The National Attorneys General Training & Research Institute
Cybercrime Newsletter March 2019
The following is a compendium of news reports, case law and legislative actions over the latest bi-monthly period that may be of interest to our AG offices that are dealing with cyber-related issues. Neither the National Association of Attorneys General nor the National Attorneys General Training & Research Institute expresses a view as to the accuracy of news accounts, nor as to the position expounded by the authors of the hyperlinked articles.
The Massachusetts Supreme Court ruled that the Commonwealth could compel a man accused of sex trafficking to unlock his cell phone because prosecutors proved he knew the password. Commonwealth v. Jones. AAG Randall Ravitz submitted a brief on behalf of the Attorney General’s office.
The FTC’s Bureau of Competition launched a task force to monitor competition in U.S. technology markets, and it will also investigate any potential anticompetitive conduct in those markets. The new task force will include 17 staff attorneys who will join from other FTC divisions.
The U.S. District Court for the Southern District of New York sentenced Billy Ribiero Anderson, a/k/a "Anderson Albuquerque," to three months in prison for hacking and defacing the websites of the Combating Terrorism Center at West Point and the New York City Controller’s Office. Anderson, who had pled guilty to two counts of computer fraud, was also sentenced to three years of supervised release and 200 hours of community service, and was ordered to pay restitution to the victims.
Romanian citizen Robert Dumitrescu pleaded guilty to wire fraud conspiracy, computer fraud and abuse and aggravated identity theft un the U.S. District Court for the Northern District of Georgia. His crimes, orchestrated from Romania, encompassed illegal intrusion into U.S. computer servers, sending phishing messages to thousands of victims and subsequent theft of social security numbers and bank account information.
Andrew Cheveers, a former IT contractor for the State Department Office of Inspector General, pleaded guilty to the theft of 16 government laptop computers in the U.S. District Court for the Eastern District of Virginia. Cheevers then sold the stolen laptops on Internet websites.
The U.S. District Court for the District of Columbia entered a Consent Order in a Commodity Futures Trading Commission action against 1pool Ltd., located in the Marshall Islands, and its CEO Patrick Brunner for illegally trading in bitcoin without registering with the proper authorities. The order imposes $1 million in civil penalties and disgorgement and refunds to investors.
The National Institute of Standards and Technology (NIST) launched its Privacy Engineering Collaboration Space, an online portal where practitioners can work together to develop new open-source tools, solutions and processes. The initial focus of the space will be solutions related to de-identification and privacy risk management.
The Indiana House passed HB 1358, which would allow a law enforcement officer to use a drone without first obtaining a search warrant if the officer determines its use is required to 1) safeguard the public at a public event; 2) respond or mitigate a riot or disorderly conduct; or 3) collect evidence in a criminal investigation where there is probable cause and the crime scene is located where there is no reasonable expectation of privacy. The Indiana Senate passed SB 3, which would establish the Internet crimes against children fund.
The New York Legislature passed A571, which would ban nonconsensual pornography, often referred to as “revenge porn.” Violators could face up to one year in jail, and courts would have the authority to order websites to remove nonconsensual pornographic posts.
Recent State Cases of Note
In Park v. State, the Georgia Supreme Court held that the statute which authorized lifetime satellite-based monitoring of a sex offender was unconstitutional because it authorized a patently unreasonable search that ran afoul of Fourth Amendment protections.
In People v. Spicer, an Illinois appeals court found that where the defendant was convicted for unlawful possession of a controlled substance, the trial court properly denied the State’s motion to compel him to disclose his passcode for a cell phone that was found on him when he was arrested because it would violate his Fifth Amendment right against self-incrimination.
In Zanders v. State, the Indiana Supreme Court, on remand from the U.S. Supreme Court, affirmed the defendant’s convictions because although the State’s access to the defendant’s historical cell site location information (CSLI) was a Fourth Amendment search, regardless of whether the search fell under the exigent circumstances exception to the warrant requirement, the admission of the CSLI was harmless beyond a reasonable doubt. Chief Counsel Stephen Creason and DAG Tyler Banks represented the State.
In Jarvis v. State, the Mississippi Court of Appeals found the State offered the videos for recognized evidentiary purposes because it used them to aid its identification of the defendant as one of the perpetrators of a home invasion. Special AAG Laura Hogan Tedder represented the State.
In People v. Diaz, the New York Court of Appeals ruled that the defendant’s Fourth Amendment rights were not violated by the admission into evidence of recordings of telephone calls he made while in prison because he impliedly consented to monitoring and recording of his calls; the Department of Corrections provided several types of notice of its policy to monitor and record inmate telephone calls; and the defendant lost all reasonable expectation of privacy in the content of phone calls once they were lawfully intercepted.
Recent Federal Cases of Note
In U.S. v. Asmodeo, the Second Circuit found that the discovery of the CD was sufficiently attenuated from the illegal search to permit its admission because an intervening circumstance disrupted the causal chain between the search and the discovery of the CD.
In U.S. v. Ruelas, the Fifth Circuit found the facts set forth in the officer’s search warrant affidavit were sufficient to establish the requisite probability that evidence related to ongoing crimes involving child pornography would be found on the defendant’s cell phone.
In U.S. v. Elmore, the Ninth Circuit found the lower court erred in granting the defendant’s motion to suppress because although the warrant authorizing the seizure of the defendant’s historical cell site location information was not supported by probable cause, the deficiencies were not so stark as to render the officers’ reliance on the warrant entirely unreasonable.
Hedda Litwin is the Editor of the Cybercrime Newsletter and may be reached at 202-326-6022. The Cybercrime Newsletter is a publication of the National Association of Attorneys General. Any use and/or copies of this newsletter in whole or part must include the customary bibliographic citation. NAAG retains copyright and all other intellectual property rights in the material. For content submissions or to contact the editor directly, please e-mail email@example.com.