Feeds

Judge dismisses keylogger case

'I'm a whistleblower, and I'm getting the shaft'

  • alert
  • submit to reddit

The essential guide to IT transformation

A federal judge in Los Angeles has dismissed charges against a California man who used a keystroke logger to spy on his employer, ruling that use of such a device does not violate federal wiretap law.

Larry Ropp, a former claims adjuster for a US insurance company, was caught last year using a "KEYKatcher" brand surveillance device on a secretary's computer while secretly helping consumer attorneys gather information against his employer, Bristol West Insurance Group. The KEYKatcher attaches inline with a keyboard connector, and stores every keystroke in an internal memory for later retrieval.

Last March a grand jury in Los Angeles indicted Ropp, in what prosecutors trumpeted as the first federal criminal prosecution for the use of a hardware keystroke logger. The indictment charged a violation of the federal wiretap statute, which makes it illegal to covertly intercept electronic communications transmitted "over a system that affects interstate or foreign commerce."

Prosecutors maintained that the tapped PC was covered by the statute because it was connected to Bristol West's national computer network, and the secretary had composed electronic mail messages on it.

But district court judge Gary Feess disagreed, and last month granted a defense motion to dismiss the indictment. Feess ruled that the interception of keystrokes between the keyboard and the computer's CPU did not meet the "interstate or foreign commerce" clause in the federal Wiretap Act, even if some of those keystrokes were banging out email. "[T]his court finds it difficult to conclude that the acquisition of internal computer signals that constitute part of the process of preparing a message for transmission would violate the Act."

"The network connection is irrelevant to the transmissions, which could have been made on a stand-alone computer that had no link at all to the internet or any other external network," Feess wrote. "Thus, although defendant engaged in a gross invasion of privacy ... his conduct did not violate the Wiretap Act. While this may be unfortunate, only Congress can cover bases untouched."

The court based its decision in part on a controversial ruling by the First Circuit Court of Appeals earlier this year that threw out wiretapping charges against Branford Councilman, a former vice president of an online bookseller who provided customers with free email accounts, then set up a system that made covert copies of some messages for his later perusal. Feess found that here, as in the Councilman case, the email was not intercepted as it traveled over the network.

Electronic privacy groups have joined with government prosecutors to try and overturn the Councilman ruling, which is now under review by a larger panel of judges.

The court also cited a 2001 case in which a federal judge in Newark, New Jersey ruled that the FBI did not violate the Wiretap Act when it installed a covert keylogger on the computer of organized crime suspect Nicodemo Scarfo. In that case the FBI assured the court that that its keylogger had been configured to stop recording keystrokes when Scarfo connected to the Internet.

In an interview with SecurityFocus following his indictment, Ropp admitted to using the keylogger, which he said he'd purchased off the Internet. But he defended his office skullduggery as a necessary evil to expose improper anti-consumer practices at the company, which had previously been sanctioned for illegally canceling some customers' automobile insurance policies. "The FBI themselves use keyloggers quite a bit," Ropp said. "Here, I'm a whistleblower, and I'm getting the shaft."

Prosecutors filed a motion last week asking the court to reconsider the Ropp ruling. Ropp's attorney, federal public defender Firdaus Dordi, said he couldn't comment on the decision until the judge rules on that motion.

Related stories

UK police issue 'vicious' Trojan alert
Guilty plea in Kinko's keystroke caper

Next gen security for virtualised datacentres

More from The Register

next story
Ice cream headache as black hat hacks sack Dairy Queen
I scream, you scream, we all scream 'DATA BREACH'!
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
KER-CHING! CryptoWall ransomware scam rakes in $1 MEEELLION
Anatomy of the net's most destructive ransomware threat
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
Three quarters of South Korea popped in online gaming raids
Records used to plunder game items, sold off to low lifes
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?