United States v. Riggs

Last updated
United States v. Riggs
NDIL-Seal.gif
Court United States District Court for the Northern District of Illinois
Full case nameUNITED STATES of America, Plaintiff, v. Robert J. RIGGS, also known as Robert Johnson, also known as Prophet, and Craig Neidorf, also known as Knight Lightning, Defendants.
DecidedJuly 27, 1990
Citation(s)739 F.Supp. 414, [1] 743 F.Supp. 556 [2]
Transcript(s) law.justia.com/cases/federal/district-courts/FSupp/739/414/1610447/
Case history
Subsequent action(s)Riggs appealed his sentence at the 11th Circuit Court of Appeals. 967 F.2d 561. [3]
Holding
The Government dropped all charges against Neidorf and a mistrial was declared. Riggs' charges were transferred to Georgia as he had already been indicted there in connection with the same events. Riggs pleaded guilty in Georgia to charges of wire fraud, access code fraud and conspiracy.
Court membership
Judge(s) sitting Nicholas John Bua

In United States v. Riggs, the government of the United States prosecuted Robert Riggs and Craig Neidorf for obtaining unauthorized access to and subsequently disseminating a file held on BellSouth's computers. The file, referred to as the E911 file, gave information regarding BellSouth's products implementing 911 emergency telephone services. [4] Riggs and Neidorf were both indicted in the District Court of the Northern District of Illinois on numerous charges relating to the dissemination of the E911 text file. As Riggs had previously been indicted in the Northern District of Georgia in relation to the same incident, his charges from Illinois were transferred to Georgia. Riggs ultimately pleaded guilty in Georgia and was sentenced to 21 months in prison and two years' supervised release. [3] Neidorf pleaded not guilty in Illinois and the government dropped all charges against Neidorf four days after the trial began. [4]

Contents

Background of the case

Cultural setting

United States v. Riggs occurred during 1990. At the time, computers and the Internet were not uncommon in businesses and academic institutions, but not yet commonplace in American homes. Several computer break-ins in 1983 had been associated with teenagers in Wisconsin. These teenagers gained notoriety and became known as The 414s. High-profile public incidents perpetrated by groups such as The 414s combined with movies such as WarGames to create a public stereotype of hackers as wayward youths eager to abuse computer knowledge without regard to the consequence of their actions.

Defendants

Robert Riggs had a previous conviction for computer-related crime in North Carolina in 1986 for unauthorized access to BellSouth's computers. As a result, Riggs was sentenced to 15 days of community service and 18 months of probation. [4] Craig Neidorf was a 20-year-old college student studying pre-law at University of Missouri. Neidorf began publishing the hacker magazine PHRACK at the age of 16 and published 30 issues from 1985 to 1989.

Previous indictment

Prior to the proceedings described below in the Northern District of Illinois, Riggs was indicted in the Northern District of Georgia on charges related to the same events. Riggs' Georgia indictment included four counts of wire fraud, three counts of access code fraud and one count of conspiracy. The two indictments in Illinois described below charged Riggs with additional crimes. The charges from Illinois were transferred to Georgia in accordance with Federal Rule of Criminal Procedure 20. [3]

District Court proceedings

First indictment

On February 1, 1990, [4] a federal grand jury voted to issue an indictment [5] against both Robert Riggs and Craig Neidorf. The indictment alleged that Riggs and Neidorf had defrauded BellSouth by electronically stealing a text file and disseminating that file over the Internet in an online magazine edited by Neidorf known as PHRACK. The indictment alleged that Riggs broke into a BellSouth computer located in Atlanta, Georgia, downloaded the text file to his own computer located in Decatur, Georgia, and electronically transferred the file to a bulletin board system located in Lockport, Illinois. Neidorf then allegedly downloaded the file from the bulletin board in Lockport, Illinois, to his own computer in Columbia, Missouri. Neidorf then edited the file, at the request of Riggs, to remove details identifying the file as belonging to BellSouth, and uploaded the file to the same bulletin board system in Lockport, Illinois. The indictment charged both Riggs and Neidorf with seven violations of federal statutes: counts 1 and 2 alleged violations of 18 USC § 1343 [6] (wire fraud), counts 3 and 4 alleged violations of 18 USC § 2314 [7] (interstate transportation of stolen property), and counts 5-7 alleged violations of 18 USC § 1030 [8] (computer fraud and abuse). [5]

Neidorf responded to the indictment by issuing a series of pre-trial motions, including motions to dismiss counts 2–7 of the indictment. Judge Bua subsequently denied all of Neidorf's motions. [1] Neidorf's motions to dismiss counts 3 and 4 (pertaining to interstate transportation of stolen property) were noteworthy as they claim Neidorf should not be charged with violations of § 2314 as he has only caused "electronic impulses" to move over state lines and had not moved any physical property. Although the government conceded that § 2314 had never been applied in this manner before, the court held that it would allow electronic interstate transportation of proprietary business information as a violation of § 2314. In support of the decision to uphold the charge, the court cited United States v. Gilboe, [9] in which the defendants issued wire transfers of money across state lines and were prosecuted under § 2314. The act of the wire transfer was regarded as being tantamount to physically moving the money as the effect of the wire transfer was that tangible funds became available in a bank where they were not previously available.

Second indictment

On June 7, 1990, the grand jury issued a superseding indictment against Riggs and Neidorf which took the place of the first indictment. [10] The second indictment dropped charges of violating § 1030 [11] (computer fraud and abuse) and instead charged Riggs exclusively with one count of violating § 1343 [12] (wire fraud), charged Neidorf exclusively with 4 counts of violating § 1343, and charged Riggs and Neidorf jointly with 4 counts of violating § 1343 and 2 counts of violating § 2314. The second indictment also broadened the scope of alleged activities from strictly obtaining and disseminating the BellSouth text file. The second indictment alleged a broader effort to disseminate hacker tutorials with the goals solidifying the hacker community and educating hackers in a range of skills including evasion of law enforcement.

In response to the superseding indictment, Neidorf filed motions to dismiss all 10 counts of the indictment in which he was named. Neidorf incorporated arguments made by the Electronic Frontier Foundation in support of his motions to dismiss. Neidorf's arguments included a claims that publication of PHRACK, including the BellSouth text file, was within his First Amendment freedoms and that the laws he was charged with violating were unacceptably vague. The court rejected both of these arguments, holding that criminal laws apply even if the activity in question is speech related. All of Neidorf's motions to dismiss were denied. [2]

District court conclusion

The trial of Neidorf in Illinois began on July 23, 1990. Neidorf was represented by Sheldon Zenner of Katten, Muchin & Zavis in Chicago. Although the trial had been scheduled to last two weeks, the prosecution dropped the charges after four days. No reason for dropping the charges was officially given, although the government's case was considerably weakened by expert witnesses employed by Neidorf and Zenner. John Nagle, an independent computer scientist, and Dorothy Denning, a computer security expert, testified for the defense that the text file stolen from BellSouth, as published by Neidorf, actually contained nothing of value for breaking into systems. The defense was also able to demonstrate that the file which the government had alleged was both highly valuable and highly proprietary was actually neither. Nagle demonstrated that more damaging information about BellSouth's 911 system was already publicly available, and Zenner demonstrated that the exact file in question, unedited, could be obtained by calling BellSouth and ordering manuals which cost either $13 or $21. Neidorf ultimately received no conviction, although he did incur legal expenses in excess of $100,000. [4]

Riggs' proceedings continued in Georgia, where he pleaded guilty to the conspiracy charge from Georgia and the wire fraud charges from Illinois. Riggs received a prison sentence of 21 months to be followed by two years of supervised release. The conditions of Riggs' supervised release included that he was not allowed to own or control a computer of any type for his own personal use at any point in the two-year period. [3]

Federal Appeals Court proceedings

Riggs issued an appeal to the United States Court of Appeals for the Eleventh Circuit contesting both the length of his sentence and the conditions of his supervised release. Riggs' appeal argued that the sentence was excessive because it exceeded sentencing guidelines for his crimes and previous convictions. The court upheld the sentence, however, on the grounds that they did not feel the criminal history category in which Riggs had been placed was an accurate representation of his past criminal conduct. The terms of Riggs supervised release were also upheld. [3]

Public commentary

United States v. Riggs has been cited in public discourse on the difference between theft of electronic and physical resources, as seen in the Berkeley Technology Law Journal [13] and Internet World (a publication of the Electronic Frontier Foundation). [14] Communications of the ACM published an article reviewing the events of the case and offering commentary on the proceedings and potential responses from the professional community. [4] The case has also been cited in a number of books dealing with computers, hacking, legality and ethics. [15] [16] [17]

See also

Related Research Articles

<i>Phrack</i>

Phrack is an e-zine written by and for hackers, first published November 17, 1985. Described by Fyodor as "the best, and by far the longest running hacker zine," the magazine is open for contributions by anyone who desires to publish remarkable works or express original ideas on the topics of interest. It has a wide circulation which includes both hackers and computer security professionals.

Kevin Mitnick American computer security consultant, author, convicted criminal, and hacker

Kevin David Mitnick is an American computer security consultant, author, and convicted hacker. He is best known for his high-profile 1995 arrest and five years in prison for various computer and communications-related crimes.

The Computer Fraud and Abuse Act of 1986 (CFAA) is a United States cybersecurity bill that was enacted in 1986 as an amendment to existing computer fraud law, which had been included in the Comprehensive Crime Control Act of 1984. The law prohibits accessing a computer without authorization, or in excess of authorization. Prior to computer-specific criminal laws, computer crimes were prosecuted as mail and wire fraud, but the applying law was often insufficient.

Operation Sundevil was a 1990 nationwide United States Secret Service crackdown on "illegal computer hacking activities." It involved raids in approximately fifteen different cities and resulted in three arrests and the confiscation of computers, the contents of electronic bulletin board systems (BBSes), and floppy disks. It was revealed in a press release on May 9, 1990. The arrests and subsequent court cases resulted in the creation of the Electronic Frontier Foundation. The operation is now seen as largely a public-relations stunt. Operation Sundevil has also been viewed as one of the preliminary attacks on the Legion of Doom and similar hacking groups. The raid on Steve Jackson Games, which led to the court case Steve Jackson Games, Inc. v. United States Secret Service, is often attributed to Operation Sundevil, but the Electronic Frontier Foundation states that it is unrelated and cites this attribution as a media error.

Mel Reynolds American politician from Illinois

Melvin Reynolds is an American politician from Illinois. A member of the Democratic Party, he served in the United States House of Representatives from 1993 to 1995. He resigned in October 1995 after a jury convicted him of sexual assault charges related to sex with an underage campaign worker.

Craig Neidorf Computer hacker

Craig Neidorf, a.k.a.Knight Lightning, was one of the two founding editors of Phrack Magazine, an online, text-based ezine that defined the hacker mentality of the mid 1980s.

Jeremy Hammond American political activist and hacker

Jeremy Hammond is an American activist and computer hacker from Chicago. He founded the computer security training website HackThisSite in 2003. He was first imprisoned over the Protest Warrior hack in 2005 and was later convicted of computer fraud in 2013 for hacking the private intelligence firm Stratfor and releasing data to WikiLeaks, and sentenced to 10 years in prison.

The Computer Underground Digest (CuD) was a weekly online newsletter on early Internet cultural, social, and legal issues published by Gordon Meyer and Jim Thomas from March 1990 to March 2000.

United States v. Drew, 259 F.R.D. 449, was an American federal criminal case in which the U.S. government charged Lori Drew with violations of the Computer Fraud and Abuse Act (CFAA) over her alleged cyberbullying of her 13-year-old neighbor, Megan Meier, who had committed suicide. The jury deadlocked on a felony conspiracy count and acquitted Drew of three felony CFAA violations, but found her guilty of lesser included misdemeanor violations; the judge overturned these convictions in response to a subsequent motion for acquittal by Drew.

Leonard Rose, aka Terminus, is an American hacker who in 1991 accepted a plea bargain that convicted him of two counts of wire fraud stemming from publishing an article in Phrack magazine.

Albert Gonzalez American computer hacker and criminal

Albert Gonzalez is an American computer hacker and computer criminal who is accused of masterminding the combined credit card theft and subsequent reselling of more than 170 million card and ATM numbers from 2005 to 2007: the biggest such fraud in history. Gonzalez and his accomplices used SQL injection to deploy backdoors on several corporate systems in order to launch packet sniffing attacks which allowed him to steal computer data from internal corporate networks. During his spree, he was said to have thrown himself a $75,000 birthday party and complained about having to count $340,000 by hand after his currency-counting machine broke. Gonzalez stayed at lavish hotels but his formal homes were modest.

weev Internet troll and hacker

Andrew Alan Escher Auernheimer, best known by his pseudonym weev, is an American computer hacker and self-avowed Internet troll. Affiliated with the alt-right, the Southern Poverty Law Center has described him as being a neo-Nazi, white supremacist, and antisemitic conspiracy theorist. He has used many aliases in contacting the media, although most sources indicate his real first name as Andrew.

Sarah Palin email hack Email hack

The Sarah Palin email hack occurred on September 16, 2008, during the 2008 United States presidential election campaign when vice presidential candidate, Sarah Palin's, Yahoo! personal email account was subjected to unauthorized access. The hacker, David Kernell, obtained access to Palin's account by looking up biographical details, such as her high school and birthdate, and using Yahoo!'s account recovery for forgotten passwords. Kernell then posted several pages of Palin's email on 4chan's /b/ board. Kernell, who at the time of the offense was a 20-year-old college student, was the son of longtime Democratic state representative Mike Kernell of Memphis.

<i>United States v. Ivanov</i>

United States v. Ivanov was an American court case addressing subject-matter jurisdiction for computer crimes performed by Internet users outside of the United States against American businesses and infrastructure. In trial court, Aleksey Vladimirovich Ivanov of Chelyabinsk, Russia was indicted for conspiracy, computer fraud, extortion, and possession of illegal access devices; all crimes committed against the Online Information Bureau (OIB) whose business and infrastructure were based in Vernon, Connecticut.

Vladislav Anatolievich Horohorin,, alias BadB, is a former hacker and international credit card trafficker who was convicted of wire fraud and served a seven-year prison sentence.

<i>United States v. Kane</i> United States federal court case involving video poker software

United States v. Kane, No 11-mj-00001, is a court case where a software bug in a video poker machine was exploited to win several hundred thousand dollars. Central to the case was whether a video poker machine constituted a protected computer and whether the exploitation of a software bug constituted exceeding authorized access under Title 18 U.S.C. § 1030(a)(4) of the Computer Fraud and Abuse Act (CFAA). Ultimately, the Court ruled that the government’s argument failed to sufficiently meet the “exceeding authorized access” requirement of Title 18 U.S.C. § 1030(a)(4) and granted the Defendants’ Motions to Dismiss.

Maksim Yakubets Ukrainian national and a computer expert (born 1987)

Maksim Viktorovich Yakubets is a Russian computer expert and alleged computer hacker. He is alleged to have been a member of the Evil Corp, Jabber Zeus Crew, as well as the alleged leader of the Bulgat malware conspiracy. Russian media openly describe Yakubets as a "hacker who stole $100 million", friend of Dmitry Peskov and discussed his lavish lifestyle, including luxury wedding with a daughter of FSB officer Eduard Bendersky and Lamborghini with "ВОР" registration plate. Yakubets impunity in Russia is perceived as clue of his close ties with FSB, but also criticized by domestic information security experts such as Ilya Sachkov.

Sandworm also known as Unit 74455, is allegedly a Russian cybermilitary unit of the GRU, the organization in charge of Russian military intelligence. Other names, given by cybersecurity researchers, include Telebots, Voodoo Bear, and Iron Viking.

<i>United States v. Elizabeth A. Holmes, et al.</i> Criminal fraud case

United States v. Elizabeth A. Holmes, et al., is an ongoing United States federal criminal fraud case against the founder of now-defunct corporation Theranos, Elizabeth Holmes, and its former president and COO, Ramesh Balwani. The case alleged that Holmes and Balwani perpetrated multi-million dollar wire-fraud schemes against investors and patients. Holmes and Balwani each had their own jury trial.

References

  1. 1 2 United States v. Riggs, 739F.Supp.414 (1990).
  2. 1 2 United States v. Riggs, 743F.Supp.556 (1990).
  3. 1 2 3 4 5 United States v. Robert J. Riggs, 967F.2d561 (1992).
  4. 1 2 3 4 5 6 Denning, Dorothy E. (March 1991). "The United States vs. Craig Neidorf: A Debate on Electronic Publishing, Constitutional Rights, and Hacking". Communications of the ACM . 34 (3): 24–32, 42–43. doi:10.1145/102868.102869. S2CID   14005171 . Retrieved 8 April 2022.
  5. 1 2 "Original Indictment of Riggs and Neidorf" . Retrieved 2011-02-17.
  6. 18 USC § 1343
  7. 18 USC § 2314
  8. 18 USC § 1030
  9. United States v. Gilboe
  10. "Superseding Indictment of Riggs and Neidorf" . Retrieved 2011-02-17.
  11. § 1030
  12. § 1343
  13. Yin, Tung (Fall 1993), "Post-Modern Printing Presses: Extending Freedom of Press to Protect Electronic Information Services" (PDF), Berkeley Technology Law Journal , 8 (2), archived from the original (PDF) on 14 September 2006, retrieved 8 April 2022
  14. "When Copying Isn't Theft: How the Government Stumbled in a "Hacker" Case" . Retrieved 2011-02-17.
  15. Ludlow, Peter (1999). High Noon on the Electronic Frontier: Conceptual Issues in Cyberspace. USA: MIT Press. ISBN   0-262-62103-7.
  16. Casey, Eoghan (2000). Digital Evidence and Computer Crime: Forensic Evidence, Computers and The Internet. San Diego, CA: Academic Press. ISBN   0-12-163104-4.
  17. Bashman, Matthew (2005). The Script Kiddie Cookbook. USA: Lulu Press. ISBN   1-4116-2158-1.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.