The National Attorneys General Training & Research Institute
Cybercrime Newsletter September-October 2017
The following is a compendium of news reports, case law and legislative actions over the latest bi-monthly period that may be of interest to our AG offices that are dealing with cyber-related issues. Neither the National Association of Attorneys General nor the National Attorneys General Training & Research Institute expresses a view as to the accuracy of news accounts, nor as to the position expounded by the authors of the hyperlinked articles.
· Nebraska issued ethics opinion no. 17-03, which allows lawyers to accept payment for services in cryptocurrencies, such as bitcoin – the first state to do so. The opinion recommends three steps lawyers should take when such payment is made: 1) notify the client that payment will be immediately converted into dollars; 2) make such conversion through a payment processor; and 3) credit the client’s account at the time of payment.
· The IRS issued a public warning to beware of a new email phishing scam that purports to be a notice from the IRS and the FBI in order to trick users into downloading ransomware. The scam email includes official emblems of both agencies and asks users to download a fake questionnaire providing a bogus explanation of tax code changes.
· DOT unveiled a new federal policy that establishes guidelines prioritizing safety for the manufacturing and testing of autonomous cars in the U.S., but is also intended to discourage states from drafting their own regulations. The policy, called Automated Driving Systems2.0: A Vision for Safety, lays out voluntary best practices for manufacturers.
Recent State Court Decisions
· A California Court of Appeals ruled that Megan Sandee’s motion to suppress was properly denied where the warrantless search of her cell phone was permitted under the probation search exception to the warrant requirement. People v. Sandee. Assistant Attorney General Collette Cavalier and Deputy Attorneys General Teresa Torrebalnce and Britton Lacy represented the People.
· The Kentucky Court of Appeals found that even if the later search of John Kamphaus’ phone data was fruit of the poisonous tree, the failure to exclude it from the trial was harmless, as there was overwhelming evidence to establish his identity. Kamphaus v. Commonwealth. Assistant Attorney General Jeffrey Prather represented the Commonwealth.
· The Maryland Court of Appeals reversed, ruling that detectives acted in good faith in their use of a cell site simulator to track a cell phone in Robert Copes, Jr.’s possession because the application stated that they wished to use, in addition to the pen register and trap and trace device, a “Cellular Tracking Device” and “Real Time Tracking Tool.” State v. Copes. Assistant Attorney General Robert Taylor, Jr. argued the case for the State.
· The Maryland Court of Appeals also ruled that police were entitled to seize and retain Timothy Moats’ cell phone incident to his arrest, without any level of suspicion at the time of the seizure that the cell phone contained evidence of the crime. Moats v. State. Assistant Attorney General Daniel Jawor represented the State.
· The Massachusetts Supreme Court reversed, ruling that although digital cameras could be seized incident to arrest, a search of their data fell outside the scope of the search incident to arrest exception to the warrant requirement. Commonwealth v. Mauricio.
· An Ohio Court of Appeals found that the victim’s text messages were properly admitted into evidence as excited utterances as they fell squarely within the excited utterances exception to the hearsay rule. State v. Swing.
· A Tennessee Court of Criminal Appeals affirmed, finding the agent’s warrantless search of Kalpesh and Pratikkumar Patel’s cell phones violated the Fourth Amendment, but ruled the error was harmless since the illegally seized evidence did not contribute to the verdict. State v. Patel. Assistant Attorney General Jennings Jones represented the State.
· A Tennessee Court of Criminal Appeals also affirmed the trial court’s denial of Michael Spray’s motion to suppress evidence a fellow sheriff’’s department dispatcher discovered because there was no Fourth Amendment violation in the discovery of images on Spray’s cell phone, and thus the subsequent searches and seizures of his phone and computer were not tainted. State v. Spray. Assistant Attorney General Jonathan Wardle represented the State.
Recent Federal Court Opinions
· The 11th Circuit Court of Appeals affirmed Timothy Sedlak’s conviction for possession and production of child pornography by the U.S. District Court for the Middle District of Florida, finding that the good faith exception to the exclusionary rule applied where the warrant authorizing the Secret Service to search his electronic storage devices for evidence of hacking led to the discovery of child pornography. U.S. v. Sedlak.
· The 11th Circuit also affirmed the district court’s order that required Apple to unlock the device seized from Dontavius Blake. The court further ruled that although the warrants which allowed FBI agents to gain access to Blake’s emails and social network account were overbroad, the district court did not err when it allowed the government to use evidence agents gathered because that evidence was limited in scope or fell within the good faith exception to the exclusionary rule. U.S. v. Blake.
· The 11th Circuit further found that the U.S. District Court for the Southern District of Florida did not err during Dontavious Blake’s trial when it issued an order under the All Writs Act that required a company that manufactured an electronic device that was seized from Blake to unlock that device. U.S. v. Blake.
· The D.C. Court of Appeals reversed and vacated Ezra Griffith’s conviction, finding that the warrant authorizing officers to search for and seize all cell phones and other electronic devices in Griffith’s residence was unsupported by probable cause because the supporting affidavit offered almost no reason to suspect that Griffith in fact owned a cell phone, or that any phone or other device containing incriminating information would be found in his apartment. U.S. v. Griffith.
· The U.S. District Court for the Eastern District of Pennsylvania ruled that Google must comply with two search warrants and turn over data stored on overseas servers because Google will be accessing the data from inside the U.S. and thus is a permissible domestic application of the SCA. In re Search Warrant No. 16-960-M-01 to Google; In re Search Warrant No. 16-1061-M to Google.
· California enacted AB 459, codified as Chapter 291, which amends the Public Records Act to specify that it does not require disclosure of a video or audio recording created during the commission of specified crimes, but does require an agency to justify the withholding of such a recording.
· Florida enacted HB 1027, codified as Chapter 2017-150, which authorizes the use of drones for personal deliveries within a county or municipality.
· Michigan enacted HB 4427, codified as pa 85’17, which provides that a recording from a body-worn camera retained by law enforcement in connection with an ongoing criminal investigation is not a public record and is exempt from disclosure under the freedom of information act under specified circumstances.
· The U.S. House passed S. 782, sponsored by Senator John Cornyn (R-TX), which would reauthorize through FY 2022 the ICAC data system and national strategy for child exploitation prevention. The bill has already been passed by the Senate.
· The House also passed HR 3388, sponsored by Representative Robert Latta (R-OH), which would require DOT to determine the most cost effective method for advising consumers about self-driving cars and then establish rules to require manufacturers to inform consumers.
Cybercrime Initiatives in the Attorney General Community
· Alabama Attorney General Steve Marshall filed multiple lawsuits against casinos in five counties that continue to operate illegal slot machines as “electronic bingo.” The State also filed motions for preliminary injunctions while the lawsuits were pending.
· California Attorney General Xavier Becerra obtained a judgment against China-based apparel manufacturer Ningbo Beyond for failure to pay software licensing fees. The judgment awards $3.2 million in civil penalties to the State.
· Indiana Attorney General Curtis Hill filed a response on behalf of the State in a lawsuit that seeks to declare constitutional a new law requiring out-of-state online businesses to collect and remit sales taxes.
· Massachusetts Attorney General Maura Healey obtained two settlement agreements with DraftKings and FanDuel pursuant to an investigation into alleged unfair and deceptive practices in which the daily fantasy sports companies will pay a total of $2.6 million. Attorney General Healey’s office will use the finds for grant programs for consumer protection and engaging young people in technology.
The case was handled by AAG Dan Krockmalnic and Sr. Trial Counsel Gary Klein.
· Pennsylvania Attorney General Josh Shapiro announced charges against two men for operating an illegal gambling enterprise involving 126 video poker machines in 25 bars. More than $660,000 in cash was seized during Operation Bar Buff, a three-year investigation by State Police working with Attorney General Shapiro’s office and a statewide grand jury.
· Texas Attorney General Ken Paxton filed a petition alleging that online reputation management company Solvera violated state law by perpetuating a scheme of filing lawsuits the company knew contained false information, including fictitious plaintiffs and defendants.
· Utah Attorney General Sean Reyes’ ICAC Task Force arrested 10 individuals for online child exploitation and distribution of child pornography in a sting operation involving multiple police departments, sheriff’s offices and Homeland Security Investigations,
· Wisconsin Attorney General Brad Schimel ‘s Division of Criminal Investigation joined federal and local law enforcement agencies in stings resulting in the arrest of 25 individuals for child exploitation and sex trafficking.
Hedda Litwin is the Editor of the Cybercrime Newsletter and may be reached at 202-326-6022. The Cybercrime Newsletter is a publication of the National Association of Attorneys General. Any use and/or copies of this newsletter in whole or part must include the customary bibliographic citation. NAAG retains copyright and all other intellectual property rights in the material. For content submissions or to contact the editor directly, please e-mail firstname.lastname@example.org.