12(b)(6) motion, dismissing the suit for failure to state a claim upon which action could be based.

Re:Does not compute

[benjamindees]

That's probably because you're just using words without understanding what they mean.

"Deception" probably means something like "lying" to "a person".

Does any of that apply to this case?

Re:Does not compute

[YrWrstNtmr]

It is. It just doesn't meet the specifics of CAN-SPAM, which is evidently what he was charged with, and tried to plead guilty to.

What the judge did was, IMHO, right, in the same way that bank robbery doesn't meet the specifics of the traffic laws.

Charge him with what he actually did, and let him plead guilty to that.

Re:Does not compute

[zakezuke]

I don't understand how this is not deceptive, fraudulent and illegal...

Perhaps it should be, but it's not. No one was actually deceived, the guy flat out used someone else's access code to gain access to a mail list and sell it. For example, if you gave a key to your house and I used it to go in and copy your phone list and sell it to a telemarketer. It's not trespass or breaking and entering because you gave me a key. It might not be deceptive because you might have given me the key to feed your cat and I might not have intended to copy your phone list at that time. And it's not theft because I only made a copy of your phone list. And there is no violation of copyright because a list of names and contact info can't be copyrighted.

I might be guilty of violating your trust but I don't see how any crime was committed.

Re:Does not compute

Only it's not a 12(b)(6), which is for civil procedure, it's a 5.1(f).

Re:Does not compute

[Nykon]

It's not like he stole credit card numbers from his employer. There are clear laws on that. He sold company info, which would be punishable by being fired. The CAN-SPAN law does not apply here because the owners of the email addresses were never deceived. This was an AOL internal security issues.

Re:Does not compute

[almostmanda]

No, this is more like giving you a key to our boss's house, without his permission. And, our boss has contracts with everyone on his phone list that ensure that our company will not sell their phone number. And our boss probably made us sign a paper when we started working for him saying we would never sell/give out confidential company info.

In fact, there's no guarantee that the other employee GAVE him his access code. He could have found the post-it under his keyboard or whathaveyou. Regardless, since it was not HIS access code, he had no permission from the company to access this data in the first place.

Re:Does not compute

[Hatta]

Only it's not a 12(b)(6), which is for civil procedure, it's a 5.1(f).

Thanks, clears that right up.

Re:Does not compute

[GryMor]

Which is cause for a civel action against him by AOL with regards to his employment contract, and possibly an 'unauthorized use of a protected computer system' charge, but certainly doesn't hold up to the requirements for much of anything else.

Re:Does not compute

[Macadamizer]

Actually, it would probably be more along the lines of a civil action for misappropriation of trade secrets -- but there can be criminal penalties for stealing trade secrets as well, so who knows...

Re:Does not compute

[zakezuke]

No, this is more like giving you a key to our boss's house, without his permission. And, our boss has contracts with everyone on his phone list that ensure that our company will not sell their phone number. And our boss probably made us sign a paper when we started working for him saying we would never sell/give out confidential company info.

It sounds like a breach of contract to me, not a criminal act.

In fact, there's no guarantee that the other employee GAVE him his access code. He could have found the post-it under his keyboard or whathaveyou. Regardless, since it was not HIS access code, he had no permission from the company to access this data in the first place.

You don't know for a fact that he had no permission from the company to access this data. If another employee gave him the access code they are, like it or not, they are being granted a license to access what ever data and resources are associated with that account. This would be *stupid* and ground for dismissal but in it self hardly a criminal act.

If they got the password from a post-it under the keyboard who exactly was deceived? It's true someone was a dumbass putting it there in the first place, but this is hardly illegal. Immoral perhaps, but like it or not they were an employee with the right to be there. You could say they violated the company's trust, you say they broke their contract, and you can say they accessed resources they were not given express permission to, but it's much more difficult to prove criminal wrong doing when you grant permission to your property and resources. No more criminal than finding the access code to the executive bathroom and taking a dump.

Re:Does not compute

[B747SP]

It is. It just doesn't meet the specifics of CAN-SPAM, which is evidently what he was charged with, and tried to plead guilty to.

I gotta say, his lawyer must be pretty f**kin' dumb to have gone in there prepared to let the guy cop a guilty plea. I'd like to think that if I had the slightest chance of successfully defending something, that my lawyer would argue as such. Silly goose doesn't even appear to have read the Act!

Re:Does not compute

And it's not theft because I only made a copy of your phone list.

Tell that to the RIAA ;)

Re:Does not compute

[iamacat]

Nah, if you hire a hitman you are still charged with murder. Why can't you be charged under CAN-SPAM act if you sell a list of e-mail addresses to a known spammer? Or fined for unwanted calls if you sell my phone list to telemarketers? He should also be charged with embezzlement for selling AOLs property, and probably both charges at the same time, because they pertain to different victims.

Re:Does not compute

To my non-lawer mind this looks like "Yes I stole them, but I didn't say I wasn't going to steal them so technically I didn't deceive anyone." Or a poorly written law.

Re:Does not compute

[addaon]

He can't be charged with it because that's not what the law covers.

Re:Does not compute

[zakezuke]

Trade Secret

However, there are three factors that (though subject to differing interpretations) are common to all such definitions: a trade secret is some sort of information that (a) is not generally known to the relevant portion of the public, (b) confers some sort of economic benefit on its holder (where, note well, this benefit must derive specifically from the fact that it is not generally known, not just from the value of the information itself), and (c) is the subject of reasonable efforts to maintain its secrecy.

Are e-mail addresses trade secrets?

a) Not known to the relevant portion of the public? E-mail addresses are a form of contact information that are given out by their very design.

b) Does AOLs user list confer some sort of economic benefit on the holder? You could argue this but according to the marketing AOL say they don't sell their user list so in a way they are saying they accept no economic benefit of their user directory.

c) Does AOL maintain reasonable efforts to maintain their user's e-mail addresses private? This is something that could be argued. One the one hand they don't sell their userlist to spammers but at the same time any old Joe can e-mail an AOL user at anytime.

As defined, I can see how one might argue one way or another, but let us ask ourselves this.

1) Is a list of phone numbers a trade secret?
2) Is a list of mobile numbers a trade secret?
3) Is a list of e-mail addresses a trade secret?

Re:Does not compute

[Feanturi]

Cool, so I want to get charged with murder and tried in traffic court, how can I arrange that?

Re:Does not compute

[DongleFondle]

My understanding of the "deception" clause in the CAN-SPAM ACT is that it must be proven that the accused used deceptive marketing tactics in their SPAMs to get a person to purchase something. I assume that this is to protect real online marketers from prosecution.

If Smathers only sold lists, then I'm guess the Judge decided that he didn't fit under the CAN-SPAM ACT, but rather should be tried for breaking and entering on AOL's systems and theft of their intellectual property and fraud, and etc.

Re:Does not compute

[The+Only+Druid]

Actually, I did make the mistake of not being clear. I was saying "essentially its a 12b6", in that I wasn't sure of the proper criminal reference. My bad.

For those not clear what we're talking about: in the Federal Rules of Civil Procedure, rule 12, subsection B, subsection 6 allows for a motion that a claim be dismissed for failure to state a claim upon which an action can be granted. The criminal analogue is Federal Rules of Criminal Procedure 5.1(f), I believe. Both rules essentially say the following: if ALL the claims of the prosecution are entirely true, there still isn't a valid claim.

Re:Does not compute

[iamacat]

Really? Know any other law where you can make money helping the criminal with full knowledge of the crime to be committed and not be charged with anything?

Re:Does not compute

4) Is a list of names protectable?
5) Is a list of addresses protectable?
6) Is a list of people's favorite colors protectable?
7) Is a list of people's passwords protectable?
8) Is a list of social security numbers protectable?
9) Is a list of credit card numbers protectable?

And why exactly would (9) be protectable but not (3)?

Or why would (7) be protectable but not (3)?

Re:Does not compute

[jrockway]

First, kill someone. Then run a red light while disposing of the body. :-)

Re:Does not compute

"And there is no violation of copyright because a list of names and contact info can't be copyrighted."

Business client lists have protection as trade secrets. This is no different from a Goldman-Sachs employee copying the client list and selling it to Ameritrade.

Re:Does not compute

[CountBrass]

Heh I wouldn't bet on it. I was in court (for a traffic offence I hasten to add!) the main witnesses lied, we know he lied and could prove it: my barrister even crowed about the fact. And then failed to even raise the issue in court!

I was stunned.

Re:Does not compute

[addaon]

Yep. Libel, for example. Can't be charged with that for "helping the criminal with full knowledge of the crime to be committed". That's the point. It's the prosecutor's job to choose the law that's applicable.

Re:Does not compute

[dr.badass]

I don't understand how this is not deceptive, fraudulent and illegal...


Just because someone did something deceptive, fraudulent, and illegal, doesn't mean that the prosecution can slack off and charge them under a law that doesn't apply. Yes, it's because the law is stupid, and it's hard to understand why an anti-spam law doesn't apply to someone involved in spamming, but that's what we've got here.

Re:Does not compute

[cthugha]

Out of interest, from which statute is that provision sourced? Dismissal of a claim for failure to state facts on which it could be based sounds like civil, rather than criminal, procedure.

Re:Does not compute

[jhigh]

You don't know for a fact that he had no permission from the company to access this data. If another employee gave him the access code they are, like it or not, they are being granted a license to access what ever data and resources are associated with that account. This would be *stupid* and ground for dismissal but in it self hardly a criminal act.

And this is why security policies are so important. If AOL's security policy explicitly states that no user is allowed to access another user's account, even if that user was given the password, then it is illegal because it would be unauthorized use of a computer. The computer doesn't belong to the user, and therefore the user has no right to authorize anyone else to use their account. It all depends on what AOL has stated in their security policy.

Re:Does not compute

[Ralph+Yarro]

To my non-lawer mind this looks like "Yes I stole them, but I didn't say I wasn't going to steal them so technically I didn't deceive anyone."

Correct, apart from the word "steal" (he didn't steal anything on the facts as presented here, if he had then that would have been a separate crime) and the word "technically" (there's nothing technical about it, deceit was not a part of this).

Or a poorly written law.

Maybe. It certainly isn't an all-inclusive law, none are. If it was intended to cover a situation like this then sure, it's poorly written.

I'd rather accept the failings of limited laws, where the legislature has to spell out what is prohibited, than the alternative of "Well, you did something I don't like so you're guilty. Ha!".

Re:Does not compute

[PsiPsiStar]

a. Not known to the relevant portion of the public

E-mail addresses are a form of contact information that are given out by their very design.

Yeah, but not to spammers, who are the relevant portion of the public.

AOL doesn't have to sell the list to spammers. If they 'spam' their own customers to sell any sort of product, including more AOL, they derive economic value from the list. Having more spam decreases the value of AOL's letters to their members.

Re:Does not compute

[anthony_dipierro]

He didn't dismiss the suit, he refused to accept a guilty plea. In order for a judge to accept a guilty plea he must believe that there is a factual basis for the claim.

Recently in New Jersey the judiciary started cracking down on this for traffic offenses. In the past, if you were speeding and were willing to plea guilty to an offense which didn't carry any insurance points (such as maintenance of headlights or failure to wear a seatbelt), the prosecutor would usually accept your plea. But then the judges started rejecting the guilty pleas because they did not fit the facts of the case. The New Jersey legislators then instituted a new law - "driving in an unsafe manner", and mandated that it could not carry any points.

Re:Does not compute

[anthony_dipierro]

Charge him with what he actually did, and let him plead guilty to that.

What did he actually do? Disclose a trade secret? This page doesn't list Virginia as a state which has a law against that. Besides, this is federal court, and trade secret law is generally a state issue. I don't see what federal law this guy broke, and I'm not even sure he broke a criminal law under the laws of Virginia (which is where AOL is located, I believe).

Re:Does not compute

[/dev/trash]

Simple, hit some with your car.

Re:Does not compute

[GryMor]

Email address can't be trade secrets as they are known to people who have not agreed to keep them confidential and thus have not been protected. You only get one chance at the trade secret suit, and that chance was gone as soon as they gave out an email address to a user (who has not agreed to keep it confidential).

Re:Does not compute

[hesiod]

Could your positive proof of the lie have incriminated you in some other way? Did you end up winning the case? If not, you could atempt an appeal on the grounds that you had incompetent counsel (although, being a traffic violation it would be of arguable value and merit).

If you did win the case, perhaps he knew that you had a good enough case and didn't want to "waste the court's time" with possibly inconsequential objections. If a lawyer makes a habit of raising a lot of objections (even if they are all perfectly valid), a judge may look down upon that or at least get annoyed with him.

Nevertheless I'd be pretty P.O.ed too.

Re:Does not compute

[iamacat]

Hmmm.. So you can hire me to write some false but plausable looking accusations against CEO of your competitor, publish them as coming from an "anonymous insider" and there is not a thing the CEO or company's shareholders can do against me if they find out?

If so, some laws sure need fixing.

Re:Does not compute

[zakezuke]

And why exactly would (9) be protectable but not (3)?

Because a list of other people's credit card numbers can be used for theft. There is no reason for me to have anyones credit card number unless I was billing them for something. A list of e-mail addresses are much like a list of phone numbers... as in the phone book.

Or why would (7) be protectable but not (3)?

Because with passwords I could gain access to e-mail, bank accounts, and peform all sorts of acts of theft. The worst I can do with e-mail addresses or phone numbers is contact people.

Re:Does not compute

[addaon]

There are many things the CEO and shareholders can do. Prosecuting you for libel is not one of them.

But will he be charged with theft?

[Antony-Kyre]

He stole a list of e-mail addresses. Isn't that theft? Even if he doesn't get charged with sending out spam, he did commit other crimes, right?

Re:But will he be charged with theft?

[jokach]

exactly, he's charged with "conspiracy and interstate transportation of stolen property" according to the article, which seems to fit the crime ... he used another employees access code which warrants theft ....... maybe we're missing something???

Re:But will he be charged with theft?

No, he COPIED a list of email addresses. That is not theft, it is piracy, and only if those email addresses constitute a copyrighted work.

Re:But will he be charged with theft?

[aslate]

In the UK the Data Protection Act would have him down for that.

Re:But will he be charged with theft?

[America+Balls]

No, he COPIED a list of email addresses. That is not theft,

LOL, Slashbot logic comes back to bite them in the ass. Ouch!

Re:But will he be charged with theft?

[TummyX]

Copyright is evil. Information wants to be free. Something about beer. Let the guy go! blah blah blah
</range>

Re:But will he be charged with theft?

[lubricated]

well that wouldn't be piracy unless he was on a the high seas.

Re:But will he be charged with theft?

He stole a list of e-mail addresses. Isn't that theft? Even if he doesn't get charged with sending out spam, he did commit other crimes, right?

If this guy doesn't face any criminal charges, maybe a class action suit is in order? I'm not about to read their TOS, but there's got to be something in there about providing your email address to spammers.

Re:But will he be charged with theft?

[TummyX]

whoops, xml error, i know. i'm used to writing range tags.

Re:But will he be charged with theft?

[mumblestheclown]

The following is tongue in cheek. For those of you who need things spelled out very clearly for you: what I am doing in the following is making fun of the idiots on slashdot who try to advance stupid argumetns to justify their own theft/copyright infringement of intellectual property be it in the form of movies, games, music, whatever.

Let's play slashdot word games!

It's not theft--it's COPYRIGHT INFRINGEMENT. After all, he didn't deny AOL the right to use the addresses. A list of addresses is not that hard to make! Information must be free! Yadda yadda yadda!.

Re:But will he be charged with theft?

It doesn't matter if he was on the high seas or the low seas. If you commandeer a ship when it's still attached to the dock it's still considered piracy.

Re:But will he be charged with theft?

> he's charged with "conspiracy and interstate transportation of stolen property"

The actual charge: "conspiracy to conspire and interstate a conspiracy for the electrical transportation of privately owned copyright protected electronic Internet based material constituting a conspiracy to interstate the committal to infringe laws defined by copyright infringement laws on the electronic Internet network, on Mondays, after 15:00 but not later than 17:00"

Re:But will he be charged with theft?

[Greventls]

I thought Databases weren't copyrighted yet.

Re:But will he be charged with theft?

[Macadamizer]

"I thought Databases weren't copyrighted yet."

They're not. But this is dealing with trade secrets, not copyright -- and databases of customer information do fall under trade secret law...

Re:But will he be charged with theft?

[Shajenko42]

In response to the various people saying this isn't "theft": technically, they may be right. However, I'm pretty sure that unauthorized access of a computer system is an appropriate charge. I think that by now that could get him labelled a terrorist and given a one-way ticket to Gitmo.

Re:But will he be charged with theft?

[girlarmy]

He commited several crimes, AOL specifically chose to have him prosecuted under the CAN-SPAM Act of 2003. My guess is for two reasons. One because it carries the harshest sentencing potential (criminal, meaning not just fines but jail time as well) and second because convictions under this act make an example. This is new highly publicised legislation, passed as a deterent more than anything else. Spammers have to be afraid, of laws that legislation like this enacts. If not, the legislation is worthless and not a springboard for passing other acts, creating more law with stricter guidelines and heftier consequences. The problem they ran into is that the meat of the law is about fraud and deception. As in, not fully disclosing the nature or source of the good or service being presented in the email. It's alluded to in the story "The judge, ... said it was not clear that Smathers had deceived anyone -a requirement of the new law."

No doubt he violated the terms of employment in his contract, any NDA he signed as well as non-compete contracts he agreed to. None of that is criminal however, it falls under civil law and the best they could do is take him to court and ask for damages. As for if he stole something, every /. reader knows it is never that clear with intellectual property. He didn't steal anything from the users, because they signed away all rights to the data when they signed up, ie it was never there's in the first place they were just borrowing it from AOL, who can do with it pretty much whatever they choose, under the terms of the User Agreement. As for if he stole anything from AOL any attorney could easily make the argurment that he in fact did not steal anything -which is criminal- he simply used the information inappropirately and profited from it, which is not criminal in this case, but again falls under civil law.

Re:But will he be charged with theft?

[CountBrass]

No, it wouldn't, but it would nail the person at the company who was the Data Protection Registrar and should have prevented access to that data.

Re:But will he be charged with theft?

No, he COPIED a list of email addresses. That is not theft, it is piracy, and only if those email addresses constitute a copyrighted work.

Tell that to Mitnick's lawyer...

Re:But will he be charged with theft?

"He stole a list of e-mail addresses. Isn't that theft? Even if he doesn't get charged with sending out spam, he did commit other crimes, right?"

I wouldn't call it "theft" any more than I would call copying something "theft." However, he was not charged with "theft" of the email address list. He was charged under the CAN-SPAM act, which he was *not* guilty under. He may be guilty of violating other laws (I do not know the specifics, so there may not be a law that properly fits his "crime"), but he not charged under those.

Re:But will he be charged with theft?

[anthony_dipierro]

Show me the criminal trade secret law which was broken. This is a civil issue, not a criminal issue (and definitely not a federal criminal issue). If AOL wants to sue him for misusing their trade secrets, fine, but you can't put someone in jail for spreading information (at least not in this case).

Re:But will he be charged with theft?

[Macadamizer]

"Intentional theft of trade secrets can constitute a crime under both federal and state law. The most significant federal law dealing with trade secret theft is the Economic Espionage Act of 1996 (EEA) (18 U.S.C., Sections 1831 to 1839). The Act gives the U.S. Attorney General sweeping powers to prosecute any person or company involved in trade secret misappropriation.

The EEA punishes intentional stealing, copying or receiving of trade secrets "related to or included in a product that is produced for or placed in interstate commerce." (18 U.S.C. 1832.) Penalties for violations are severe: Individuals may be fined up to $500,000 and corporations up to $5 million. A violator may also be sent to prison for up to ten years. If the theft is performed on behalf of a foreign government or agent, the corporate fines can double and jail time may increase to 15 years. (18 U.S.C. 1831.) In addition, the property used and proceeds derived from the theft can be seized and sold by the government. (18 U.S.C. 1831, 1834.)

The EEA applies not only to thefts that occur within the United States, but also to conduct outside the U.S. if the thief is a U.S. citizen or corporation, or if any act in furtherance of the offense occurred in the U.S. (18 U.S.C. 1838.) The EEA is a federal criminal statute and is enforced by the United States Attorneys' offices located throughout the country.

Several states have also enacted laws making trade secret infringement a crime. For example, in California it is a crime to acquire, disclose or use trade secrets without authorization. Violators may be fined up to $5,000, sentenced to up to one year in jail, or both. (Cal. Penal Code Section 499c.)"

Theft / Invasion of Privacy

[Exter-C]

What about invasion of privacy, theft, etc etc the list goes on about how wrong this guy really was/is.

I dont use AOL and have never used AOL (except when they had free trial when they came to Australia for about a week). But I feel AOLs pain.

Re:Theft / Invasion of Privacy

I dont use AOL and have never used AOL

How are you posting this then? Wha...

Re:Theft / Invasion of Privacy

[The+Only+Druid]

Apparently, the prosecutors didn't believe they could prove those crimes, since the claim doesn't include charges of those crimes. The judge isn't allowed to create charges: the judge can only determine the validity of charges made by the prosecutors.

CAN-SPAM

[FiReaNGeL]

Maybe a crime hasn't been committed against this (obscure) law, but stealing critical info from the company you're working for and selling it to the highest bidder (or in this case, spammer) sure is. Was he accused of the wrong thing or what?

Re:CAN-SPAM

[zakezuke]

Maybe a crime hasn't been committed against this (obscure) law, but stealing critical info from the company you're working for and selling it to the highest bidder (or in this case, spammer) sure is. Was he accused of the wrong thing or what?

Is a userlist critical info? If he copied propriority information and sold it I can see where that might apply. If he sold a password list I can see how that might apply. But a user list isn't critical, proprietary, or even copyrighted.

Re:CAN-SPAM

[Zaphod_Beebleburp]

It sounds to me like they fouled up in charging him with the wrong thing. http://www.spamlaws.com/federal/108s877.html

As dumb as it sounds, it doesn't look like he violated the CAN-SPAM act.

(a) IN GENERAL- Whoever, in or affecting interstate or foreign commerce, knowingly--

`(1) accesses a protected computer without authorization, and intentionally initiates the transmission of multiple commercial electronic mail messages from or through such computer,

`(2) uses a protected computer to relay or retransmit multiple commercial electronic mail messages, with the intent to deceive or mislead recipients, or any Internet access service, as to the origin of such messages,

`(3) materially falsifies header information in multiple commercial electronic mail messages and intentionally initiates the transmission of such messages,

`(4) registers, using information that materially falsifies the identity of the actual registrant, for five or more electronic mail accounts or online user accounts or two or more domain names, and intentionally initiates the transmission of multiple commercial electronic mail messages from any combination of such accounts or domain names, or

`(5) falsely represents oneself to be the registrant or the legitimate successor in interest to the registrant of 5 or more Internet Protocol addresses, and intentionally initiates the transmission of multiple commercial electronic mail messages from such addresses,

or conspires to do so, shall be punished as provided in subsection (b).

I believe he broke the law, just not "law" so I would have to agree with the judge on that one. From the way I understand it, that was what the judge was trying to say.

Re:CAN-SPAM

[America+Balls]

From your blog: Most programs are buggy, amateurish AND/OR very costly. Example : The demo for a 3000$ microarray analysis program, which I won't name,

Are you talking about Strand Genomic's Avadis?

Re:CAN-SPAM

[Penguinshit]

A list of a company's customers is very much indeed proprietary...

Re:CAN-SPAM

[hackstraw]

Maybe a crime hasn't been committed against this (obscure) law

Law in general is obscure. You know a society is too complex and complicated when highly respected people in that society have full time jobs to simply know the rules of that society.

Re:CAN-SPAM

[FiReaNGeL]

Ocimum`s Genowiz.

Oops I said it!

We can talk about it further in my blog`s forum or by mail, if you want too ;) Worst piece of software EVER. Even the installer had troubles... and it managed to crash my whole MACHINE (not just Windows) repeatetly (a "bug" later admitted when I talked to one of their engineer by phone). Features announced on the frontpage of their website completely absent from the product. 3000$. Yeah. Right.

Re:CAN-SPAM

[tekunokurato]

Care to name a society where this is not the case? Or is it just theoretical? Are you an anarchist (or in some other way against rule of law)? No presumptions or offense intended, just curious.

Re:CAN-SPAM

[gl4ss]

then it's crappy homework by the prosecution(or aol or whoever).

Re:CAN-SPAM

[Feztaa]

Well, I'm not aware of any specifics, but I'm sure there are nomadic tribes in africa or somewhere in which there are no lawyers (this role is perhaps filled by tribal elders or something, but that's still alright: a tribal elder isn't somebody who has devoted their career to simply knowing the rules of the society; everybody knows the rules, it's just that the tribal elder is respected for his age and wisdom).

Re:CAN-SPAM

CAN-SPAM obscure? WHere have you been?

Yes, he was charged with the wrong thing, probably by a DA that didn't actually read the (recent) law.

The judge is just saying that he can't plead guilty because what he did doesn't apply under this law.

It's like, if you murdered someone, and pleaded guilty to assault.

Re:CAN-SPAM

[anthony_dipierro]

stealing critical info from the company you're working for and selling it to the highest bidder (or in this case, spammer) sure is

I'm not sure how. But it should be noted that this is a federal case, and the most likely candidate for such a law would be state law (though I'm not convinced this guy broke any criminal law).

Re:CAN-SPAM

[mausmalone]

but stealing critical info from the company you're working for and selling it to the highest bidder (or in this case, spammer) sure is

No, it isn't against the law at all. It's against your non-disclosure agreement. People sell confidential information to competetors all the time, and it's most definitely not illegal (and it's most definitely not stealing, either).

Ding!

[Asshat+Canada]

You've got Bail!

Re:Ding!

[ScrewMaster]

That is genuinely funny.

Re:Ding!

[morcheeba]

That's so much funnier if you hear the sound clip!

So, what's the story?

[America+Balls]

The judge didn't see a clear case. It will go to trial. He will or won't get convicted. Sounds to me like he probably had a bad lawyer.

Re:So, what's the story?

Dude, read the article or at least the submitted text after the headline. The judge threw the whole thing out cause he doesn't think he can be prosecuted under this law. The guy is going to walk. Besides, why would a judge force a trial over a guilty plea?

Stealing is not a crime?

[toupsie]

Didn't the guy steal millions upon millions of AOL Screen Names and fence them? Isn't that covered under the STEAL-SHIT Act? Can I guarantee a reservation in his court? I have my eyes on this Porsche.

Re:Stealing is not a crime?

[karnal]

Don't you get it? It's "copyright infringement", not theft....

At least that's what everyone keeps telling me...

Re:Stealing is not a crime?

[leathered]

I appreciate the humour but theft is defined as depriving someone of their property, so how does one 'steal' email addresses?

Re:Stealing is not a crime?

[snarkh]

How is it theft to distribute a list of e-mail addresses? Your comparison with stealing a Porsche is completely off.

Violation of privacy and company policies, for sure, but not theft.

Re:Stealing is not a crime?

[snarkh]

Can you copyright a list of e-mail addresses though?

Re:Stealing is not a crime?

>Don't you get it? It's "copyright infringement", not theft....
>
>At least that's what everyone keeps telling me.

Funny, I thought your post was kind of frivolous until I read this post right below yours.

Re:Stealing is not a crime?

[Jahf]

If the list was proprietary / internal / confidential / whatever-your-company-calls-it and you steal it, then you have stolen the list. The law wouldn't be worried about the individual addresses but rather the list in total. Especially if said list has commercial value (which it obviously does).

I could definitely see this as corporate espionage. Overall I would say the defendant is getting off pretty easy.

Re:Stealing is not a crime?

[karnal]

Ultimately, it was meant as a joke, since most people on slashdot start to throw a fit when you say "stolen" if it's just "copied" :)

haahaahaa....

Re:Stealing is not a crime?

[PreferredNom]

He's the judge, not the prosecutor. He adjudicates the charges made. He doesn't get to say, "Well, charge X is bogus but you're obviously guilty of unalleged charge Y, so Alcatraz it is!"

Re:Stealing is not a crime?

[Macadamizer]

I know that what I am about to say is considered verboten on /. but, whether you like it or not:

The law says intellectual property is property!

You may have theoretical or philosophical issues with this, fine -- but the law is what it is, until it is changed. And the law says IP is property.

And, contrary to what most on /. would like you to believe, the law has a more expansive notion of stealing than "depriving someone of a particular piece of tangible property." For some fun reading, here's an excerpt from FindLaw that is appropriate here:

"Intentional theft of trade secrets can constitute a crime under both federal and state law. The most significant federal law dealing with trade secret theft is the Economic Espionage Act of 1996 (EEA) (18 U.S.C., Sections 1831 to 1839). The Act gives the U.S. Attorney General sweeping powers to prosecute any person or company involved in trade secret misappropriation.

The EEA punishes intentional stealing, copying or receiving of trade secrets "related to or included in a product that is produced for or placed in interstate commerce." (18 U.S.C. 1832.) Penalties for violations are severe: Individuals may be fined up to $500,000 and corporations up to $5 million. A violator may also be sent to prison for up to ten years. If the theft is performed on behalf of a foreign government or agent, the corporate fines can double and jail time may increase to 15 years. (18 U.S.C. 1831.) In addition, the property used and proceeds derived from the theft can be seized and sold by the government. (18 U.S.C. 1831, 1834.)

The EEA applies not only to thefts that occur within the United States, but also to conduct outside the U.S. if the thief is a U.S. citizen or corporation, or if any act in furtherance of the offense occurred in the U.S. (18 U.S.C. 1838.) The EEA is a federal criminal statute and is enforced by the United States Attorneys' offices located throughout the country.

Several states have also enacted laws making trade secret infringement a crime. For example, in California it is a crime to acquire, disclose or use trade secrets without authorization. Violators may be fined up to $5,000, sentenced to up to one year in jail, or both. (Cal. Penal Code Section 499c.)"

Re:Stealing is not a crime?

The law says intellectual property is property! You may have theoretical or philosophical issues with this, fine -- but the law is what it is, until it is changed. And the law says IP is property.

Actually, it does no such thing. "Intellectual property," as such, does not exist.

"Intellectual property" and "intellectual property rights" are catch-all phrases that lump together very disparate legal regimes: none of which treat intangible creative output -- songs, paintings, lists of email address, &c. -- as "property."

Take copyright: rightsholders often say that they "own" music, but they don't, and the law is very clear on that. Rather, rightsholders own rights in the music. It's the rights themselves that have "property-like" qualities -- you can own, sell, transfer, &c. a copyright, but you can't "own" a song in the abstract.

In fact, that's the basis of the doctrine of first sale: the rightsholder owns the copyright, not the copy of the music (which you own, since you bought it).

Or take patents: if you buy a patented product, like a mousetrap, you've bought a mousetrap. You do, in fact own it. The patent holder has some exclusive rights in the mousetrap, however, such as the right to stop of you from replicating them. The patent holder doesn't own the idea per se, rather he owns rights in the idea.

So, no, "intellectual property" (eg, the thing under discussion when discussing various intellectual property rights) is not property under any definition at US law. The law, even now, has not become so perverse as to pretend that abstract, intangible expressions, thoughts, &c. are somehow "ownable."

You're completely off base.

Re:Stealing is not a crime?

[Macadamizer]

"Take copyright: rightsholders often say that they "own" music, but they don't, and the law is very clear on that. Rather, rightsholders own rights in the music. It's the rights themselves that have "property-like" qualities -- you can own, sell, transfer, &c. a copyright, but you can't "own" a song in the abstract."

If you want to get abstract, then what exactly is "property" anyway? All property is -- ANY property -- is just a "bundle of rights." The right to exclude is just one of the rights associated with "property" -- but show me one place in the law where it says that "property" has to be a tangible item. When you get down to the nitty-gritty, all "property" is is a bunch of rights that the government has given you.

If you own a house, you have a "bundle of rights" that include the right to exclude -- basically, the right to keep people off of your land. But even that right can be trumped by eminent domain, and your right to "exclude" lasts for only so long as you pay taxes on the property.

If someone else can lawfully take something from you, can you really say that you own it? But we associate home "ownership" with ownership of property -- so why not IP?

So, what does "ownership" really mean?

"In fact, that's the basis of the doctrine of first sale: the rightsholder owns the copyright, not the copy of the music (which you own, since you bought it)."

True. But not ALL of the rightsholder's rights are exhausted by the "first sale:" a rightsholder can still (in the case of copyright) control the public performance of THAT particular copy, or the making of a derivative work, or the reproduction.

So, even though you "own" the CD, what you "own" is a bundle of rights, including the right to listen to the music, the right to transfer "ownership," temporarily or permanently, of the CD to another person, the right to destroy the CD, the right to reproduce (as long as you limit yourself to an archival copy under the AHRA), and the right to exclude -- that is, the right to keep someone else from taking your copy.

But you DON'T get the right to publically perform that CD, or create a derivative work, or reproduce the CD (except as noted above). You don't get ALL of the rights. The rightsholders retain SOME of the rights.

That's why it's a mistake to think of property in terms of tangible v. intangible -- it's more proper to think of what "rights" you possess. Typically people associate ownership with the "right to exclude," but there is more to ownership than just that single right.

"Or take patents: if you buy a patented product, like a mousetrap, you've bought a mousetrap. You do, in fact own it. The patent holder has some exclusive rights in the mousetrap, however, such as the right to stop of you from replicating them. The patent holder doesn't own the idea per se, rather he owns rights in the idea."

And those rights give the power to exclude (keep others from building that mousetrap) -- so why isn't that ownership?

"You're completely off base."

Maybe, but I don't think so.

Re:Stealing is not a crime?

If you want to get abstract, then what exactly is "property" anyway? All property is -- ANY property -- is just a "bundle of rights." The right to exclude is just one of the rights associated with "property" -- but show me one place in the law where it says that "property" has to be a tangible item. When you get down to the nitty-gritty, all "property" is is a bunch of rights that
the government has given you.

Of course, of course: all property is an exercise in rightsholding.

But, it's disingenuous to draw an equivalence between the sorts of rights enjoyed by owners of tangible things and the sorts of rights enjoyed by people who have some stake in a particular creative output.

The two simply aren't comparable: copyright or patent holders, for example, have very limited rights comparable to the owner of an automobile, for instance. An infringement of the rights of an automobile owner typically means a very different thing than the infringement of a copyright holder's rights.

The distinction stems entirely from the fact that a copyright or patent owner owns a copyright or a patent, whereas a truck owner owns a truck (not merely an "exclusion right" or a "driving right" in respect of the truck). The "property" held by the rightsholder, therefore, is the copyright and not the song.

While, to some, that distinction may seem meaninglessly nuanced, it clearly isn't--the way that courts decide the "bundle of rights" held by each party is based on the idea that the "song" is one thing and the "copyright" is another.

True. But not ALL of the rightsholder's rights are exhausted by the "first sale:" a rightsholder can still (in the case of copyright) control the public performance of THAT particular copy, or the making of a derivative work, or the reproduction.

It's not that the rightsholder exhausted some of his rights in the sale. It's that we're discussing two different things: the copyright and the copy.

A copyright holder has a right in respect of the underlying work regardless of the relationship between the owner of a copy of the work and the rightsholder. It's irrelevant whether I bought the music, copied the music from a friend, or birthed the music utterly from my own mind: the holder of the copyright nevertheless has particular rights over the work. Those rights are disctinct from those I enjoy as the owner of the copy.

That's why it's a mistake to think of property in terms of tangible v. intangible -- it's more proper to think of what "rights" you possess. Typically people associate ownership with the "right to exclude," but there is more to ownership than just that single right.

Very true. It isn't an issue of "tangible" or "intangible." It is, however, an issue of what, exactly, is owned by whom.

A lot of people assume -- for instance during the debate over Valve's Steam -- that authors own their works and that consumers merely license them. This isn't true (at least, not the way software is typically sold). Valve may own a copyright in a game, but you certainly (and additionally) own the game you bought.

The public is goaded into giving up its rights, through this conflation between the copy and the various (but quite limited) rights enjoyed by IP rightsholders.

Re:Stealing is not a crime?

[cthugha]

The duty of confidence is a personal duty, like a contractual duty, and does not create a proprietary interest in the information in relation to which the duty is owed. The information therefore can't be stolen in the legal sense, but still gives the entity to whom the duty is owed the right to sue for compensation.

Of course if the information can be defined as intellectual property then that's different and can now attract criminal sanction.

Re:Stealing is not a crime?

[anthony_dipierro]

Depends on the state. For instance, in California, using trade secrets without authorization is defined as "grand theft".

Re:Stealing is not a crime?

[mausmalone]

The law says intellectual property is property!

That's great! And guess what? It was a list of user names. AOL didn't come up with them, users did. They are one field of the contact information of their client list. That is most definitely NOT intellectual property. You can go on about the letter of the law all you want, none of it applies here.

Hello? PRIVACY POLICY?

[Spy+der+Mann]

If the AOL employee disobeyed orders or substracted information so that the company would in fact not respect the privacy policy, then the employee did commit a crime. Call it fraud, negligence to fulfill contract...

Hmmmm maybe the people should sue AOL instead.

Re:Hello? PRIVACY POLICY?

[benjamindees]

Call it fraud, negligence to fulfill contract...

Whoa there skippy... there's a *big* difference between committing a crime and failing to fulfill the terms of a contract.

A crime is "theoretically" supposed to adversely affect more than just those involved, as in "the rest of society". That's why, in Civil court, you hire your own-ass lawyers, while, in Criminal court, the State prosecutes.

Now, granted, that line has been (intentionally) blurred lately, so I can't really fault you for not being able to tell the difference.

Sure.....

[elid]

The judge, who said he dropped his own AOL membership because he received too much spam...

Yeah, right. We all know he cancelled AOL because his free trial ran out. Now he's just waiting to be bombarded in the mail by another 500 CD's begging him to come back.

I wonder if AOL users

[multiplexo]

could band together and sue this guy and the asshole he sold the list to in civil court with a class action lawsuit. Nail him to the tune of a few billion dollars just to add insult to injury. Of course he should first spend some time in a nice secure federal pound-me-in-the-ass penitentiary. Having his anus blown out and being several billion dollars in debt would be just punishment and a fine deterrent.

Re:I wonder if AOL users

So the individuals who are guilty of stealing a marketing list will be sued for billions of dollars that they will never be able to pay. The lawyers in this 'class-action' lawsuit will reap the rewards on their way to the bank. Meanwhile who else benefits?

Class-action lawsuits are the brainchild of greedy lawyers, not the solution to an alleged crime. Wow, company X get's sued for 1 billion dollars, the people who were ripped off get $5.19 each, the lawyers get $5 million. Thanks for playing the lottery!

Re:I wonder if AOL users

[doormat]

Couldnt he just declare bankruptcy and the judgment against him would become null and void?

Re:I wonder if AOL users

[DarkMantle]

As long as it's more secure then wireless networks.

Re:I wonder if AOL users

and with that, we cue up those that are offended by a prison rape comment. who's going to be first?

Re:I wonder if AOL users

[funtime]

What IS it with American men and their anal-rape fantasies. You just mention gaol one time and they start whimpering 'butt-fuck, butt-fuck'... Still, I guess they have to deal with American women, poor bastards...

Re:I wonder if AOL users

[Dogtanian]

and with that, we cue up those that are offended by a prison rape comment. who's going to be first?

Hey, if you think it's such a great idea, why are you posting as an Anonymous Coward?

Re:I wonder if AOL users

[Zordak]

Bankruptcy does not vacate civil judgements. Every cent he earned for the rest of his life would belong to someone else (that is, hypothetically, if he were actually held liable for a billion dollar judgement, which I find unlikely).

Why CAN-SPAM?

[Ajmuller]

Even if he can't be charged under CAN-SPAM, doesn't this fit under existing laws? What he did must violate whatever soul-sucking contract he signed with AOL when he got his job and they can probably sue him for millions of dollars. I assume they want to get a criminal conviction as an example to others.

Re:Why CAN-SPAM?

[penix1]

"Even if he can't be charged under CAN-SPAM, doesn't this fit under existing laws?"

Yes, the Computer Fraud and Abuse Act is the proper law covering unauthorized access. I suspect AOL wanted to use CAN-SPAM because it is the legislation it helped to ram-rod through Congress. Gotta justify those lobbyists somehow...

B.

Read the article before you comment...

[ZSpade]

Yes he stole the email addresses, that's not the point here. The judge said he couldn't be charged with the particular crime that the trial was for. That's why he scheduled a new trial in January.

Apparently the Can Spam law has found another way to be useless, but he'll still pay for the theft.

Re:Read the article before you comment...

[techno-vampire]

Apparently the Can Spam law has found another way to be useless...

Don't blame the act. Blame whoever it was that charged the twit with breaking the wrong law.

Re:Read the article before you comment...

[ZSpade]

Yar, ye be having a point. I just like to blame the can spam law every chance I get, like apparently so many others.

Nice to know that judge respects the law

[Software]

It's good to know that the judge respects and applies the law _as written_, and doesn't try to punish the defendant because he (the defendant) is a total scumbag.

I would rather the law had been written such that selling legitimate addresses to spammers was punishable by death, but that's not the way it happened. So, given that the CAN-SPAM law doesn't prohibit selling addresses to spammers (which may or may not be true), it seems like the right decision.

By the way, this guy needs a new defense lawyer. BADLY.

Re:Nice to know that judge respects the law

New lawyer? Of course not... If working of AOL isn't crime enough, he sold out to the highest bidding SPAMer...

Let him fry...

Re:Nice to know that judge respects the law

[VultureMN]

he probably hired this lawyer by responding to an ad from www.123layers4u.com.ru

N3ED A LAWEYR ? ENHCNAE YOUR LEG4L DFEENCE AND W1N A FRE3 R0L3X!!!

hang em high

while he hasnt broken the weak CAN SPAM law,
he has broken the law of internet courtesy.

He has committed fraud on behalf of aol for the millions of lamer customers who dont know any better but to click on viagra ads from casino driven porn sites.

Crime?

[nodehopper]

It may not have been a crime, but I am sure his Karma went down.

Obligatory

[10101001011]

I for one welcome our V14GR4 and R0L3X peddling overlords...

I got it!

[mboverload]

If they are using AOL, they deserve it.

Re:I got it!

[mboverload]

That doesn't deserve a flaimbait.

Re:I got it!

[DongleFondle]

That doesn't deserve a troll.

Judge had AOL

[Collision891]

The judge used to have AOL, how much could he possibly know about this topic?

Re:Judge had AOL

[ScrewMaster]

Yes, but on the other hand he had the good sense to get rid of it. That's probably more than a lot of judges can say.

The art of technicality

[jav1231]

Isn't this art usually practiced by an attorney? Ah, but this judge probably was an attorney.

Re:The art of technicality

[mustangsal66]

umm All Judges (in a court of law) were attorneys at one point.

Judge Bob, prior diesel mechanic... right...

Not Innocent

[Doc+Ruby]

Is this judge not just shilling for corporate spammers who want to see the whole of the Internet reduced (elevated?) to unchecked commercial solicitation, without regard to accuracy or appropriateness? If the judge is really after justice here, he'll reject the guilty verdict, and, in his opinion devastate the "CAN-SPAM" act as useless to protect even himself from spam. While he's at it, he could have the prosecutor, who charged the little creep with the wrong crime, horsewhipped for his hand in the pernicious little crime of the century.

Re:Not Innocent

[oexeo]

> Is this judge not just shilling for corporate spammers

Maybe the judge should find him guilty of murder as well. After all, we don't want people to think murder is OK, do we?

Re:Not Innocent

[Doc+Ruby]

Let's say he pleaded guilty to a prosecutor charge of murder, and the judge found he wasn't guilty, though he killed someone, because the only murder law was full of holes. I would expect the judge to condemn the law, to excoriate the prosecutor, and, of course, to find him "not guilty". Killing people isn't OK, spamming isn't OK, and neither is this miscarriage of justice which sets this creep free, and opens the door for the rest of his slimy ilk. CAN-SPAM is obviously not OK, and the prosecutor is not OK, for relying on it. The whole damn system is out of order.

Except that murder cases generally go the way I expect. And we've got more realistic models of murderous crimes in law than we do of spam. So I repeat my demand for justice, rather than perpetuating this ridiculous law which is properly read (YOU)-CAN-SPAM, as is now as clear in court as it was in Congress.

Re:Not Innocent

[_Hellfire_]

Reminds me of an episode of "The Practice" where a man was arrested with a dead body in his trunk. It turned out the man was "acting suspiciously" and for that a policeman (with no cause for actual suspicion of murder) drew his gun and ordered the man to open his trunk. He was arrested, and tried for murder.

HOWEVER: the judge ruled that the search was unwarranted because the policeman did not request the search, he bullied the suspect into it (ie the gun) with no knowledge of any crime being commited; "and the defendant, I am horrified to say, is free to go".

I guess the point of that episode is that people must be tried under very specific circumstances, and in this case not following specific procedure meant that the legal system failed to bring justice.

The legal system, IMHO, exists to rationally, unemotionally and most importantly uniformly dispense justice. We can't bend a law to fit someone that we know damn well is guilty, because it defeats the entire point of the justice system. I can appreciate that this guy is a scumbag, but if we start bending the law to nail him, we might as well just throw out the legal system althogether and go back to mob hangings.

Re:Not Innocent

[Doc+Ruby]

WTF? I asked for a lot of things, that we probably won't get, but I never asked for the spambag to be treated any differently by the court. Other than mean talk, all my ire is directed at the stupid law, the incompetent prosecutor, and expectations that the judge will cop out and do nothing but further wobble the legal wheel off its axis with his opinion, without addressing the procedural problems inherent in this process and law. AFAIK, "Not Innocent" doesn't get anybody hanged in the USA, yet.

Re:Not Innocent

[_Hellfire_]

all my ire is directed at the stupid law

As is mine. I wasn't attacking you, and I wasn't shitcanning your opinions nor suggesting that you wanted court to treat him any differently. All I was saying is that this case reminds me of a stupid TV show which actually made me think.

I was, in effect really replying to the whole thread, and your post seemed like a good place to enter the conversation. What I advocate, as I think you do as well, is somewhere between a tidy up and a complete overhaul of the western style legal systems (I'm in Australia, and our legal system sucks too). I think that when a prosecutor can't apply a law correctly to bring an asshat like Jason Smather to justice, the legal system needs a checkup (Either that or the incompetent prosecutor needs to be relieved of his duties).

Maybe take the adrenalin drip out of your neck. It's making you twitchy. ;)

Re:Not Innocent

[Doc+Ruby]

In the USA, the most important missing tool for fixing our "justice" system is "jury nullification". Our laws call for juries to decide most trials, deciding whether the defendant is "guilty", and whether the laws specified in the trial were violated. They can decide that laws were violated, but that justice demands the defendant was not "guilty" of a crime in reality - the inverse of this AOL spam case. In the South in the mid-20th Century, local "Jim Crow" laws prevented Afroamericans from voting, or dating Euroamericans. Under the "higher" laws of justice, juries started finding defendants "not guilty", and "nullified" the unjust laws. That nullification decision at least provided a precedent in that jurisdiction for later trials, where the defense could cite the prior nullification as reason for acquittal ("not guilty"). And there is a mechanism in which nullification can actually revoke the law, preventing arrests or any prosecution under it. But more recently, judges have refused to instruct juries in their nullification rights. And in the past decade or so, some judges have stopped proesecutors from even mentioning it, even "throwing the book" at those who try. This is, of course, part of the fascist process in the US which is removing human rights of the people, retaining greater contrary rights for the government and corporations. The architects of fascism always target the less protected "minorities" first, getting some of the people complicit in the rape of justice by tapping old bigotry, then turning on increasing proportions of the "majority" until everyone is a slave, or executed. It's bleak, and I hope that speaking out the truth in public often will keep people aware that freedom is both precious and fragile, especially as fascists accelerate their control of everything, including the media.

I've been hacking like mad, getting demos together during the holiday season. Staying up "all night" is even more an odyssey when nights (at my cardinal latitude: 40 44'N) are most of the day. I switch between debugging and Slashdot posting while the compiler or other process is crunching, so I often reply in the same spirit with which I curse the compiler. I try to keep the sign of my response appropriate, but sometimes the magnitude gets out of hand - sorry :).

The girls...

[radd0]

So tell me, does this judge have a daughter?

IANAL...

[graveyardduckx]

...but if he was charged for violating the CAN-SPAM Act and didn't, shouldn't he be cleared of the charge regardless of any other illegal activities that he may have been involved in? They can always charge him with the other crimes later.

He copied information

[www.sorehands.com]

No, that is theft of company trade secrets. It is the same as if you stole the formula for coke (Coca Cola, not cocaine).

It also is a violation of the Computer fraud and tresspass act.

I think it would be covered under the I-CAN-SPAM act these people stated that they didn't want spam -- as part of their AOL agreement, and it was sold to be used for spam.

Re:He copied information

Trade secrets? I would have to disagree with that. A trade secret is a business practice or product design that your company feels provides an edge over competing businesses. Or something along those lines. A list of email addresses is hardly a trade secret. Maintaining an email list is not a revolutionary idea, and I doubt it provides any advantage over competitors.

The Coca-Cola analogy is flawed. If someone stole the Coca-Cola formula, they could produce Coca-Cola themselves. Anybody that received a copy of these email addresses *cannot* (by virtue of possessing the list) provide the same service AOL does. The information is most definitely different.

Re:He copied information

[Macadamizer]

No, trade secrets can include client lists, marketing plans and strategies, etc. -- not just technical info. Basically anything that a company wants to keep secret is a "trade secret" as long as it is associated with their business and they take reasonable steps to keep it secret.

Re:He copied information

[mabhatter654]

still depends on when he did it. It's obviously a breech of any confidentiallity agreements he had with his employer, but data-theft is always a touchy subject trying to get the law involved. AOL would have had a better case in civil court, but not much under the criminal laws. After all, he didn't actually "steal" [deprive AOL access] anything, he mearly coppied it. The level of "cracking" involved is always suspect in corperate cases too... How many times do you or I just jump across the asile to work on a coworkers machine for a tough problem... technically that's against the company policy...in practice it happens all the time.

This type of thing happens all the time in the sales business. Salesmen all the time keep a "backup" of their contacts when they leave employers...even though it's clearly in their contracts not to do that... after all it's just a list of AOL email addresses... like having a list of unlisted phone numbers... it's pseudo-public information already... he just has an advantage to the "quality" of his list. There's very little most criminal law can do in this situation because he WAS a legitimate AOL employee, what he did or didn't have "privilage" too is between AOL and him...it's only their word versus his that he "stole" the data versus "found" it after he was fired. It'd be a stretch to find a crininal law to fit the situation that vague...but it's a pretty clear civil lawsuit that he breeched "confidential" AOL info for profit. But that has nothing to do with the SPAM laws...because he didn't actually send any emails!

Re:He copied information

[anthony_dipierro]

No, that is theft of company trade secrets.

AFAICT, Virginia doesn't protect trade secrets under criminal law.

It also is a violation of the Computer fraud and tresspass act.

Presumably, as an employee, he already had access to the information. I doubt this falls under any of the Computer fraud or tresspass acts.

I think it would be covered under the I-CAN-SPAM act these people stated that they didn't want spam -- as part of their AOL agreement, and it was sold to be used for spam.

Well, according to the judge it probably isn't.

WTF?

[The+Cisco+Kid]

Ok, he didnt violate the you-can-spam act, nor should he have been charged under that. He should be charged with theft of private information from his employer.

This is how the law works...

[amalcon]

Smather's guilty plea to the specific charge under the can-spam legislation was rejected. I don't know enough about the can-spam act or this case to know what this charge precisely was. Regardless, whether or not he violated any other laws is not relevant to this charge. TFA gives no information regarding any fraud case, or any civil suit (i.e. breach of contract).

That should have been charged under...

[penix1]

"Apparently, the prosecutors didn't believe they could prove those crimes, since the claim doesn't include charges of those crimes. The judge isn't allowed to create charges: the judge can only determine the validity of charges made by the prosecutors."

It should have been filed under the Computer Fraud and Abuse Act instead of the CAN-SPAM act. The battle they found going in was it wasn't a violation of the CAN-SPAM act since he didn't send spam. He did however violate the Computer Fraud and Abuse Act (a felony in the US) by illegally accessing AOL's network. I'm not sure if they can refile or not but they should use the Fraud / Abuse act instead.

B.

Re:That should have been charged under...

[Penguinshit]

Yes, they will be allowed to refile because the prosecutors would be charging him with a separate and distinct crime (even if committed in the same act as the original charges), thereby avoiding Double-Jeopardy prevention from prosecution.

Like, duh.. anyone who watches Law & Order knows all about this...

Hey! I want that judge in my next court case ....

[grahamkracker]

It's perfect,

You clearly do a naughty thing, and the judge hands you your out on a silver planter with instructions.

HA! :P

coming soon to a civil law suit near you ... //kraacker

Sole : Sole Has Issues

Rape? Ha ha... it's funny. LAUGH.

[Dogtanian]

Of course he should first spend some time in a nice secure federal pound-me-in-the-ass penitentiary. Having his anus blown out and being several billion dollars in debt would be just punishment and a fine deterrent. (My emphasis)

I agree totally. Let's throw him in with some HIV-infected sex offender and have him die a slow and painful death caught from being repeatedly raped by this sick fuck.

Maybe this guy will escape his punishment. That's why I hope you'll be publicly declaring your support for manadatory repeated rape of spammers until they get infected with HIV, or hang themselves.

I'm not sure which punishment you propose for the sex offenders who'll be carrying out the rape. Should professionals be hired to do this?

Either way, I expect those who share this view to be airing their views more vocally, in order to avoid being labelled hypocritical scum who support rape being carried out informally, but don't have the guts to have it written in law.

For some reason, I've heard of many vocal lobbies in the US, but never one willing to push for gang rape of 17-year-old shoplifters.

In addition, would it be appropriate for this punishment to include men raping women, or would that be too fucking sick for you?

Re:Rape? Ha ha... it's funny. LAUGH.

[multiplexo]

Of course he should first spend some time in a nice secure federal pound-me-in-the-ass penitentiary. Having his anus blown out and being several billion dollars in debt would be just punishment and a fine deterrent. (My emphasis)

I agree totally. Let's throw him in with some HIV-infected sex offender and have him die a slow and painful death caught from being repeatedly raped by this sick fuck.

Maybe this guy will escape his punishment. That's why I hope you'll be publicly declaring your support for manadatory repeated rape of spammers until they get infected with HIV, or hang themselves.

Sounds good to me. While we're at it let's throw in Enron executives, people who vandalize public toilets, the lowlifes who victimize the elderly with phone scams and corporate polluters.

As for paying professionals I don't think that will be necessary, but I certainly wouldn't punish someone who fucked this guy in the ass. He's a piece of shit, he fucking well deserves it for the amount of time he has caused millions of people to waste deleting spam.

For some reason, I've heard of many vocal lobbies in the US, but never one willing to push for gang rape of 17-year-old shoplifters.

And who the fuck said anything about that? I certainly didn't, don't put words in my mouth fucktard.

Re:Rape? Ha ha... it's funny. LAUGH.

[Dogtanian]

>> For some reason, I've heard of many vocal
>> lobbies in the US, but never one willing to push
>> for gang rape of 17-year-old shoplifters.

> And who the fuck said anything about that? I
> certainly didn't, don't put words in my mouth
> fucktard.

That may not be what you said, but given your implied endorsement of informal rape (and its consequences), that's one obvious consequence. You're a fucking coward who wants something, but isn't willing to stand up for the consequences. This is why I'd like to see all those friends of rapists try to get their support of this informal 'policy' enshrined in law- it'd show it up for the unbalanced, ineffective (what punishment do the rapists get?) and downright fucking sick measure it is.

I notice you didn't address anything I said in my message properly, preferring to call me a "fucktard".

You come out in support of the use of rape; well, if it's such a good idea, get it into the US law books. As you said... death by gang rape for Enron executives, phone scammers, corporate polluters and....

....people who vandalize public toilets?! Seriously?

Why rape? Is gassing or electrocution too good for "people who vandalize public toilets"? Man, you complained that you hadn't said anything about the 17-year old shoplifter case, but you support its use for "people who vandalise public toilets"?!

Fuck. I might have understood if you'd said they deserved to have their arms broken, but I'm trying to think what sort of drooling, right-wing, fucked up piece of scum supports the rape and HIV infection of "people who vandalize public toilets". Does this include the guy who wrote grafitti on the walls?

Oh, hang on, maybe you didn't explicitly *say* you supported them getting AIDS. So it's not your fault. And it's not my fault if I start shooting bullets in your direction and you die, because I didn't intend to hit any vital organs or whatever.

As I said, you, and anyone else who supports rape as a form of informal punishment, are a fucking coward who doesn't have the guts to stand up for what they believe in.

Re:Rape? Ha ha... it's funny. LAUGH.

[myc_lykaon]

While we're at it let's throw in ..., people who vandalize public toilets

Truly you have some serious 'issues'. You support a mandatory death sentence for petty vandalism?

Lemme guess, your mother weighs 300lbs; she has 4 teeth, probably her own. Her vocabulary spans all of 800 words and ends each sentence with the word 'bawww'. You father probably knew your mother in a 'sisterly' way. He has buck teeth, and wheat ear stuck behind his remaining ear (the other having been lost in a bet). Am I close? You on the other hand support the constitutional right to kill people who are mildly annoying which you espouse between episodes of Turettes and have difficulty with irony.

Re:Rape? Ha ha... it's funny. LAUGH.

[multiplexo]

Actually I'd also be willing to shoot these fuckers in the head, or just beat them to death with a nine iron. They're scum. I'd feel about as bad disposing of them as I do when I flush my toilet after a particularly noisome shit. You're not any better than I am, you're willing to use violence against them, you're just willing to break their arms (or have someone else do it for you since you're obviously a cowardly, genetically defective piece of shit). Scum loving bleeding heart shitbags such as yourself are one of the reasons why many of our largest cities are barely habitable.

Re:Rape? Ha ha... it's funny. LAUGH.

[multiplexo]

Truly you have some serious 'issues'. You support a mandatory death sentence for petty vandalism?

I think caning would be a good punishment for a first offense, but after that why not? The people who get their jollies ruining and destroying the facilities that the rest of pay for and would like to be able to use are useless, thoughtless, sociopathic pieces of shit. Let's face it, executing these morons is not going to cost us a future cure for cancer. We're not going to be thinning the ranks of future Rhodes Scholars.

It's obvious to me that your mother drank during her pregnancy, you're the product of 15 generations of brother-sister-father-cousin-donkey incest and you can't spell Tourette's properly. Fuck off retard.

Re:Rape? Ha ha... it's funny. LAUGH.

[Dogtanian]

You're not any better than I am, you're willing to use violence against them, you're just willing to break their arms

I said I might understand if you'd wanted to break their arms. Not the same thing.

Although if I had supported it, it's not in the same league as being violently raped and infected with HIV.

(or have someone else do it for you since you're obviously a cowardly, genetically defective piece of shit)

I called you cowardly because you support the informal use of rape, which lets people wash their hands of the consequences (guess what? The people most "deserving" are unlikely to be the people that suffer, and that fact that someone's in on parole- yep, our 17-year old shoplifter hasn't even been found guilty yet- isn't likely to stop this happening). If you really believe in rape as much as you're willing to mouth off about, let's see you debate it in public, rather than shoving it under the carpet.

Scum loving bleeding heart shitbags such as yourself are one of the reasons why many of our largest cities are barely habitable.

If you think you're so much in the fucking right, if you think rape is such a great punishment, why the fuck don't you stand up for what you believe in?

You want to have your fucking sick rape punishment fantasies, but you'd rather sweep it under the carpet, because you know when it was out in the open as a proposed law you'd be exposed for the all-bluster bullshitter you really are.

If expecting someone to be punished appropriately, to be given the opportunity to defend themselves before they get raped, and not to be exposed to a system, which, let's face it DOESN'T FUCKING WORK because the weakest are going to get punished, not those who deserve it most- if all that makes me a "cowardly, genetically defective piece of shit... scum loving bleeding heart shitbag", better that than a bullshitter who doesn't have the guts to see the consequences of his half-baked, badly thought out rape fantasies exposed to daylight.

Ever figure out that 'punishment' that didn't really depend on how guilty someone was might not be very effective? No... keep on blaming "liberals", or whoever else you figure out is to blame. Not you for supporting action outside the law. Never you to blame.

Yeah. Keep it under the carpet, so you don't have to justify yourself- "a particularly noisome shit", that's you alright.

Coward.

Re:Rape? Ha ha... it's funny. LAUGH.

[multiplexo]

Well rape isn't all that funny, on the other hand if I saw you having your teeth slammed out against the cold steel edge of a prison bunk so that you could provide a better, softer grade of oral sodomy to Earl the biker who's doing a life stretch for hitting his three strikes limit I might chuckle.

Guess what, everyone knows that rape is part of the prison system. The California Attorney General, Bill Lockyer, back in 2001 said that he'd like to put a couple of Enron executives in a cell with Bubba the biker. Or words to that effect. Gee, I don't think that Bill was saying that he wanted those Enron executives to learn how to fix motorcycles or make Pruno. And do you know what? Bill Lockyer won a second term as California AG after that. So much for the public, in a blue state mind you, finding the prospect of prison rape horrifying.

Most people are OK with that because it makes prison that much more horrible to contemplate. If you started sending white collar criminals such as Ken Lay, Jeffrey Skilling, Andy Fastow or John and Timothy Rigas off to federal pound-me-in-the-ass penitentiaries instead of giving them short terms at Club Fed you'd probably do more to reform our financial markets than the Sarbanes-Oxley act and the tireless efforts of such crusaders as New York AG Elliott Spitzer.

While we're on the subject I'd be willing to bet that you and your whining jack-off friends wouldn't shed one sincere tear if any of the above named individuals ended up being raped in prison and contracting HIV. Oh sure, you'd bloviate about the horrors of the prison system, but it would be as much bullshit as George W. Bush's protestations of compassionate conservatism, and you fucking well know it. Secretly you'd all have huge hard-ons over the fact that a rich white guy finally got what he deserved for defrauding thousands of people by being fucked in the ass and infected with HIV. You'd be giggling about it and stroking yourselves for months, if not years. So go fuck yourself you self-righteous piece of shit, I'm not buying your act for one bleeding second.

Re:Rape? Ha ha... it's funny. LAUGH.

[Dogtanian]

Nice try at setting up a straw-man argument. I don't know if this was deliberate, or you just made lots of assumptions about my position.

Let's get one thing straight. You want to paint me as some whiny "don't punish people, bleeding heart", etc., etc. type. Wrong.

I'm against rape as a form of below-boards punishment because it's so blatantly open to abuse and the people who get raped are more likely to be those who can't defend themselves, not necessarily those that 'deserve' it by any measure.

Guy on parole for something the government doesn't like, but likely to be freed anyway? Nod and a wink, and he's thrown in a cell with some drooling sex-offender while on parole. You 'know' how the system 'works'?

Meanwhile, the same abuse of power lets people like the Enron guys off lightly, despite the fact they're more deserving of punishment. Why? Part of the system, friends with the people who count.

Funny, you don't seem as much of a pro-Bush fanatic as you first appeared, but you're willing to let them and their friends make below-boards decisions about who gets punished and how. Because, let's be blunt, they're the ones who ultimately pull the strings in situations like that.

Guess what? The Enron guys won't be the ones getting HIV'ed from their cellmates if that's what you want.

You got one thing right. I'm fucking sick of high-up white collar criminals getting away with shit like that; if nothing else, this sort of bullshit is one of the biggest threats to capitalism and western economies (screw Al-Qaida and friends, they'll only win if you let them dictate what you do).

The croneyism that lets people get thrown in with rapists is the same reason that the Enron executives won't get what they deserve.

By the way, I don't care if 99% of people supported Bubba-rape as punishment. I don't.

Pretty fucking pathetic when people covertly support something that's worse than the most badly thought out law, that lets enemies of those in power receive under-the-counter punishment (I won't call it justice, because it isn't) and lets the people that most deserve punishment off scott-free because they're best pals with whoever's in power.

So, as I said, if you believe in something, at least have the guts to have it written down as law. Or is law and justice only for 'whining' types?

One thing for sure; if you want the same type of 'justice' that gave us the lynch-mob, it won't be the Enron executives getting what they deserve.

not very surprising

[scenestar]

an email adress is a post box that is publicly available. selling a list of email adresses is like selling a phone book, and ive never heard stories about somone arrested for selling one to telemarketeers

I herby sentance you to...

[Timmy+D+Programmer]

I herby sentance you to dragging and dropping from this inbox to this recycle bin, these 2 trillion emails.

One at a time.

Re:I herby sentance you to...

[VoidWraith]

I cringe at the wrist-pain and carpal-tunnel-syndrome that would be induced by said punishment. Thank God for selections and the wildcard.

The Law versus Justice

[geekwench]

(Obligatory disclaimer: IANAL)

Unfortunately, there are a couple of different things going on, here. First is the judge's inability to see the poverbial forest for the trees. Second is the ability to prove the merits of the case.

The CAN-SPAM Act is one of the most useless pieces of tripe ever to be bulldozed through Congress, and the reason for this is the list of qualifiers that was written in. The "standard of deception" is one of these items. To actually convict someone under this provision in CAN-SPAM, the spammer would have to send out an e-mail promising "Free Screensavers of Puppies, Kitties, and Unicorns!" that actually redirects to the "Girls fscking Giant Horse C*cks eXXXtravaganza!" website. In saying that the charges did not meet the standard, Judge Hellerstein was factually correct.

Smathers did not decieve the AOL members whose information was sold, nor the spammers who purchased it. The AOL members were not told "Oh, don't worry; I wouldn't _think_ of selling your information for to a bunch of sleazebags," and I'm sure that the spammers were under no illusions about the legality of the addresses they purchased. However, what he did commit was fraud. He defrauded the AOL users, and the company, and fraud is most certainly a prosecutable offense. Trying him under the CAN-SPAM statute seems like a really poor legal strategy.

Personally, I'd love to see the existing laws used more forcefully. And I wouldn't go after the spammers, but after the people who hire them. There are already statutes governing things like mortgage banking, mail fraud, practicing medicine without a license, dispending medications without a license... and very few of the existing laws are used to prosecute the companies that give spammers their raison d' etre. Go after the source, and the flood will ebb.

Re:The Law versus Justice

First is the judge's inability to see the poverbial forest for the trees. Second is the ability to prove the merits of the case.

I'm not sure if you're for against this decision, but a point needs to be mentioned. It is NOT the judges duty to see the forest for the trees. In criminal complaints he should see that the law is obeyed TO THE LETTER by the prosecution. Our (the US) legal system was designed more for the accused than the accuser-and I'd like to keep it that way.

Re:The Law versus Justice

[oliverthered]

I think the problem is that when you use an old law against the new forms of corruption it may get applied to the corruption that's been going on for ages.

If someone breaks an Internet law then no-ones going to go after wall-mart since they have nothing to do with the Internet.

I'm not saying that wall-mart is breaking the law ,maybe cutting it close, but then that's what all successful companies do, but if wall-mart was breaking the law the law may have to be changed for the sake of the economy.

Re:The Law versus Justice

i tried a google for "Girls fscking Giant Horse C*cks eXXXtravaganza".. didn't get me anywhere..

is that deception? or have you got said link..

Re:The Law versus Justice

[ydra2]

Nice try but I'm amazed at the misconceptions of all the posters so far. geekwench came the closest but in court as in horseshoes, close doesn't count.

The real problem is that he was charged with a crime he probably didn't commit. he -WASN'T- charged with the crime he did commit which is "Unauthorized Access". See:

http://www.groklaw.net/article.php?story=200412170 91956894

for an article by a real lawyer about it. Further links are provided at groklaw.net.

In this case I think the judge is right and the prosecution screwed up royally. They need to charge him with the crime he committed and not some other crime that may have been committed by his customers or associates.

But one thing I -DO- agree with in many previous posts is that the CAN-SPAM act is simply legalizing spam and making it harder to prosecute.

You can legally send spam advertizing teen sluts and action wives as long as the pictures they send you really do confirm that they look like teen sluts and action wives. Then just have an opt-out list and you're perfectly legal. There is no requirement that the opt-out list actually works other than that list can't email you again. No problem there. Just start up a new list every day and name your new business $RAYDAYenterprises.com or something like that so you get 21enterprises or 351mustang or 23skidoo or whatever. As long as its a different list you're covered under the law because the law says nothing about removing "removees" from any other list or not giving or selling "removees" email addresses.

The CAN-SPAM act is basically a call-to-arms for spammers to march headfirst into battle. And your spam filter is the only thing between you and the spammers and the law that protects the spammers.

Re:The Law versus Justice

[cthugha]

He can't be charged with fraud for precisely the reasons you've outlined. Fraud is essentially defined as a wilful or reckless misrepresentation made with intent to obtain some benefit, and as you pointed out it's been established that there was no misrepresentation on the evidence.

Re:The Law versus Justice

[anthony_dipierro]

He defrauded the AOL users, and the company, and fraud is most certainly a prosecutable offense.

Fraud generally requires deception. He didn't deceive the AOL users. One could argue that he defrauded AOL by entering into an employment contract with the intent of not obeying it, but that would require that you prove that he intended to get the list and sell it at the time he entered into the contract. Otherwise all you've got is breach of contract and misappropriation of trade secrets, both of which are only civil offenses in Virgina, AFAICT.

Trying him under the CAN-SPAM statute seems like a really poor legal strategy.

This was a federal prosecution, and federal prosecutors can only use federal law.

Stolen email happens at other ISPs

[G4from128k]

I have an email address at a Baby Bell ISP that is now getting about 5 spams per day. OK. 5/day nothing compared to the 350 spams/day at another of my addresses, but this address should not get any spams at all. The amusing thing is that I have never once used this address, never sent an email from it, never given it to anyone, never opened an email sent to that address, never set up an account in an email program to communicate with the address. never stored the addy in my address book, never logged into the account in public place, etc.

The only people that know this addy are the people at the ISP. The only way this address could have gotten into the hands of phishers, spammers, etc. is if someone stole it (the username is sufficiently cryptic that I doubt a dictionary attack is at work).

Re:Stolen email happens at other ISPs

[Walt+Dismal]

Same thing happened to me - I set up an obscure and virgin name master account name I never gave out and never used for mail or site logins anywhere, yet suddenly I began receiving tons of spam and the key clue was that the spammers also included the names of other customers alphabetically around my name at the ISP. I contacted the Baby Bell, and they said "Well, we didn't have a leak, they used a dictionary attack."

This was total baloney, because the other names were not mere sequential permutation strings, they were clearly names - including cryptic ones - surrounding my name. Assuming a 16-character name string and each character from a set of 36 symbols (26 letters plus 10 numbers = 36) giving a possible 36 ^ 16 combinations, well, that's pretty large. No way somone can crank out then verify even a fraction of that. Later I saw a news item telling of hacks on the mail servers at the Baby Bell. Another example of corporate liars, defending incompetence.

Invasion of privacy

[BrokenSoldier]

How is it invasion of privacy? Its not that hard to get a list of email. Citizens are not guaranteed a 'right to privacy' anywhere in the Constitution or D of Ind. I don't think the individual customers could could sue under class action because nothing was stolen from them- they still have use of the address, and as an AOL user they probably signed up for so much crap that their email address is out there all over the net anyway. The employee did break his NDA surely, and should be treated as such.

Re:Invasion of privacy

[user32.ExitWindowsEx]

I swear there was a supreme court case in which they said the first amendment's assembly provisions somehow imply that you have a right to associate with no one if you choose.

Just my US$0.02

Re:Invasion of privacy

[BrokenSoldier]

I dont know about that, but I feel that I dont have the right to be not offended...( sorry, another topic I read about on Fark). Email/internet access is largley a 'public' forum just like outside- the only difference is the public isnt present at the creation of the speech in question. It may be days or weeks, but that email, forum post, etc will still show up somewhere.

Re:Invasion of privacy

[Macadamizer]

You are right, there is no right to privacy written into the Constitution. However, the legislature and courts have, over the years, defined areas where people, even if they don't have a "right" to privacy, have an "expectation of privacy" -- the limits of where one can have such an expectation is grounded in the 4th amendment for criminal proceedings, and in the common law and statutory law for civil proceedings.

You can sue someone for invasion of privacy, for example. And many states make "invasion of privacy" a crime in certain instances, usually involving videotaping naked people without their knowledge...

Just because it isn't in the Constitution doesn't mean it doesn't exist...

Re:Invasion of privacy

[BrokenSoldier]

But a person doesnt have an expectation of privacy with their email address. They freely paste it all over everything. While I appreciate that the Constitution can be applied to things not directly spelled out, I don't appreciate making laws based on that interpretation for every single situation. I did my time to " support and defend" and while IANAL or even a legal beagle, I think people should suck it up a bit instead of expecting a policy, law, or some sort of action to apply to them. Entitlement mindedness and " whats in it for me" is killing this country. During the Battle of the Bulge ( 60 years ago this week) we lost hundreds of soldiers a day. We lose 2-3 on average, and in only one AO and suddenly its a quagmire? People need to get their priorities in order. Sue the guy civilly, but for cripes sake, no one ever said that your email address was 'yours'.

Re:Invasion of privacy

[Macadamizer]

Oh, I agree that an email address, or even your home address, are not "private" information -- I was just responding to the OP who said that the was no right to privacy in the constitution, therefore no right to privacy.

Re:Invasion of privacy

[BrokenSoldier]

I am the the OP ( of the comments, anyway) and I still hold that while certain information needs to be private for various reasons, blanket statements like " the Constitution says I have free speech" and " right to privacy" are misleading, not legally or historically accurate, and ultimately dangerous. We don't need to amend the damn thing for every single situation, nor is it the defacto place to run and cite every time someone says their 'rights' violated. A lot of the people in our country don't know their rights anyway, or aren't citizens and don't fall under the documents protection.

Re:Invasion of privacy

[Tassach]

there is no right to privacy written into the Constitution I beg to differ:

Amendment IX The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.

Re:Invasion of privacy

[BrokenSoldier]

continued... The rights to privacy in the Constitution ( usually framed under some penumbra of the 14th Amendment) only pertain to issues of personal autonomy or medical issues (Berger, or Roe v. Wade type issues). The Constitution explicitly protects some rights and does not protect others. R to P is not one of them. Sucks, but its true. The Constitution says what it says, nothing more, nothing less- there is some wiggle room, legilating from the bench is taking wiggle and turning it into the Macarena.

LMFAO... Mod parent up, please

[InterruptDescriptorT]

Nice one.

Simple use equates to deception

[droleary]

An email address that I give to AOL (or Slashdot or whoever) implies that the party so "gifted" is who I expect to send me email at that address. I'm sure many here go as far as actually creating email addresses keyed to a site (e.g., foobar+slashdot@example.com), but all email addresses should be considered non-transferable, even without those special measures. If I get an email to an address given to Slashdot that doesn't come from Slashdot, I have been deceived.

Re:Simple use equates to deception

[bigsteve@dstc]

... but all email addresses should be considered non-transferable, even without those special measures

You may want this to be the case, but it just ain't so.

The reality is that email addresses are free to be used once discovered. If I discover your email address, there is an expectation that I can use it. The only cases where your model might have some force is when you explicitly gave your email to me with the express condition that it not be passed on. If I "leak" the email address, you might be able to sue me, but you cannot sue the third party I leak it to for simply emailing you.

This is not to say that anyone is free to use your email address any way that they want. For example, CAN-SPAM and other laws place some (albeit insufficient) restrictions on sending you some kinds of email.

Re:Simple use equates to deception

[droleary]

The reality is that email addresses are free to be used once discovered. If I discover your email address, there is an expectation that I can use it.

Maybe you (and spammers, or possibly you as a spammer) would like that expectation, but that is not the reality any longer; spammers ruined it long ago. They judge may not understand that just yet, but you as a participant on Slashdot should. An email these days is to be treated like a "web of trust". Just because I give my friend an email doesn't mean they get to share it with their friends. Just because I mistakenly get sent a CC instead of a BCC with 922 business contacts (as has happened to me personally) doesn't mean I can treat those addresses as my own personal urinal to piss on.

If I "leak" the email address, you might be able to sue me, but you cannot sue the third party I leak it to for simply emailing you.

I most certainly can sue you both. The only interesting question is whether or not I would win. I think a jury can be convinced that friendship is not transitive. I think I could easily explain to 12 people who aren't even as smart as you that if they gave me their phone number and asked me to call, that doesn't mean I'm allowed to pass it on to my (creepy) cousin (who I think is really a great guy), and that his calling could indeed be seen by them as harassment. It's such an easily argument I don't understand why you can't see it.

Re:Simple use equates to deception

[bigsteve@dstc]

I most certainly can sue you both. The only interesting question is whether or not I would win. I think a jury can be convinced that friendship is not transitive.

If you sued someone for simply sending you an email, your case would be dismissed by the judge before you got to talk to a jury. There is simply no law that forbids some person you don't know from emailing you.

Obviously there ARE laws that forbid someone from harassing you (e.g. by email), sending you SPAM, etc. But you cannot make a case that every unsolicited email is harassment, SPAM or whatever. It is just plain nonsense.

Re:Simple use equates to deception

[bigsteve@dstc]

Maybe you (and spammers, or possibly you as a spammer) would like that expectation, but that is not the reality any longer; spammers ruined it long ago.

Nonsense. In this context, all spammers have done is drastically reduced the chance that you will read email from someone you don't recognize. Nothing (apart from good manners and common sense) stops them emailing you regardless.

(BTW: I'm not a spammer, and I've been regularly using email since the mid 1980's.)

An email these days is to be treated like a "web of trust". Just because I give my friend an email doesn't mean they get to share it with their friends.

This simply good email ettiquette. Don't imagine that any judge is going to let you sue someone for bad email ettiquete. Any more than a judge is going to let you sue someone for farting in a lift.

Just because I mistakenly get sent a CC instead of a BCC with 922 business contacts (as has happened to me personally) doesn't mean I can treat those addresses as my own personal urinal to piss on.

Again ... it would (probably) be bad manners to send email to someone whose email address you received by accident. But that's all.

Frankly, people who think that an email address is private are simply kidding themselves. They may want this to be the case, but its not the way that most email users understand the world.

If you want a private email address, there are various ways to achieve this; e.g. private email networks, sender whitelists, getting a secretary to screen your email, etc. But if you choose not to use these, you won't get any sympathy from me ... or from a judge ... if someone does not respect your theories of email address privacy.

Well what do you know...

[MXK]

...reverse psychology does work!

American Justice Works

What the judge did is a fine example of American justice. If this judge were in China, then he would have sentenced the defendant to 40 years of hard labor and re-education. If this judge were in Singapore, he would have sentenced the defendant to 5 years in prison and 25 strikes of the cane.

Thank Buddha that you live in the West and not China.

Howl! Gnash!

[TiggertheMad]

He stole a list of e-mail addresses. Isn't that theft?

No, the **IA is EVIL! It's a backup copy! I bought it several years agon on vinyl, and so I am entitled to a space shifted copy! It isn't theft, because they still have a cop-

WAITAMINUET! I'm sorry. I didn't know that this was a story about spammers...

KILL the spammer! They are bandwidth thieves, stealing a 'commons' from all of us! This guy is a THIEF, he took a copy of a private list! Publish his address someone, so I can mail him a sack of POOP!

Re:Howl! Gnash!

Its sad that the parent post is moderated funny rather than insightful.

Re:Howl! Gnash!

[mausmalone]

I actually am really starting to hate RIAA because it's gotten to the point where aritcle writers have started using "stealing" to describe any file copying without expressed consent. The guy copied a list of users, which is definitely not copyrighted, from a computer in his office building. Theft is when you take another's property. In this case, he has copied his company's information. What this is is a severe breach of company policy and appropriate use standards, but this aspect of the story is by no means illegal.

plea bargain...

[the-build-chicken]

...wow, wouldn't this suck if it was part of a plea bargin..."plead guilty to can-spam and we'll drop the theft/intellectual property charges"....doh!

Re:plea bargain...

[anthony_dipierro]

It'd suck for him, but I doubt that's how it went down (since it was the prosecution arguing to accept the plea). But that's part of the reason why we allow judges to reject pleas which aren't based on the facts. You wouldn't want a murderer making a plea to jaywalking just because he knows the prosecutor or can pay him off or something like that.

In defence of the judge

Yeah, I agree with everything you say...except the judge not seeing the forest for the trees.

What's the man supposed to do? What I would want to see in the ideal judge most of all is a man whose perfect sense of fairness is matched only by his rhetorical and formal discernment such that each time he passes a judgement all citizens may see that it is, indeed, a true and correct verdict.

Now, scholastic perfections aside, how the hell is the judge supposed to rule when the prosecutor hasn't even taken the time to prepare the case for the minimal standards of the law. If the law is unclear, then all the more reason to do so.

I propose that if the prosecution manages to make their case when the next round of hearings comes about (in only a month), this law will be strengthened by this one judge's scrutiny. What's more is that the Law of the land will be stronger for it.

Did the Prosecution Let Smathers Slip Away?

[BMcWilliams]

To make matters even more confusing, Smathers originally signed a document, available here, in November saying he agreed to plead guilty to violating 18 USC 2314, Interstate Transportation of Stolen Property. (To this legal sparrow, that seems like an appropriate charge.)

Then, on December 2, Smathers was arraigned instead for violating 18 USC 371, Conspiracy to Defraud the US Government. Smathers pled NOT guilty at the arraignment.

Then we have today's proceedings, with Smathers trying to enter a guilty plea, apparently to violating CAN-SPAM.

An "information" documentfiled at his arraignment does suggest Smathers was involved in sending decpetive and misleading spam using the AOL customer list. So maybe there is a CAN-SPAM aspect to this case.

But it really does look like the US Attorney's office was trying too hard to get a CAN-SPAM conviction under its belt.

Re:Did the Prosecution Let Smathers Slip Away?

[anthony_dipierro]

goods, wares, merchandise, securities or money

I'm not convinced that information falls under "goods, wares, merchandise, securities or money", but depending on the definitions maybe it does.

Did the rejection of the guilty plea go like this?

[Yorrike]

Defendant: Your Honour, I hereby plea guilty.... Of being able to offer you low, low prices on leading brand meds!!

Judge: [Ctrl] *click* [Del]

Troll

As usual, Doc Ruby's post is completely unintelligible. What's sad is that he manages to fool the moderators, thus preventing him from ever getting to -1 default status.

You'd better hope that they find the crime...

[TykeClone]

Or else you'll end up with something like HIPAA or GLB extended to all companies that store anything even approaching personal information.

Since he stole something of value (he was able to sell it for a hefty price) from another, I would think that they could charge him with theft.

AfC

[Doc+Ruby]

As usual, an Anonymous fool Coward can't even read, but has to post obnoxious complaints, rather than adding anything to the discussion. Completely predictable Anonymous bitch Coward whining, focused on supressing posts they can't understand.

Re:Hey! I want that judge in my next court case ..

[amigan940]

As has been said many times before, he was charged with a CAN-SPAM violation, but never actually violated *that* law.
The judge is doing the Right Thing(tm) in this case by not simply accepting the plea because he is biased against spammers.

Kinda like yours?

[DongleFondle]

Couldn't resist. ;-)

Alright, now go ahead and mod me down you fuckers.

I felt like doing some math.

[DongleFondle]

Assuming that dragging a message to the recycle bin takes on average exactly .65 seconds, (I downloaded and installed AOL and ran a series of metrics to come up with .65) then we are talking about a 41,222 year, 266 day, 7 hour, 6 minute and 40 second sentence. That's pretty harsh. Maybe you should reconsider that.

Also . . . I am so very very lonely.

Shitty Lawyer

[HyperCash]

He must have consulted with a lawyer before pleading guilty. If my lawyer recommended that I plead guilty to a crime and I did and the judge rejected that because what I had done didn't violate the law I would be pretty pissed off at my lawyer. I mean, didn't he even read the law and check to make sure the prosecution had evidence that he had broken it before recommending that his client plead guilty? Or maybe he's just pissed off at spammers, too?

-HC

Re:Shitty Lawyer

[a24061]

If my lawyer recommended that I plead guilty to a crime and I did and the judge rejected that because what I had done didn't violate the law I would be pretty pissed off at my lawyer.

The lawyer probably saved him money because preparing a guilty plea is cheaper than preparing a defence.

Or maybe he's just pissed off at spammers, too?

But I really like that theory.

There may be an interesting reason for this...

[fmaxwell]

The judge himself apparently cancelled his AOL subscription due to receiving too much spam. While he didn't like what Jason did, he wasn't convinced a crime had been committed under the CAN-SPAM law, which requires that a person be deceived.

If "Jason" isn't responsible, perhaps AOL is. If AOL was negligent in their security, then they can be held accountable for the damages that their users suffered. So by not putting the blame on Jason, AOL could be in the judge's sights. This might be a lot smarter move on the part of the judge than anyone realizes. Or I could be totally off-base.

Re:There may be an interesting reason for this...

You're totally off-base. He did not violate CAN-SPAM which is all this decision relates to. His new trial should address the other violations.

Re:There may be an interesting reason for this...

[anthony_dipierro]

If AOL was negligent in their security, then they can be held accountable for the damages that their users suffered.

Isn't AOL the one that suffered the damages? Even if so, I'm sure this is covered by the AOL service agreement, and besides, what steps would a reasonable person have taken that AOL didn't take? Someone has to have access to the user lists, after all.

Re:There may be an interesting reason for this...

[fmaxwell]

Isn't AOL the one that suffered the damages?

If AOL users had their time and bandwidth wasted by the spam, then the users suffered damage, too. If some of the users (like the judge) had to cancel their AOL e-mail addresses because of the spam they received, that's certainly damage. Just think of the hassle of disseminating your new e-mail address to friends, colleagues, and family.

Even if so, I'm sure this is covered by the AOL service agreement, and besides, what steps would a reasonable person have taken that AOL didn't take? Someone has to have access to the user lists, after all.

I don't know what steps they took. Did they allow users to carry thumb drives and recordable optical media off of the premises? Did they do background checks on the people who had access to the user email addresses? Did they try to minimize how many people had access to the user list? Maybe they took all reasonable steps and maybe they did not.

Because the prosecutor.....

[rsilvergun]

is probably hot to nail a spammer. It'll boost his political career ("I'm tough on spammers" sounds great). I mean, if they just nail him for trade secrets, what's the big deal?.

The obvious question is...

[jhigh]

If AOL wasn't selling it's email list to spammers, why was there a "list" at all??? I don't know about anyone else, but we most certainly don't keep a "list" of email addresses, or even user accounts, around anywhere. I realize that he still could have found out the accounts, but the story makes it sound like he had a pretty easy time doing it because AOL had this "list" (presumably a database) of user accounts/email addresses. Noone else finds this somewhat odd???

Re:The obvious question is...

[bulliver]

Yeah, a business having a list of current customers, that's pretty odd.

All kidding aside, it seems perfectly reasonable for AOL to have a database of email addresses/usernames. How else are they going to know if a particular address/username is taken or not? Without a list of customers how the hell do they know who to send the bills to each month?

Re:The obvious question is...

[jhigh]

Well, we don't have a list of user accounts, but if I try to add a new account that already exists then I can't. I realize that they probably have everyone in a database, and I guess if this guy got that database it would surely contain email addresses or usernames. I guess I was thinking in the terms that the article was speaking: "list of email addresses."

Re:The obvious question is...

[bulliver]

He he,

I was just bugging you. I guess my point is that the details on exactly what this character did are not fully explained in the article. One can imagine that perhaps the password that this fellow pilfered allowed him access to the user database where a simple SQL query would produce a valid list of AOL email accounts.

Merry Christmas,
-d

Wait, what?

[jcuervo]

The judge himself apparently cancelled his AOL subscription due to receiving too much spam.

Shouldn't he not be presiding over this case, then?