Feeds

Judge dismisses keylogger case

'I'm a whistleblower, and I'm getting the shaft'

  • alert
  • submit to reddit

Choosing a cloud hosting partner with confidence

A federal judge in Los Angeles has dismissed charges against a California man who used a keystroke logger to spy on his employer, ruling that use of such a device does not violate federal wiretap law.

Larry Ropp, a former claims adjuster for a US insurance company, was caught last year using a "KEYKatcher" brand surveillance device on a secretary's computer while secretly helping consumer attorneys gather information against his employer, Bristol West Insurance Group. The KEYKatcher attaches inline with a keyboard connector, and stores every keystroke in an internal memory for later retrieval.

Last March a grand jury in Los Angeles indicted Ropp, in what prosecutors trumpeted as the first federal criminal prosecution for the use of a hardware keystroke logger. The indictment charged a violation of the federal wiretap statute, which makes it illegal to covertly intercept electronic communications transmitted "over a system that affects interstate or foreign commerce."

Prosecutors maintained that the tapped PC was covered by the statute because it was connected to Bristol West's national computer network, and the secretary had composed electronic mail messages on it.

But district court judge Gary Feess disagreed, and last month granted a defense motion to dismiss the indictment. Feess ruled that the interception of keystrokes between the keyboard and the computer's CPU did not meet the "interstate or foreign commerce" clause in the federal Wiretap Act, even if some of those keystrokes were banging out email. "[T]his court finds it difficult to conclude that the acquisition of internal computer signals that constitute part of the process of preparing a message for transmission would violate the Act."

"The network connection is irrelevant to the transmissions, which could have been made on a stand-alone computer that had no link at all to the internet or any other external network," Feess wrote. "Thus, although defendant engaged in a gross invasion of privacy ... his conduct did not violate the Wiretap Act. While this may be unfortunate, only Congress can cover bases untouched."

The court based its decision in part on a controversial ruling by the First Circuit Court of Appeals earlier this year that threw out wiretapping charges against Branford Councilman, a former vice president of an online bookseller who provided customers with free email accounts, then set up a system that made covert copies of some messages for his later perusal. Feess found that here, as in the Councilman case, the email was not intercepted as it traveled over the network.

Electronic privacy groups have joined with government prosecutors to try and overturn the Councilman ruling, which is now under review by a larger panel of judges.

The court also cited a 2001 case in which a federal judge in Newark, New Jersey ruled that the FBI did not violate the Wiretap Act when it installed a covert keylogger on the computer of organized crime suspect Nicodemo Scarfo. In that case the FBI assured the court that that its keylogger had been configured to stop recording keystrokes when Scarfo connected to the Internet.

In an interview with SecurityFocus following his indictment, Ropp admitted to using the keylogger, which he said he'd purchased off the Internet. But he defended his office skullduggery as a necessary evil to expose improper anti-consumer practices at the company, which had previously been sanctioned for illegally canceling some customers' automobile insurance policies. "The FBI themselves use keyloggers quite a bit," Ropp said. "Here, I'm a whistleblower, and I'm getting the shaft."

Prosecutors filed a motion last week asking the court to reconsider the Ropp ruling. Ropp's attorney, federal public defender Firdaus Dordi, said he couldn't comment on the decision until the judge rules on that motion.

Related stories

UK police issue 'vicious' Trojan alert
Guilty plea in Kinko's keystroke caper

Internet Security Threat Report 2014

More from The Register

next story
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
China is ALREADY spying on Apple iCloud users, claims watchdog
Attack harvests users' info at iPhone 6 launch
Carders punch holes through Staples
Investigation launched into East Coast stores
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.