A student-run resource for reliable reports on the latest law and technology news
http://jolt.law.harvard.edu/digest/wp-content/uploads/2012/12/joltimg.png

DOJ Indicts Nine for Zeus Malware Theft From Online Bank Accounts
By Emma Winer – Edited by Sheri Pan

United States v. Penchukov

Last week, the Department of Justice released a previously sealed indictment against alleged conspirators in an international scheme that stole millions of dollars from online bank accounts. The conspirators allegedly infected thousands of computers with “Zeus” malware, which captured passwords, bank account numbers, and other online banking information. Two of the defendants were arraigned in Nebraska after being extradited from the United Kingdom.

Read More...

http://jolt.law.harvard.edu/digest/wp-content/uploads/2012/12/joltimg.png

European Court of Justice Invalidates Data Retention Directive
By Paul Klein – Edited by Alex Shank

In a preliminary ruling requested by courts in Ireland and Austria, the European Court of Justice found that Directive 2006/24/EC was invalid. The Grand Chamber recognized the legitimacy of retaining telecommunications data as a means to combat serious crime and terrorism, but it ultimately held that the far-reaching scope of the Directive disproportionately affected individual privacy under the Charter of Fundamental Rights of the European Union.

Read More...

http://jolt.law.harvard.edu/digest/wp-content/uploads/2012/12/joltimg.png

Google to Supreme Court: Snagging Data from Unsecured Wi-Fi is Perfectly Legal
By Michael Shammas – Edited by Mary Schnoor

Google has filed a petition for a writ of certiorari asking the Supreme Court to label its Street View cars’ collection of unencrypted Wi-Fi traffic legal, appealing the Ninth Circuit’s decision that Google may have violated the federal Wiretap Act. Google believes unencrypted Wi-Fi traffic should be classed as “radio communications” accessible to the public.

Read More...

http://jolt.law.harvard.edu/digest/wp-content/uploads/2012/12/joltimg.png

Mozilla Announces Resignation of Recently Appointed CEO Brendan Eich Following Controversy over Gay Marriage Opposition
By Sheri Pan – Edited by Corey Omer

On April 3, Mozilla Corporation (“Mozilla”), a subsidiary of the non-profit Mozilla Foundation most widely known for producing the Firefox browser, announced that its CEO of less than two weeks, Brendan Eich, has resigned, after pressure from Mozilla employees, bloggers, and developers who opposed his appointment in light of a $1000 donation that he made in 2008 in support of Proposition 8, a ballot measure that sought to ban gay marriage in California.

Read More...

http://jolt.law.harvard.edu/digest/wp-content/uploads/2012/12/joltimg.png

Flash Digest: News In Brief
By Emma Winer

Third Circuit Vacates Hacker Conviction for Improper Venue

French Unions and Employers Agree to Curb After-Hours Work Email

Limited Sale of Google Glass Slated For April 15

Read More...

District Court Enjoins Certain Advertising Practices; Keylogger Software Once Again Available
FTC v. CyberSpy Software, LLC, November 6, 2008, 6:08-cv-1872
Preliminary Injunction

On November 24th, Judge Presnell presided over a hearing regarding the temporary restraining order put in place by the court on November 6th. The preliminary injunction is significanty more limited than the original TRO, which had prevented CyberSpy from selling its “RemoteSpy” keylogger software entirely.

The new order primarily enjoins CyberSpy from

promoting, selling, or distributing RemoteSpy, or its equivalent, by means of informing or suggesting to customers that it may be, or is intended to be, surreptitiously installed on a computer without the knowledge or consent of the computer’s owner including . . . instructions for disguising the name of the executable file that accomplishes the installation and/or recommendation of the use of a stealth email service for sending the executable file to the remote computer.

The ruling focuses on restricting the methods CyberSpy may use to market or sell their product, but does allow the company to sell RemoteSpy once again.

Previously: District Court Halts Sales of Keylogger Software

Posted On Dec - 5 - 2008 1 Comment READ FULL POST

Lori Drew Convicted on Three Misdemeanor Counts of Violating MySpace Terms of Service in “Cyberbullying” Case
By Brian Kozlowski – Edited By Stephanie Weiner
United States v. Drew, 08-CR-582

A federal jury convicted Lori Drew on November 26th on three of four misdemeanor counts of unauthorized computer access under the Computer Fraud and Abuse Act (”CFAA”), 18 U.S.C. § 1030, for violating the MySpace terms of service. Drew was acquitted of three felony counts of accessing computers without authorization to inflict emotional harm under the same act. The case has raised widespread objection to the use of criminal liability for violating website terms of service.

The case revolves around the 2006 suicide of 13-year-old Megan Meier following an argument she had on MySpace with “Josh Evans,” a fictional 16-year-old boy whose profile was created under the supervision of Lori Drew. During the 28 days that the account was active, “Josh” established an online relationship with Meier that ended with harsh words and the involvement of other MySpace users. Creation of the fictional account using false information was a violation of the MySpace terms of service, which served as the basis for the computer fraud charges. The prosecution argued, and the jury found, that Drew’s subsequent visits to the MySpace site, in violation of the terms of service, were “unauthorized access” under the terms of the CFAA. Critics point out that this is a very creative use of the CFAA, which is typically used to target hacking and trademark theft. This is the first time it has been used in this fashion.

The New York Times describes the trial outcome, building on an earlier piece from 2007 that gives more factual background on the events. Court documents for the case are hosted on Citizen Media Law Project. (more…)

Posted On Dec - 4 - 2008 1 Comment READ FULL POST

Judge Quashes Recording Industry Subpoena Seeking the Identities of Three Boston University “John Does”
By Jamie Wicks – Edited by Jon Choate

London-Sire Records, Inc. v. Does 1-4
D. Mass., No. 1:04-cv-12434
Court Order (hosted by Ray Beckerman)

On November 24th, Judge Nancy Gertner of the U.S. District Court for the District of Massachusetts rebuffed an attempt by major recording industry companies to force a university to reveal the identity of individuals who shared music through online peer-to-peer networks. Judge Gertner quashed a subpoena in London-Sire Records v. Does 1-4, a copyright infringement case in which the plaintiffs had served subpoenas on a number of internet service providers, largely colleges and universities, requiring them to divulge individual users’ identities based on their IP addresses.

Boston University wrote a letter to the court on September 23, 2008, stating that it could not positively identify three of the IP address users.  Judge Gertner treated the letter as a motion to quash the subpoena, and found that “the University has adequately demonstrated that it is not able to identify the alleged infringers with a reasonable degree of technical certainty.”  In quashing the subpoena, she expressed concern that “compliance with the subpoena . . . would expose innocent parties to intrusive discovery.”

The court’s order to quash the subpoena is available here.  Jacqui Cheng of Ars Technica provides background on the case. One Slashdot contributor notes that the order will provide a lesson to University IT departments served with similar subpoenas: if they are simply honest about the difficulty of identifying IP address users, the subpoenas may be quashed.  A P2PNet commenter suggests the order may “represent a death knell” to the music industry’s attempt to use universities as “copyright cops.”  A Chronicle of Higher Education writer wonders if the holding signifies that IP addresses might no longer be legally synonymous with personal identities.
(more…)

Posted On Nov - 29 - 2008 Comments Off READ FULL POST

Alleged “Coupon Hacker” and Coupons, Inc. Settle DMCA Suit [UPDATED]

By Chris Kulawik — Edited by Jon Choate

Coupons, Inc. v. Stottlemire
N.D. Cal., No. CV 07-03457 HRL
Court Documents (hosted by Justia)

Last week, Coupons, Inc. (“Coupons”), settled its DMCA suit against John Stottlemire, who had defended himself pro se. The parties have not fully disclosed the details of the settlement, but Stottlemire indicates that the case was dismissed with prejudice. The agreement follows a year’s worth of litigation in the United States District Court for the Northern District of California.

Note:
Since the writing of this post, Coupons, claiming that Stottlemire breached material terms of the parties’ settlement agreement, has resumed litigation.  Stottlemire, in a motion filed with the court, claims that Coupons is mistaken in its belief that he has breached the confidentiality term of the settlement.

(more…)

Posted On Nov - 28 - 2008 1 Comment READ FULL POST

District Court Halts Sales of Keylogger Software
By Jim Milkey – Edited by Nicola Carah
FTC v. CyberSpy Software, LLC, November 6, 2008, 6:08-cv-1872
Court Documents

[Correction: Originally, this post erroneously indicated Judge Presnell upheld the TRO described below in a November 17th hearing.  In actuality, the TRO was granted on November 6th, and a hearing on the matter occurred on November 24th. The preliminary injunction order resulting from the Nov. 24th hearing is detailed in our case update.]

On November 6th, Judge Gregory Presnell of the United States District Court for the Middle District of Florida granted the Federal Trade Commission’s request for a temporary restraining order prohibiting the sale of CyberSpy Software’s RemoteSpy keylogger software.

The order prohibits CyberSpy from marketing, selling, and providing support for its RemoteSpy software. RemoteSpy is designed to remotely monitor a host computer and record information such as keystrokes, visited websites, and opened documents.  According to the FTC’s press release, CyberSpy allegedly violated Section 5(a) of the FTC Act, 15 U.S.C. § 45(a), which prohibits unfair or deceptive trade practices.  Specifically, the FTC alleges that CyberSpy violated the Act by marketing and selling “software that could be: (1) deployed remotely by someone other than the owner or authorized user of a computer; (2) installed without the knowledge and consent of the owner or authorized user; and (3) used to surreptitiously collect and disclose personal information.” The complaint also alleges that CyberSpy unfairly disclosed the collected information to its clients. Both CyberSpy and its CEO, Tracer Spence, are listed as defendants in the complaint.

Both the complaint filed by the FTC and the TRO are available at the FTC website.

Ryan Singel of Wired notes that this case marks the first time that the FTC has targeted the amateur spyware market.  He speculates that the case will likely turn on evidence that CyberSpy marketed its product to be used in situations where the victim was unaware of potential monitoring. Joel Hruska of  Ars technica notes that “numerous tutorials and ‘how-to’s’ were included with RemoteSpy, including information on disguising the payload in order to maximize the chance of infection.”  The same article goes on to suggest that the FTC should have been more responsive in filing the complaint, since RemoteSpy has been available to consumers since August 2005.

Graham Cluley points out that keylogger software such as RemoteSpy can be used for a wide variety of purposes, from protective child monitoring to identity theft, and that the final outcome of the CyberSpy case could have serious implications for sellers of “legitimate” spyware.

(more…)

Posted On Nov - 25 - 2008 2 Comments READ FULL POST
  • RSS
  • Facebook
  • Twitter
  • GooglePlay
Photo By: Images Money - CC BY 2.0

DOJ Indicts Nine for

By Emma Winer – Edited by Sheri Pan [caption id="attachment_4373" align="alignleft" ...

Photo By: archie4oz - CC BY 2.0

European Court of Ju

By Paul Klein – Edited by Alex Shank [caption id="attachment_4363" align="alignleft" ...

Photo By: Kyle Nishioka - CC BY 2.0

Google to Supreme Co

By Michael Shammas – Edited by Mary Schnoor [caption id="attachment_4353" align="alignleft" ...

Photo By: Mozilla in Europe - CC BY 2.0

Mozilla Announces Re

By Sheri Pan – Edited by Corey Omer [caption id="attachment_4341" align="alignleft" ...

Icon-news

Flash Digest: News I

By Emma Winer Third Circuit Vacates Hacker Conviction for Improper Venue The ...