• clover-depot-intl-us-ca-email-signature-05-10-2017-902x1772
  • cartridgewebsite-com-big-banner-02-09-07-2016
  • 05 02 2016 429716a-cig-clearchoice-banner-902x177
  • ncc-banner-902-x-177-june-2017
  • banner-01-26-17b
  • ces_web_banner_toner_news_902x1776
  • 4toner4
  • Print
  • mse-big-banner-new-03-17-2016-416716a-tonernews-web-banner-mse-212
  • 2toner1-2


 user 2006-09-11 at 11:21:00 am Views: 66
  • #16417

    HP broke state laws
    California attorney general ‘still investigating’ phone-data scandal
    FRANCISCO – While state Attorney General Bill Lockyer has determined
    Hewlett-Packard Co.’s clandestine investigation of its own board
    members violated the law, he says it’s still unclear whether anyone
    will be prosecuted.Lockyer said Thursday that the Palo Alto-based
    company’s gumshoe tactics to root out the source of a media leak
    violated two California laws related to identity theft and illegal
    access to computer records.The company has landed in a mounting legal
    and ethical debate for hiring a private investigation firm whose agents
    impersonated HP officials and journalists to get phone companies to
    hand over detailed records of home phone calls.But Lockyer said he has
    not decided whether the company or anyone acting on its behalf will
    face civil or criminal charges.“The question was, was a crime
    committed? The answer is yes. Does that mean charges will result? Well,
    we haven’t completed the investigation so we’re not yet certain as to
    who committed the crime,” Lockyer said in a phone interview.“It’s
    likely if evidence continues to come in the way it has that there will
    be a prosecution,” he said. “But we’re not ready to go file a
    complaint. We’re still investigating.”HP, meanwhile, disclosed that the
    phone records of nine journalists were secretly obtained as part of the
    company’s efforts to identify the source of its leaks. The San
    Francisco Chronicle quoted HP spokesman Ryan Donovan as saying that HP
    had given Lockyer’s office the list of reporters and that they have
    since been notified that their personal information was compromised.The
    nine include Pui-Wing Tam and George Anders of The Wall Street Journal,
    Dawn Kawamoto and Tom Krazit of CNET Networks Inc.’s News.com and John
    Markoff of The New York Times, those news organizations disclosed.HP
    could face criminal charges.Experts in privacy and telecommunications
    law say HP officials or the private investigators HP hired could face
    criminal charges. The company could also be liable for civil crimes and
    be subject to fines.Lockyer said HP’s antics violated directors’ and
    journalists’ right to privacy, which is guaranteed in California’s
    Constitution. He emphasized that no one involved in the investigation
    is above the law.“The crime seems to have been committed by the data
    broker, but that leads to the question of who knew what and when,”
    Lockyer said. “How many others were part of the illegal activity — we
    don’t know the answer to that yet.”People involved in the HP
    investigation may have also violated a California Civil Code banning a
    corporation’s communication of employee Social Security numbers to the
    public.One of HP’s private investigators obtained the last four digits
    of the Social Security number of HP director Tom Perkins. The
    investigator called AT&T and impersonated Perkins, asking AT&T
    to send a record of phone calls to and from his house in December 2005
    and January 2006 to a free, Web-based e-mail account.Donovan declined
    to comment Thursday on whether HP directors knew in advance that the
    investigators would pretext. The company has not disclosed which
    private investigation firm it employed.“I can’t imagine that an
    investigator imagined the numbers,” Lockyer said.

    SEC also reviewing the case
    Securities and Exchange Commission is also reviewing statements HP
    disclosed after Perkins resigned May 18 in protest over the
    investigation, SEC spokesman John Heine said Thursday.The scandal has
    focused attention on the age-old subterfuge: posing as someone else to
    access their personal information. Known as “pretexting,” the practice
    often violates state and federal laws, but attorneys and private
    investigators say it’s a commonly accepted practice that lives in a
    legal — if not ethical — gray area.Privacy and telecommunications
    experts say no corporation or individual has ever been charged
    criminally or civilly with pretexting.Although the federal
    Gramm-Leach-Bliley Act prohibits financial institutions from pretexting
    in most circumstances, investigators not affiliated with banks or other
    institutions often pretext.Licensed private investigators in California
    and many other states are also allowed to employ such strategies to
    hunt down people who try to hide from the law, said Tamara Thompson, a
    private investigator in Oakland who has been practicing for 15
    years.“To come out and say no one should be able to get these records
    under any reason doesn’t consider the circumstances under which people
    benefit from investigators,” Thompson said.Investigators also pretext
    to find kidnappers or those ordered to forfeit money or property to the
    court or a winning party in a lawsuit. But the most common use of
    pretexting is to get phone records of a cheating spouse to present in a
    divorce case, investigators said.

    Pretexting ‘alarmingly easy’
    Sanscrainte, a telecommunications and privacy attorney at Bryan Cave
    LLP, said it’s impossible to quantify the scope of pretexting. But he
    said it was “alarmingly easy” to impersonate someone and get detailed
    call logs e-mailed from a phone company.“People have actually created a
    business model out of this,” Sanscrainte said.Pretexting is
    increasingly drawing the ire of privacy advocates and
    politicians.Eleven states have criminalized pretexting since 2005,
    Sanscrainte said. California’s Legislature has considered at least
    three bills concerning pretexting so far this year, but none has
    passed.In May, the Federal Trade Commission filed federal complaints
    against five e-commerce companies that obtained and sold consumers’
    confidential telephone records.In February, the San Francisco-based
    research firm Electronic Privacy Information Center wrote a letter to
    California’s State Bar Ethics Committee, saying that pretexting is
    likely a violation of American Bar Association rules. Attorneys are
    among the most voracious customers of pretexting services; they use the
    data in court to implicate or exonerate parties in lawsuits.“We believe
    that attorneys who hire investigators or other companies to engage in
    pretexting violate ethical norms,” EPIC Director Chris Jay Hoofnagle
    wrote. “Attorneys have a duty to be zealous advocates of their clients,
    but must operate within the bounds of the law.”

    HP’s liability hinges on numerous factors, attorneys say.
    Lockyer or others want to take the case to court, the company could
    claim they were not aware that the private investigator was planning to
    pretext.“These are smart folks, prudent, and they probably hired a
    first-class firm — not a guy who breaks into motel rooms,” said Ed
    Harmon, a partner with the Pittsburgh-based law firm Thorp Reed &
    Armstrong.Victor Schachter, chairman of Fenwick & West LLP’s
    employment practices group, said HP and the private investigation firm
    may share liability.“When you have an outside agency making false
    pretenses about who they are and why they’re calling, it smells,” said
    Schachter, whose firm often employs private investigators. “It’s
    somewhat unknown whether it’s illegal, but I’d feel comfortable saying
    this is very problematic.”