• ncc-banner-902-x-177-june-2017
  • ces_web_banner_toner_news_902x1776
  • cartridgewebsite-com-big-banner-02-09-07-2016
  • clover-depot-intl-us-ca-email-signature-05-10-2017-902x1772
  • 4toner4
  • banner-01-26-17b
  • mse-big-banner-new-03-17-2016-416716a-tonernews-web-banner-mse-212
  • 2toner1-2
  • Print
  • 05 02 2016 429716a-cig-clearchoice-banner-902x177


 user 2006-09-11 at 11:18:00 am Views: 56
  • #16416

    HP broke state laws
    California attorney general ‘still investigating’ phone-data scandal
    SAN FRANCISCO – While state Attorney General Bill Lockyer has determined Hewlett-Packard Co.’s clandestine investigation of its own board members violated the law, he says it’s still unclear whether anyone will be prosecuted.Lockyer said Thursday that the Palo Alto-based company’s gumshoe tactics to root out the source of a media leak violated two California laws related to identity theft and illegal access to computer records.The company has landed in a mounting legal and ethical debate for hiring a private investigation firm whose agents impersonated HP officials and journalists to get phone companies to hand over detailed records of home phone calls.But Lockyer said he has not decided whether the company or anyone acting on its behalf will face civil or criminal charges.“The question was, was a crime committed? The answer is yes. Does that mean charges will result? Well, we haven’t completed the investigation so we’re not yet certain as to who committed the crime,” Lockyer said in a phone interview.“It’s likely if evidence continues to come in the way it has that there will be a prosecution,” he said. “But we’re not ready to go file a complaint. We’re still investigating.”HP, meanwhile, disclosed that the phone records of nine journalists were secretly obtained as part of the company’s efforts to identify the source of its leaks. The San Francisco Chronicle quoted HP spokesman Ryan Donovan as saying that HP had given Lockyer’s office the list of reporters and that they have since been notified that their personal information was compromised.The nine include Pui-Wing Tam and George Anders of The Wall Street Journal, Dawn Kawamoto and Tom Krazit of CNET Networks Inc.’s News.com and John Markoff of The New York Times, those news organizations disclosed.HP could face criminal charges.Experts in privacy and telecommunications law say HP officials or the private investigators HP hired could face criminal charges. The company could also be liable for civil crimes and be subject to fines.Lockyer said HP’s antics violated directors’ and journalists’ right to privacy, which is guaranteed in California’s Constitution. He emphasized that no one involved in the investigation is above the law.“The crime seems to have been committed by the data broker, but that leads to the question of who knew what and when,” Lockyer said. “How many others were part of the illegal activity — we don’t know the answer to that yet.”People involved in the HP investigation may have also violated a California Civil Code banning a corporation’s communication of employee Social Security numbers to the public.One of HP’s private investigators obtained the last four digits of the Social Security number of HP director Tom Perkins. The investigator called AT&T and impersonated Perkins, asking AT&T to send a record of phone calls to and from his house in December 2005 and January 2006 to a free, Web-based e-mail account.Donovan declined to comment Thursday on whether HP directors knew in advance that the investigators would pretext. The company has not disclosed which private investigation firm it employed.“I can’t imagine that an investigator imagined the numbers,” Lockyer said.

    SEC also reviewing the case
    The Securities and Exchange Commission is also reviewing statements HP disclosed after Perkins resigned May 18 in protest over the investigation, SEC spokesman John Heine said Thursday.The scandal has focused attention on the age-old subterfuge: posing as someone else to access their personal information. Known as “pretexting,” the practice often violates state and federal laws, but attorneys and private investigators say it’s a commonly accepted practice that lives in a legal — if not ethical — gray area.Privacy and telecommunications experts say no corporation or individual has ever been charged criminally or civilly with pretexting.Although the federal Gramm-Leach-Bliley Act prohibits financial institutions from pretexting in most circumstances, investigators not affiliated with banks or other institutions often pretext.Licensed private investigators in California and many other states are also allowed to employ such strategies to hunt down people who try to hide from the law, said Tamara Thompson, a private investigator in Oakland who has been practicing for 15 years.“To come out and say no one should be able to get these records under any reason doesn’t consider the circumstances under which people benefit from investigators,” Thompson said.Investigators also pretext to find kidnappers or those ordered to forfeit money or property to the court or a winning party in a lawsuit. But the most common use of pretexting is to get phone records of a cheating spouse to present in a divorce case, investigators said.

    Pretexting ‘alarmingly easy’
    Joseph Sanscrainte, a telecommunications and privacy attorney at Bryan Cave LLP, said it’s impossible to quantify the scope of pretexting. But he said it was “alarmingly easy” to impersonate someone and get detailed call logs e-mailed from a phone company.“People have actually created a business model out of this,” Sanscrainte said.Pretexting is increasingly drawing the ire of privacy advocates and politicians.Eleven states have criminalized pretexting since 2005, Sanscrainte said. California’s Legislature has considered at least three bills concerning pretexting so far this year, but none has passed.In May, the Federal Trade Commission filed federal complaints against five e-commerce companies that obtained and sold consumers’ confidential telephone records.In February, the San Francisco-based research firm Electronic Privacy Information Center wrote a letter to California’s State Bar Ethics Committee, saying that pretexting is likely a violation of American Bar Association rules. Attorneys are among the most voracious customers of pretexting services; they use the data in court to implicate or exonerate parties in lawsuits.“We believe that attorneys who hire investigators or other companies to engage in pretexting violate ethical norms,” EPIC Director Chris Jay Hoofnagle wrote. “Attorneys have a duty to be zealous advocates of their clients, but must operate within the bounds of the law.”

    HP’s liability hinges on numerous factors, attorneys say.
    If Lockyer or others want to take the case to court, the company could claim they were not aware that the private investigator was planning to pretext.“These are smart folks, prudent, and they probably hired a first-class firm — not a guy who breaks into motel rooms,” said Ed Harmon, a partner with the Pittsburgh-based law firm Thorp Reed & Armstrong.Victor Schachter, chairman of Fenwick & West LLP’s employment practices group, said HP and the private investigation firm may share liability.“When you have an outside agency making false pretenses about who they are and why they’re calling, it smells,” said Schachter, whose firm often employs private investigators. “It’s somewhat unknown whether it’s illegal, but I’d feel comfortable saying this is very problematic.”