Home / Blogs

More on the Soloway Case

I’ve now read Soloway’s plea agreement. Despite some claims from his lawyers that it’s some kind of victory that he only pleaded to three of the 40 charges, with the rest being dismissed, it’s clear from the agreement that he indeed did just about everything that the government charged.

The government as is usual had several similar charges in each category. That makes sense for a case that is going to trial; if there’s a problem with one charge such as a witness not showing up, they can work on another one instead. In a guilty plea, one from each category is plenty, and the plea agreement makes it clear that the others are dropped not because he was innocent, but in return for promises of cooperation in the agreement.

Soloway’s plea includes detailed confessions to charges of Mail Fraud, Fraud in Connection with Electronic Mail, and Wilful Failure to File [income tax] Return. The second charge is under 18 USC 1037, the criminal part of the CAN SPAM act, making this one of the first criminal CAN SPAM convictions. The seven identity theft charges were completely dismissed, so as previously noted, we won’t find out (in this case, at least) whether using other people’s return addresses in spam is enough to make an identity theft charge stick. From Soloway’s point of view, that’s not much of a victory since those charges only merit two years in jail, while the mail fraud is up to 20, CAN SPAM up to 5, and tax evasion one year.

The next step is the sentencing hearing, currently scheduled for June. At that time the government can, and presumably will, present all the evidence for all the charges, not just the three to which he confessed, and we’ll find out how long he’ll be off the streets.

By John Levine, Author, Consultant & Speaker

Filed Under

Comments

Alessandro Vesely  –  Mar 30, 2008 8:45 AM

I’m not much into law in general and US common law in particular. I would have thought identity theft, when used to commit another crime, weighted 20 years by itself. I tend to regard identity theft and computer hijacking as serious criminal offenses, respectively resembling kidnapping and housebreaking, and thus deserving, say, class B felony punishments. Is that a feeling more or less shared among computer users or is it me being disoriented?

In facts, there are various well conditioned techniques to protect against those kinds of abuses, while tools against generic spam and fraud are more fuzzy. Thus, it seems the more serious a threat is, the more effectively we are able to define it, as far as computable functions are involved. It is often disappointing to find out that the legal point of view doesn’t match.

Perhaps law is just different than software. For one thing, no compiler can munch it: it can only be interpreted :-)

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Threat Intelligence

Sponsored byWhoisXML API

Cybersecurity

Sponsored byVerisign

DNS

Sponsored byDNIB.com

Domain Names

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

Brand Protection

Sponsored byCSC

New TLDs

Sponsored byRadix