|
I’ve now read Soloway’s plea agreement. Despite some claims from his lawyers that it’s some kind of victory that he only pleaded to three of the 40 charges, with the rest being dismissed, it’s clear from the agreement that he indeed did just about everything that the government charged.
The government as is usual had several similar charges in each category. That makes sense for a case that is going to trial; if there’s a problem with one charge such as a witness not showing up, they can work on another one instead. In a guilty plea, one from each category is plenty, and the plea agreement makes it clear that the others are dropped not because he was innocent, but in return for promises of cooperation in the agreement.
Soloway’s plea includes detailed confessions to charges of Mail Fraud, Fraud in Connection with Electronic Mail, and Wilful Failure to File [income tax] Return. The second charge is under 18 USC 1037, the criminal part of the CAN SPAM act, making this one of the first criminal CAN SPAM convictions. The seven identity theft charges were completely dismissed, so as previously noted, we won’t find out (in this case, at least) whether using other people’s return addresses in spam is enough to make an identity theft charge stick. From Soloway’s point of view, that’s not much of a victory since those charges only merit two years in jail, while the mail fraud is up to 20, CAN SPAM up to 5, and tax evasion one year.
The next step is the sentencing hearing, currently scheduled for June. At that time the government can, and presumably will, present all the evidence for all the charges, not just the three to which he confessed, and we’ll find out how long he’ll be off the streets.
Sponsored byVerisign
Sponsored byCSC
Sponsored byWhoisXML API
Sponsored byDNIB.com
Sponsored byRadix
Sponsored byIPv4.Global
Sponsored byVerisign
I’m not much into law in general and US common law in particular. I would have thought identity theft, when used to commit another crime, weighted 20 years by itself. I tend to regard identity theft and computer hijacking as serious criminal offenses, respectively resembling kidnapping and housebreaking, and thus deserving, say, class B felony punishments. Is that a feeling more or less shared among computer users or is it me being disoriented?
In facts, there are various well conditioned techniques to protect against those kinds of abuses, while tools against generic spam and fraud are more fuzzy. Thus, it seems the more serious a threat is, the more effectively we are able to define it, as far as computable functions are involved. It is often disappointing to find out that the legal point of view doesn’t match.
Perhaps law is just different than software. For one thing, no compiler can munch it: it can only be interpreted :-)