Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Calif. AG Files Felony Charges In HP Probe 171

PreacherTom writes, "Former Hewlett-Packard Chair Patricia Dunn, along with 'ethics chief' Kevin Hunsaker and others, was indicted yesterday on four felony counts by the California Attorney General. The charges, including wire fraud and conspiracy, carry a maximum penalty of 12 years in prison and $30,000 in fines. The indictments follow on the heels of an HP investigation of internal leaks that conducted "bugged" emails to C-Net reporter Dawn Kawamoto, illicitly obtained hundreds of phone numbers, and spied on HP board members." One of the indictments was for a private investigator retained by HP. The article has links to the complaints and warrants.
This discussion has been archived. No new comments can be posted.

Calif. AG Files Felony Charges In HP Probe

Comments Filter:
  • by Mycroft_514 ( 701676 ) on Thursday October 05, 2006 @09:26AM (#16320071) Journal
    She deserved it as much as them.
    • by ameline ( 771895 )
      -1 Troll? Since when did slashdot hand out mod points to Carly?

      I think Mycroft has a good point. (in that she reportedly admitted as much in her memoirs)

      • And I saw that BEFORE I posted. And I knew of Carley from BEFORE HP, where she helped me out of a job, along with thousands of others.

        But I don't worry about it, I have Karma to burn, and lately I have found that moderation has been being handled by a bunch of MORONS. I have been marking a *LOT* of bad meta moderation.

    • Re: (Score:3, Interesting)

      I'd suggest that whomever slapped the parent with (-1 Troll) should have saved their mod points for a more worthy cause - defending Carly Fiorina seems a poor use of karma.

      Granted, Carly Fiorina wasn't involved in the Dunn affair, but she and Patricia Dunn seem to be part of culture of corruption and greed at HP. While working in Manhattan a few years back, I saw three entire floors' worth of HP IT staff become unemployed with a stroke of Carly's pen. During this time, Fiorina was cruising around in Gulfs
    • by rlp ( 11898 )
      She deserved it as much as them.

      Nope, incompetence is not felony.
  • by TheWoozle ( 984500 ) on Thursday October 05, 2006 @09:27AM (#16320081)
    So, if they are convicted...does that mean that pretexting is no longer "possibly" illegal, but is now a felony?
    • Like most things in life, it's only a problem if you get caught.
    • Re: (Score:3, Insightful)

      by sjames ( 1099 )

      So, if they are convicted...does that mean that pretexting is no longer "possibly" illegal, but is now a felony?

      In the sense that a conviction would clarify the situation for any who have doubts, yes.

      It's useful to consider that the ambiguity only arises when one tries to play games with semantics and rules rather than the 'gestalt'

      Pretexting is, in fact, very much like any identity theft. That is, a pretexter gathers sufficient personal information to impersonate someone in order to get a company t

    • From the Federal Trade Commission [ftc.gov] website (emphasis is mine):

      Pretexting is the practice of getting your personal information under false pretenses. Pretexters sell your information to people who may use it to get credit in your name, steal your assets, or to investigate or sue you. Pretexting is against the law.

      Also, from CNN [cnn.com]:

      They each face four felony counts: use of false or fraudulent pretenses to obtain confidential information from a public utility; unauthorized access to computer data; identity theft;

    • by yppiz ( 574466 ) on Thursday October 05, 2006 @11:51AM (#16322419) Homepage
      In an ironic turn, here's what Ron DeLia (the contractor who ran the pretexting investigation) had to say about pretending to be someone else using their personal information [blogspot.com] back in 1999. Summary: it's a felony.


      --Pat

  • Hopefully (Score:2, Interesting)

    by teslatug ( 543527 )
    I hope they get some FPMITA time. They really need to send a message to these suits who think they can do whatever they please to people.
  • Live by the Sword (Score:5, Insightful)

    by GogglesPisano ( 199483 ) on Thursday October 05, 2006 @09:33AM (#16320155)
    Excellent. For many corporate executive types such as Dunn and her ilk, the consequences for illegal acts are very abstract - at the very worst a resignation, cushioned by a golden parachute of stock options, pensions and benefits. It needs to be forcefully demonstrated to these people that if you commit a crime, you are by definition a criminal, and will be treated as such.
    • Yes and if they robbed a bunch of people like the board of Enron did then I'd say lock them up and throw away the key. But please tell me what harm was actually done.
      • It isn't a civil suit so no harm needs to be done. Commiting fraud by pretending to be someone else, in order to get their phone records, is illegal. What harm is done when some hood smokes weed? There is no standard of 'harm' that has to be met.
        • Laws are generally written to protect others from harm and to protect citizens from harming themselves. The weed generally falls into the latter although driving while high has led to some fatality accidents as well.
      • Invasion of privacy, chilling effect on journalism, losing Tom Perkins as a board member. The first can be grounds for a civil suit, on the theory that privacy is valuable and invading it is damaging.
  • Years ago I heard the famous hacker Mitnick talk about similar investigative activity using the term "social engineering". IS this the same as pretesting? Social engineering exploits the weakest link in a security system are the people running it, not the technology.
    • Pretexting is a term for one aspect of Social Engineering.

      It's fraudulent activity and typically is defined as such. I do hope they get convicted- they ought to have
      known better, from the PI that did the deed all the way to Dunn herself.
    • by sjames ( 1099 )

      Years ago I heard the famous hacker Mitnick talk about similar investigative activity using the term "social engineering". IS this the same as pretesting? Social engineering exploits the weakest link in a security system are the people running it, not the technology.

      Some social engineering is the same as pretexting, some isn't. For a few examples illustrating the boundary, calling somewhere and asking for the root password WITHOUT identifying yourself is purely social engineering. Calling and telling th

  • by Anonymous Custard ( 587661 ) on Thursday October 05, 2006 @09:37AM (#16320219) Homepage Journal
    A CEO authorizes spying and she gets charged with a felony and a full blown investigation.

    A CEO President is spying on innocent Americans as long as he says he thinks they're terrorists, and what happens? His sheep in congress pass a law to make it legal for him.

    I love the smell of hypocrisy in the morning as much as anyone. But come on, congress, senate, show some damn backbone like your colleagues did when they stood up to Nixon.
    • Dunn was a member of a private organization. Bush is a member of the government, your "CEO" red herring not withstanding. The government can legally do many things a private citizen may not. You (and I!) may not like this, but that's the world we live in.
    • One of my favorite bumper stickers:

              "I thought I'd never miss Nixon"

      A guy driving a nice Mercedes sedan has it, making it even better.
    • >like your colleagues did when they stood up to Nixon.

      Indeed. The Foreign Intelligence Surveillance Act, passed in reaction to Nixon's abuses, passed the Senate 95-1. On the Senate Watergate Committe, Republican Lowell Weicker pressed hard and it was Republican Howard Baker who asked "What did the President know and when did he know it?".

      Nixon was also challenged by someone who was probably to the right of Nixon politically, Senator Sam Ervin [att.net].
  • if she knew that pretexting was a crime. If she can convince a jury that she didn't know illegal acts were taking place she'll get off. Apparently a quirk of California law.

    OTOH, she's recently been diagnosed with a recurrence of ovarian cancer, so maybe she'll be answering to a Higher Authority...

    • bedrock principle of law, goes all the way back to English common law.

      Dunn is cooked whether she had chemo brain or not.

      the litmus test ought to be the mirror, people... if you don't want weasels screwing you, why should you set weasels free to screw somebody else?

      guilty, she's a witch, burn her!
      • That may have been doctrine back when the laws were either codifications of the Ten Commandments or admonitions not to tresspass on the King's land, but things aren't so clear-cut anymore. I mean, it's a good principle, but here in the US we've got so many stupid laws (c.f. yesterday's sub-discussion of homeowner's association covenants under the wind power topic) enforcing special interests it's unreasonable to expect an ordinary person guided by common sense to stay clear of the law in all situations. E
    • if she knew that pretexting was a crime. If she can convince a jury that she didn't know illegal acts were taking place she'll get off. Apparently a quirk of California law.

      Well, given that there were no actual legal means they could have obtained the information, she should have.

      Unless, of course, people think you can hire a PI to get information they could only get illegally and somehow have no laws get broken. She, as both private citizen and as the CEO of a company does NOT have any authority to conduc

      • How could she NOT know that laws were going to be broken?

        How was she supposed to know that? One of my neighbors raised holy hell when he found out his neighbor knew how much he paid for his house, and what his taxes were. Apparently he didn't know such information is public record, and readily available via the web (in many places).

        I don't know the minutiae of the case, but if she told a supposedly reputable investigation firm "Find out who might have been in contact with journalists X, Y and Z", then it'

    • WTF is a "bugged email"?
      An HTML email with a web bug [wikipedia.org] in it. Thunderbird will spot these a suppress image loading until you verify that the message is safe.
      • Re: (Score:3, Informative)

        I actually watched the C-SPAN hearings on replay last Saturday (stop looking at me) and they didn't use such a simple technique as an embedded gif in an HTML mail.

        They used this company right here [readnotify.com]. The particular technology that they use is an embedded tracker in a PDF attachment [readnotify.com] that contains the text the victim wants to see.

        This neatly gets around people with email clients that block loading of remote images, or even people who don't allow html mail. (How many people actually have Acrobat Reader blo
        • ...and how many people use a non-acrobat PDF reader, or convert to postscript? Again, probably not many, but I bet there's a few, especially on here. And surely either of those would get around it. Even better, block traffic from any Acrobat app at your firewall...
        • >(How many people actually have Acrobat Reader blocked from internet access? Damn few I would think.) /me raises hand

          I'm prompted each time it tries for net access and it's not going to be allowed through unless I just clicked on a PDF on the web.

          Sigh. I was kind of hoping it would turn out to be a field sighting of the Reaper exploit, which would also have sent back any comments added as the mail got forwarded.
  • by Kiaser Zohsay ( 20134 ) on Thursday October 05, 2006 @09:49AM (#16320379)
    She's Dunn.

    It never gets old, does it?
  • Doh! (Score:2, Funny)

    "The charges, including wire fraud and conspiracy, carry a maximum penalty of 12 years in prison and $30,000 in fines. The indictments follow on the heels of an HP investigation of internal leaks that conducted "bugged" emails to C-Net reporter Dawn Kawamoto, illicitly obtained hundreds of phone numbers, and spied on HP board members."

    HP should have accused them of being terrorists first. Then they could have had the Feds do it for them legally.
  • "The defendants, if convicted, face a maximum of 12 years in prison and a $30,000 fine"

    The best part about the California AG's response is that the indicted HP execs are being arrested and jailed [businessweek.com]. A $30K fine for those people means nothing, especially if they pay lawyers $5M defending in court. And the "humiliation" that Business Week and its corporate media chorus usually like to claim is the "worst penalty" these execs could pay (like as the total penalty they tried to stick Enron with) cost them nothing,
  • by smilindog2000 ( 907665 ) <bill@billrocks.org> on Thursday October 05, 2006 @10:08AM (#16320673) Homepage
    I've found this to consistently be true:

            In any decision a corporation makes, it will choose the most unethical path found acceptable to it's least ethical leader.

    Some corporations have many leaders, and no strong central leader. I've found dealing with them to be miserable. For any decision to be made, it only needs to be acceptable to any one of their many leaders, thus, the whole corporation is able to justify acting like a raving-mad power-crazed lunatic. No single individual is highly unethical, just the corporation as a whole.

    A board of directors typically has no strong leader, choosing instead a more democratic structure. This can lead to highly unethical behavior, as with the HP board.

    I think the reason things work this way is simple. In any decision that might benefit the company, it's easier to simply stand-down and not make waves while somebody else carries out the unethical act. It's harder and more risk prone to stand in the way and demand ethical behavior. After all, corporations are about profits, and you'd be standing in the way of profits. Chances are far higher that you'll get run over than it is that people will say, "Yeah, your right. We were acting unethically, and we were wrong."

    That said, I've found the vast majority of corporate board members to be amazingly ethical. After all, investors trust these guys with their money. But, it only takes one or two bad apples...
  • by sacrilicious ( 316896 ) on Thursday October 05, 2006 @10:14AM (#16320769) Homepage
    The charges, including wire fraud and conspiracy, carry a maximum penalty of 12 years in prison and $30,000 in fines.

    For these people, $30k is wallet change.

    • by mspohr ( 589790 )
      True that the money is pocket change... but prison time has a high cost regardless of how rich you are.
    • by Duhavid ( 677874 )
      So, make it a percentage of income rather than a fixed amount.
      Look at tax statements going back n years.
  • by 140Mandak262Jamuna ( 970587 ) on Thursday October 05, 2006 @10:21AM (#16320885) Journal
    yeah, go after Dunn and the corp executives. But the telephone companies that released the records without adequate verification or authentication will go scot free. Why? Why isn't there a proper procedure in the phone companies to check who is requesting the info? Why aren't they saying, "we will mail a copy of the report to the registered mailing address. But not to any fax number you say on phone." We are saddling the doctors and clinics with all kinds of privacy requirements. I call my doctor's office, who knows me by very well, to ask about the stupid cholesterol test of my wife, and they tell me there is some new HEPA law or something and they cant tell me my own wife's cholesterol level. And the phone companies are dishing out dirt to anyone who calls. Get them too.

    Same way every one is talking about illegal immigration, border fence and this and that. The 800 lb gorilla who is completely ignored is the employers who knowing employ illegal immigrants to cut labor costs and avoid social security taxes and workman comp.

    Every one is talking about identity theft, and this and that. The 800 lb gorilla there is the credit reporting companies that steadfastly refuse to let me lock my own credit info. They lobby congress and the law winding through congress will let only the proven victims of id theft to freeze their credit reports. Sort of like people can buy locks for their barn doors only after proving that their horse is stolen.

    This is going on everywhere. Dont call it pretexting. It is impersonating. Get the detectives and those who authorized this. But dont let the phone companies off the hook. They should prove that they were not criminally negligent or something. (IANAL).

    Too much of lobbying by big corps. Too little protection for the common man.

  • Legal precedents here will establish the US Gov't privacy law for citizens rights with implications for national security where financial markets are involved.

    There will become an increasingly uncomfortable distinction without a difference between HP and the US gov't practices wrt: privacy violations in the name of national security.
  • I tried the to poor links. Neither makes it clear what Dunn did that was illegal or unethical. Browsing through slashdot, I've read the term "pretexting" several times, but no definitions or whether or not it is actually against the law. The one thing in the article that I saw that seemed illegal was private detectives obtaining personal information under false pretenses. The article didn't state though if their HP employeers directed them to use those methods or if the private detectives just used those me
    • by Cederic ( 9623 )

      This story has been running for a few weeks. Basically it appears the HP board requested or authorised a private investigator to acquire telephone records from board members, staff and/or journalists.

      The 'pretexting' seems to be an odd name for pretending to be someone else in order to acquire illicit phone records. It's naughty.

      • by kabocox ( 199019 )
        This story has been running for a few weeks. Basically it appears the HP board requested or authorised a private investigator to acquire telephone records from board members, staff and/or journalists.

        The 'pretexting' seems to be an odd name for pretending to be someone else in order to acquire illicit phone records. It's naughty.


        Thank's for pointing that out. After going back and re-reading the article, I missed a small paragraph about what they were charging the HP people with. Apparently, this missed my
  • The investigator who took a hammer to his hard drive [blogspot.com] is going to have a rough time of it in this investigation.


    --Pat

  • White collar criminals need to have the law effect them like it does the rest of us. These type of people [wikipedia.org] get 2 years of vacation for stealing more money than Dick n Bushwaker avoid paying in taxes. While Jose, Ronald, and Latefa spend most of their lives in and out of jail for selling drugs and sex to Dicks and Bushwakers.

It is much easier to suggest solutions when you know nothing about the problem.

Working...