Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
The Courts Government Spam America Online United States News

Judge Rejects Guilty Plea From AOL Employee 231

The Hobo writes "Newsday has a story on a New York judge who rejected Jason Smather's guilty plea. Smathers, covered previously on Slashdot, was the AOL employee who stole and sold AOL addresses to spammers. The judge himself apparently cancelled his AOL subscription due to receiving too much spam. While he didn't like what Jason did, he wasn't convinced a crime had been committed under the CAN-SPAM law, which requires that a person be deceived."
This discussion has been archived. No new comments can be posted.

Judge Rejects Guilty Plea From AOL Employee

Comments Filter:
  • Does not compute (Score:5, Insightful)

    by October_30th ( 531777 ) on Tuesday December 21, 2004 @07:26PM (#11154375) Homepage Journal
    Authorities said Smathers, who was fired by AOL in June, used another employee's access code to steal the list of AOL customers in 2003 from its headquarters in Dulles, Va., and sold it to spammers for more than $100,000.

    I don't understand how this is not deceptive, fraudulent and illegal...

    • Re:Does not compute (Score:5, Informative)

      by The Only Druid ( 587299 ) on Tuesday December 21, 2004 @07:35PM (#11154455)
      It doesn't matter if its deceptive or fradulent, because the charge was specifically done under a particular law: the can-spam act, which has specific requirements. The judge determined that the charge failed to allege an actual violation of that law.

      Essentially, the judge instituted a 12(b)(6) motion, dismissing the suit for failure to state a claim upon which action could be based.
      • Cool, so I want to get charged with murder and tried in traffic court, how can I arrange that?
    • by YrWrstNtmr ( 564987 ) on Tuesday December 21, 2004 @07:42PM (#11154519)
      It is. It just doesn't meet the specifics of CAN-SPAM, which is evidently what he was charged with, and tried to plead guilty to.

      What the judge did was, IMHO, right, in the same way that bank robbery doesn't meet the specifics of the traffic laws.

      Charge him with what he actually did, and let him plead guilty to that.

      • It is. It just doesn't meet the specifics of CAN-SPAM, which is evidently what he was charged with, and tried to plead guilty to.

        I gotta say, his lawyer must be pretty f**kin' dumb to have gone in there prepared to let the guy cop a guilty plea. I'd like to think that if I had the slightest chance of successfully defending something, that my lawyer would argue as such. Silly goose doesn't even appear to have read the Act!

        • Heh I wouldn't bet on it. I was in court (for a traffic offence I hasten to add!) the main witnesses lied, we know he lied and could prove it: my barrister even crowed about the fact. And then failed to even raise the issue in court!

          I was stunned.

    • by zakezuke ( 229119 ) on Tuesday December 21, 2004 @07:49PM (#11154575)
      I don't understand how this is not deceptive, fraudulent and illegal...

      Perhaps it should be, but it's not. No one was actually deceived, the guy flat out used someone else's access code to gain access to a mail list and sell it. For example, if you gave a key to your house and I used it to go in and copy your phone list and sell it to a telemarketer. It's not trespass or breaking and entering because you gave me a key. It might not be deceptive because you might have given me the key to feed your cat and I might not have intended to copy your phone list at that time. And it's not theft because I only made a copy of your phone list. And there is no violation of copyright because a list of names and contact info can't be copyrighted.

      I might be guilty of violating your trust but I don't see how any crime was committed.
      • No, this is more like giving you a key to our boss's house, without his permission. And, our boss has contracts with everyone on his phone list that ensure that our company will not sell their phone number. And our boss probably made us sign a paper when we started working for him saying we would never sell/give out confidential company info.

        In fact, there's no guarantee that the other employee GAVE him his access code. He could have found the post-it under his keyboard or whathaveyou. Regardless, since
        • by GryMor ( 88799 )
          Which is cause for a civel action against him by AOL with regards to his employment contract, and possibly an 'unauthorized use of a protected computer system' charge, but certainly doesn't hold up to the requirements for much of anything else.
          • Actually, it would probably be more along the lines of a civil action for misappropriation of trade secrets -- but there can be criminal penalties for stealing trade secrets as well, so who knows...
            • Re:Does not compute (Score:3, Informative)

              by zakezuke ( 229119 )
              Trade Secret [wikipedia.org]

              However, there are three factors that (though subject to differing interpretations) are common to all such definitions: a trade secret is some sort of information that (a) is not generally known to the relevant portion of the public, (b) confers some sort of economic benefit on its holder (where, note well, this benefit must derive specifically from the fact that it is not generally known, not just from the value of the information itself), and (c) is the subject of reasonable efforts to mainta

        • No, this is more like giving you a key to our boss's house, without his permission. And, our boss has contracts with everyone on his phone list that ensure that our company will not sell their phone number. And our boss probably made us sign a paper when we started working for him saying we would never sell/give out confidential company info.

          It sounds like a breach of contract to me, not a criminal act.

          In fact, there's no guarantee that the other employee GAVE him his access code. He could have found th
          • Re:Does not compute (Score:3, Interesting)

            by jhigh ( 657789 )
            You don't know for a fact that he had no permission from the company to access this data. If another employee gave him the access code they are, like it or not, they are being granted a license to access what ever data and resources are associated with that account. This would be *stupid* and ground for dismissal but in it self hardly a criminal act.

            And this is why security policies are so important. If AOL's security policy explicitly states that no user is allowed to access another user's account, ev
      • Nah, if you hire a hitman you are still charged with murder. Why can't you be charged under CAN-SPAM act if you sell a list of e-mail addresses to a known spammer? Or fined for unwanted calls if you sell my phone list to telemarketers? He should also be charged with embezzlement for selling AOLs property, and probably both charges at the same time, because they pertain to different victims.
    • I don't understand how this is not deceptive, fraudulent and illegal...


      Just because someone did something deceptive, fraudulent, and illegal, doesn't mean that the prosecution can slack off and charge them under a law that doesn't apply. Yes, it's because the law is stupid, and it's hard to understand why an anti-spam law doesn't apply to someone involved in spamming, but that's what we've got here.
  • by Antony-Kyre ( 807195 ) on Tuesday December 21, 2004 @07:26PM (#11154381)
    He stole a list of e-mail addresses. Isn't that theft? Even if he doesn't get charged with sending out spam, he did commit other crimes, right?
    • exactly, he's charged with "conspiracy and interstate transportation of stolen property" according to the article, which seems to fit the crime ... he used another employees access code which warrants theft ....... maybe we're missing something???
      • by Anonymous Coward
        > he's charged with "conspiracy and interstate transportation of stolen property"

        The actual charge: "conspiracy to conspire and interstate a conspiracy for the electrical transportation of privately owned copyright protected electronic Internet based material constituting a conspiracy to interstate the committal to infringe laws defined by copyright infringement laws on the electronic Internet network, on Mondays, after 15:00 but not later than 17:00"
    • In the UK the Data Protection Act would have him down for that.
    • by TiggertheMad ( 556308 ) on Tuesday December 21, 2004 @08:47PM (#11154983) Journal
      He stole a list of e-mail addresses. Isn't that theft?

      No, the **IA is EVIL! It's a backup copy! I bought it several years agon on vinyl, and so I am entitled to a space shifted copy! It isn't theft, because they still have a cop-

      WAITAMINUET! I'm sorry. I didn't know that this was a story about spammers...

      KILL the spammer! They are bandwidth thieves, stealing a 'commons' from all of us! This guy is a THIEF, he took a copy of a private list! Publish his address someone, so I can mail him a sack of POOP!
    • He commited several crimes, AOL specifically chose to have him prosecuted under the CAN-SPAM Act of 2003 [spamlaws.com]. My guess is for two reasons. One because it carries the harshest sentencing potential (criminal, meaning not just fines but jail time as well) and second because convictions under this act make an example. This is new highly publicised legislation, passed as a deterent more than anything else. Spammers have to be afraid, of laws that legislation like this enacts. If not, the legislation is worthless an
  • CAN-SPAM (Score:5, Interesting)

    by FiReaNGeL ( 312636 ) <.moc.liamtoh. .ta. .l3gnaerif.> on Tuesday December 21, 2004 @07:27PM (#11154393) Homepage
    Maybe a crime hasn't been committed against this (obscure) law, but stealing critical info from the company you're working for and selling it to the highest bidder (or in this case, spammer) sure is. Was he accused of the wrong thing or what?
    • Maybe a crime hasn't been committed against this (obscure) law, but stealing critical info from the company you're working for and selling it to the highest bidder (or in this case, spammer) sure is. Was he accused of the wrong thing or what?

      Is a userlist critical info? If he copied propriority information and sold it I can see where that might apply. If he sold a password list I can see how that might apply. But a user list isn't critical, proprietary, or even copyrighted.

    • Re:CAN-SPAM (Score:4, Insightful)

      by hackstraw ( 262471 ) * on Tuesday December 21, 2004 @08:56PM (#11155044)
      Maybe a crime hasn't been committed against this (obscure) law

      Law in general is obscure. You know a society is too complex and complicated when highly respected people in that society have full time jobs to simply know the rules of that society.
      • Care to name a society where this is not the case? Or is it just theoretical? Are you an anarchist (or in some other way against rule of law)? No presumptions or offense intended, just curious.
        • Well, I'm not aware of any specifics, but I'm sure there are nomadic tribes in africa or somewhere in which there are no lawyers (this role is perhaps filled by tribal elders or something, but that's still alright: a tribal elder isn't somebody who has devoted their career to simply knowing the rules of the society; everybody knows the rules, it's just that the tribal elder is respected for his age and wisdom).
    • then it's crappy homework by the prosecution(or aol or whoever).

  • Ding! (Score:5, Funny)

    by Asshat Canada ( 804093 ) on Tuesday December 21, 2004 @07:28PM (#11154394)
    You've got Bail!
  • by toupsie ( 88295 ) on Tuesday December 21, 2004 @07:29PM (#11154402) Homepage
    Didn't the guy steal millions upon millions of AOL Screen Names and fence them? Isn't that covered under the STEAL-SHIT Act? Can I guarantee a reservation in his court? I have my eyes on this Porsche.
    • I appreciate the humour but theft is defined as depriving someone of their property, so how does one 'steal' email addresses?
      • If the list was proprietary / internal / confidential / whatever-your-company-calls-it and you steal it, then you have stolen the list. The law wouldn't be worried about the individual addresses but rather the list in total. Especially if said list has commercial value (which it obviously does).

        I could definitely see this as corporate espionage. Overall I would say the defendant is getting off pretty easy.
      • I know that what I am about to say is considered verboten on /. but, whether you like it or not:

        The law says intellectual property is property!

        You may have theoretical or philosophical issues with this, fine -- but the law is what it is, until it is changed. And the law says IP is property.

        And, contrary to what most on /. would like you to believe, the law has a more expansive notion of stealing than "depriving someone of a particular piece of tangible property." For some fun reading, here's an excerpt
    • How is it theft to distribute a list of e-mail addresses? Your comparison with stealing a Porsche is completely off.

      Violation of privacy and company policies, for sure, but not theft.

    • He's the judge, not the prosecutor. He adjudicates the charges made. He doesn't get to say, "Well, charge X is bogus but you're obviously guilty of unalleged charge Y, so Alcatraz it is!"
  • If the AOL employee disobeyed orders or substracted information so that the company would in fact not respect the privacy policy, then the employee did commit a crime. Call it fraud, negligence to fulfill contract...

    Hmmmm maybe the people should sue AOL instead.
    • Call it fraud, negligence to fulfill contract...

      Whoa there skippy... there's a *big* difference between committing a crime and failing to fulfill the terms of a contract.

      A crime is "theoretically" supposed to adversely affect more than just those involved, as in "the rest of society". That's why, in Civil court, you hire your own-ass lawyers, while, in Criminal court, the State prosecutes.

      Now, granted, that line has been (intentionally) blurred lately, so I can't really fault you for not being able to

  • The judge, who said he dropped his own AOL membership because he received too much spam...

    Yeah, right. We all know he cancelled AOL because his free trial ran out. Now he's just waiting to be bombarded in the mail by another 500 CD's begging him to come back.

  • by multiplexo ( 27356 ) on Tuesday December 21, 2004 @07:30PM (#11154414) Journal
    could band together and sue this guy and the asshole he sold the list to in civil court with a class action lawsuit. Nail him to the tune of a few billion dollars just to add insult to injury. Of course he should first spend some time in a nice secure federal pound-me-in-the-ass penitentiary. Having his anus blown out and being several billion dollars in debt would be just punishment and a fine deterrent.

    • Couldnt he just declare bankruptcy and the judgment against him would become null and void?
    • As long as it's more secure then wireless networks. [slashdot.org]
  • Yes he stole the email addresses, that's not the point here. The judge said he couldn't be charged with the particular crime that the trial was for. That's why he scheduled a new trial in January.

    Apparently the Can Spam law has found another way to be useless, but he'll still pay for the theft.
  • by Software ( 179033 ) on Tuesday December 21, 2004 @07:30PM (#11154421) Journal
    It's good to know that the judge respects and applies the law _as written_, and doesn't try to punish the defendant because he (the defendant) is a total scumbag.

    I would rather the law had been written such that selling legitimate addresses to spammers was punishable by death, but that's not the way it happened. So, given that the CAN-SPAM law doesn't prohibit selling addresses to spammers (which may or may not be true), it seems like the right decision.

    By the way, this guy needs a new defense lawyer. BADLY.

  • Isn't this art usually practiced by an attorney? Ah, but this judge probably was an attorney.
  • Is this judge not just shilling for corporate spammers who want to see the whole of the Internet reduced (elevated?) to unchecked commercial solicitation, without regard to accuracy or appropriateness? If the judge is really after justice here, he'll reject the guilty verdict, and, in his opinion devastate the "CAN-SPAM" act as useless to protect even himself from spam. While he's at it, he could have the prosecutor, who charged the little creep with the wrong crime, horsewhipped for his hand in the pernici
    • > Is this judge not just shilling for corporate spammers

      Maybe the judge should find him guilty of murder as well. After all, we don't want people to think murder is OK, do we?
      • Let's say he pleaded guilty to a prosecutor charge of murder, and the judge found he wasn't guilty, though he killed someone, because the only murder law was full of holes. I would expect the judge to condemn the law, to excoriate the prosecutor, and, of course, to find him "not guilty". Killing people isn't OK, spamming isn't OK, and neither is this miscarriage of justice which sets this creep free, and opens the door for the rest of his slimy ilk. CAN-SPAM is obviously not OK, and the prosecutor is not OK
        • Reminds me of an episode of "The Practice" where a man was arrested with a dead body in his trunk. It turned out the man was "acting suspiciously" and for that a policeman (with no cause for actual suspicion of murder) drew his gun and ordered the man to open his trunk. He was arrested, and tried for murder.

          HOWEVER: the judge ruled that the search was unwarranted because the policeman did not request the search, he bullied the suspect into it (ie the gun) with no knowledge of any crime being commited; "an
          • WTF? I asked for a lot of things, that we probably won't get, but I never asked for the spambag to be treated any differently by the court. Other than mean talk, all my ire is directed at the stupid law, the incompetent prosecutor, and expectations that the judge will cop out and do nothing but further wobble the legal wheel off its axis with his opinion, without addressing the procedural problems inherent in this process and law. AFAIK, "Not Innocent" doesn't get anybody hanged in the USA, yet.
  • WTF? (Score:3, Insightful)

    by The Cisco Kid ( 31490 ) * on Tuesday December 21, 2004 @07:49PM (#11154570)
    Ok, he didnt violate the you-can-spam act, nor should he have been charged under that. He should be charged with theft of private information from his employer.
  • Smather's guilty plea to the specific charge under the can-spam legislation was rejected. I don't know enough about the can-spam act or this case to know what this charge precisely was. Regardless, whether or not he violated any other laws is not relevant to this charge. TFA gives no information regarding any fraud case, or any civil suit (i.e. breach of contract).
  • by geekwench ( 644364 ) on Tuesday December 21, 2004 @08:05PM (#11154691)
    (Obligatory disclaimer: IANAL)

    Unfortunately, there are a couple of different things going on, here. First is the judge's inability to see the poverbial forest for the trees. Second is the ability to prove the merits of the case.

    The CAN-SPAM Act is one of the most useless pieces of tripe ever to be bulldozed through Congress, and the reason for this is the list of qualifiers that was written in. The "standard of deception" is one of these items. To actually convict someone under this provision in CAN-SPAM, the spammer would have to send out an e-mail promising "Free Screensavers of Puppies, Kitties, and Unicorns!" that actually redirects to the "Girls fscking Giant Horse C*cks eXXXtravaganza!" website. In saying that the charges did not meet the standard, Judge Hellerstein was factually correct.

    Smathers did not decieve the AOL members whose information was sold, nor the spammers who purchased it. The AOL members were not told "Oh, don't worry; I wouldn't _think_ of selling your information for to a bunch of sleazebags," and I'm sure that the spammers were under no illusions about the legality of the addresses they purchased. However, what he did commit was fraud. He defrauded the AOL users, and the company, and fraud is most certainly a prosecutable offense. Trying him under the CAN-SPAM statute seems like a really poor legal strategy.

    Personally, I'd love to see the existing laws used more forcefully. And I wouldn't go after the spammers, but after the people who hire them. There are already statutes governing things like mortgage banking, mail fraud, practicing medicine without a license, dispending medications without a license... and very few of the existing laws are used to prosecute the companies that give spammers their raison d' etre. Go after the source, and the flood will ebb.

    • Nice try but I'm amazed at the misconceptions of all the posters so far. geekwench came the closest but in court as in horseshoes, close doesn't count.

      The real problem is that he was charged with a crime he probably didn't commit. he -WASN'T- charged with the crime he did commit which is "Unauthorized Access". See:

      http://www.groklaw.net/article.php?story=200412170 91956894 [groklaw.net]

      for an article by a real lawyer about it. Further links are provided at groklaw.net.

      In this case I think the judge is right and th
  • I have an email address at a Baby Bell ISP that is now getting about 5 spams per day. OK. 5/day nothing compared to the 350 spams/day at another of my addresses, but this address should not get any spams at all. The amusing thing is that I have never once used this address, never sent an email from it, never given it to anyone, never opened an email sent to that address, never set up an account in an email program to communicate with the address. never stored the addy in my address book, never logged into
    • Same thing happened to me - I set up an obscure and virgin name master account name I never gave out and never used for mail or site logins anywhere, yet suddenly I began receiving tons of spam and the key clue was that the spammers also included the names of other customers alphabetically around my name at the ISP. I contacted the Baby Bell, and they said "Well, we didn't have a leak, they used a dictionary attack."

      This was total baloney, because the other names were not mere sequential permutation stri

  • by droleary ( 47999 ) on Tuesday December 21, 2004 @08:21PM (#11154790) Homepage
    An email address that I give to AOL (or Slashdot or whoever) implies that the party so "gifted" is who I expect to send me email at that address. I'm sure many here go as far as actually creating email addresses keyed to a site (e.g., foobar+slashdot@example.com), but all email addresses should be considered non-transferable, even without those special measures. If I get an email to an address given to Slashdot that doesn't come from Slashdot, I have been deceived.
    • ... but all email addresses should be considered non-transferable, even without those special measures

      You may want this to be the case, but it just ain't so.

      The reality is that email addresses are free to be used once discovered. If I discover your email address, there is an expectation that I can use it. The only cases where your model might have some force is when you explicitly gave your email to me with the express condition that it not be passed on. If I "leak" the email address, you might be abl

      • The reality is that email addresses are free to be used once discovered. If I discover your email address, there is an expectation that I can use it.

        Maybe you (and spammers, or possibly you as a spammer) would like that expectation, but that is not the reality any longer; spammers ruined it long ago. They judge may not understand that just yet, but you as a participant on Slashdot should. An email these days is to be treated like a "web of trust". Just because I give my friend an email doesn't mean

  • by MXK ( 763030 ) on Tuesday December 21, 2004 @08:21PM (#11154791)
    ...reverse psychology does work!
  • plea bargain... (Score:3, Interesting)

    by the-build-chicken ( 644253 ) on Tuesday December 21, 2004 @09:04PM (#11155083)
    ...wow, wouldn't this suck if it was part of a plea bargin..."plead guilty to can-spam and we'll drop the theft/intellectual property charges"....doh!
  • by BMcWilliams ( 621149 ) on Tuesday December 21, 2004 @09:12PM (#11155130) Homepage
    To make matters even more confusing, Smathers originally signed a document, available here [oreilly.com], in November saying he agreed to plead guilty to violating 18 USC 2314, Interstate Transportation of Stolen Property. (To this legal sparrow, that seems like an appropriate charge.)

    Then, on December 2, Smathers was arraigned instead for violating 18 USC 371, Conspiracy to Defraud the US Government. Smathers pled NOT guilty at the arraignment.

    Then we have today's proceedings, with Smathers trying to enter a guilty plea, apparently to violating CAN-SPAM.

    An "information" document [oreilly.com]filed at his arraignment does suggest Smathers was involved in sending decpetive and misleading spam using the AOL customer list. So maybe there is a CAN-SPAM aspect to this case.

    But it really does look like the US Attorney's office was trying too hard to get a CAN-SPAM conviction under its belt.

  • Or else you'll end up with something like HIPAA or GLB extended to all companies that store anything even approaching personal information.

    Since he stole something of value (he was able to sell it for a hefty price) from another, I would think that they could charge him with theft.

  • He must have consulted with a lawyer before pleading guilty. If my lawyer recommended that I plead guilty to a crime and I did and the judge rejected that because what I had done didn't violate the law I would be pretty pissed off at my lawyer. I mean, didn't he even read the law and check to make sure the prosecution had evidence that he had broken it before recommending that his client plead guilty? Or maybe he's just pissed off at spammers, too?

    -HC
    • If my lawyer recommended that I plead guilty to a crime and I did and the judge rejected that because what I had done didn't violate the law I would be pretty pissed off at my lawyer.

      The lawyer probably saved him money because preparing a guilty plea is cheaper than preparing a defence.

      Or maybe he's just pissed off at spammers, too?

      But I really like that theory.

  • Comment removed (Score:4, Insightful)

    by account_deleted ( 4530225 ) * on Wednesday December 22, 2004 @02:39AM (#11156632)
    Comment removed based on user account deletion

"The following is not for the weak of heart or Fundamentalists." -- Dave Barry

Working...