Increase in prosecutions for computer fraud
In recent decades, almost all industries have undergone significant changes in the conduct of business due to the widespread use of computers and other technologies. While technological developments certainly make businesses more efficient, they also open the door to the abuse of customer and customer information.
When a person or business uses computers to obtain and use sensitive information, it can face a variety of federal charges, including computer fraud offenses. In some cases, using a computer to commit a crime is considered an “improvement”, making the underlying charge more serious. In other cases, using a computer to commit fraud will result in separate criminal charges. In either case, the allegations of computer fraud are extremely serious and present various challenges for both the prosecution and the defense.
Recently, the federal government began cracking down on computer fraud charges under 18 US Code § 1030 (the Computer Fraud and Abuse Act). Computer Fraud and Abuse Law focuses on fraud committed against government entities as well as individuals and organizations. With respect to the latter, the law prohibits individuals and organizations from using one computer without authorization to access the “protected computer” of another.
Most often, these cases involve an individual attempting to gain economic benefit; however, any use that could be perceived to benefit the purchaser may nevertheless constitute computer fraud. These charges can carry significant criminal consequences, even for those with no history, including federal imprisonment, forfeiture or restitution, as well as civil liability.
Employee use (and abuse) of access
One type of case that federal law enforcement agencies are particularly on the lookout for are those involving employees who use access granted by virtue of their position to commit crimes. Employees are often in the position of possessing sensitive customer information, be it passwords, healthcare information or trade secrets. As a general rule, employees should accept that they will not use customer information for personal gain or to commit an illegal act.
For example, in a recent case in the North District of Texas, a security analyst at the well-known home security company ADT now faces 52 months in federal prison after pleading guilty to several counts of pirating video streams from clients.
The US attorney claimed that the man added his own email address to the accounts of several clients, giving him real-time access to video surveillance from their home. He would accomplish this either by telling customers that he had to add his email to their account to perform the necessary maintenance, or by adding his own email without the customers’ knowledge.
Once he had access to the video feeds, the man allegedly watched videos of naked women and couples having sex for his own sexual satisfaction. According to the plea agreement, he accessed over 200 client accounts, viewing the videos over 9,500 times.
The man has been charged with several counts of computer fraud. He faced up to five years in prison. However, rather than taking the case to court, the man openly pleaded guilty in which he admitted responsibility for the offenses and asked the judge to formulate an appropriate sentence. In the end, he received a slightly relaxed sentence of 52 months in jail.
Theft of trade secrets
Federal law enforcement is also pursuing criminal actions against individuals and businesses that use computers to steal important business information from customers or businesses that outsource their services.
In a recent announcement from the US District Attorney’s Office for the Western Oklahoma District, a man pleaded guilty to conspiring to steal trade secrets from an oil and gas company. In this case, the man was a controller for the valves division of an oil and gas company that serves customers engaged in drilling and production. Obviously, the man signed up for a new business that was in direct competition with one of his business clients. He then recruited employees from the client company to join his new company.
Although this alone poses legal problems, the man then “uploaded the technical drawings, material specifications and manufacturing instructions for the victim company’s valves” as well as the company’s financial information. For example, he was able to get not only the valve design but also the manufacturing cost and customer information. The evidence also suggests that he replaced the logo of the victimized company with the logo of his own company.
After taking over the design of the company, the man then manufactured the valves and sold them in direct competition with the victim company. To make matters worse, he then instructed his employees to delete all potentially offending text messages and files.
More recently, the man pleaded guilty to conspiring to steal trade secrets. He faces five years in prison, a fine of $ 250,000, company compensation and up to three years of supervised release.
While it’s hard to say that the defendant in either of these two examples didn’t know their actions were in violation of the law, it won’t always be. Certainly, in some situations, a party may inadvertently violate computer fraud laws. Regardless of the intent or extent of the evidence against an individual, obtaining the help of an experienced computer fraud attorney is crucial in these types of cases.
Computer fraud cases are exceptionally difficult for both the prosecution and the defense. To properly defend against these claims, a defendant must know both the complex legal principles and the underlying technology.
The government’s burden of proving a case of fraud
In any case of fraud, the prosecution must show that an accused made a false statement or a false statement intentionally in order to promote his own interests or those of a third party. Thus, “guilty” knowledge is a prerequisite for any conviction for fraud.
While in some cases prosecutors may have direct evidence of an individual’s intention to commit fraud, more often than not this comes in the form of circumstantial evidence.
For example, in the trade secrets case mentioned above, the defendant’s act of telling employees to delete certain emails could be taken as evidence that he intended to cover up his past actions because he knew they were illegal. Computer fraud lawyer Nick Oberheiden explains:
Whenever the prosecution relies on circumstantial evidence, it opens the door for a defendant to challenge the prosecution’s interpretation of the evidence. Circumstantial evidence, by its nature, requires the investigator to make an inference before reaching the ultimate conclusion. In most situations, the inference the prosecutor asks the judge or jury to make is not the only reasonable inference based on the facts.
That being said, by the time a person learns that charges are pending, the federal government will already have a significant head start. Federal prosecutors diligently investigate allegations of computer fraud before informing the subject of their investigation. So, those facing computer fraud charges, or those concerned about being investigated for a computer breach, may consider contacting a defense attorney experienced in computer fraud as soon as possible.
Oberheiden PC © 2021 National Law Review, Volume XI, Number 217