 Tuesday, 15. October 2002
Internet Again
10 Minutes ago the "SYNC" LED on our ADSL modem switchd from red to green. So we are on the net again. Theoretically we where before connected via an Apple Airport with Modem but some confusing Interactions between the ISDN-to-analog converter in our PBX and the Airport resulted in a transferrate of ca. 800 b/s and RTT latency of up to 22000 ms (22 seconds!). So basically Internet was unusable.
11:10 |
#
Monday, 30. September 2002
Back blogging!
As you might have noticed this Weblog was broken in various ways in the last few days. Seems all showstopper bugs are ironed out and I can go on blogging. Nice.
You can find some explanation of my problems at http://md.hudora.de/blog/categories/niftyHacks/2002/30/
01:25 |
#
Friday, 23. August 2002
NINTH CIRCUIT REVERSES ITSELF, ADOPTS FIFTH CIRCUIT VIEW OF WIRETAP ACT / Konop v. Hawaiian Airlines
This morning the Ninth Circuit finally issued its
long-awaited opinion in Konop v. Hawaiian
Airlines, which reconsidered its January 2001
panel decision holding that the Wiretap Act
applied to stored electronic communications.
The Ninth Circuit has now adopted the Fifth
Circuit's approach in Steve Jackson Games,
ending the circuit split on this issue. The vote was
2-1, with Judge Reinhardt partially dissenting.
The opinion is available from the 9th Circuit's
website, www.ca9.uscourts.gov. (Full
disclosure: When I was still at DOJ, I co-authored
a DOJ amicus brief in favor of the petition for
rehearing in this case.)
This case involves an employer who accessed
his employee's password-protected website
without the employee's permission. The
employee, Konop, brought a suit claiming that the
employer's conduct violated the Wiretap Act, the
Stored Communications Act, and the Railway
Labor Act. The Ninth Circuit agreed with the
employee that the conduct violated all three
statutes, and in so doing created a notable circuit
split with the 5th Circuit over the scope of the
Wiretap Act as applied to the Internet.
A motion for rehearing followed, along with a
flurry of amicus briefs from law enforcement and
privacy groups. In August 2001, the Ninth Circuit
withdrew its opinion, and now almost exactly a
year later (at just about the time the old law clerks
finished up) the Court has finally rendered its
decision.
Most notably, the Ninth Circuit rejected its prior
panel holding that the Wiretap Act's prohibition on
"intercepting electronic communcations" applies
to communications in storage. The Court has
now agreed with all of the prior courts that
"intercept" refers to contemporaneous
transmission, as opposed to files in temporary or
more permanent storage. Slip Op. at 12467. In
short, the Wiretap Act applies to communications
moving in transmission, and the Stored
Communications act applies to communications
stored and at rest.
The Court offered three arguments for its
position. First, the Court made the odd argument
that "intercept" does not apply to stored
communications because the USA Patriot Act
amended Title III in October 2001 to eliminate the
language that courts had relied on to find that
"intercept" applied to stored wire
communications. While at best this shows that
Congress did not want Title III to apply to stored
communications following 9/11, it's hard to see
how it's relevant to this case.
Next, the Court reasoned that the plain meaning
of "intercept" referred to stopping or seizing
something "in progress or course before arrival"
(quoting Webster's Ninth New Collegiate
Dictionart at 630), which strikes me as fairly weak
as well in light of the problem courts have had
construing this word.
Third, the court finally turned to the much more
obvious and stronger argument, namely that
Congress has enacted a separate legal regime to
govern stored electronic communications, in 18
U.S.C. 2701-11, and applying the Wiretap Act to
stored communications entirely nullified the
separate statute.
The court added an interesting footnote (fn 6) in
which it replied to amici and law review articles
arguing that the Wiretap Act should be construed
to apply to stored files. The Court noted that
while limiting Title III to communications in transit
limited its scope significantly, Congress had
clearly chosen to so limit the statute. Congress
opted to treat electronic communications in
temporary "electronic storage" in 18 U.S.C.
2703(a). While a broad construction of the
Wiretap Act was "not without appeal, the
language and structure of the ECPA demonstrate
that Congress considered and rejected this
argument." Quite right.
Judge Reinhardt dissented, but to be honest I'm
having trouble figuring out exactly what his
argument is. He apparently believes that there is
a way of reconciling the broad reading of the
Wiretap Act with the text of the Stored
Communications Act. Trying to understand his
argument is left as an exercise for the reader.
In my opinion, what's missing from the majority
opinion is a broader conceptual picture of why it
arguably makes sense for Congress to have
made the Wiretap Act relatively narrow. When
Congress enacted the Wiretap Act in 1968, it
created a new "super warrant" standard that was
a specific response to the problem of intercepting
communications in transit. Because wiretapping
phone calls did not merely search and seize
stored materials, but rather acted as (as Justice
Douglas put it in his Berger concurrence) a
"dragnet" that collected everything that passed
through the wire, a higher standard than mere
probable cause made sense, and in fact was
essentially mandated by the Court in Berger v.
New York (1967). Applying the Wiretap Act's
super warrant requirement to stored
communications misses this history-- it would
apply the special rule from the special case to the
ordinary case. The Ninth Circuit's opinion now
makes sure that the ordinary case gets the
ordinary Fourth Amendment rule: thanks to
2703(a), communications in electronic storage
are protected by a normal warrant requirement,
rather than the "super warrant" requirement of the
Wiretap Act. While of course one could prefer a
different rule as a matter of policy, the narrow
view of the "special case" Wiretap Act isn't
entirely nonsensical.
FInally, in a less important section of the opinion,
the Court also addressed Konop's claim under 18
U.S.C. 2701, to the effect that the employer had
accessed Konop's files without authorization, and
in particular the employer's argument that the
access was justified by the consent of a "user" to
the website. The Court held that other
employees who were told that they could sign up
for accounts on the site but had not actually done
so were not "users" because they had never
actually used the site. Interesting, although not
something that is likely to come up very often.
(I'm personally not so sure that files stored on the
web are in "electronic storage" anyway -- in fact,
I'm not sure how they can be given the statutory
definition -- but the court seemed satisfied that
the parties did not contest that point.)
[by Orin S. Kerr's Computer Crime Case Updates a href="http://hermes.circ.gwu.edu/archives/cybercrime.html">Mailinglist]
15:30 |
#
Wednesday, 21. August 2002
FIRST CIRCUIT: GOV'T MUST DISCLOSE MEANS OF IMPLEMENTING SURVEILLANCE IN WIRETAP APPLICATIONS (AT LEAST SOMETIMES) / Lopez
Yesterday, the First Circuit announced new rules
imposing a duty on the government to disclose in
its applications for wiretap orders how the
wiretaps will be executed. The decision has
interesting implications for the debate over
Carnivore/DCS-1000, the FBI's Internet
surveillance tool. The case is United States v.
Lopez, -- F.3d --, 2002 WL 1880282 (1st Cir.,
Aug. 20, 2002) (Torrruella, J.)
This case involves an investigation into a cocaine
distribution conspiracy in Maine, and particular
wiretap orders to monitor two mobile phones
used by co-conspirators. Rather than implement
the surveillance themselves, the government
hired "civilian monitors" to monitor the calls and
conduct the required minimization. Minimization
is the the act of screening pertinent from non-
pertinent calls to minimize the number of non-
pertinent calls intercepted. Normally this is
performed by law enforcement agents, but here
the government hired "civilian monitors" to do the
job. The wiretap orders yielded about 1700
intercepted calls, which "buil[t] a formidable case
against the conspiracy members," especially one
defendant named Amado Lopez.
On appeal following his conviction, Lopez argued
(among other things) that the government
violated the Wiretap Act by not disclosing in its
application to the court for a wiretap order that it
planned to have the civilian monitors implement
the court order. This argument should resonate
with those who are following some recent
disputes and cases in the computer crime world.
In the context of Carnivore, the FBI has been
criticized for wanting to implement wiretap orders
at ISPs itself in some cases, and in a pending
appeal in the 8th Circuit, the government is
appealing a district court's decision that the
Fourth Amendment requires the government to at
least be physically present when an ISP executes
a warrant for stored e-mail. (for background, see
http://www.epic.org/privacy/bach). So the issue
of how surveillance orders are implemented, and
by whom, and what rules govern, is very much a
current concern.
The First Circuit held as a matter of first
impression that the Wiretap Act does require the
government to disclose in its application when it
uses civilian monitors in the execution of the
warrant, but that in this case, suppression was
not an appropriate remedy.
Here's is the court's analysis of why Title III
requires the disclosure of civilian monitoring:
There is no doubt that the use of civilian monitors
for the execution of a wiretap cannot constitute a
per se violation of Title III, since the statute
explicitly contemplates the assistance of civilian
personnel. Specifically, Title III provides, in
relevant part: "An interception under this chapter
may be conducted in whole or in part by
Government personnel, or by an individual
operating under a contract with the Government,
acting under the supervision of an investigative or
law enforcement officer authorized to conduct the
interception." 18 U.S.C. Û 2518(5). Nevertheless,
Title III generally places a burden of "full and
complete" disclosure on the government in its
application for a wiretap, see id. Û 2518(1)(b),(c)
& (d), and the issuing judge is obliged to craft the
order approving the wiretap with specificity, see
id. Û 2518(4). These provisions necessitate
candor on the part of the government--a candor
that, in our view, would generally be undermined
if the government could withhold important
information about the manner in which the
wiretap will be conducted.
The government's failure to disclose its plans to
use civilian monitors frustrates the objectives of
other provisions of Title III as well. For example,
the statute mandates that the issuing judge
include in any order a provision requiring that the
wiretap be conducted in such a way as to
minimize nonpertinent communications. See id. Û
2518(5). If the issuing judge is kept ignorant of
the manner in which the government intends to
execute the wiretap, this diminishes the judge's
ability to craft an order that is sufficiently
protective of the minimization requirement. In
addition, the statute permits the issuing judge to
require status reports showing "what progress
has been made toward achievement of the
authorized objective and the need for continued
interception." Id. Û 2518(6). Yet, without
information on how the calls are being
intercepted, and by what personnel, the judge's
impression of the progress of the wiretap may be
mistaken.
In light of these considerations, we hold that the
government must disclose, as a part of its
application for a wiretap warrant, any intention to
utilize the services of civilian monitors in the
execution of the warrant. To hold otherwise
would, in our view, run counter to the general
duty of candor the statute imposes on the
government and impair the issuing judge's ability
to preserve important privacy interests protected
by Title III.
While the holding is technically narrow, the
principle here seems quite broad. "Civilians" can
be used in lots of ways-- to install the monitoring
devices, to check on the monitoring devices, to
collect the evidence, to sift through the evidence,
to sent back evidence -- and the court's opinion
does not specify which way triggers the
disclosure requirement. Indeed, the opinion
speaks of the difficulties "[i]f the issuing judge is
kept ignorant of the matter in which the
government intends to execute the wiretap." To
me, this suggests that the entire world of who will
be implementing the court order, even by what
device, may now be something that the
government must (or at least should) disclose in
its Wiretap Act applications.
Next, the court concluded that the government's
failure to disclose the involvement of civilian
monitors did not mean that the evidence should
be supressed:
. . . [I]it is well-settled that not every failure to
comply fully with any requirement provided in
Title III necessitates suppression." United States
v. Escobar-De Jesus, 187 F.3d 148, 171 (1st
Cir.1999); see United States v. Donovan, 429
U.S. 413, 432-34, 97 S.Ct. 658, 50 L.Ed.2d 652
(1977); United States v. Chavez, 416 U.S. 562,
571-79, 94 S.Ct. 1849, 40 L.Ed.2d 380 (1974). A
court evaluating a suppression motion must
consider whether the underlying violation of Title
III frustrated the protective purpose of that statute
in a particular case. Thus, "violations of even ...
central requirements do not mandate
suppression if the government demonstrates to
the court's satisfaction that the statutory purpose
has been achieved despite the violation." United
States v. Cunningham, 113 F.3d 289, 293-94 (1st
Cir.1997) (quoting United States v. Johnson, 696
F.2d 115, 121 (D.C.Cir.1982)). Without trivializing
the nature of the violation in this case,
we find that the wiretap was conducted in manner
that preserved the core protective purposes of
Title III.
The restrictions in Title III aim to limit the use of
wiretapping to those situations where it is truly
justified, and to protect privacy as mush as
reasonably possible when wiretapping is used.
See Escobar-De Jesus, 187 F.3d at 171. The
undisclosed use of civilian monitors did not affect
the likelihood that the wiretap would be
authorized in the first place, nor did it increase
the wiretap's intrusion on privacy interests. The
principal purposes of Title III were not frustrated
by the violations here.
In addition, the district court's unchallenged
findings demonstrate that, aside from the failure
to disclose the use of civilian monitors, the
wiretap was conducted in an admirably
professional manner. Privacy concerns were
protected to the greatest extent possible.
Suppression is less likely to be necessary when
the violation of Title III represents an isolated flaw
in "a process that in all other important respects
complied with the statute." Cunnignham, 113
F.3d at 294.
Finally, there is no indication that the
government's violations of Title III were willful or
knowing. We are the first court of appeals to hold
that Title III requires the government to disclose
any plans to employ civilian monitors; indeed, we
appear to be the first court that has been
squarely presented with the issue. Thus, the law
enforcement in this case presumably did not
realize that their undisclosed use of civilian
monitors could constitute a violation of the
statute. The district court determined that,
although the used of civilian monitors departed
from the precise terms of the order authorizing
the wiretap, "the violation was inadvertent, as
opposed to a conscious decision by the
Government or law enforcement officers to take
action they knew to be contrary to an intercept
order." Lopez, 106 F.Supp.2d at 100.
In sum, Title III imposes an obligation on the
government to disclose to the issuing judge any
plans to use civilian monitors in the execution of a
wiretap warrant. In the case at hand, however,
the government's failure to make that disclosure,
along with the government's seeming violation of
an order that did not permit the use of civilian
monitors, does not provide a valid basis for
suppressing the intercepted communications.
At least as a matter of doctrine, this section of the
analysis is plainly correct: the Supreme Court has
been pretty clear that courts should suppress
wiretap act evidence only if the government's
error is very serious. See, e.g., Giordano, 416
U.S. at 527. It's still not clear whether civilian
involvement executing orders infringes privacy
(as privacy groups have argued in Bach) or
protects it (as privacy groups have argued in the
Carnivore debate). As a result, it would have
been misguided to see the government's chosen
procedure as an error that warranted suppression
under the Supreme Court's standard.
[by Orin S. Kerr's Computer Crime Case Updates Mailinglist]
12:00 |
#
Sunday, 18. August 2002
DOUBLECLICK DEJA VU: CIVIL LITIGATION OVER COOKIES AND WEB BUGS LEADS TO IMPORTANT STATEMENTS ABOUT TITLE III, ECPA, and 18 U.S.C. 1030 / Pharmatrak
The District of Massachusetts granted the
defendants' motion for summary judgment in a
consolidated civil case that interpreted several
key federal computer crime statutes. The case is
In re Pharmatrak Privacy Litigation, -- F. Supp.2d
--, 2002 WL 1880387 (D. Mass, Aug. 13, 2002)
(Tauro, J.).
This case involves a suit against pharmaceutical
companies for having hired the Pharmatrak
company to monitor the companies' websites and
provide a monthly analysis of web site traffic.
Pharmatrak placed cookies and web bugs on the
computers of users who visited the websites, and
also allegedly read the referrer URL contained in
Internet requests directed to the websites.
According to the complaint, the Pharmatrak
software also recorded information that users
entered into the websites, and also recorded URL
query strings resulting from web searches.
The plaintiffs alleged that this monitoring violated
the Wiretap Act (aka Title III, 18 U.S.C. 2510-22),
the Stored Communications Act (aka ECPA, 18
U.S.C. 2701-11) and the Computer Fraud and
Abuse Act (18 U.S.C. 1030). The defendants
moved for summary judgment.
The Court granted the defendants' motion on all
three counts. First, the Court rejected the
Wiretap Act claims. The plaintiffs alleged that the
Pharmatrak software had intercepted the
plaintiffs' electronic communications in violation
of the Wiretap Act. Although neither the
complaint nor the opinion specifies which of the
communications were "contents" covered by the
Wiretap Act (a rather remarkable oversight given
the recent high profile debate over whether
search query URLs are contents raised by the
USA Patriot Act last October), the Court
concluded that the pharmaceutical websites were
parties to the communication who could consent
to Pharmatrak's monitoring pursuant to the
consent exception, 18 U.S.C. 2511(2)(d). As far
as it goes, this seems correct.
The Court next rejected the Stored
Communications Act claims on multiple grounds-
- one of which is important and clearly right, and
at least one of which is clearly wrong. The
plaintiffs claimed that the monitoring of the user's
computers had violated 18 U.S.C. 2701, a
criminal statute that is primarily designed to
punish hackers who hack into ISPs and read e-
mails and other stored files. The Court rejected
this argument first on the (correct) ground that
individual internet users are not providers of
electronic communications service under ECPA.
This section is home to the opinion's best
passage:
"Plaintiffs find it noteworthy that '[p]ersonal
computers provide consumers with the
opportunity to access the Internet and send or
receive electronic communications,' and that
'[w]ithout personal computers, most consumers
would not be able to access the Internet or
electronic communications.' Fair enough, but
without a telephone, most consumers would not
be able to access telephone lines, and without
televisions, most consumers would not be able to
access cable television. Just as telephones and
televisions are necessary devices by which
consumers access particular services, personal
computers are necessary devices by which
consumers connect to the Internet. While it is
possible for modern computers to perform
server- like functions, there is no evidence that
any of the Plaintiffs used their computers in this
way. While computers and telephones certainly
provide services in the general sense of the word,
that is not enough for the purposes of the ECPA.
The relevant service is Internet access, and the
service is provided through ISPs or other servers,
not though Plaintiffs' PCs"
Nicely put. Just when things were looking good,
however, the court goofed, ruling that in the
alternative, the websites were "users" under
ECPA who could consent to the monitoring. It's
only an alternative holding, I realize, but it's quite
clearly incorrect: ECPA follows the client/server
model, and uses the word "user" to refer to the
clients and "provider" to refer to the server. It
turns EPCA on its head to view the websites as
clients of the user's PC's (a mistake made in the
Doubleclick opinion).
The Court then added yet another alternative
holding, to the effect that the monitoring did not
violate 2701 because 2701 refers only to
contents "in electronic storage," that is, held pre-
access such as unopened e-mails. While this is
a correct statement about the scope of 2701, it's
quite beside the point, because as the court held
in the first place, the user's PCs are not providers
under ECPA (and web bugs and cookies aren't
electronic communications, either).
Finally, the court rejected the claim that the
monitoring had triggered the civil damages
provision of 18 U.S.C. 1030 on the ground that
there was no showing of the $5,000 damage
needed to bring a civil action under 18 U.S.C.
1030(g).
[by Orin S. Kerr's Computer Crime Case Updates Mailinglist]
22:07 |
#
Thursday, 08. August 2002
NO EXPECTATION OF PRIVACY IN PHOTOS POSTED TO THE WEB, DISTRICT COURT HOLDS / Gines-Perez
On Monday, a District Court in Puerto Rico held
that a defendant cannot claim a Fourth
Amendment violation when a police officer views
a photo the defendant has posted on the Web,
even if the defendant wishes the photo to remain
private. The case is United States v. Gines-
Perez, -- F. Supp.2d --, 2002 WL 1800682
(D.P.R. August 5, 2002).
The defendant, Gines-Perez, was the manager of
a computer store called "The Red Gecko" and
also a suspect in a major heroin smuggling
investigation. The police who were investigating
the smuggling operation found a picture of the
defendant on the web; Gines-Perez had begun to
set up a website for the computer store, and had
posted a group portrait of all of the store's
employees, including himself. The police
downloaded the photograph, and distributed it
among other officers so that they would be able
to recognize Gines-Perez. The officers'
recognition of the defendant helped lead to the
police stopping the car he was driving, which led
to the discovery of 1.4 kilos of heroin and $5,000
in cash in the car, and then to his arrest for
narcotics smuggling.
Before the district court, Gines-Perez argued
(among other things) that the police had violated
his Fourth Amendment rights by finding his
picture on the web and downloading it. Because
the website was still under construction, he
argued, it was "private" and not intended for
commercial use by the public. According to
Gines-Perez's lawyer, viewing the website and
downloading a copy was literally a "search"
(finding the site) and a "seizure" (making a copy).
Because the police had not obtained a warrant
before surfing the web and downloading the
photos, that conduct violated his 4th Amendment
rights.
The Court rejected the argument with the
following analysis:
"The Court is convinced that placing information
on the information superhighway necessarily
makes said matter accessible to the public, no
matter how many protectionist measures may be
taken, or even when a web page is "under
construction." While it is true that there is no case
law on point regarding this issue, it strikes the
Court as obvious that a claim to privacy is
unavailable to someone who places information
on an indisputably, public medium, such as the
Internet, without taking any measures to protect
the information."
"The defense may claim that the web site in
controversy was not intended to be "public" or
"commercial" in nature. But it is not the intention
of the person who uses the Internet to
communicate information which is important; it is
the medium in which he or she places the
information and the nature of the materials
placed on the web which are important. A person
who places information on the information
superhighway clearly subjects said information to
being accessed by every conceivable interested
party. Simply expressed, if privacy is sought, then
public communication mediums such as the
Internet are not adequate forums without
protective measures. . . . A reasonable [person]
cannot place "private" information--such as a
"private" photograph--on the Internet, if he or she
desires to keep such information in actual
"privacy." A reasonable person does not protect
his private pictures by placing them on an
Internet site."
"The Court finds that this society is simply not
prepared to recognize as "reasonable" a claim
that a picture on the Internet is "private" in nature,
such that the Government cannot access it. In
fact, the Court believes that our society would
recognize the opposite; that a person who places
a photograph on the Internet precisely intends to
forsake and renounce all privacy rights to such
imagery, particularly under circumstances such
as here, where the Defendant did not employ
protective measures or devices that would have
controlled access to the Web page or the
photograph itself. "
Id. at *15-16. A plainly correct result.
[by Orin S. Kerr's Computer Crime Case Updates Mailinglist]
12:30 |
#
NO EXPECTATION OF PRIVACY IN PHOTOS POSTED TO THE WEB, DISTRICT COURT HOLDS
/ Gines-Perez
On Monday, a District Court in Puerto Rico held that a defendant cannot claim a Fourth Amendment violation when a police officer views a photo the defendant has posted on the Web, even if the defendant wishes the photo to remain private. The case is United States v. Gines- Perez, -- F. Supp.2d --, 2002 WL 1800682 (D.P.R. August 5, 2002).
The defendant, Gines-Perez, was the manager of a computer store called "The Red Gecko" and also a suspect in a major heroin smuggling investigation. The police who were investigating the smuggling operation found a picture of the defendant on the web; Gines-Perez had begun to set up a website for the computer store, and had posted a group portrait of all of the store's employees, including himself. The police downloaded the photograph, and distributed it among other officers so that they would be able to recognize Gines-Perez. The officers' recognition of the defendant helped lead to the police stopping the car he was driving, which led to the discovery of 1.4 kilos of heroin and $5,000 in cash in the car, and then to his arrest for narcotics smuggling.
Before the district court, Gines-Perez argued (among other things) that the police had violated his Fourth Amendment rights by finding his picture on the web and downloading it. Because the website was still under construction, he argued, it was "private" and not intended for commercial use by the public. According to Gines-Perez's lawyer, viewing the website and downloading a copy was literally a "search" (finding the site) and a "seizure" (making a copy). Because the police had not obtained a warrant before surfing the web and downloading the photos, that conduct violated his 4th Amendment rights.
The Court rejected the argument with the following analysis:
"The Court is convinced that placing information on the information superhighway necessarily makes said matter accessible to the public, no matter how many protectionist measures may be taken, or even when a web page is "under construction." While it is true that there is no case law on point regarding this issue, it strikes the Court as obvious that a claim to privacy is unavailable to someone who places information on an indisputably, public medium, such as the Internet, without taking any measures to protect the information."
"The defense may claim that the web site in controversy was not intended to be "public" or "commercial" in nature. But it is not the intention of the person who uses the Internet to communicate information which is important; it is the medium in which he or she places the information and the nature of the materials placed on the web which are important. A person who places information on the information superhighway clearly subjects said information to being accessed by every conceivable interested party. Simply expressed, if privacy is sought, then public communication mediums such as the Internet are not adequate forums without protective measures. . . . A reasonable [person] cannot place "private" information--such as a "private" photograph--on the Internet, if he or she desires to keep such information in actual "privacy." A reasonable person does not protect his private pictures by placing them on an Internet site."
"The Court finds that this society is simply not prepared to recognize as "reasonable" a claim that a picture on the Internet is "private" in nature, such that the Government cannot access it. In fact, the Court believes that our society would recognize the opposite; that a person who places a photograph on the Internet precisely intends to forsake and renounce all privacy rights to such imagery, particularly under circumstances such as here, where the Defendant did not employ protective measures or devices that would have controlled access to the Web page or the photograph itself. "
[by Orin S. Kerr's Computer Crime Case Updates Mailinglist]
12:28 |
#
disLEXia, a research project by Maximillian Dornseif
|
|
