The National Attorneys General Training & Research Institute
Cybercrime Newsletter November 2018
The following is a compendium of news reports, case law and legislative actions over the latest bi-monthly period that may be of interest to our AG offices that are dealing with cyber-related issues. Neither the National Association of Attorneys General nor the National Attorneys General Training & Research Institute expresses a view as to the accuracy of news accounts, nor as to the position expounded by the authors of the hyperlinked articles.
The Department of Defense announced plans to expand its "Hack the Pentagon" crowdsourced security program, commonly referred to as its “bug bounty” initiative, to identify vulnerabilities in DOD websites. It awarded contracts to three private sector firms to enhance its capacity to run bug bounties, which pay cash to security researchers to discover and disclose bugs.
The SEC launched a Strategic Hub for Innovation and Financial Technology (FINHUB) to provide a resource on regulations pertaining to financial technology, including blockchain and initial coin offerings.
DHS released the Strategy for Protecting and Preparing the Homeland Against Threats of Electromagnetic Pulse and Geomagnetic Disturbance, which lays out an approach for responding to electromagnetic incidents. Such incidents could be caused by an intentional electromagnetic pulse (EMP) attack or by naturally occurring geomagnetic disturbance events.
The SEC obtained an emergency court order halting a planned initial coin offering by Blockvest LLC and its founder, Buddy Ringgold III. The SEC complaint alleged that Blockvest falsely claimed it had received regulatory approval from the SEC. The SEC also suspended trading in the securities of American Retail Group, a company that allegedly falsely claimed to be working with an SEC-approved custodian for cryptocurrency trading.
The FCC granted in part the European Union’s request for a waiver of the FCC’s rules to enable non-federal devices in the U.S. to access specific signals transmitted from the Global Navigation Satellite System (GNSS) known as Galileo.
The U.S. District Court for the Northern District of Illinois sentenced former trader Joseph Kim to 15 months in prison for misappropriating $1.1 million in Bitcoin and Litecoin, the first criminal prosecution in Chicago involving cryptocurrency trading.
Ho Ka Terence Yun, a former University of Texas law student, pled guilty to one count of cyberstalking in the U.S. District Court for the University of Delaware. Yung repeatedly stalked and harassed an individual who conducted his law school interview.
Taiwan has amended its laws that regulate cryptocurrency transactions to give the Taiwanese Financial Supervisory Commission the authority to crack down on anonymous virtual currency transactions. That Commission now can require users to register their real names, and banks can now reject cryptocurrency exchange transactions that are anonymous, and they also have an obligation to report any suspicious transactions to the Commission.
State Cases to Note
In G.A.Q.L. v. State, a Florida appellate court granted the minor’s petition for a writ of certiorari and quashed the trial court’s order compelling the disclosure of the two passcodes for his mobile phone because the minor was being compelled to disclose the contents of his own mind by producing a passcode for both a phone and an app account. AAG Anesha Worthy represented the State.
In Perez v. State. another Florida appellate court ruled that while a detective had probable cause to conduct a search of defendant’s personal laptop, this was insufficient to justify the detective’s failure to obtain a warrant to search the laptop. AAG Susan Dunlevy represented the State.
In Martinez v. State, the Georgia Court of Appeals ruled that although the trial court properly found that defendant gave consent for police to conduct the initial search of his phone, leading to the discovery of an image of child pornography, the court’s order failed to make any factual findings regarding the scope of the defendant’s consent.
In Commonwealth v. Arthur, the Massachusetts Court of Appeals found it was error to allow defendant’s motion to suppress the contents of certain cell phones on the ground that the delay in obtaining a second warrant to search the contents of the phone was unreasonable because police were already in possession of the phones, so there was no Fourth Amendment interest in requiring the search of the phones to occur expeditiously.
In State v. Vogt, an Ohio Court of Appeals found defendant’s convictions were supported by the weight and sufficiency of the evidence, as the State established largely through text messaging and a recorded interview that defendant gave heroin to a victim who fatally overdosed.
In Commonwealth v. Schreffler, a Pennsylvania Superior Court ruled that the trial court erred by not suppressing the Commonwealth’s wiretap recordings of defendant’s conversations with a confidential informant because the Commonwealth failed to comply with its mandatory discovery obligations.
In Reed v. Commonwealth, on remand from the U.S. Supreme Court, the Virginia Court of Appeals found the exclusionary rule did not apply because there was no police or governmental conduct that needed to be deterred where the defendant did not contend the statutes were invalid at the time the Commonwealth obtained his cell site location information, and both detectives and the Commonwealth’s attorney have a reasonable, good faith belief their actions were constitutional. AAG Victoria Johnson handled the case; DAG Victoria Pearson, Solicitor General Toby Heytens and Principal Deputy Solicitor General Matthew McGuire participated on the brief.
Recent Federal Cases to Note
In U.S. v. Thomas, the Fourth Circuit found that although the affidavit did not contain particularized facts establishing a nexus between the place to be searched, defendant’s phone and the alleged abuse, the detective knew that both the victim’s mother and a victim had reported that defendant used a phone in furtherance of his criminal conduct.
In U.S. v. Contreras, the Fifth Circuit ruled that the uploading of two images of child pornography from a cell phone connected to a residential network established probable cause to search that residence for evidence of all child pornography because probable cause did not demand more than fair probability on which a reasonable person would act.
In U.S. v. Cleveland, the Sixth Circuit affirmed the denial of defendant’s suppression motion, as the magistrate had signed a warrant authorizing the search of a cell phone already in law enforcement’s custody pursuant to a lawful seizure for the purpose of off-site analysis.
In U.S. v. Sullivan, the Sixth Circuit found that the affidavits supporting the searches of defendant’s apartment, vehicle and computer established probable cause to believe that he committed voyeurism and possession of criminal tools where he had downloaded software and a user’s manual for a camera matching the description given by the victim; was a convicted sex offender; and several child pornography files were stored on a removable device connected to the laptop.
In U.S. v. Kienast, the Seventh Circuit ruled that while one defendant claimed the lower court erred by denying his motion to compel the government to allow him to review the Network Investigative Technique source code and cross-examine the FBI special agent who created the affidavit, the lower court did not abuse its discretion in holding that the discovery sought was immaterial and essentially a fishing trip.
In U.S. v. Brixen, the Seventh Circuit ruled that since the detective did not search defendant’s phone and he did not have a reasonable privacy interest in the information observed by the detective, no constitutional violation occurred.
In Whalen v. McMullen, the Ninth Circuit ruled that by observing and videotaping the resident inside her home without her consent, the officer conducted a “search” within the meaning of the Fourth Amendment.
In U.S. v. Henderson, the Ninth Circuit ruled that a Network Investigative technique warrant issued by a magistrate in the Eastern District of Virginia exceeded the general territorial scope and was void ab initio, because it authorized a search of an activating computer in California.
Cyber Initiatives in the Attorney General Community
Arizona Attorney General Mark Brnovich announced the first FinTech Sandbox participant, as well as the signing of a a cooperative agreement with the Financial Services Commission, Taiwan’s financial regulator, to establish an information sharing program between the Arizona and Taiwan programs.
New Mexico Attorney General Hector Balderas unveiled a new ICAC Mobile Crime Lab, which will bring forensic investigation tools to rural areas and provide agents with better tools to investigate Internet crimes.
Wisconsin Attorney General Brad Schimel announced that his Division of Criminal Investigation has added Kozak, an electronics detection canine, to assist its ICAC teams. K9 Kozak was provided by Neighborhood K-9 in Indiana.
Hedda Litwin is the Editor of the Cybercrime Newsletter and may be reached at 202-326-6022. The Cybercrime Newsletter is a publication of the National Association of Attorneys General. Any use and/or copies of this newsletter in whole or part must include the customary bibliographic citation. NAAG retains copyright and all other intellectual property rights in the material. For content submissions or to contact the editor directly, please e-mail firstname.lastname@example.org.