On April 17, 2020, in United States v. Costanzo, the Ninth Circuit upheld the conviction of a defendant under the â€œstingâ€ money laundering provision, ruling that the defendant's bitcoin sales to undercover agents had the requisite effect on interstate commerce as the sales used internet-enabled and cellular network connected devices.
Third Circuit: Imprisonment for Refusing an Order to Decrypt a Device Cannot Exceed 18 Months - Even When Alleged Related Criminal Conduct is Involved
On February 6, 2020, the Third Circuit ordered Francis Rawls released from confinement for civil contempt, where he has been held for over four years - since September 30, 2015.Â Rawls was imprisoned for refusing to comply with a Magistrate Judge's order that he use his password to decrypt his electronic devices, which the government claimed contained child pornography.Â Although the Third Circuit did not hold that Rawls could not be compelled to decrypt his devices, it did rule that Rawls could not be imprisoned for contempt as a "Recalcitrant Witness" for more than eighteen months.
On March 12, 2019, the DOJ unveiled "Operation Varsity Blues," its nationwide college admissions bribery and entrance exam cheating investigation. Critical for DOJ is evidence gathered from recorded conversations between William Singer and coaches, his clients, and others while he wore a government wire. I recently examined this aspect of the investigation in an article for PACDL's For the Defense.
Pennsylvania Supreme Court Puts Employers on Notice: You Can Be Liable When Hackers Breach Your Systems
The Pennsylvania Supreme Court has recast two key legal principles that have stood as crucial bulwarks against liability for employers and other businesses that find themselves hacked by malicious third parties. The decision, Dittman v. UPMC, has the potential to usher in a new era of data breach litigation in Pennsylvania. It stands as a strong warning to Pennsylvania employers that they should act now to review and assess the adequacy of their data security.
On November 14, 2018, IRS Criminal Investigation Division (â€œCIDâ€) released its Annual Report for fiscal year 2018, detailing its enforcement actions for the past fiscal year. CID is the federal enforcement agency with exclusive jurisdiction over federal tax crimes, i.e., Title 26 and 31 offenses.
On January 8, 2018, Bloomberg Law's Privacy & Data Security publication released its "Domestic Privacy Profile" for Pennsylvania, for which I served as Bloomberg's subject matter expert practitioner. The publication is extremely comprehensive in scope, but I'd like to take the opportunity to highlight one Pennsylvania case that it discusses, which is currently before the state Supreme Court and could have a significant impact on privacy and data security litigation in Pennsylvania.
Suppose Special Counsel Robert Mueller's team develops evidence that nonetheless is material to matters of national security or to non-criminal malfeasance? Obviously, this would be of great interest to the public and to Congressional committees investigating parallel and related matters. What are his options? I discuss this in my November 27, 2017 article for Law360, "Mueller's Options, Short Of Indictment."
The Legal Intelligencer recently published my article, â€œCloud Control: Data Security Hazards and How to Avoid Them,â€ in their 2017 Cybersecurity Supplement. The article looks at what businesses need to be thinking about in terms of cybersecurity and compliance issues associated with cloud computing - a model that has largely been embraced by the business world as the rule rather than the exception.
Liability for What Goes on Behind Closed Doors: Sex Trafficking and the Hospitality Industry's Privacy Tightrope
Earlier this month, the Philadelphia hotel, Roosevelt Inn, its corporate parents, its New York management company, and an individual owner/manager of the hotel, were sued for allegedly allowing trafficking of sex involving a minor to take place on the hotel's premises. The case - the first of its kind invoking Pennsylvania's recently-amended human trafficking law - raises an abundance of difficult legal and ethical questions regarding hotels' legal responsibilities for and obligations concerning their guests' conduct, and how to meet those responsibilities while also respecting guests' privacy.
New York Proposed Cybersecurity Regulations: A Predictor of Things to Come for the Finance and Insurance Industries
The proposed regulations would be the most prescriptive data security requirements yet to be imposed. They would require all covered financial institutions and insurers to establish and maintain cybersecurity programs and policies addressing a list of minimum requirements, "to the extent applicable to the Covered Entity's operations."
At Monday's presidential debate, host Hofstra University ruffled feathers by reportedly moving to prevent journalists, attempting to file stories from the scene, from relying on their own wireless hotspots to get online.Â The move was seen by some as an effort to force reporters to use the venue's wireless service, said to cost $200, and caught the attention of the FCC.Â If correct, these factors may distinguish the Hofstra scenario from prior FCC enforcement actions, sufficiently to avoid an enforcement proceeding.
I recently examined for Law360 a federal court decision in U.S. v. Lambis that marked the first time a federal judge has suppressed evidence secured from a cell-site simulator, or "Stingray" device. These devices mimic cell towers for surveillance purposes and can locate a cell phone.Â The case and decision are part of the larger story of mounting attempts to constrain law enforcement's use of Stingrays and similar devices, the use of which remained largely unknownÂ by the public as recently as 2011.