Blog Jay Leiderman Law

A ten-year delay due to attorney misrepresentations was excused by the appellate court in In re Grunau, 169 Cal.App.4th 997 (2008). The court in part said that “it does not lie in the state’s mouth to object to relief, since it has in a sense warranted the attorney’s competence by issuing him a license.” Id. at 1003 (emphasis added).

Grunau is best summarized by it’s opening paragraph: “Defendant Mark Daniel Grunau seeks recall of the remittitur in this matter on the ground that the 1997 dismissal of his appeal resulted from neglect and misconduct by his appellate attorney, and that relief was not sought sooner because that attorney consistently and plausibly misrepresented the status of the case to defendant through defendant’s father. We initially denied defendant’s motion but were directed by the Supreme Court to reconsider the matter. Having done so, we are persuaded that defendant is entitled to the relief he seeks. Accordingly, we will recall the remittitur so that the appeal may be determined on the merits.”  169 Cal.App.4th 1000.  Grunau was a case involving sex convictions.  Grunau’s attorney had timely filed a notice of appeal but thereafter failed to diligently prosecute the appeal, and lied to Grunau’s father, stating the appeal was progressing when it had been dismissed (Grunau himself was unable to communicate with his lawyer).

The facts of Grunau are astonishing:

delay

The shocking case of In re Grunau discusses what remedies are available to a defendant abandoned by his attorney

Defendant relied on his father to communicate with Foley regarding the appeal, in part because his own attempts to contact Foley were largely unsuccessful.   Everything defendant learned about his case came from his parents.   Between 1996 and 2004, Mr. Grunau called Mr. Foley monthly, sometimes weekly.   In September 2002, he discovered that Foley’s phone had been disconnected, but tracked Foley down by using the phone book to find someone who knew Foley’s mother.   According to Mr. Grunau, Foley at no time disclosed that the appeal had been dismissed.   On the contrary, from 1996 to 2004, in response to repeated inquiries, Foley consistently assured Mr. Grunau that the appeal was proceeding in due course.

Despite Foley’s assurances, Mr. Grunau attempted to independently confirm that the appeal was pending by contacting the superior court. Those attempts were unsuccessful.   Eventually-on August 24, 2004-Mr.   Grunau contacted this court, and was told that the appeal had been dismissed.   He went to the law library to research a possible remedy.   He also continued to attempt to communicate with Foley regarding a possible solution.   Finding none, he again telephoned this court in November and was directed by the clerk’s office to contact the Sixth District Appellate Project.   He did so that same month.

 

twitter Facebooktwittergoogle_pluslinkedinmail

Is former Sacramento media employee Matthew Keys a victim of overzealous, misguided cybercrime prosecution?

Matthew Keys’ trial here in Sacramento in federal court to wrap up soon
By  

This article was published on .

Some say the U.S. Department of Justice’s priorities are out of whack when it comes to cyberterrorism prosecutions.

ILLUSTRTAION BY BRIAN BRENEMAN
spacer

The trial of former KTXL Fox40 Web producer Matthew Keys in Sacramento federal court appears to be approaching its anticlimax.

The 27-year-old blogger and journalist is accused of helping hackers break into the Los Angeles Times website, where they changed the headline of a story. Keys has even confessed to the substance of the crime, though it hardly qualifies as misdemeanor vandalism. So why make a federal case out of it? Couldn’t Department of Justice resources be better directed elsewhere?

It’s a question of priorities, according toSurviving Cyberwar author Richard Stiennon. “For those in justice, your career path is to get a whole bunch of successful prosecutions and get noticed,” Stiennon says. “So you’re going to go after the low-hanging fruit.”

Lately, prosecutors have been taking advantage of the wide latitude afforded them by the Computer Fraud and Abuse Act to press cases involving “network security.” And they press hard.

Last January, Internet entrepreneur and activist Aaron Swartz killed himself while under felony prosecution for downloading academic journals. Swartz, who helped create the crowdsourced entertainment site Reddit, was facing 50 years and $1 million in fines.

“The days of ’Let’s haul this kid in front of the judge, scare him and send him home with a warning’ are long since gone,” says attorney Jay Leiderman, who represents Keys. “Prosecutorial discretion is a great thing if it’s exercised, but it doesn’t happen in any meaningful way these days, because prosecutions are so politicized.”

That’s the crux of the problem for Keys, the former Reuters social-media editor and possessor of 23,000 Twitter followers. In December 2010, he crossed paths with Hector Xavier Monsegur, a.k.a. Sabu, the eventual leader of AntiSec, a more mischievous offshoot of hacktivist group Anonymous. Keys passed them the credentials he once used to log into KTXL’s computers, which were linked to the Tribune Company network.

Keys left KTXL two months earlier, and he’s since expressed surprise that the credentials still worked. An AntiSec member used them to access the L.A. Times website and change a story headline from “Pressure Builds in House to Pass Tax-cut Package” to “Pressure Builds in House to Elect CHIPPY 1337,” a reference to another hacker group. Within 30 minutes, the hacker was frozen out and the headline corrected.

Keys might have expected, at worse, a stiff warning and small fine. But he literally messed with the wrong guy. Sabu had been an FBI informant since his arrest in June 2011, right around the time he started AntiSec.

For months, Monsegur encouraged his followers to commit cybercrime while under the FBI’s control. He was the “honeypot” attracting would-be perps into an operation seemingly designed to intimidate future hackers and anyone who might associate with them, like Keys.

“Part of this is [the feds’] broader push to send a message that anything and everything is going to go punished that appears to suggest that the control of the Internet is up for grabs,” says Hanni Fakhoury an attorney at Electronic Frontier Foundation in San Francisco. “It is not a coincidence that this was linked to behavior undertaken in the name Anonymous.”

It wasn’t always like this. Keys and Swartz were charged under CFAA, a 28-year-old law whose contours, like the shore, have worn away with time, yielding to much wider application.

The CFAA was conceived in the wake of the Matthew Broderick movie WarGames, about a hacker who inadvertently almost starts a nuclear war. The original drafters focused narrowly on government computers and the intent of the intrusion.

But changes in the law and vague wording have turned “unauthorized access” to a computer into a prosecutorial blank check.

Eleven years ago, nearby Fiddletown resident Bret McDanel was jailed under the CFAA for a crime the government later admitted he hadn’t really committed.

McDanel noticed a security flaw in his firm Tornado Development’s Web-based communications software. He told his supervisors, but his concerns went unaddressed. After leaving their employ, he sent an email to all the software’s users informing them of the issue. The Amador County resident was charged with undermining the “integrity of a computer system.”

By the time the feds admitted the law wasn’t meant to protect a software company’s reputation, he had already served his 16-month sentence. He’d lost his fiancée and was living with his parents, while his former employer had gone out of business. But McDanel can surely tell you which way the railroad runs.

As Keys has discovered, the feds lean hard and wear you down. He faces up to $750,000 in fines and 25 years in prison.

Swartz initially faced only 35 years, but four months before his death (20 months after his initial arrest), they added nine more felony counts, raising his jeopardy to 50 years. The idea, critics say, was to squeeze a plea out of him; Swartz found a different way out.

Swartz’s act of martyrdom generated a firestorm of protest. It caught the attention of Bay Area Congresswoman Zoe Lofgren, who sponsored (still-stalled) legislation known as Aaron’s Law to change some CFAA provisions.
“In talking to Aaron’s family and others who were involved in his situation, it was a real eye-opener to what happens in the criminal-justice system,” says Lofgren. “What they felt was very abusive was this sort of thing where you more or less try to extort concessions through the use of overprosecution.”
Keys’ odyssey appears to be drawing to its close, for better or worse. His last court appearance, on April 2, was accompanied by news that the case had gone to “reverse proffer.” This involves the prosecution sharing their case with the defense, generally with an eye toward an agreement.

Nearly all those swept up in the feds’ Anonymous-related enforcement actions have been processed. The sole remaining exceptions are Keys and cooperating ringleader Monsegur. In January, Monsegur’s sentencing was delayed for a third time, so it’s not difficult to believe he’s the bow on the whole operation.
Keys is certainly guilty of something, but probably not a felony. In that respect, he’s perhaps a victim of cybercrime’s intrigue and a prosecutor’s desire to leverage that publicity.

“Any case that has the word ’cyber’ in it brings headlines, because it’s interesting. There’s a degree to which careers are made this way,” says Leiderman. “’Cyber prosecutor blah-blah-blah.’ Nobody reads the ’blah-blah-blah.’ They just go, ’They caught a cybercriminal. Fantastic.’”

Lofgren continues to push changes in the law to make it less prone to abuse. Unfortunately, there’s precious little to be done about overzealous prosecutors.

“You really can’t impose good judgment legislatively,” Lofgren says, “but we do need to have better oversight over the Department of Justice.”

twitter Facebooktwittergoogle_pluslinkedinmail

On 20 July 2000, the state court of appeal for the Fourth District announced its opinion in People v. Giardino, 82 Cal.App.4th 454 (2000), holding that Penal Code section “261(a)(3) proscribes sexual intercourse with a person who is not capable of giving consent because of intoxication.” Id. at 462.[1] Thus, it was perfectly clear as of July 2000 that actual capitulation and agreement is not a defense in a rape case if the victim is intoxicated or unconscious or otherwise incapable of exercising free will, because they lack the capacity to legally .  No competent attorney could have thought otherwise.[2]  Accordingly, attorneys who as of that date suggested otherwise fell below the standard set forth in Strickland.

This was not the case in the proceeding complained of herein. It was ineffective to not tell the client about the clarification in law and that he had no defense.

consent

Notes:

[1] All counsel needed to do was read this paragraph, toward the beginning of Giardino, to know that any defendant situated like the facts of these cases did not have a defense of “consent”.  It was literally that easy, and the Giordino decision that clear:

 

“By itself, the existence of actual consent is not sufficient to establish a defense to a charge of rape. That the supposed victim actually consented to sexual intercourse disproves rape only if he or she had “sufficient capacity” to give that consent. (See People v. Mayberry (1975) 15 Cal.3d 143, 154 [125 Cal.Rptr. 745, 542 P.2d 1337]; 2 Witkin & Epstein, Cal. Criminal Law (2d ed. 1988) Crimes Against Decency and Morals, § 774, p. 873.) For example, if the victim is so unsound of mind that he or she is incapable of giving a legal “go ahead,” the fact that he or she may have given actual consent does not prevent a conviction of rape. (People v. Griffin (1897) 117 Cal. 583, 585-587 [49 P. 711], overruled on others grounds by People v. Hernandez (1964) 61 Cal.2d 529, 536 [39 Cal.Rptr. 361, 393 P.2d 673, 8 A.L.R.3d 1092].) Hence, the consent defense fails if the victim either did not actually consent or lacked the capacity to give legally cognizable consent.”

 

82 Cal.App4th 454, 460.

 

[2] No reasonable practitioner of criminal law could read Giardino, supra, and conclude the defense of actual acquiescence could be used in the instant case  Two years later, on 13 September 2002, while the present trial was still pending, the court in People v. Dancy, 102 Cal.App.4th 21 (2002), reiterated that a victim cannot legally agree to sex when she is severely intoxicated. A man’s reasonable belief that a woman has consented or would have consented to unconscious sex is irrelevant because a woman must always be able to “withdraw her consent to a sex act even after the initiation of sexual intercourse.” Id. at 36-37. Dancy is entirely consistent with and has the same holding as in Giardino and a reasonably competent attorney would have known so.  To fail to know the basic law of the case falls below the Strickland standard.  On the issue of rape and consent, see also People v. Roundtree (January 21, 2000) 77 Cal.App.4th 846.

 

 

Here are portions of Giordano that explain the issue in detail:

Reasoning that lack of consent is an element of rape, or conversely that consent is a defense, the defendant contends that the trial court should have defined consent in accordance with section 261.6 and instructed the jury that lack of consent is an element of the offenses of rape by intoxication and oral copulation by intoxication. [ ] He is mistaken. Giardino, 82 Cal.App.4th 454, 459.

In the context of rape and other sexual assaults, “consent” is defined as the “positive cooperation in act or attitude pursuant to an exercise of free will.” (§ 261.6.) To give consent, a “person must act freely and voluntarily and have knowledge of the nature of the act or transaction involved.” (Ibid.; accord, CALJIC No. 1.23.1.) In short, that definition describes consent that is actually and freely given without any misapprehension of material fact. We shall refer to this as “actual consent.” (82 Cal.App.4th 459, 460.)

By itself, the existence of actual consent is not sufficient to establish a defense to a charge of rape. That the supposed victim actually consented to sexual intercourse disproves rape only if he or she had “sufficient capacity” to give that consent. [citations] For example, if the victim is so unsound of mind that he or she is incapable of giving legal consent, the fact that he or she may have given actual consent does not prevent a conviction of rape. [citations] Hence, the consent defense fails if the victim either did not actually consent or lacked the capacity to give legally cognizable consent. (Id. At 460.)

We conclude that, just as subdivision (a)(1) of section 261 proscribes sexual intercourse with a person who is not capable of giving legal consent because of a mental disorder or physical disability, section 261(a)(3) proscribes sexual intercourse with a person who is not capable of giving legal consent because of intoxication. In both cases, the issue is not whether the victim actually consented to sexual intercourse, but whether he or she was capable of exercising the degree of judgment a person must have in order to give legally cognizable consent. (Id at. 462.)

 

twitter Facebooktwittergoogle_pluslinkedinmail

A Petitioner is entitled to competent privately retained counsel on Habeas Corpus. (In re Clark (1993) 5 Cal.4th 750, 780)  In addition to that, here, the ineffective assistance of counsel has denied the petitioner access to the courts.  The ineffective assistance of counsel claimed denied petitioner actual access to courts including the trial court, the appeals court and the court on habeas.  As stated by the California Supreme Court in In re Clark (1993) 5 Cal.4th 750, 779 (emphasis added):

consent

“In limited circumstances, consideration may be given to a claim that prior habeas corpus counsel did not competently represent a petitioner. An imprisoned defendant is entitled by due process to reasonable access to the courts, and to the assistance of counsel if counsel is necessary to ensure that access, but neither the Eighth Amendment nor the due process clause of the United States Constitution gives the prisoner, even in a capital case, the right to counsel to mount a collateral attack on the judgment. [¶] Regardless of whether a constitutional right to counsel exists, a petitioner who is represented by counsel when a petition for writ of habeas corpus is filed has a right to assume that counsel is competent and is presenting all potentially meritorious claims.”

 

This language in Clark applies to a situation like the one presented herein, where counsel and successor counsel denied petitioner access to the courts .

Thus, petitioner was denied due process by the ineffective assistance of counsel.  He has alleged facts to support that he received ineffective assistance of counsel, and the ineffective assistance denied him the right to be present at trial, to appeal, and to present the claims in his habeas.   The Clark court was clear that they could not countenance improper representation that would fail to present all potential meritorious claims.

twitter Facebooktwittergoogle_pluslinkedinmail

Tuesday, January 15, 2013

Jay Leiderman on Russia Today Discussing DDoS as Protest Speech

Demanding the right to digitally protest: Hacktivists petition the White House to legalize DDoS

Another wonderful article by Andy Panda Blake accompanied this RT story on DDoS as protected speech.  The title is above, here is the unabridged text.  Thanks to Andy for, as usual, being fair and getting it right:
Is temporarily slowing down a website a legal form of protest? Current US law says it isn’t, but hacktivists want the White House to make changes that would force the government to reconsider their witch-hunt against alleged computer criminals.

In the latest WhiteHouse.gov petition to go viral, the Obama administration is asked to make a method of momentarily crippling a website comparable to real word demonstrations, essentially allowing for a whole new legal form of online protest.

“With the advance in internet technology comes new grounds for protesting,” writes ‘Dylan K’ of Eagle, Wisconsin.

Dylan’s petition, uploaded this week to the White House’s We the People page, is the most recent of these electronic pleas on the website to generate national headlines. A series of petitions in late 2012 demanding the peaceful secession of certain states from the US garnered nearly one million signatures from across the country, and just this week the Obama administration was prompted to respond to one popular request to depot CNN host Piers Morganover his outspoken anti-gun views. That call for action, advocated by Second Amendment proponents and firearm owners concerned over a possible rifle ban, eventually accumulated around 110,000 electronic signatures.

When the White House responded to the petition to deport Morgan this week, press secretary Jay Carney said Americans shouldn’t let “arguments over the Constitution’s Second Amendment violate the spirit of its First.”

DDoS

DDoS should be viewed by the courts as speech protected withing the First Amendment as long as the protests are reasonable in time, place and manner

Those rallying for new computer laws say that current legislation limits those very constitutional rights, though, and that one electronic form of action should be covered under the First Amendment — the provision that provides for the freedom of speech, protest and assembly.

In the latest instance, the White House is asked to evaluate a federal rule that currently makes it unlawful to engage in distributed denial-or-service, or DDoS, attacks — a harmless but effective way of flooding a website’s server with so much traffic that it can’t properly render pages for legitimate users.

Performed by both seasoned hackers and novice computer users alike, DDoS-ing a website essentially makes certain pages completely unavailable for minutes, hours or days. Unlike real world protests, though, demonstrators don’t even have to leave the house to protest. Instead, humongous streams of information can be sent to servers with a single mouse click, only for that data to become so cumbersome that the websites targeted can’t properly function.

Under the Computer Fraud and Abuse Act, a DDoS assault is highly illegal. For those familiar with the method, though, they say it’s simply a matter of voicing an opinion in an online format and should be allowed.

“Distributed denial-of-service is not any form of hacking in any way,” states the petition. “It is the equivalent of repeatedly hitting the refresh button on a webpage.”

Overloading a targeted website with too much traffic, says Dylan K, is “no different than any ‘occupy’ protest.”According to him and the roughly 1,100 cosigners, there is much common ground between the two. “Instead of a group of people standing outside a building to occupy the area, they are having their computer occupy a website to slow (or deny) service of that particular website for a short time,” he says.

For companies that are hit with DDoS assaults, though, they sing a different song. In 2006, controversial radio host Hal Turner had his website taken offline after members of the then-infant hacktivist movement Anonymous used denial-of-service attacks to shut down his site to visitors. Turner said the bandwidth overflow cost him thousands of dollars in fees from his hosting company.

When Turner tried to sue those he blamed for the DDoS attack, a federal judge for the United States District Court in New Jersey eventually dismissed his claim. Other “hackers,” however, haven’t been so lucky.

When PayPal, Visa and MasterCard announced in 2010 that it would no longer accept funds for the website WikiLeaks, Anonymous and others responded with a DDoS attack on the payment service providers. The following summer, the US Department of Justice filed an indictment against 14 Americans they accused of participating in shutting down PayPal.

That same year, a homeless hacker using the alias “Commander X” was charged with waging a DDoS attack on the official government website of Santa Cruz, California because he opposed the city’s policy that outlawed sleeping in public space. X could have been sentenced to serious time for committing a felony, but he escaped the United States, allegedly seeking refuge in Canada where he is reported to be in hiding today.

“For a 30-minute online protest I’m facing 15 years in a penitentiary,” he told the National Post last year while on the run. According to an interview he gave last month with Ars Technica, he also participated in OpPayBack — the Anonymous-led assault PayPal and others over their WikiLeaks blockage.
California attorney Jay Leiderman has represented X, and has gone on the record to compare DDoS attacks with real life sit-ins.

“A DDoS is a protest, it’s a digital sit it. It is no different than physically occupying a space. It’s not a crime, it’s speech,”he told Talking Points Memo in 2011. “They are the equivalent of occupying the Woolworth’s lunch counter during the civil rights movement,” The Atlantic quoted him saying last year.

A DDoS is a protest, it’s a digital sit it. It is no different than physically occupying a space. It’s not a crime, it’s speech

Speaking specifically of the operation against the companies that cut funding to WikiLeaks, the lawyer said online action is equivalent to peaceful protest.“Take PayPal for example, just like Woolworth’s, people went to PayPal and said, I want to give a donation to WikiLeaks. In Woolworth’s they said, all I want to do is buy lunch, pay for my lunch, and then I’ll leave. People said I want to give a donation to WikiLeaks, I’ll take up my bandwidth to do that, then I’ll leave, you’ll make money, I’ll feel fulfilled, everyone’s fulfilled,” he said. “PayPal will take donations for the Ku Klux Klan, other racists and questionable organizations, but they won’t process donations for WikiLeaks. All the PayPal protesters did was take up some bandwidth. In that sense, DDoS is absolutely speech, it should absolutely be recognized as such, protected as such, and the law should be changed.”

Leiderman added that he considers the use of DDoS not to be an “attack” in some circumstances, but actually legitimate protest. 

“[T]he law should be narrowly drawn and what needs to be excised from that are the legitimate protests,” he said. “It’s really easy to tell legitimate protests, I think, and we should be broadly defining legitimate protests,” he said.

New York attorney Stanley Cohen, who is representing one of the accused “PayPal 14” hackers responsible for the Anonymous-led operation, agrees.

“When Obama orders supporters to inundate the switchboards of Congress, that’s good politics, when a bunch of kids decide to send a political message with roots going back to the civil rights movement and the revolution, it’s something else,” Cohen told TPM in 2011. “Barack Obama urged people to shutdown the switchboard, he’s not indicted.”

“It’s not identity theft, not money or property, pure and simple case of an electronic sit in, at best,” he said.

Leiderman added that he considers the use of DDoS not to be an “attack” in some circumstances, but actually legitimate protest. 

So far over 1,100 people agree on WhiteHouse.gov, and hope the Obama administration will get their point. Until then, though, Commander X and others face upwards of a decade in prison apiece for violating a clause in the Computer Fraud and Abuse Act that makes it unlawful to “knowingly cause the transmission of a program, information code or command, and as a result of such conduct, intentionally causes damages without authorization to a protected computer.”
With attorneys like Leiderman and Cohen arguing that the damages in questions aren’t quite criminal, the White House may have to respond to the latest WhiteHouse.gov petition. The Obama administration is mandated to respond if it can garner 25,000 signatures in the next month. Until then, though, proponents of DDoS as free speech can cite what Jay Carney said when petitioners rallied for the deportation of Piers Morgan for his call to ban assault weapons.

“The Constitution not only guarantees an individual right to bear arms, but also enshrines the freedom of speech and the freedom of the press – fundamental principles that are essential to our democracy,” said Carney.

Meanwhile, exercising constitutional rights by way of overloading web servers isn’t being accepted as such by the government. That doesn’t mean that Anonymous or other so-called ‘hacktivists’ will change their ways: just last month, members of the hive-mind computer collective waged a DDoS attack on the website of the Westboro Baptist Church after the religious group announced plans to picket the funerals of mass shooting victims in Newtown, Connecticut. Anonymous waged a similar wave of attacks on the Church of Scientology in 2008, the result of which landed a number of Anons in prison for violating federal law.

twitter Facebooktwittergoogle_pluslinkedinmail