6 December 1998. Add messages.
Date: Sat, 5 Dec 1998 21:16:35 -0500 Sender: Law & Policy of Computer Communications <CYBERIA-L@LISTSERV.AOL.COM> From: Kerry Zero <kerry@2600.COM> Subject: Financial disclosure panic? To: CYBERIA-L@LISTSERV.AOL.COM I am the webmaster for kevinmitnick.com, the internet source of information on the legal and media injustices that have been committed against Kevin Mitnick (a computer hacker arrested in 1995 who has remained in prison, pre-trial, with no chance at bail for nearly 4 years now, despite the fact that the charges against him are relatively mild in comparison to some other convicted hackers). In a hearing Wednesday my name was brought up by the judge, Mariana Pfaelzer, because she had received notification that I had requested her financial disclosure reports, a request I had assumed logical, considering the large number of companies that are claimed as victims in Mitnick's case. I have been doing a lot of research on the Mitnick case during the past few months, and this was one part of that research, ordering what I thought were publicly available records, and which I understood were not meant for dissemination -- I never published them or disclosed them to the public (above all, I would never have published this information on the web, although that was not even the issue, as the judge had no idea who I was, and she was not even aware on Wednesday that I am also Kevin's site webmaster). Apparently the judge was not at all happy simply that someone on Mitnick's side of the fence had even researched this. I suppose she'd have been happier if it had been the prosecution, although obviously that wouldn't have helped me find the facts I needed to know :) I was told by different sources (present in the courtroom) that the judge reacted as though infuriated at my request, and she put the government on notice that "if anything happened" -- and left the sentence uncompleted. Now I am left wondering what the potential legal ramifications of this incident could possibly be. I did nothing illegal, although in the judge's eyes, apparently it was immoral or otherwise not right. I can't understand why -- my only guess is that she (Judge Pfaelzer) has so firmly bought the belief that Kevin Mitnick is an extremely dangerous hacker (though nothing he has done, and nothing in the charges, indicates this) that she simply fears any actions those of us innocently researching his case might take. The information I requested, as I understood it, was private, and not for publication, but it is openly available to the public by request; one does not have to be a lawyer to request it. I am not a lawyer; far from it; and I'm not a computer-cracker either -- I'm a female programmer in my 20s and I write online course software for a university. This seemingly (to me) bizarre incident has me blown away completely. The financial disclosure information is not even detailed enough as to allow one to estimate income or any other personal information about the judge, and so I'm having trouble understanding what any possible misuses of this information could be (and I don't really want to know, at this point! :) although obviously I never intended anything to come of the information in any way, unless it was directly relevant to the case. If there had been a conflict of interest with Judge Pfalezer, it would be very significant to Mitnick's case. At any rate, I'm uncertain as to what I should fear from the government -- if anything. If one of the corporations listed in the judge's statement happens to go bankrupt, will I be investigated? It seems ridiculous to me, but I have been warned that I may be investigated, and the government prosecutor now has a copy of the request I made, which apparently so infuriated the judge. To me, it seems that this court may believe everyone involved in Mitnick's "cause" is dangerous, although even Kevin himself has never been accused of committing harm to a person or to a computer -- he is basically accused of copying software. There have, however, been several particularly damaging false "facts" printed in the media about him, such as that he stole credit card numbers and that he broke into NORAD as a teenager -- neither of which ever appeared in any charges against Kevin, and both were proven to be untrue, but not before being printed on the front page of the NY Times, unfortunately. I suppose it's not my place to speculate, but I wonder how Kevin can possibly get a fair case with this type of paranoia against him and his supporters, if indeed it is paranoia... perhaps it is only my own ignorance of the law, and this happens all the time. I just wondered if any of you had any thoughts. I've been following this list for a while and have found it very educational. thanks, email@example.com
Thanks to DM: http://dailynews.yahoo.com/headlines/tc/story.html?s=v/nm/19981204/tc/hacker_1.html Friday December 4 2:27 PM ET Judge postpones trial of computer hacker Mitnick LOS ANGELES (Reuters) - A judge has postponed for three months convicted hacker Kevin Mitnick's trial on federal fraud and theft charges and said she would probably order a separate trial for his co-defendant. U.S. District Judge Mariana Pfaelzer delayed the start of Mitnick's trial to April 20 from Jan. 19 at the request of his lawyers, who said they needed more time to prepare. Pfaelzer said she would also likely grant a defense request to hold a separate trial for co-defendant Lewis DePayne. Outside court, defense lawyer Donald Randolph said Mitnick, who is being held in jail pending trial, would have liked to start trial even later in 1999. "He's concerned about the massive amount of material (in the prosecution's case," Randolph said. "He's anxious to make sure we're prepared." Mitnick is accused in 25 criminal counts of stealing proprietary information from Motorola, Nokia, Novell, Sun Microsystems and other companies by hacking into their computers. Mitnick was convicted of computer fraud in 1989 and sentenced to one year in prison. After his release, he was arrested again and convicted for violating his parole.
Date: Sun, 6 Dec 1998 13:13:38 -0500 Sender: Law & Policy of Computer Communications <CYBERIA-L@LISTSERV.AOL.COM> From: Peter Swire <swire.1@OSU.EDU> Subject: Re: Financial disclosure panic? To: CYBERIA-L@LISTSERV.AOL.COM At 09:16 PM 12/5/98 -0500, Kerry Zero wrote: [Snip] The legal ramifications depend on what information you looked up and whether that was indeed done legally. If you looked up the value of the Judge's house, accessing public records, then it is hard to imagine that you have any *legal* problem. (The judge might be mad at you, but would have no legal basis for doing anything.) Same result if you pulled up any other public records or any private records where there is no specific law barring release. On the other hand, if you pulled a full credit report on the Judge, without having a legal basis for doing so (such as being a grantor of credit, which you are not), then you may have legal problems under the Fair Credit Reporting Act. Similarly, if you illegally entered someone else's computer system to get the data, then you may be liable under a trespassing or computer theft claim. Your case illustrates the tension between: (1) Freedom of Information Act principles, and the public's general right to know about officials; and (2) individuals' expectation of privacy about their financial and other sensitive information. Real harm could come from revelation of a judge's financial situation; for instance, if her credit card numbers were put on the web, bad people might run up unauthorized charges, wreck her credit history, and leave the judge dealing with the aftermath of identity theft. When you access information that an individual considers "private", you do run the risk that: (a) they will get mad at you; and (b) will look for some legal recourse. For better or worse, however, there will rarely be a winning legal claim against you for accessing personal information that was already publicly available. Peter Swire Prof. Peter Swire Ohio State University College of Law, (614) 292-2547 http://www.osu.edu/units/law/swire.htm (includes Internet Privacy Page) "None of Your Business: World Data Flows, Electronic Commerce & the European Privacy Directive" now available from Brookings Press, http://www.brookings.org/press/books/nonebusi.htm
Date: Sun, 6 Dec 1998 11:17:42 -0800 Sender: Law & Policy of Computer Communications <CYBERIA-L@LISTSERV.AOL.COM> From: Kaye Caldwell <kaye@IX.NETCOM.COM> Subject: Re: Financial disclosure panic? To: CYBERIA-L@LISTSERV.AOL.COM I would guess in this case that the "financial disclosure reports" referred to might be disclosures required by law for elected officials or perhaps for appointed officials. If that is the case, the more interesting aspect is why the judge was notified of the request. While I might argue that a private citizen should have the right to notification of requests for data on them, I would certainly argue that the private citizen has a right to request public data on elected officials without the request being disclosed to that official or, for that matter, to anyone. Great book, Peter's, by the way, extremely informative and much needed. - Kaye
Date: Sun, 6 Dec 1998 19:58:01 -0500 Sender: Law & Policy of Computer Communications <CYBERIA-L@LISTSERV.AOL.COM> From: Kerry Zero <kerry@2600.COM> Subject: Re: Financial disclosure panic? To: CYBERIA-L@LISTSERV.AOL.COM On Sun, 6 Dec 1998, Peter Swire wrote: > The legal ramifications depend on what information you looked up and > whether that was indeed done legally. If you looked up the value of the Yes, the info was definitely legal. Anyone can order these things (see http://www.uscourts.gov/forms/reqinstr.htm). The situation is, as you said, that the judge is upset, but has no legal grounds to do anything. However, that doesn't mean the FBI won't investigate the "incident" of my legal request anyhow. No credit records or anything that could obviously be used to harass someone. We just wanted to establish that the judge did not have any financial holdings that could potentially bias her judging in the Mitnick case. > When you access information that an individual considers "private", you do > run the risk that: (a) they will get mad at you; and (b) will look for some > legal recourse. For better or worse, however, there will rarely be a > winning legal claim against you for accessing personal information that was > already publicly available. Definitely. That is what we have to remember when we play with the "big guys", I suppose. But, as someone I know said concerning the incident: "Rights never exercised because of fear of extralegal punishment are not rights at all." It simply amazed me that a federal judge (who actually wields a lot of power) could potentially set the FBI on a citizen because of a perfectly legal public request. I now have more detail on what happened in the courtroom - the judge said (this is probably paraphrased a bit since there is no recording of it): "I don't know what Mr. Mitnick's friends have been up to, but someone has requested my financial disclosure reports..." she then put the government on notice that "if anything happened...", implying that I would be responsible. Just seemed to me that a public official such as a federal judge should file their disclosure reports knowing that from time to time people might legally request them. If I hadn't been associated with Kevin Mitnick, I think she would likely never have noticed the request. Thanks for your helpful insight, firstname.lastname@example.org