Most of PayPal 14 Group Will Likely Not Go to Jail

[NewWorldRecord]

December 6th, 2013, 08:00 GMT · By Eduard Kovacs

Most of PayPal 14 Group Will Likely Not Go to Jail

The trial against the PayPal 14, the group of men and women who participated in Anonymous’ distributed denial-of-service attack against PayPal in 2010, took place on Thursday. Most of them have pleaded guilty to felony and misdemeanor charges, but they’ll likely avoid jail time.

Alexa O’Brien has closely followed the trial. She reports on The Daily Beast that 11 of the suspects have entered a plea deal and agreed to plead guilty to felony and misdemeanor charges. However, the sentencing has been scheduled for December 4, 2014.

If they don’t commit any other crimes until then, the prosecution has agreed to drop the felony counts and recommend a sentence of 1-3 years probation for the misdemeanor charge. Each of them will also have to pay $5,600 (€4,000) in restitution to PayPal.

The 11 individuals have pleaded guilty to a felony count under the controversial Computer Fraud and Abuse Act (CFAA). Some of them to intentional damage to a protected computer, while others to conspiracy to cause damage to a protected computer.

Two other suspects have pleaded guilty only to the misdemeanor charges. They will spend up to 90 days in jail.

The case of the last PayPal 14 defendants is being handled separately.

PayPal noted that it had lost $5.5 million (€4 million) due to the attack launched by Anonymous after the payment processor cut off donations to WikiLeaks. However, it appears that the company will only get around $80,000 (€58,000).

On the other hand, it’s worth noting that, a couple of days before the trial, Pierre Omidyar, the founder and chairman of eBay, noted that the PayPal 14 should not be held accountable for the actions of all the individuals who took part in the attack.

 

[NewWorldRecord]

Inside the ‘PayPal 14’ Trial

By Alexa O'Brien
December 5th 201310:36 pm

A long and secretive legal battle against a group of activists accused of attacking the e-commerce site in the name of WikiLeaks has finally neared its end.

A group of men and women with the collective Anonymous have pled guilty to charges of conspiring to disrupt access to the payment website PayPa in response to what they termed extra-legal censorship of WikiLeaks, most likely avoiding felonies.

The deal for the group, known as the PayPal 14, brings to a public conclusion a year of gagged settlement conferences. The July 2011 indictment of the 13 men and women (one case was handled separately) by the U.S. Department of Justice under the draconian Computer Fraud and Abuse Act for a four day online “sit-in” in December 2010 has been cited by activist and lawyers as a litmus test for civil rights in the digital age. The case has also been cited by the Obama administration to justify increasing appropriations to the FBI for cyber-security prosecutions.

The protest by Anonymous, dubbed “Operation Payback,” was in response to PayPal’s suspension of service to WikiLeaks, an online publisher of censored and suppressed material, which had then begun publishing diplomatic cables disclosed by a young Army intelligence analyst named Chelsea (then Bradley) Manning. Manning was recently convicted to 35 years in prison for 20 offenses, including one conviction under the Computer Fraud and Abuse for disclosing 116 diplomatic cables.

Under the deal announced Thursday, 11 of the thirteen defendants allocuted to a felony count under the Computer Fraud and Abuse Act or CFAA for an overt act of either “intentional damage to a protected computer” (normally punishable by a maximum of ten years in prison and a $250,000 fine) or “conspiracy” (normally punishable by a maximum penalty of five years in prison and a $250,000 fine).

Those eleven then acknowledged that their conduct caused more than $5,000 of damage to a protected computer network, outlet, or system. The eleven defendants then pled to an additional lesser-included misdemeanor of accessing or adversely affecting a computer system. The other two defendants only pled to the misdemeanor offense.

The case is adjourned and all thirteen defendants are due back in court in one year. The court will then hold the eleven felony allocutions in abeyance. If the defendants do not engage in new criminal conduct of consequence or renounce their pleas, the government will not oppose the application to withdraw the felony counts, leaving in place a single misdemeanor with no objection from the judge. The prosecution will then recommend a sentence of no more than one to three years probation for the misdemeanor and $5,600 restitution to PayPal for each of the defendants: a total of roughly $80,000.

The government and the court would then convert the pretrial conditions as conditional release. Essentially, the eleven would then walk free outside of damages. The remaining two defendants who only pled to a misdemeanor will serve up to 90 days in jail.

How much damage the group actually inflicted on PayPal is still very much in question.

On May 31, 2012, after The New York Times published a review of Parmy Olsen’s book The Secret Lives of Dangerous Hackers: ‘We Are Anonymous’, PayPal responded to the author’s characterization of events. In a post script, dated the same day, it reads “After this article was published, PayPal contacted The Times to take issue with the statements in the book that say the hackers shut down its Web site. Jennifer Hakes, a senior manager in corporate communications, said that as a result of the attacks in December 2010, ‘PayPal was never down.’”

Anuj Nayar, a spokesperson for PayPal, said ten days after the PayPal 14 indictment was unsealed that, “The attack on Paypal site last December slowed down the company’s system, but to such a small extent that it would have been imperceptible to customers.” he said. “At no point,” Nayar added, “was the Web site shut down.“

Yet, according to court records, eBay and PayPal lawyers indicated damages of as great as $5.5 million.

A former vice president at PayPal, Osama Bedier, said on December 8, 2010 that PayPal’s decision to suspend service to WikiLeaks was the result a November 27, 2010 letter from the State Department’s former legal adviser Harold Koh to WikiLeaks editor and chief, Julian Assange. Beider described the letter as stating that, “WikiLeaks activities were deemed illegal in the United States.” (The language that Koh actually used in his letter to Assange was that the diplomatic cables “were provided in violation of U.S. law.”) Koh’s letter also states, “As long as WikiLeaks holds such material, the violation of the law is ongoing.”

Attorney General Eric Holder described what he termed as “informal conversations about the WikiLeaks matter” with PayPal, Visa, and Mastercard, the latter two having similarly suspended service to WikiLeaks.

As the first major cyber security case in the “post-WikiLeaks” world, former FBI director Robert Mueller used the indictment and Anonymous’s support of WikiLeaks to justify-increased budgets for cyber-security prosecutions. Muller told the House of Representatives Appropriations Committee in March 2012, “the Anonymous group referred to the DDOS attacks as Operation Avenge Assange and allegedly conducted the attacks in support of Wikileaks founder Julian Assange. The defendants are charged with various counts of conspiracy and intentional damage to a protected computer.”

Typically when a defendant pleads or allocutes to a felony the conditions of pretrial get worse. That is not the case here. The conditions cannot enlarge or worsen in any way.

If any of the defendants renounce their plea, however, the government can move to withdraw and the court can accept.

Stanley Cohen, counsel to Mercedes Rene Haefer, one of the defendants, said, “The PayPal 14 are like civil rights fighters or the freedom riders of the 1960’s. They are saying, ‘I did what I did with open eyes, knowing that I could get prosecuted. It happened. I knew what the consequences were, and the consequences came. I stand behind what I did. I did not cooperate with the government, and I did not roll over. I did this so that others could understand how corporations control the dialogue and the debate.”

 

[NewWorldRecord]

Statement on guilty pleas by Paypal13

Business Sector, Commentaries and Analyses
Dec 06 2013

Statement from the U.S. Attorney’s Office for the Northern District of California on the “Paypal13:”

Thirteen defendants pleaded guilty in federal court in San Jose yesterday to charges related to their involvement in the cyber-attack of PayPal’s website as part of the group “Anonymous,” United States Attorney Melinda Haag announced. One of the defendants also pleaded guilty to the charges arising from a separate cyber-attack on the website of Santa Cruz County.

In pleading guilty, the defendants admitted to carrying out a Distributed Denial of Service (DDoS) cyber-attack against PayPal in December 2010.

These DDoS attacks were facilitated by software tools designed to damage a computer network’s ability to function by flooding it with useless commands and information, thus, denying service to legitimate users. A group calling itself “Anonymous” claimed responsibility for the attacks, saying they conducted the attacks in protest of the companies’ and organizations’ actions. The attacks were facilitated by the software tools “Anonymous” made available for free download on the Internet. The victims included major U.S. companies across several industries.

According to the plea agreements and statements made in court, in late November 2010, WikiLeaks released a large amount of classified United States State Department cables on its website. Citing violations of the PayPal terms of service, and in response to WikiLeaks’ release of the classified cables, PayPal suspended WikiLeaks’ accounts such that WikiLeaks could no longer receive donations via PayPal. WikiLeaks’ website declared that PayPal’s action “tried to economically strangle WikiLeaks.”

The plea agreements further state that, in retribution for PayPal’s termination of WikiLeaks’ donation account, Anonymous coordinated and executed DDoS attacks against PayPal’s computer. Anonymous referred to these co-ordinated attacks on PayPal as “Operation Avenge Assange.”

The following defendants pleaded guilty:

1. CHRISTOPHER WAYNE COOPER, dob 10/21/87, aka “Anthrophobic,” Elberta,
Alabama

2. JOSHUA JOHN COVELLI, dob 1/10/85, aka “Absolem, and, “Toxic,”
Fairborn, Ohio

3. KEITH WILSON DOWNEY, dob 11/7/84, Jacksonville, Florida

4. MERCEDES RENEE HAEFER, dob 6/21/91, aka “No,” and “MMMM,” Las Vegas,
Nevada

5. DONALD HUSBAND, dob 8/14/81, aka “Ananon,” Fairfield, California

6. VINCENT CHARLES KERSHAW, dob 2/23/84, aka “Trivette,” “Triv,” and
“Reaper,” Fort Collins, Colorado

7. ETHAN MILES, dob 9/1/77, Flagstaff, Arizona

8. JAMES C. MURPHY, dob 11/15/74, Baldwin Park, California

9. DREW ALAN PHILLIPS, dob 4/15/85, aka “Drew010,” Santa Rosa, California

10. JEFFREY PUGLISI, dob 2/19/83, aka “Jeffer,” “Jefferp,” and “Ji,”
Clinton Township, Michigan

11. DANIEL SULLIVAN, dob 6/29/89, Camarillo, California

12. TRACY ANN VALENZUELA, dob 2/11/69, Napa, California

13. CHRISTOPHER QUANG VO, dob 5/16/89, Attleboro, Massachusetts

With the exception of Valenzuela, Phillips and Miles, each of the defendants pleaded guilty to one count of Conspiracy, in violation of 18 USC 1030(b)(Felony), and one count of Intentional Damage to a Protected Computer, in violation of 18 USC 1030(a)(5)(A)(Misd.). Defendant Valenzuela pleaded guilty to one count of Reckless Damage to a Protected Computer, in violation of 18 USC 1030(a)(5)(A)(Misd.). Defendants Phillips and Miles were permitted to plead guilty to one count each of Intentional Damage to a Protected Computer, in violation of 18 USC 1030(a)(5)(A)(Misd.) only.

The terms of the plea agreements allow that unless a defendant violates any of the terms of the plea agreement or fails to accept responsibility, at the time of sentencing, the defendant may make an unopposed motion to withdraw his/her guilty plea to Count One, Conspiracy to Commit Intentional Damage to a Protected Computer in violation of 18 U.S.C. 1030(b) and the government will dismiss Count One, leaving only the misdemeanor count of violating of 18 U.S.C. 1030(a)(5)(A) to be entered as a final judgment against the defendant.

Defendant Joshua John Covelli also pleaded guilty to executing a DDoS attack (with another defendant, presently a fugitive) against the Santa Cruz County web server, admitting that it was in retaliation for a statute enacted by the City of Santa Cruz. The City of Santa Cruz enacted Section 6.36.010 of its Municipal Code, entitled “Camping Prohibited,” which contained restrictions and definitions on camping within Santa Cruz City. In response to the enforcement of Section 6.36.010, protesters occupied the Santa Cruz County Courthouse premises from approximately July 4, 2011 to October 2, 2011. Law enforcement officers from Santa Cruz County disbanded the protest and several protesters were charged with misdemeanors crimes in Santa Cruz County.

According to Covelli’s plea agreement and statements in court, in retribution for Santa Cruz City’s enforcement of Section 6.36.010 of the Municipal Code, and Santa Cruz County’s disbandment of the protest, Covelli and others, calling themselves the “People’s Liberation Front’” or “PLF,” and claiming to be associated with the “Anonymous” group, co-ordinated and executed an attack against Santa Cruz County’s computer servers. The PLF referred to these coordinated attacks on Santa Cruz County as “Operation Peace Camp 2010.”

The defendants are currently released on bond.

The sentencing hearings for twelve of the defendants are scheduled for December 4, 2014 at 10:00 a.m. before the Honorable D. Lowell Jensen, United States District Court Judge, in San Jose. Tracy Valenzuela’s sentencing hearing is scheduled for November 20, 2014 at 10:00 a.m. before Judge Jensen as well. The maximum statutory penalty for each count in violation of 18 United States Code, Section 1030(b) – Conspiracy (Felony), is 5 years imprisonment and a $250,000 fine; for each count in violation of 18 United States Code, Section 1030(a)(5)(A) – Intentional Damage to a Protected Computer (Felony), is 10 years imprisonment and a $250,000 fine; for each count in violation of 18 United States Code, Sections 1030(a)(5)(A) & (c)(4)(G)(i) – Intentional Damage to a Protected Computer (Misd.) is 1 year in prison and a $100,000 fine, and for each count in violation of 18 United States Code, Sections 1030(a)(5)(A) & (c)(4)(G)(i) – Reckless Damage to a Protected Computer (Misd.) is 1 year in prison and a $100,000 fine.

However, any sentence will be imposed by the court only after consideration of the U.S. Sentencing Guidelines and the federal statute governing the imposition of a sentence, 18 U.S.C. § 3553.

Matt Parrella and Hanley Chew are the Assistant U.S. Attorneys who prosecuted the case with the assistance of Elise Etter. The prosecution is the result of an investigation by the Federal Bureau of Investigation, along with cooperation from PayPal. Authorities in the Netherlands, Germany and France have also taken their own investigative and enforcement actions.

The National Cyber-Forensics and Training Alliance, a public-private partnership whose mission to identify, mitigate, and neutralize cyber-crime, also provided assistance.

Further Information:
Case #: CR-11-471 DLJ (PSG)