A grab-bag collection of citations on legal issues.

The Hacker Defense (aka Trojan/Virus Defense)

Below are accounts of different hacker/virus/Trojan related defenses. Albeit some of these are not ‘reputable’ web sources, but they should all have official court backing from wherever the various investigators that do similar. The Crown Prosecution Service (covers England and Wales) is training prosecutors en masse about ‘trojan defenses’ (link below). These types of actions would not occur unwarranted. Why do all the extra work for nothing?

“The "Trojan defense" has now become standard in many types of computer crime cases. But the defense often plays on the ignorance of juries and prosecutors. It has raised the need for the CPS to do more to explain complex technical issues in simple terms to judges and juries, says George.” (Esther George is the policy adviser at the Crown Protection Services) 1

US man, Eugene Pitts, found not-guilty of tax evasion after blaming a computer virus. Avoids \~\$900,000 in fines.

Karl Schofield walked free from court yesterday after prosecutors accepted an expert's report that the "Trojan" program could have saved the 14 depraved images off the internet without his knowledge.

Julian Green, 45, of Torquay, Devon was cleared in court in July of 13 charges of making indecent images, claiming computer malware was to blame.

A former Georgia teacher blames computer viruses for altering his Web sites and uploading child porn images. Guilty charge upheld.

Odd spin on the issue, where a hacker used a Trojan to gain access to potential pedophile’s computers.

Bandy’s defense attorney asserted that a “virus” or “trojan” must have downloaded the child pornography to Bandy’s computer without his knowledge. 4

A man found with more than 1,700 indecent images of children on his computer claimed a virus was to blame, a court heard. But Mark Craney, 33, from Knowle, was found guilty at Warwick Crown Court on 16 charges of making indecent images of children by downloading them onto his computer. 5

More links from previous research.

• 6
• 7
• 8

Connecticut v. Amero

From Wikipedia:

The defendant in the case, Julie Amero (born 1967), a substitute teacher, was previously convicted of four counts of risk of injury to a minor, or impairing the morals of a child, as the result of a computer that was infected with spyware and DNS hijacking software; the conviction was vacated on appeal.

• Wikipedia: Connecticut v. Amero
• Technical review of the Trial Testimony State of Connecticut vs. Julie Amero, March 21, 2007

External Links

• THE TROJAN HORSE DEFENSE IN CYBERCRIME CASES, by Susan W. Brenner, Brian Carrier, and Jef Henninger, in 2004
• The "Tools Proven in Court" Question

Privacy and Surveillance Laws

18 USC 2510 et seq., 18 USC 2701 et. seq., 18 USC 1030 and other statutes regulate the information private entities and law enforcement can access over a computer network.

Cybersecurity Research

• Toward a Culture of Cybersecurity Research, Aaron J. Burstein, University of California, Berkeley - School of Law. 2008, UC Berkeley Public Law Research Paper No. 1113014