Feeds

Judge dismisses keylogger case

'I'm a whistleblower, and I'm getting the shaft'

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

A federal judge in Los Angeles has dismissed charges against a California man who used a keystroke logger to spy on his employer, ruling that use of such a device does not violate federal wiretap law.

Larry Ropp, a former claims adjuster for a US insurance company, was caught last year using a "KEYKatcher" brand surveillance device on a secretary's computer while secretly helping consumer attorneys gather information against his employer, Bristol West Insurance Group. The KEYKatcher attaches inline with a keyboard connector, and stores every keystroke in an internal memory for later retrieval.

Last March a grand jury in Los Angeles indicted Ropp, in what prosecutors trumpeted as the first federal criminal prosecution for the use of a hardware keystroke logger. The indictment charged a violation of the federal wiretap statute, which makes it illegal to covertly intercept electronic communications transmitted "over a system that affects interstate or foreign commerce."

Prosecutors maintained that the tapped PC was covered by the statute because it was connected to Bristol West's national computer network, and the secretary had composed electronic mail messages on it.

But district court judge Gary Feess disagreed, and last month granted a defense motion to dismiss the indictment. Feess ruled that the interception of keystrokes between the keyboard and the computer's CPU did not meet the "interstate or foreign commerce" clause in the federal Wiretap Act, even if some of those keystrokes were banging out email. "[T]his court finds it difficult to conclude that the acquisition of internal computer signals that constitute part of the process of preparing a message for transmission would violate the Act."

"The network connection is irrelevant to the transmissions, which could have been made on a stand-alone computer that had no link at all to the internet or any other external network," Feess wrote. "Thus, although defendant engaged in a gross invasion of privacy ... his conduct did not violate the Wiretap Act. While this may be unfortunate, only Congress can cover bases untouched."

The court based its decision in part on a controversial ruling by the First Circuit Court of Appeals earlier this year that threw out wiretapping charges against Branford Councilman, a former vice president of an online bookseller who provided customers with free email accounts, then set up a system that made covert copies of some messages for his later perusal. Feess found that here, as in the Councilman case, the email was not intercepted as it traveled over the network.

Electronic privacy groups have joined with government prosecutors to try and overturn the Councilman ruling, which is now under review by a larger panel of judges.

The court also cited a 2001 case in which a federal judge in Newark, New Jersey ruled that the FBI did not violate the Wiretap Act when it installed a covert keylogger on the computer of organized crime suspect Nicodemo Scarfo. In that case the FBI assured the court that that its keylogger had been configured to stop recording keystrokes when Scarfo connected to the Internet.

In an interview with SecurityFocus following his indictment, Ropp admitted to using the keylogger, which he said he'd purchased off the Internet. But he defended his office skullduggery as a necessary evil to expose improper anti-consumer practices at the company, which had previously been sanctioned for illegally canceling some customers' automobile insurance policies. "The FBI themselves use keyloggers quite a bit," Ropp said. "Here, I'm a whistleblower, and I'm getting the shaft."

Prosecutors filed a motion last week asking the court to reconsider the Ropp ruling. Ropp's attorney, federal public defender Firdaus Dordi, said he couldn't comment on the decision until the judge rules on that motion.

Related stories

UK police issue 'vicious' Trojan alert
Guilty plea in Kinko's keystroke caper

Internet Security Threat Report 2014

More from The Register

next story
Webcam hacker pervs in MASS HOME INVASION
You thought you were all alone? Nope – change your password, says ICO
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Meet OneRNG: a fully-open entropy generator for a paranoid age
Kiwis to seek random investors for crowd-funded randomiser
USB coding anarchy: Consider all sticks licked
Thumb drive design ruled by almighty buck
Attack reveals 81 percent of Tor users but admins call for calm
Cisco Netflow a handy tool for cheapskate attackers
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Managing SSL certificates with ease
The lack of operational efficiencies and compliance pitfalls associated with poor SSL certificate management, and how the right SSL certificate management tool can help.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.