Computer underground Digest    Wed  Nov 2, 1995   Volume 6 : Issue 95
                           ISSN  1004-042X

       Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET)
       Archivist: Brendan Kehoe
       Retiring Shadow Archivist: Stanton McCandlish
       Shadow-Archivists: Dan Carosone / Paul Southworth
                          Ralph Sims / Jyrki Kuoppala
                          Ian Dickinson
       Mini-biscuit editor:  Guy Demau Passant

CONTENTS, #6.95 (Wed, Nov 2, 1995)

File 1--Telecom Digest Editor (Pat Townson) Has Heart Attack
File 2--"Hackers Stole Phone Card Numbers in $50 Mil Scam"
File 3--Press release for VTW Voters Guide
File 4--NEED HELP ON "CYBERMEDIA"
File 5--"The Tojo Virus" by Randall
File 6--Subbing to CFP '95 Mailing list (revision)
File 7--Steve Jackson Games opinion (Appellate Opinion, 10-31-94)
File 8--Cu Digest Header Information (unchanged since 23 Oct 1994)

CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN
THE CONCLUDING FILE AT THE END OF EACH ISSUE.

----------------------------------------------------------------------

Date: Mon, 31 Oct 94 23:22:08 CST
From: telecom@DELTA.EECS.NWU.EDU(TELECOM Digest (Patrick Townson))
Subject: File 1--Telecom Digest Editor (Pat Townson) Has Heart Attack

((MODERATORS' NOTE: We're saddened by William Pfeiffer's report that
Pat Townson, responsible for the birth of CuD, suffered a heart attack
this past week. We wish Pat a speedy recovery.  Following is the
message that was sent out)).

Attention subscribers.

This is William Pfeiffer, Moderator of rec.radio.broadcasting.

On early sunday morning, October 30th, Pat Townson, moderator of thie
newsgroup suffered a mild heart attack and is  hospitalized while
recovering.

He is in the Rush-Presbyterian St Lukes medical center
9600 Gross Point Rd.  Skokie Ill 60077.  He is expected to return
home within aproximately a week to 10 days, and has no net access
until that time.

Therefore it is strongly suggested that all submissions be held until
further notice.

This turn of events has left Pat kind of discouraged, so any cards or
letters of support would be appreciated.  His mailing address is
9457-D Niles Center Road Skokie Il 60076.

Anyone wishing updated information can contact me at the following net
address

William Pfeiffer
wdp@uiuc.ed

------------------------------

Date: Wed, 2 Nov 1994 18:21:19 CST
From: Anonymous <cudigest@mindvox.phantom.com>
Subject: File 2--"Hackers Stole Phone Card Numbers in $50 Mil Scam"

         HACKERS STOLE PHONE CARD NUMBERS IN $50 MILLION SCAM

                          By Ronald E. Yates
               (Chicago Tribune, Nov. 2, 1994, p. 1, 6)

     In the latest attempt to halt banditry along the information
     superhighway, nine members of an international network of
     computer hackers that included an Illinois man and an MCI
     technician were charged Tuesday with buying and selling
     thousands of stolen telephone card numbers.

     The accused hackers, who used on-line aliases such as "Major
     Theft," "Killer" and "Phone Stud," defrauded long-distance
     phone companies of an estimated $50 million, according to
     federal investigators.

((The scam goes back to 1992 and alleges that 100,000 calling-card
numbers were stolen from MCI's trunk lines.  James Ivy Lay, aka
"Knight Shadow," used software to snatch the numbers by recording
personal identification numbers (PINS) as they were sent over MCI's
long-distance networks.  He then sold them to people that the story
describes as "hackers" for about $1 each.  The story reports that
"tens of thousands" of MCI, AT&T, Sprint, and other companies were
billed for the calls, but the customers won't be charged.  iAccording
to the story, Lay installed software that recorded the numbers, which
he then sold to BBSes world wide)).

     "This is a widespread and growing problem," said David
     Adams, a spokesman for the U.S. Secret Service, which
     investigates interstate telephone fraud.

     "I won't say we get reports of telephone calling-card fraud
     in our local offices every day, but it is frequent, maybe
     several times a week," he said.

     Last week the leader of another international ring of
     computer hackers pleaded guilty to stealing 140,000
     phone-card numbers that were used to make $140 million in
     unauthorized long-distance calls.

     Officials at GTE Corp. AT&T, Bell Atlantic and MCI
     Communications, the prime targets of the fraud, said an
     average of $1,000 in unauthorized calls were made on each of
     the stolen cards.

((The paper reports that a French citizen was the ring leader, and was
lured to the US by a "cooperative defendant" using the ploy of turning
over thousands of new numbers. Lay, Ted Antony Lemmy of suburban
Westmont, Ill., and Louarn, as well as the others, fact a 5-10 year
prison setence and/or a $250,000 fine if convicted.))

     Most telephone fraud is much smaller and less organized,
     said MCI spokeswoman Leslie Aun. It usually involves someone
     looking over your shoulder or videotaping you as you punch
     in your card number and PIN. She added such fraud is costing
     long-distance carriers more than $2 billion a year.

     However, the electronic theft of telephone card numbers is
     similar to tactics used on the Internet computer network to
     collect computer passwords. Special software that appears to
     be part of the network collects computer passwords as they
     are keyed in.

     "Some hackers claim they are doing this because they
     consider themselves guerrillas in a war aimed at keeping the
     information superhighway wide open and deregulated by people
     they consider toll-takers, like long-distance carriers and
     government regulators," said independent industry analyst
     Martin Sellers. "They consider themselves electronic Robin
     Hoods."

((The story concludes by noting that the numbers were sold on BBSes in
Germany, Belgium, France, Spain, Italiy, Sweden, and "just about every
state in the U.S.

------------------------------

Date: Thu, 27 Oct 1994 00:55:27 -0400 (EDT)
From: "Shabbir J. Safdar" <shabbir@PANIX.COM>
Subject: File 3--Press release for VTW Voters Guide

[This is the last posting about the Voters Guide.  Further postings
 will go to the appropriate newsgroups. -Shabbir]

October 24, 1994


              PRIVACY GROUP RELEASES LEGISLATIVE REPORT CARD
                            FOR 1994 CONGRESS

For Immediate Release

NEW YORK - The Voters Telecomm Watch (VTW) an organization dedicated to
monitoring civil liberties in telecommunications, has just announced its
1993/1994 legislative report cards -- and the news isn't good.  Almost the
entire Congress received a grade of 'D' for failing to recognize several
threats to American privacy that presented themselves to the legislature
this year, and one opportunity.

"A few legislators distinguished themselves, recognizing the bills that
threatened privacy this year, but on the whole, Congress was asleep at the
wheel," stated Alexis Rosen, VTW board member.

This year VTW monitored two pieces of legislation, Rep. Maria Cantwell's
(D-WA) cryptographic exports bill (HR 3627) and the FBI's Wiretap/Digital
Telephony bill (S.2375/HR.4922).

Representative Cantwell received VTW's Legislator of the Year Award for
her attempts to bring laws governing the export of encryption more in line
with the current state and availability of that technology overseas.

Rep. Cantwell's export bill would have made practical the incorporation
of encryption into systems and application programs.  Currently, such
technology is not included because of government regulations
restricting the export of such software.  Embedded encryption is
essential to expand business use of electronic mail and other
transmission of sensitive data, such as credit card information.  It is
therefore necessary for on-line shopping and banking.  Software
manufacturing currently one of America's strongest exporting industries
is threatened by foreign competition not subject to the same
constraints.

Representatives Melvin Watt (D-NC) and Elizabeth Furse (D-OR), both
first-term legislators, received VTW's Rookie of the Year awards
for their stated opposition to the Digital Wiretap bill, on privacy and
fiscal grounds.

Most Congressional actions this year on telecommunications and privacy
issues have been on voice votes, making it difficult to score
individual performance.  A network of hundreds of VTW volunteers have called
and written their own legislators to ascertain their positions.

"Our legislators really don't seem to want to be held accountable,"
stated volunteer Josh Hendrix.  "The breakfast food of the day is still
waffles at Sen. Feinstein's office," stated a California volunteer,
expressing his frustration after literally hundreds of faxes and called
had been received by Senator Feinstein without a change in her position.

Senator Feinstein received a special award this year from VTW -- the
'Duck of the Year'.  "She received hundreds of constituent calls and
faxes asking her to oppose the FBI Wiretap bill," said VTW Press contact
Steven Cherry, "and she still voted for the bill, despite the wishes
of the very people she was elected to represent.  We've purchased a
rubber duck for her, and it will arrive in the mail soon."

Voters Telecommunications Watch is hoping Rep. Cantwell's bill will be
reintroduced in the 104th Congress.  Perhaps the biggest issue of the
next session will be the continued legality of strong private encryption
without key escrow.  FBI Director Louis Freeh has been quoted as saying
that, according to cyberjournalist Brock Meeks, "if the Administration's
Escrowed Encryption System, otherwise known as the Clipper Chip, failed to
gain acceptance, giving way to private encryption technologies, he would
have no choice but to press Congress to pass legislation that provided
law enforcement access to all encrypted communications."

The Voters Telecomm Watch legislative report card can be found on the
Internet in their gopher at gopher.panix.com.  You can also send them
email requesting a copy (or information about the organization) at
vtw@vtw.org.  Finally, you can request a copy until November 15th via
US Mail by leaving a message in their voice mail at (718) 596-2851.
You must leave your entire address (including zip code).

VTW's efforts to garner grass-roots opposition to the FBI Wiretap/Digital
Telephony bill were reported upon by such publications as the New York
Times and Wired magazine.  It's legislative report card has also been
distributed onto the Internet, where it will quickly reach hundreds of
thousands of readers within the first week of distribution.

Concerned citizens can reach Voters Telecommunications Watch by writing to
vtw@vtw.org or checking their gopher at gopher.panix.com.

--
  Steven Cherry  <stc@vtw.org>
  Media contact
  Voters Telecommunications Watch  <vtw@vtw.org>   (718) 596-2851
  gopher -p 1/vtw gopher.panix.com


------------------------------

Date: Tue, 1 Nov 94 03:11:53 -0500
From: Pat Clawson <patclawson@DELPHI.COM>
Subject: File 4--NEED HELP ON "CYBERMEDIA"

Attention all Netters....

I am looking for information on the usage of the word "cybermedia" to
describe online and CD-ROM based interactive media.

As far as I can determine, it's been inregular use since the 1980's when
William Gibson of Neuromancer fame coined the term.

I'd like to know how you have used the term, and in what contexts.

If anyone has any texts or scholarly documents on this, that would be
helpful too.

A company (not ours) is claiming a trademark on the word, and is using it
to describe products other than interatctive electronic media.  We are
seeking as much information as possible on the word's use, because
trademarking it seems as unlikely as getting a trademark on the terms
"database" or "graphics."

Please E-mail all information to Pat Clawson, TeleGrafix Communications,
Huntington Beach, CA at 76357.3572@compuserve.com or patclawson@delphi.com.

Thanks,

Pat Clawson
TeleGrafix Communications

------------------------------

Date: Sun, 30 Oct 1994 13:29:04 EST
From: "Rob Slade, Ed. DECrypt & ComNet, VARUG rep, 604-984-4067"
Subject: File 5--"The Tojo Virus" by Randall

BKTOJOVR.RVW  940817

"The Tojo Virus", Randall, 1991, 0-8217-3436-9, U$4.95/C$5.95
   John D. Randall
   475 Park Avenue South, New York, NY 10016
   Zebra Books, Kensington Publishing Corp.

Score one for internal evidence!  All the way through this book, I was
muttering that the author knew a *lot* about IBM the corporation, IBM
sales, IBM demos and PROFS screens.  (He hasn't had any better luck
than I have with getting typesetters to do screen shots properly, but
...)  Lo and behold, the author's note at the end says that he is a
former IBM salescritter and manager.  In other words, he's a "suit",
and wouldn't know technology, high *or* low, if it bit him in the leg.

What we have, here, is possibly the precursor to "Terminal
Compromise".  Published a year before, the plot centres around a
diabolical Japanese scheme to refight Pearl Harbour--only on an
electronic battlefield.  The Yellow Peril set out to insert a virus
into the computers of the mighty IGC corporation and bring it to its
knees.  (Anyone who does not recognize IGC as IBM simply doesn't know
what's happening in the computer world.)

The author, in his end note, makes a lot of silly suggestions about
computer security which basically reduce to the idea that personal
computer users will have to adopt the "mainframe mentality".
Obviously, this guy is too heavily propagandized to recover.  The bad
guys set up a blackmail sting costing them (ultimately) four million
dollars just to get one password.  (Anyone for a little social
engineering?)  The blackmail operation serves primarily to introduce
(the book's term, here) a "high priced slut" who provides wild and
steamy sex scenes.  Fortunately (or unfortunately), depending upon
your taste (or lack thereof), the author has as little imagination in
pornography as in technology: most of the sex scenes have little more
description than "then wild sex takes place".  (This female character,
though unsure of what a "file" or a "disk" is, provides vital plot
direction by minutely dissecting the technical security weaknesses in
the original plan.)

The plan is to introduce a virus into the (mainframe) email system.  I
think.  (There is an awful lot of extraneous detail.)  The email,
whether read or not, will encrypt PC hard disks on a given date.  (The
bad guys somehow think this is safe because it doesn't do anything
illegal.)  Once the virus hits, no one can access anything, because
everyone uses PCs as terminals.  Encrypted PCs can't be booted from
floppies.  The deadly message contained screens full of ones and
zeros--obviously "Assembly language" written by REXX hackers!  (REXX,
boys and girls, is an interpreted language.)  While all of this is
going on, a single PC with a dialer program is managing to tie up the
entire phone system of huge corporate offices.

I am not making this up.  (Randall is.)

He even gets a standard IBM joke wrong, misquoting "This page
intentionally left blank."

Ragged plot, inconsistent characters, enough tech to fool those who
know even less than Randall.

copyright Robert M. Slade, 1994   BKTOJOVR.RVW  940817

======================
DECUS Canada Communications, Desktop, Education and Security group
newsletters Editor and/or reviewer ROBERTS@decus.ca, RSlade@sfu.ca,
Rob Slade at 1:153/733 Author "Robert Slade's Guide to Computer
Viruses" (Oct. '94) Springer-Verlag

------------------------------

Date: Fri, 28 Oct 1994 07:38:34 -0700 (PDT)
From: Bruce Umbaugh <bumbaugh@CRL.COM>
Subject: File 6--Subbing to CFP '95 Mailing list (revision)


The instructions on subscribing to a mailing list to discuss potential
speakers and such for Computers, Freedom, and Privacy '95 should be
modified to read:

To discuss potential CFP'95 speakers, topics, and formats, and to receive
additional CFP'95 information, subscribe to the CFP95 list by sending email:
         TO: MAJORDOMO@LISTS.STANFORD.EDU
    SUBJECT: [ ignored ]
   MSG BODY: SUBSCRIBE CFP95

And for general help with the Majordomo automated list-maintenance software:
         TO: MAJORDOMO@LISTS.STANFORD.EDU
    SUBJECT: [ ignored ]
   MSG BODY: HELP

Please do not send sub-/unsubscription requests to the recipients of the list.

Please distribute this correction notice as widely as you circulated the
original.  Many thanks.

------------------------------

Date: Tue, 1 Nov 1994 18:30:36 -0600 (CST)
From: pkennedy <pkennedy@IO.COM>
Subject: File 7--Steve Jackson Games opinion (Appellate Opinion, 10-31-94)

     Editors:  The following is the text of Monday's opinion
by the Fifth Circuit Court of Appeals in the Steve Jackson Games
v. US Secret Service case.  The Fifth Circuit has rejected
the Plaintiffs' argument that the seizure of their in-transit
e-mail was an illegal "interception" of their electronic
communications prohibited by the Wiretap Act.  Obviously, the
Plaintiffs are disappointed in the outcome, but note that the
opinion leaves in place the Plaintiffs' victory at trial, where
Judge Sam Sparks held that the Secret Service raid on Steve Jackson
Games and its seizure of the company's bulletin board system had
violated both the Privacy Protection Act of 1980's prohibition
against seizing a publisher's works in progress, and the Electronic
Communications Privacy Act's limitations on the seizure of stored
electronic communications.

--------------------------------------------------------------
Peter D. Kennedy             Attorney
pkennedy@io.com              George Donaldson & Ford, L.L.P.
(512) 495-1416 (voice)       114 West 7th Street, Suite 1000
(512) 499-0094 (fax)         Austin, Texas 78701
--------------------------------------------------------------

     STEVE JACKSON GAMES, INCORPORATED, et al.,
               Plaintiffs-Appellants,
                               v.
     UNITED STATES SECRET SERVICE, et al., Defendants,
     United States Secret Service and United States of America,
               Defendants-Appellees.

                          No. 93-8661.
                 United States Court of Appeals,
                         Fifth Circuit.
                         Oct. 31, 1994.

     Peter D. Kennedy, R. James George, Jr., George, Donaldson &
Ford, Austin, TX, for appellants.

     Sharon Steele, Washington, DC, for amicus curiae Electronic
Frontier Foundation.

     Scott McIntosh, Barbara Herwig, U.S. Dept. of Justice,
Washington, DC, for  appellees.

     Appeal from the United States District Court for the Western
District of Texas.

Before HIGGINBOTHAM, JONES and BARKSDALE, Circuit Judges.

RHESA HAWKINS BARKSDALE, Circuit Judge:

     The narrow issue before us is whether the seizure of a
computer, used to operate an electronic bulletin board system, and
containing private electronic mail which had been sent to (stored
on) the bulletin board, but not read (retrieved) by the intended
recipients, constitutes an unlawful intercept under the Federal
Wiretap Act, 18 U.S.C. s 2510, et seq., as amended by Title I of
the Electronic Communications Privacy Act of 1986, Pub.L. No.
99-508, Title I, 100 Stat. 1848 (1986).  We hold that it is not,
and therefore AFFIRM.

                               I.

     The district court's findings of fact are not in dispute.  See
Steve Jackson Games, Inc. v. United States Secret Service, 816
F.Supp. 432 (W.D.Tex.1993).  Appellant Steve Jackson Games,
Incorporated (SJG), publishes books, magazines, role-playing games,
and related products.  Starting in the mid-1980s, SJG operated an
electronic bulletin board system, called "Illuminati" (BBS), from
one of its computers.  SJG used the BBS to post public information
about its business, games, publications, and the role-playing
hobby;  to facilitate play-testing of games being developed;  and
to communicate with its customers and free-lance writers by
electronic mail (E- mail).

     Central to the issue before us, the BBS also offered customers
the ability to send and receive private E-mail.  Private E-mail was
stored on the BBS computer's hard disk drive temporarily, until the
addressees "called" the BBS (using their computers and modems) and
read their mail.  After reading their E- mail, the recipients could
choose to either store it on the BBS computer's hard drive or
delete it.  In February 1990, there were 365 BBS users.  Among
other uses, appellants Steve Jackson, Elizabeth McCoy, William
Milliken, and Steffan O'Sullivan used the BBS for communication by
private E-mail.

     In October 1988, Henry Kluepfel, Director of Network Security
Technology (an affiliate Bell Company), began investigating the
unauthorized duplication and distribution of a computerized text
file, containing information about Bell's emergency call system.
In July 1989, Kluepfel informed Secret Service Agent Foley and an
Assistant United States Attorney in Chicago about the unauthorized
distribution.  In early February 1990, Kluepfel learned that the
document was available on the "Phoenix Project" computer bulletin
board, which was operated by Loyd Blankenship in Austin, Texas;
that Blankenship was an SJG employee; and that, as a co-systems
operator of the BBS, Blankenship had the ability to review and,
perhaps, delete any data on the BBS.

     On February 28, 1990, Agent Foley applied for a warrant to
search SJG's premises and Blankenship's residence for evidence of
violations of 18 U.S.C. ss 1030 (proscribes interstate
transportation of computer access information) and 2314 (proscribes
interstate transportation of stolen property).  A search warrant
for SJG was issued that same day, authorizing the seizure of, inter
alia,

     [c]omputer hardware ... and computer software ... and ...
     documents relating to the use of the computer system ..., and
     financial documents and  licensing documentation relative to
     the computer programs and equipment at ... [SJG] ... which
     constitute evidence ... of federal crimes....  This warrant is
     for the seizure of the above described computer and computer
     data and for the authorization to read information stored and
     contained on the above described computer and computer data.

The next day, March 1, the warrant was executed by the Secret
Service, including Agents Foley and Golden.  Among the items seized
was the computer which operated the BBS.  At the time of the
seizure, 162 items of unread, private E-mail were stored on the
BBS, including items addressed to the individual appellants.
Despite the Secret Service's denial, the district court found that
Secret Service personnel or delegates read and deleted the private
E-mail stored on the BBS.

     Appellants filed suit in May 1991 against, among others, the
Secret Service and the United States, claiming, inter alia,
violations of the Privacy Protection Act, 42 U.S.C. s 2000aa, et
seq. [FN1];  the Federal Wiretap Act, as amended by Title I of the
Electronic Communications Privacy Act (ECPA), 18 U.S.C. ss
2510-2521 (proscribes, inter alia, the intentional interception of
electronic communications);  and Title II of the ECPA, 18 U.S.C. ss
2701-2711 (proscribes, inter alia, intentional access, without
authorization, to stored electronic communications). [FN2]

     The district court held that the Secret Service violated the
Privacy Protection Act, and awarded actual damages of $51,040 to
SJG;  and that it violated Title II of the ECPA by seizing stored
electronic communications without complying with the statutory
provisions, and awarded the statutory damages of $1,000 to each of
the individual appellants.  And, it awarded appellants $195,000 in
attorneys' fees and approximately $57,000 in costs. But, it held
that the Secret Service did not "intercept" the E-mail in violation
of Title I of the ECPA, 18 U.S.C. s 2511(1)(a), because its
acquisition of the contents of the electronic communications was
not contemporaneous with the transmission of those communications.

                               II.

     As stated, the sole issue is a very narrow one:  whether the
seizure of a computer on which is stored private E-mail that has
been sent to an electronic bulletin board, but not yet read
(retrieved) by the recipients, constitutes an "intercept"
proscribed by 18 U.S.C. s 2511(1)(a). [FN3]  Section 2511 was
enacted in 1968 as part of Title III of the Omnibus Crime Control
and Safe Streets Act of 1968, often referred to as the Federal
Wiretap Act.  Prior to the 1986 amendment by Title I of the ECPA,
it covered only wire and oral communications.  Title I of the ECPA
extended that coverage to electronic communications. [FN4]  In
relevant part, s 2511(1)(a) proscribes "intentionally
intercept[ing] ... any wire, oral, or electronic communication",
unless the intercept is authorized by court order or by other
exceptions not relevant here.  Section 2520 authorizes, inter alia,
persons whose electronic communications are intercepted in
violation of s 2511 to bring a civil action against the interceptor
for actual damages, or for statutory damages of $10,000 per
violation or $100 per day of the violation, whichever is greater.
18 U.S.C. s 2520. [FN5]

     The Act defines "intercept" as "the aural or other acquisition
of the contents of any wire, electronic, or oral communication
through the use of any electronic, mechanical, or other device."
18 U.S.C. s 2510(4).  The district court, relying on our court's
interpretation of intercept in United States v. Turk, 526 F.2d 654
(5th Cir.), cert. denied, 429 U.S. 823, 97 S.Ct. 74, 50 L.Ed.2d 84
(1976), held that the Secret Service did not intercept the
communications, because its acquisition of the contents of those
communications was not contemporaneous with their transmission.  In
Turk, the government seized from a suspect's vehicle an audio tape
of a prior conversation between the suspect and Turk.  (Restated,
when the conversation took place, it was not recorded
contemporaneously by the government.)  Our court held that
replaying the previously recorded conversation was not an
"intercept", because an intercept "require[s] participation by the
one charged with an 'interception' in the contemporaneous
acquisition of the communication through the use of the device".
Id. at 658.

     Appellants agree with Turk's holding, but contend that it is
not applicable, because it "says nothing about government action
that both acquires the communication prior to its delivery, and
prevents that delivery." (Emphasis by appellants.)  Along that
line, appellants note correctly that Turk's interpretation of
"intercept" predates the ECPA, and assert, in essence, that the
information stored on the BBS could still be "intercepted" under
the Act, even though it was not in transit.  They maintain that to
hold otherwise does violence to Congress' purpose in enacting the
ECPA, to include providing protection for E-mail and bulletin
boards.  For the most part, appellants fail to even discuss the
pertinent provisions of the Act, much less address their
application.  Instead, they point simply to Congress' intent in
enacting the ECPA and appeal to logic (i.e., to seize something
before it is received is to intercept it).

     But, obviously, the language of the Act controls.  In that
regard, appellees counter that "Title II, not Title I, ... governs
the seizure of stored electronic communications such as unread
e-mail messages", and note that appellants have recovered damages
under Title II.  Understanding the Act requires understanding and
applying its many technical terms as defined by the Act, as well as
engaging in painstaking, methodical analysis.  As appellees note,
the issue is not whether E-mail can be "intercepted";  it can.
Instead, at issue is what constitutes an "intercept".

     Prior to the 1986 amendment by the ECPA, the Wiretap Act
defined "intercept" as the "aural acquisition" of the contents of
wire or oral communications through the use of a device.  18 U.S.C.
s 2510(4) (1968).  The ECPA amended this definition to include the
"aural or other acquisition of the contents of ... wire,
electronic, or oral communications...."  18 U.S.C. s 2510(4) (1986)
(emphasis added for new terms).  The significance of the addition
of the words "or other" in the 1986 amendment to the definition of
"intercept" becomes clear when the definitions of "aural" and
"electronic communication" are examined;  electronic communications
(which include the non- voice portions of wire communications), as
defined by the Act, cannot be acquired aurally.

     Webster's Third New International Dictionary (1986) defines
"aural" as "of or relating to the ear" or "of or relating to the
sense of hearing".  Id. at 144.  And, the Act defines "aural
transfer" as "a transfer containing the human voice at any point
between and including the point of origin and the point of
reception."  18 U.S.C. s 2510(18).  This definition is extremely
important for purposes of understanding the definition of a "wire
communication", which is defined by the Act as

     any aural transfer made in whole or in part through the use of
     facilities for the transmission of communications by the aid
     of wire, cable, or other like  connection between the point of
     origin and the point of reception (including  the use of such
     connection in a switching station) ... and such term includes
     any electronic storage of such communication.

18 U.S.C. s 2510(1) (emphasis added).  In contrast, as noted, an
"electronic communication" is defined as "any transfer of signs,
signals, writing, images, sounds, data, or intelligence of any
nature transmitted in whole or in part by a wire, radio,
electromagnetic, photoelectronic or photooptical system ... but
does not include ... any wire or oral communication...."  18 U.S.C.
s 2510(12) (emphasis added).

     Critical to the issue before us is the fact that, unlike the
definition of "wire communication", the definition of "electronic
communication" does not include electronic storage of such
communications.  See 18 U.S.C. s 2510(12).  See note 4, supra.
[FN6]  "Electronic storage" is defined as

     (A) any temporary, intermediate storage of a wire or
     electronic communication incidental to the electronic
     transmission thereof;  and
     (B) any storage of such communication by an electronic
     communication service for purposes of backup protection of
     such communication....

18 U.S.C. s 2510(17) (emphasis added).  The E-mail in issue was in
"electronic storage".  Congress' use of the word "transfer" in the
definition of "electronic communication", and its omission in that
definition of the phrase "any electronic storage of such
communication" (part of the definition of "wire communication")
reflects that Congress did not intend for "intercept" to apply to
"electronic communications" when those communications are in
"electronic storage". [FN7]

     We could stop here, because "[i]ndisputably, the goal of
statutory construction is to ascertain legislative intent through
the plain language of a statute--without looking to legislative
history or other extraneous sources". Stone v. Caplan (Matter of
Stone), 10 F.3d 285, 289 (5th Cir.1994).  But, when interpreting a
statute as complex as the Wiretap Act, which is famous (if not
infamous) for its lack of clarity, see, e.g., Forsyth v. Barr, 19
F.3d 1527, 1542-43 (5th Cir.), cert. denied, --- U.S. ----, ---
S.Ct. ----, --- L.Ed.2d ---- (1994), we consider it appropriate to
note the legislative history for confirmation of our understanding
of Congress' intent.  See id. at 1544.

     As the district court noted, the ECPA's legislative history
makes it crystal clear that Congress did not intend to change the
definition of "intercept" as it existed at the time of the
amendment.  See 816 F.Supp. at 442 (citing S.Rep. No. 99-541, 99th
Cong., 2d Sess. 13 (1986), reprinted in 1986 U.S.C.C.A.N. 3555,
3567).  The Senate Report explains:   Section 101(a)(3) of the
[ECPA] amends the definition of the term "intercept" in current
section 2510(4) of title 18 to cover electronic communications.
The definition of "intercept" under current law is retained with
respect to wire and oral communications except that the term "or
other" is inserted after "aural."  This amendment clarifies that it
is illegal to intercept the nonvoice portion of a wire
communication.  For example, it is illegal to intercept the data or
digitized portion of a voice communication.  1986 U.S.C.C.A.N. at
3567.

     Our conclusion is reinforced further by consideration of the
fact that Title II of the ECPA clearly applies to the conduct of
the Secret Service in this case.  Needless to say, when construing
a statute, we do not confine our interpretation to the one portion
at issue but, instead, consider the statute as a whole.  See, e.g.,
United States v. McCord, --- F.3d ----, ----, 1994 WL 523211, at *6
(5th Cir.1994) (citing N. Singer, 2A Sutherland Statutory
Construction, s 46.05, at 103 (5th ed. 1992)).  Title II generally
proscribes unauthorized access to stored wire or electronic
communications.  Section 2701(a) provides:

     Except as provided in subsection (c) of this section whoever--


     (1) intentionally accesses without authorization a facility
     through which an electronic communication service is provided;

     or

     (2) intentionally exceeds an authorization to access that
     facility;   and thereby obtains, alters, or prevents
     authorized access to a wire or electronic communication while
     it is in electronic storage in such system shall be
     punished....

18 U.S.C. s 2701(a) (emphasis added).

     As stated, the district court found that the Secret Service
violated s 2701 when it intentionally accesse[d] without
authorization a facility [the computer] through which an electronic
communication service [the BBS] is provided ... and thereby
obtain[ed] [and] prevent[ed] authorized access [by appellants] to
a[n] ... electronic communication while it is in electronic storage
in such system.  18 U.S.C. s 2701(a).  The Secret Service does not
challenge this ruling.

     We find no indication in either the Act or its legislative
history that Congress intended for conduct that is clearly
prohibited by Title II to furnish the basis for a civil remedy
under Title I as well.  Indeed, there are persuasive indications
that it had no such intention.

     First, the substantive and procedural requirements for
authorization to intercept electronic communications are quite
different from those for accessing stored electronic
communications.  For example, a governmental entity may gain access
to the contents of electronic communications that have been in
electronic storage for less than 180 days by obtaining a warrant.
See 18 U.S.C. s 2703(a).  But there are more stringent, complicated
requirements for the interception of electronic communications;  a
court order is required. See 18 U.S.C. s 2518.

     Second, other requirements applicable to the interception of
electronic communications, such as those governing minimization,
duration, and the types of crimes that may be investigated, are not
imposed when the communications at issue are not in the process of
being transmitted at the moment of seizure, but instead are in
electronic storage.  For example, a court order authorizing
interception of electronic communications is required to include a
directive that the order shall be executed "in such a way as to
minimize the interception of communications not otherwise subject
to interception".  18 U.S.C. s 2518(5).  Title II of the ECPA does
not contain this requirement for warrants authorizing access to
stored electronic communications.  The purpose of the minimization
requirement is to implement "the constitutional obligation of
avoiding, to the greatest possible extent, seizure of conversations
which have no relationship to the crimes being investigated or the
purpose for which electronic surveillance has been authorized".
James G. Carr, The Law of Electronic Surveillance, s 5.7(a) at 5-28
(1994).

     Obviously, when intercepting electronic communications, law
enforcement officers cannot know in advance which, if any, of the
intercepted communications will be relevant to the crime under
investigation, and often will have to obtain access to the contents
of the communications in order to make such a determination.
Interception thus poses a significant risk that officers will
obtain access to communications which have no relevance to the
investigation they are conducting.  That risk is present to a
lesser degree, and can be controlled more easily, in the context of
stored electronic communications, because, as the Secret Service
advised the district court, technology exists by which relevant
communications can be located without the necessity of reviewing
the entire contents of all of the stored communications.  For
example, the Secret Service claimed (although the district court
found otherwise) that it reviewed the private E-mail on the BBS by
use of key word searches.

     Next, as noted, court orders authorizing an intercept of
electronic communications are subject to strict requirements as to
duration.  An intercept may not be authorized "for any period
longer than is necessary to achieve the objective of the
authorization, nor in any event longer than thirty days". 18 U.S.C.
s 2518(5).  There is no such requirement for access to stored
communications.

     Finally, as also noted, the limitations as to the types of
crimes that may be investigated through an intercept, see 18 U.S.C.
s 2516, have no counterpart in Title II of the ECPA.  See, e.g., 18
U.S.C. s 2703(d) (court may order a provider of electronic
communication service or remote computing service to disclose to a
governmental entity the contents of a stored electronic
communication on a showing that the information sought is "relevant
to a legitimate law enforcement inquiry").

     In light of the substantial differences between the statutory
procedures and requirements for obtaining authorization to
intercept electronic communications, on the one hand, and to gain
access to the contents of stored electronic communications, on the
other, it is most unlikely that Congress intended to require law
enforcement officers to satisfy the more stringent requirements for
an intercept in order to gain access to the contents of stored
electronic communications. [FN8]

     At oral argument, appellants contended (for the first time)
that Title II's reference in s 2701(c) to s 2518 (which sets forth
the procedures for the authorized interception of wire, oral, or
electronic communications) reflects that Congress intended
considerable overlap between Titles I and II of the ECPA. [FN9]  As
stated, s 2701(a) prohibits unauthorized access to stored wire or
electronic communications.  Subsection (c) of s 2701 sets forth the
exceptions to liability under subsection (a), which include conduct
authorized:

     (1) by the person or entity providing a wire or electronic
     communications service;

     (2) by a user of that service with respect to a communication
     of or intended for that user;  or

     (3) in section 2703, 2704 or 2518 of this title.

18 U.S.C. s 2701(c) (emphasis added). [FN10]

     Appellants overemphasize the significance of this reference to
s 2518.  As discussed in notes 6-7, supra, it is clear that
Congress intended to treat wire communications differently from
electronic communications.  Access to stored electronic
communications may be obtained pursuant to a search warrant, 18
U.S.C. s 2703;  but, access to stored wire communications requires
a court order pursuant to s 2518.  Because s 2701 covers both
stored wire and electronic communications, it was necessary in
subsection (c) to refer to the different provisions authorizing
access to each.

                              III.

 For the foregoing reasons, the judgment is AFFIRMED.

     FN1. Section 2000aa(a) provides that it is unlawful for a
government officer or employee, in connection with the
investigation ... of a criminal offense, to search for or seize any
work product materials possessed by a person reasonably believed to
have a purpose to disseminate to the public a newspaper, book,
broadcast, or other similar form of public communication....  Among
the items seized was a draft of GURPS Cyberpunk, a book intended by
SJG for immediate publication.  It was one of a series of fantasy
role-playing game books SJG published.  "GURPS" is an acronym for
SJG's "Generic Universal Roleplaying System".  "Cyberpunk" refers
to a science fiction literary genre which became popular in the
1980s, which is characterized by the fictional interaction of
humans with technology and the fictional struggle for power between
individuals, corporations, and government.

     FN2. Kluepfel, the Assistant United States Attorney, and
Agents Foley and Golden were also sued.  In addition to the
statutory claims, appellants also claimed violations of the First
and Fourth Amendments to the United States Constitution.  And, in
September 1992, they added state law claims for conversion and
invasion of privacy.  Prior to trial, the claims against the
individuals were dismissed, and appellants withdrew their
constitutional and state law claims.

     FN3. Appellants raised two other issues regarding damages, but
later advised that they have been settled.  And, prior to briefing,
the Secret Service dismissed its cross-appeal.

     FN4. An "electronic communication" is defined as:  any
transfer of signs, signals, writing, images, sounds, data, or
intelligence of any nature transmitted in whole or in part by a
wire, radio, electromagnetic, photoelectronic or photooptical
system that affects interstate or foreign commerce, but does not
include--  (A) the radio portion of a cordless telephone
communication that is transmitted between the cordless telephone
handset and the base unit; (B) any wire or oral communication; (C)
any communication made through a tone-only paging device;  or (D)
any communication from a tracking device (as defined in section
3117 of this title)....  18 U.S.C. s 2510(12).

     FN5. Title I of the ECPA increased the statutory damages for
unlawful interception from $1,000 to $10,000.  See Bess v. Bess,
929 F.2d 1332, 1334 (8th Cir.1991).  On the other hand, as noted,
Title II authorizes an award of "the actual damages suffered by the
plaintiff and any profits made by the violator as a result of the
violation, but in no case ... less than the sum of $1000".  18
U.S.C. s 2707(c).  As discussed, the individual appellants each
received Title II statutory damages of $1,000.

     FN6. Wire and electronic communications are subject to
different treatment under the Wiretap Act.  The Act's exclusionary
rule, 18 U.S.C. s 2515, applies to the interception of wire
communications, including such communications in electronic
storage, see 18 U.S.C. s 2510(1), but not to the interception of
electronic communications.  See 18 U.S.C. s 2518(10)(a);  United
States v. Meriwether, 917 F.2d 955, 960 (6th Cir.1990);  S.Rep. No.
99-541, 99th Cong., 2d Sess. 23 (1986), reprinted in 1986
U.S.C.C.A.N. 3555, 3577.  And, the types of crimes that may be
investigated by means of surveillance directed at electronic
communications, 18 U.S.C. s 2516(3) ("any federal felony"), are not
as limited as those that may be investigated by means of
surveillance directed at wire or oral communications.  See 18
U.S.C. s 2516(1) (specifically listed felonies).

     FN7. Stored wire communications are subject to different
treatment than stored electronic communications.  Generally, a
search warrant, rather than a court order, is required to obtain
access to the contents of a stored electronic communication.  See
18 U.S.C. s 2703(a).  But, compliance with the more stringent
requirements of s 2518, including obtaining a court order, is
necessary to obtain access to a stored wire communication, because
s 2703 expressly applies only to stored electronic communications,
not to stored wire communications.  See James G. Carr, The Law of
Electronic Surveillance, s 4.10, at 4-126--4-127 (1994) (citing
H.R.Rep. No. 99-647, 99th Cong., 2d Sess. 67-68 (1986)).

     FN8. The ECPA legislative history's explanation of the
prohibitions regarding disclosure also persuades us of the
soundness of Turk's interpretation of "intercept" and our
understanding of the distinctions Congress intended to draw between
communications being transmitted and communications in electronic
storage.  In describing Title II's prohibitions against disclosure
of the contents of stored communications, the Senate Report points
out that s 2702(a) (part of Title II) "generally prohibits the
provider of a wire or electronic communication service to the
public from knowingly divulging the contents of any communication
while in electronic storage by that service to any person other
than the addressee or intended recipient."  S.Rep. No. 99-541, 97th
Cong. 2nd Sess. 37, 1986 U.S.C.C.A.N. 3555, 3591 (emphasis added).
It then goes on to state that s 2511(3) of the Wiretap Act, as
amended by Title I of the ECPA, "prohibits such a provider from
divulging the contents of a communication while it is in
transmission".  Id. (emphasis added).

     FN9. It goes without saying that we generally will not
consider issues raised for the first time at oral argument.  For
this rare exception, the parties, as ordered, filed supplemental
briefs on this point.

     FN10. Section 2703 sets forth the requirements for
governmental access to the contents of electronic (but not wire)
communications.  For electronic communications that have been in
electronic storage for 180 days or less, the government can gain
access to the contents pursuant to a federal or state warrant.  18
U.S.C. s 2703(a).  For communications that are maintained by a
remote computing service and that have been in storage for more
than 180 days, the government can gain access by obtaining a
warrant, by administrative or grand jury subpoena, or by obtaining
a court order pursuant to s 2703(d).  18 U.S.C. s 2703(b). Section
2704 also deals only with electronic communications;  it provides,
inter alia, that a governmental entity may include in its subpoena
or court order a requirement that the service provider create and
maintain a duplicate of the contents of the electronic
communications sought.  18 U.S.C. s 2704.

------------------------------

Date: Thu, 23 Oct 1994 22:51:01 CDT
From: CuD Moderators <tk0jut2@mvs.cso.niu.edu>
Subject: File 8--Cu Digest Header Information (unchanged since 23 Oct 1994)

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.

CuD is available as a Usenet newsgroup: comp.society.cu-digest

Or, to subscribe, send a one-line message:  SUB CUDIGEST  your name
Send it to LISTSERV@UIUCVMD.BITNET or LISTSERV@VMD.CSO.UIUC.EDU
The editors may be contacted by voice (815-753-0303), fax (815-753-6302)
or U.S. mail at:  Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.

Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on  internet);
and on Rune Stone BBS (IIRGWHQ) (203) 832-8441.
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.

EUROPE:   from the ComNet in LUXEMBOURG BBS (++352) 466893;
          In ITALY: Bits against the Empire BBS: +39-461-980493
          In BELGIUM: Virtual Access BBS:  +32.69.45.51.77 (ringdown)

  UNITED STATES:  etext.archive.umich.edu (192.131.22.8)  in /pub/CuD/
                  ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/
                  aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
                  world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
                  uceng.uc.edu in /pub/wuarchive/doc/EFF/Publications/CuD/
                  wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
  EUROPE:         nic.funet.fi in pub/doc/cud/ (Finland)
                  ftp.warwick.ac.uk in pub/cud/ (United Kingdom)

  JAPAN:          ftp.glocom.ac.jp /mirror/ftp.eff.org/Publications/CuD

The most recent issues of CuD can be obtained from the NIU Sociology gopher
at:  tk0gphr.corn.cso.niu.edu (navigate to the "acad depts;"
"liberal arts;" "sociology" menus, and it'll be in CuDs.

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views.  CuD material may  be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission.  It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified.  Readers are encouraged to submit reasoned articles
relating to computer culture and communication.  Articles are
preferred to short responses.  Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
            the views of the moderators. Digest contributors assume all
            responsibility for ensuring that articles submitted do not
            violate copyright protections.

------------------------------

End of Computer Underground Digest #6.95
************************************