Computer underground Digest Wed Nov 2, 1995 Volume 6 : Issue 95 ISSN 1004-042X Editors: Jim Thomas and Gordon Meyer (TK0JUT2@NIU.BITNET) Archivist: Brendan Kehoe Retiring Shadow Archivist: Stanton McCandlish Shadow-Archivists: Dan Carosone / Paul Southworth Ralph Sims / Jyrki Kuoppala Ian Dickinson Mini-biscuit editor: Guy Demau Passant CONTENTS, #6.95 (Wed, Nov 2, 1995) File 1--Telecom Digest Editor (Pat Townson) Has Heart Attack File 2--"Hackers Stole Phone Card Numbers in $50 Mil Scam" File 3--Press release for VTW Voters Guide File 4--NEED HELP ON "CYBERMEDIA" File 5--"The Tojo Virus" by Randall File 6--Subbing to CFP '95 Mailing list (revision) File 7--Steve Jackson Games opinion (Appellate Opinion, 10-31-94) File 8--Cu Digest Header Information (unchanged since 23 Oct 1994) CuD ADMINISTRATIVE, EDITORIAL, AND SUBSCRIPTION INFORMATION APPEARS IN THE CONCLUDING FILE AT THE END OF EACH ISSUE. ---------------------------------------------------------------------- Date: Mon, 31 Oct 94 23:22:08 CST From: telecom@DELTA.EECS.NWU.EDU(TELECOM Digest (Patrick Townson)) Subject: File 1--Telecom Digest Editor (Pat Townson) Has Heart Attack ((MODERATORS' NOTE: We're saddened by William Pfeiffer's report that Pat Townson, responsible for the birth of CuD, suffered a heart attack this past week. We wish Pat a speedy recovery. Following is the message that was sent out)). Attention subscribers. This is William Pfeiffer, Moderator of rec.radio.broadcasting. On early sunday morning, October 30th, Pat Townson, moderator of thie newsgroup suffered a mild heart attack and is hospitalized while recovering. He is in the Rush-Presbyterian St Lukes medical center 9600 Gross Point Rd. Skokie Ill 60077. He is expected to return home within aproximately a week to 10 days, and has no net access until that time. Therefore it is strongly suggested that all submissions be held until further notice. This turn of events has left Pat kind of discouraged, so any cards or letters of support would be appreciated. His mailing address is 9457-D Niles Center Road Skokie Il 60076. Anyone wishing updated information can contact me at the following net address William Pfeiffer wdp@uiuc.ed ------------------------------ Date: Wed, 2 Nov 1994 18:21:19 CST From: Anonymous Subject: File 2--"Hackers Stole Phone Card Numbers in $50 Mil Scam" HACKERS STOLE PHONE CARD NUMBERS IN $50 MILLION SCAM By Ronald E. Yates (Chicago Tribune, Nov. 2, 1994, p. 1, 6) In the latest attempt to halt banditry along the information superhighway, nine members of an international network of computer hackers that included an Illinois man and an MCI technician were charged Tuesday with buying and selling thousands of stolen telephone card numbers. The accused hackers, who used on-line aliases such as "Major Theft," "Killer" and "Phone Stud," defrauded long-distance phone companies of an estimated $50 million, according to federal investigators. ((The scam goes back to 1992 and alleges that 100,000 calling-card numbers were stolen from MCI's trunk lines. James Ivy Lay, aka "Knight Shadow," used software to snatch the numbers by recording personal identification numbers (PINS) as they were sent over MCI's long-distance networks. He then sold them to people that the story describes as "hackers" for about $1 each. The story reports that "tens of thousands" of MCI, AT&T, Sprint, and other companies were billed for the calls, but the customers won't be charged. iAccording to the story, Lay installed software that recorded the numbers, which he then sold to BBSes world wide)). "This is a widespread and growing problem," said David Adams, a spokesman for the U.S. Secret Service, which investigates interstate telephone fraud. "I won't say we get reports of telephone calling-card fraud in our local offices every day, but it is frequent, maybe several times a week," he said. Last week the leader of another international ring of computer hackers pleaded guilty to stealing 140,000 phone-card numbers that were used to make $140 million in unauthorized long-distance calls. Officials at GTE Corp. AT&T, Bell Atlantic and MCI Communications, the prime targets of the fraud, said an average of $1,000 in unauthorized calls were made on each of the stolen cards. ((The paper reports that a French citizen was the ring leader, and was lured to the US by a "cooperative defendant" using the ploy of turning over thousands of new numbers. Lay, Ted Antony Lemmy of suburban Westmont, Ill., and Louarn, as well as the others, fact a 5-10 year prison setence and/or a $250,000 fine if convicted.)) Most telephone fraud is much smaller and less organized, said MCI spokeswoman Leslie Aun. It usually involves someone looking over your shoulder or videotaping you as you punch in your card number and PIN. She added such fraud is costing long-distance carriers more than $2 billion a year. However, the electronic theft of telephone card numbers is similar to tactics used on the Internet computer network to collect computer passwords. Special software that appears to be part of the network collects computer passwords as they are keyed in. "Some hackers claim they are doing this because they consider themselves guerrillas in a war aimed at keeping the information superhighway wide open and deregulated by people they consider toll-takers, like long-distance carriers and government regulators," said independent industry analyst Martin Sellers. "They consider themselves electronic Robin Hoods." ((The story concludes by noting that the numbers were sold on BBSes in Germany, Belgium, France, Spain, Italiy, Sweden, and "just about every state in the U.S. ------------------------------ Date: Thu, 27 Oct 1994 00:55:27 -0400 (EDT) From: "Shabbir J. Safdar" Subject: File 3--Press release for VTW Voters Guide [This is the last posting about the Voters Guide. Further postings will go to the appropriate newsgroups. -Shabbir] October 24, 1994 PRIVACY GROUP RELEASES LEGISLATIVE REPORT CARD FOR 1994 CONGRESS For Immediate Release NEW YORK - The Voters Telecomm Watch (VTW) an organization dedicated to monitoring civil liberties in telecommunications, has just announced its 1993/1994 legislative report cards -- and the news isn't good. Almost the entire Congress received a grade of 'D' for failing to recognize several threats to American privacy that presented themselves to the legislature this year, and one opportunity. "A few legislators distinguished themselves, recognizing the bills that threatened privacy this year, but on the whole, Congress was asleep at the wheel," stated Alexis Rosen, VTW board member. This year VTW monitored two pieces of legislation, Rep. Maria Cantwell's (D-WA) cryptographic exports bill (HR 3627) and the FBI's Wiretap/Digital Telephony bill (S.2375/HR.4922). Representative Cantwell received VTW's Legislator of the Year Award for her attempts to bring laws governing the export of encryption more in line with the current state and availability of that technology overseas. Rep. Cantwell's export bill would have made practical the incorporation of encryption into systems and application programs. Currently, such technology is not included because of government regulations restricting the export of such software. Embedded encryption is essential to expand business use of electronic mail and other transmission of sensitive data, such as credit card information. It is therefore necessary for on-line shopping and banking. Software manufacturing currently one of America's strongest exporting industries is threatened by foreign competition not subject to the same constraints. Representatives Melvin Watt (D-NC) and Elizabeth Furse (D-OR), both first-term legislators, received VTW's Rookie of the Year awards for their stated opposition to the Digital Wiretap bill, on privacy and fiscal grounds. Most Congressional actions this year on telecommunications and privacy issues have been on voice votes, making it difficult to score individual performance. A network of hundreds of VTW volunteers have called and written their own legislators to ascertain their positions. "Our legislators really don't seem to want to be held accountable," stated volunteer Josh Hendrix. "The breakfast food of the day is still waffles at Sen. Feinstein's office," stated a California volunteer, expressing his frustration after literally hundreds of faxes and called had been received by Senator Feinstein without a change in her position. Senator Feinstein received a special award this year from VTW -- the 'Duck of the Year'. "She received hundreds of constituent calls and faxes asking her to oppose the FBI Wiretap bill," said VTW Press contact Steven Cherry, "and she still voted for the bill, despite the wishes of the very people she was elected to represent. We've purchased a rubber duck for her, and it will arrive in the mail soon." Voters Telecommunications Watch is hoping Rep. Cantwell's bill will be reintroduced in the 104th Congress. Perhaps the biggest issue of the next session will be the continued legality of strong private encryption without key escrow. FBI Director Louis Freeh has been quoted as saying that, according to cyberjournalist Brock Meeks, "if the Administration's Escrowed Encryption System, otherwise known as the Clipper Chip, failed to gain acceptance, giving way to private encryption technologies, he would have no choice but to press Congress to pass legislation that provided law enforcement access to all encrypted communications." The Voters Telecomm Watch legislative report card can be found on the Internet in their gopher at gopher.panix.com. You can also send them email requesting a copy (or information about the organization) at vtw@vtw.org. Finally, you can request a copy until November 15th via US Mail by leaving a message in their voice mail at (718) 596-2851. You must leave your entire address (including zip code). VTW's efforts to garner grass-roots opposition to the FBI Wiretap/Digital Telephony bill were reported upon by such publications as the New York Times and Wired magazine. It's legislative report card has also been distributed onto the Internet, where it will quickly reach hundreds of thousands of readers within the first week of distribution. Concerned citizens can reach Voters Telecommunications Watch by writing to vtw@vtw.org or checking their gopher at gopher.panix.com. -- Steven Cherry Media contact Voters Telecommunications Watch (718) 596-2851 gopher -p 1/vtw gopher.panix.com ------------------------------ Date: Tue, 1 Nov 94 03:11:53 -0500 From: Pat Clawson Subject: File 4--NEED HELP ON "CYBERMEDIA" Attention all Netters.... I am looking for information on the usage of the word "cybermedia" to describe online and CD-ROM based interactive media. As far as I can determine, it's been inregular use since the 1980's when William Gibson of Neuromancer fame coined the term. I'd like to know how you have used the term, and in what contexts. If anyone has any texts or scholarly documents on this, that would be helpful too. A company (not ours) is claiming a trademark on the word, and is using it to describe products other than interatctive electronic media. We are seeking as much information as possible on the word's use, because trademarking it seems as unlikely as getting a trademark on the terms "database" or "graphics." Please E-mail all information to Pat Clawson, TeleGrafix Communications, Huntington Beach, CA at 76357.3572@compuserve.com or patclawson@delphi.com. Thanks, Pat Clawson TeleGrafix Communications ------------------------------ Date: Sun, 30 Oct 1994 13:29:04 EST From: "Rob Slade, Ed. DECrypt & ComNet, VARUG rep, 604-984-4067" Subject: File 5--"The Tojo Virus" by Randall BKTOJOVR.RVW 940817 "The Tojo Virus", Randall, 1991, 0-8217-3436-9, U$4.95/C$5.95 John D. Randall 475 Park Avenue South, New York, NY 10016 Zebra Books, Kensington Publishing Corp. Score one for internal evidence! All the way through this book, I was muttering that the author knew a *lot* about IBM the corporation, IBM sales, IBM demos and PROFS screens. (He hasn't had any better luck than I have with getting typesetters to do screen shots properly, but ...) Lo and behold, the author's note at the end says that he is a former IBM salescritter and manager. In other words, he's a "suit", and wouldn't know technology, high *or* low, if it bit him in the leg. What we have, here, is possibly the precursor to "Terminal Compromise". Published a year before, the plot centres around a diabolical Japanese scheme to refight Pearl Harbour--only on an electronic battlefield. The Yellow Peril set out to insert a virus into the computers of the mighty IGC corporation and bring it to its knees. (Anyone who does not recognize IGC as IBM simply doesn't know what's happening in the computer world.) The author, in his end note, makes a lot of silly suggestions about computer security which basically reduce to the idea that personal computer users will have to adopt the "mainframe mentality". Obviously, this guy is too heavily propagandized to recover. The bad guys set up a blackmail sting costing them (ultimately) four million dollars just to get one password. (Anyone for a little social engineering?) The blackmail operation serves primarily to introduce (the book's term, here) a "high priced slut" who provides wild and steamy sex scenes. Fortunately (or unfortunately), depending upon your taste (or lack thereof), the author has as little imagination in pornography as in technology: most of the sex scenes have little more description than "then wild sex takes place". (This female character, though unsure of what a "file" or a "disk" is, provides vital plot direction by minutely dissecting the technical security weaknesses in the original plan.) The plan is to introduce a virus into the (mainframe) email system. I think. (There is an awful lot of extraneous detail.) The email, whether read or not, will encrypt PC hard disks on a given date. (The bad guys somehow think this is safe because it doesn't do anything illegal.) Once the virus hits, no one can access anything, because everyone uses PCs as terminals. Encrypted PCs can't be booted from floppies. The deadly message contained screens full of ones and zeros--obviously "Assembly language" written by REXX hackers! (REXX, boys and girls, is an interpreted language.) While all of this is going on, a single PC with a dialer program is managing to tie up the entire phone system of huge corporate offices. I am not making this up. (Randall is.) He even gets a standard IBM joke wrong, misquoting "This page intentionally left blank." Ragged plot, inconsistent characters, enough tech to fool those who know even less than Randall. copyright Robert M. Slade, 1994 BKTOJOVR.RVW 940817 ====================== DECUS Canada Communications, Desktop, Education and Security group newsletters Editor and/or reviewer ROBERTS@decus.ca, RSlade@sfu.ca, Rob Slade at 1:153/733 Author "Robert Slade's Guide to Computer Viruses" (Oct. '94) Springer-Verlag ------------------------------ Date: Fri, 28 Oct 1994 07:38:34 -0700 (PDT) From: Bruce Umbaugh Subject: File 6--Subbing to CFP '95 Mailing list (revision) The instructions on subscribing to a mailing list to discuss potential speakers and such for Computers, Freedom, and Privacy '95 should be modified to read: To discuss potential CFP'95 speakers, topics, and formats, and to receive additional CFP'95 information, subscribe to the CFP95 list by sending email: TO: MAJORDOMO@LISTS.STANFORD.EDU SUBJECT: [ ignored ] MSG BODY: SUBSCRIBE CFP95 And for general help with the Majordomo automated list-maintenance software: TO: MAJORDOMO@LISTS.STANFORD.EDU SUBJECT: [ ignored ] MSG BODY: HELP Please do not send sub-/unsubscription requests to the recipients of the list. Please distribute this correction notice as widely as you circulated the original. Many thanks. ------------------------------ Date: Tue, 1 Nov 1994 18:30:36 -0600 (CST) From: pkennedy Subject: File 7--Steve Jackson Games opinion (Appellate Opinion, 10-31-94) Editors: The following is the text of Monday's opinion by the Fifth Circuit Court of Appeals in the Steve Jackson Games v. US Secret Service case. The Fifth Circuit has rejected the Plaintiffs' argument that the seizure of their in-transit e-mail was an illegal "interception" of their electronic communications prohibited by the Wiretap Act. Obviously, the Plaintiffs are disappointed in the outcome, but note that the opinion leaves in place the Plaintiffs' victory at trial, where Judge Sam Sparks held that the Secret Service raid on Steve Jackson Games and its seizure of the company's bulletin board system had violated both the Privacy Protection Act of 1980's prohibition against seizing a publisher's works in progress, and the Electronic Communications Privacy Act's limitations on the seizure of stored electronic communications. -------------------------------------------------------------- Peter D. Kennedy Attorney pkennedy@io.com George Donaldson & Ford, L.L.P. (512) 495-1416 (voice) 114 West 7th Street, Suite 1000 (512) 499-0094 (fax) Austin, Texas 78701 -------------------------------------------------------------- STEVE JACKSON GAMES, INCORPORATED, et al., Plaintiffs-Appellants, v. UNITED STATES SECRET SERVICE, et al., Defendants, United States Secret Service and United States of America, Defendants-Appellees. No. 93-8661. United States Court of Appeals, Fifth Circuit. Oct. 31, 1994. Peter D. Kennedy, R. James George, Jr., George, Donaldson & Ford, Austin, TX, for appellants. Sharon Steele, Washington, DC, for amicus curiae Electronic Frontier Foundation. Scott McIntosh, Barbara Herwig, U.S. Dept. of Justice, Washington, DC, for appellees. Appeal from the United States District Court for the Western District of Texas. Before HIGGINBOTHAM, JONES and BARKSDALE, Circuit Judges. RHESA HAWKINS BARKSDALE, Circuit Judge: The narrow issue before us is whether the seizure of a computer, used to operate an electronic bulletin board system, and containing private electronic mail which had been sent to (stored on) the bulletin board, but not read (retrieved) by the intended recipients, constitutes an unlawful intercept under the Federal Wiretap Act, 18 U.S.C. s 2510, et seq., as amended by Title I of the Electronic Communications Privacy Act of 1986, Pub.L. No. 99-508, Title I, 100 Stat. 1848 (1986). We hold that it is not, and therefore AFFIRM. I. The district court's findings of fact are not in dispute. See Steve Jackson Games, Inc. v. United States Secret Service, 816 F.Supp. 432 (W.D.Tex.1993). Appellant Steve Jackson Games, Incorporated (SJG), publishes books, magazines, role-playing games, and related products. Starting in the mid-1980s, SJG operated an electronic bulletin board system, called "Illuminati" (BBS), from one of its computers. SJG used the BBS to post public information about its business, games, publications, and the role-playing hobby; to facilitate play-testing of games being developed; and to communicate with its customers and free-lance writers by electronic mail (E- mail). Central to the issue before us, the BBS also offered customers the ability to send and receive private E-mail. Private E-mail was stored on the BBS computer's hard disk drive temporarily, until the addressees "called" the BBS (using their computers and modems) and read their mail. After reading their E- mail, the recipients could choose to either store it on the BBS computer's hard drive or delete it. In February 1990, there were 365 BBS users. Among other uses, appellants Steve Jackson, Elizabeth McCoy, William Milliken, and Steffan O'Sullivan used the BBS for communication by private E-mail. In October 1988, Henry Kluepfel, Director of Network Security Technology (an affiliate Bell Company), began investigating the unauthorized duplication and distribution of a computerized text file, containing information about Bell's emergency call system. In July 1989, Kluepfel informed Secret Service Agent Foley and an Assistant United States Attorney in Chicago about the unauthorized distribution. In early February 1990, Kluepfel learned that the document was available on the "Phoenix Project" computer bulletin board, which was operated by Loyd Blankenship in Austin, Texas; that Blankenship was an SJG employee; and that, as a co-systems operator of the BBS, Blankenship had the ability to review and, perhaps, delete any data on the BBS. On February 28, 1990, Agent Foley applied for a warrant to search SJG's premises and Blankenship's residence for evidence of violations of 18 U.S.C. ss 1030 (proscribes interstate transportation of computer access information) and 2314 (proscribes interstate transportation of stolen property). A search warrant for SJG was issued that same day, authorizing the seizure of, inter alia, [c]omputer hardware ... and computer software ... and ... documents relating to the use of the computer system ..., and financial documents and licensing documentation relative to the computer programs and equipment at ... [SJG] ... which constitute evidence ... of federal crimes.... This warrant is for the seizure of the above described computer and computer data and for the authorization to read information stored and contained on the above described computer and computer data. The next day, March 1, the warrant was executed by the Secret Service, including Agents Foley and Golden. Among the items seized was the computer which operated the BBS. At the time of the seizure, 162 items of unread, private E-mail were stored on the BBS, including items addressed to the individual appellants. Despite the Secret Service's denial, the district court found that Secret Service personnel or delegates read and deleted the private E-mail stored on the BBS. Appellants filed suit in May 1991 against, among others, the Secret Service and the United States, claiming, inter alia, violations of the Privacy Protection Act, 42 U.S.C. s 2000aa, et seq. [FN1]; the Federal Wiretap Act, as amended by Title I of the Electronic Communications Privacy Act (ECPA), 18 U.S.C. ss 2510-2521 (proscribes, inter alia, the intentional interception of electronic communications); and Title II of the ECPA, 18 U.S.C. ss 2701-2711 (proscribes, inter alia, intentional access, without authorization, to stored electronic communications). [FN2] The district court held that the Secret Service violated the Privacy Protection Act, and awarded actual damages of $51,040 to SJG; and that it violated Title II of the ECPA by seizing stored electronic communications without complying with the statutory provisions, and awarded the statutory damages of $1,000 to each of the individual appellants. And, it awarded appellants $195,000 in attorneys' fees and approximately $57,000 in costs. But, it held that the Secret Service did not "intercept" the E-mail in violation of Title I of the ECPA, 18 U.S.C. s 2511(1)(a), because its acquisition of the contents of the electronic communications was not contemporaneous with the transmission of those communications. II. As stated, the sole issue is a very narrow one: whether the seizure of a computer on which is stored private E-mail that has been sent to an electronic bulletin board, but not yet read (retrieved) by the recipients, constitutes an "intercept" proscribed by 18 U.S.C. s 2511(1)(a). [FN3] Section 2511 was enacted in 1968 as part of Title III of the Omnibus Crime Control and Safe Streets Act of 1968, often referred to as the Federal Wiretap Act. Prior to the 1986 amendment by Title I of the ECPA, it covered only wire and oral communications. Title I of the ECPA extended that coverage to electronic communications. [FN4] In relevant part, s 2511(1)(a) proscribes "intentionally intercept[ing] ... any wire, oral, or electronic communication", unless the intercept is authorized by court order or by other exceptions not relevant here. Section 2520 authorizes, inter alia, persons whose electronic communications are intercepted in violation of s 2511 to bring a civil action against the interceptor for actual damages, or for statutory damages of $10,000 per violation or $100 per day of the violation, whichever is greater. 18 U.S.C. s 2520. [FN5] The Act defines "intercept" as "the aural or other acquisition of the contents of any wire, electronic, or oral communication through the use of any electronic, mechanical, or other device." 18 U.S.C. s 2510(4). The district court, relying on our court's interpretation of intercept in United States v. Turk, 526 F.2d 654 (5th Cir.), cert. denied, 429 U.S. 823, 97 S.Ct. 74, 50 L.Ed.2d 84 (1976), held that the Secret Service did not intercept the communications, because its acquisition of the contents of those communications was not contemporaneous with their transmission. In Turk, the government seized from a suspect's vehicle an audio tape of a prior conversation between the suspect and Turk. (Restated, when the conversation took place, it was not recorded contemporaneously by the government.) Our court held that replaying the previously recorded conversation was not an "intercept", because an intercept "require[s] participation by the one charged with an 'interception' in the contemporaneous acquisition of the communication through the use of the device". Id. at 658. Appellants agree with Turk's holding, but contend that it is not applicable, because it "says nothing about government action that both acquires the communication prior to its delivery, and prevents that delivery." (Emphasis by appellants.) Along that line, appellants note correctly that Turk's interpretation of "intercept" predates the ECPA, and assert, in essence, that the information stored on the BBS could still be "intercepted" under the Act, even though it was not in transit. They maintain that to hold otherwise does violence to Congress' purpose in enacting the ECPA, to include providing protection for E-mail and bulletin boards. For the most part, appellants fail to even discuss the pertinent provisions of the Act, much less address their application. Instead, they point simply to Congress' intent in enacting the ECPA and appeal to logic (i.e., to seize something before it is received is to intercept it). But, obviously, the language of the Act controls. In that regard, appellees counter that "Title II, not Title I, ... governs the seizure of stored electronic communications such as unread e-mail messages", and note that appellants have recovered damages under Title II. Understanding the Act requires understanding and applying its many technical terms as defined by the Act, as well as engaging in painstaking, methodical analysis. As appellees note, the issue is not whether E-mail can be "intercepted"; it can. Instead, at issue is what constitutes an "intercept". Prior to the 1986 amendment by the ECPA, the Wiretap Act defined "intercept" as the "aural acquisition" of the contents of wire or oral communications through the use of a device. 18 U.S.C. s 2510(4) (1968). The ECPA amended this definition to include the "aural or other acquisition of the contents of ... wire, electronic, or oral communications...." 18 U.S.C. s 2510(4) (1986) (emphasis added for new terms). The significance of the addition of the words "or other" in the 1986 amendment to the definition of "intercept" becomes clear when the definitions of "aural" and "electronic communication" are examined; electronic communications (which include the non- voice portions of wire communications), as defined by the Act, cannot be acquired aurally. Webster's Third New International Dictionary (1986) defines "aural" as "of or relating to the ear" or "of or relating to the sense of hearing". Id. at 144. And, the Act defines "aural transfer" as "a transfer containing the human voice at any point between and including the point of origin and the point of reception." 18 U.S.C. s 2510(18). This definition is extremely important for purposes of understanding the definition of a "wire communication", which is defined by the Act as any aural transfer made in whole or in part through the use of facilities for the transmission of communications by the aid of wire, cable, or other like connection between the point of origin and the point of reception (including the use of such connection in a switching station) ... and such term includes any electronic storage of such communication. 18 U.S.C. s 2510(1) (emphasis added). In contrast, as noted, an "electronic communication" is defined as "any transfer of signs, signals, writing, images, sounds, data, or intelligence of any nature transmitted in whole or in part by a wire, radio, electromagnetic, photoelectronic or photooptical system ... but does not include ... any wire or oral communication...." 18 U.S.C. s 2510(12) (emphasis added). Critical to the issue before us is the fact that, unlike the definition of "wire communication", the definition of "electronic communication" does not include electronic storage of such communications. See 18 U.S.C. s 2510(12). See note 4, supra. [FN6] "Electronic storage" is defined as (A) any temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof; and (B) any storage of such communication by an electronic communication service for purposes of backup protection of such communication.... 18 U.S.C. s 2510(17) (emphasis added). The E-mail in issue was in "electronic storage". Congress' use of the word "transfer" in the definition of "electronic communication", and its omission in that definition of the phrase "any electronic storage of such communication" (part of the definition of "wire communication") reflects that Congress did not intend for "intercept" to apply to "electronic communications" when those communications are in "electronic storage". [FN7] We could stop here, because "[i]ndisputably, the goal of statutory construction is to ascertain legislative intent through the plain language of a statute--without looking to legislative history or other extraneous sources". Stone v. Caplan (Matter of Stone), 10 F.3d 285, 289 (5th Cir.1994). But, when interpreting a statute as complex as the Wiretap Act, which is famous (if not infamous) for its lack of clarity, see, e.g., Forsyth v. Barr, 19 F.3d 1527, 1542-43 (5th Cir.), cert. denied, --- U.S. ----, --- S.Ct. ----, --- L.Ed.2d ---- (1994), we consider it appropriate to note the legislative history for confirmation of our understanding of Congress' intent. See id. at 1544. As the district court noted, the ECPA's legislative history makes it crystal clear that Congress did not intend to change the definition of "intercept" as it existed at the time of the amendment. See 816 F.Supp. at 442 (citing S.Rep. No. 99-541, 99th Cong., 2d Sess. 13 (1986), reprinted in 1986 U.S.C.C.A.N. 3555, 3567). The Senate Report explains: Section 101(a)(3) of the [ECPA] amends the definition of the term "intercept" in current section 2510(4) of title 18 to cover electronic communications. The definition of "intercept" under current law is retained with respect to wire and oral communications except that the term "or other" is inserted after "aural." This amendment clarifies that it is illegal to intercept the nonvoice portion of a wire communication. For example, it is illegal to intercept the data or digitized portion of a voice communication. 1986 U.S.C.C.A.N. at 3567. Our conclusion is reinforced further by consideration of the fact that Title II of the ECPA clearly applies to the conduct of the Secret Service in this case. Needless to say, when construing a statute, we do not confine our interpretation to the one portion at issue but, instead, consider the statute as a whole. See, e.g., United States v. McCord, --- F.3d ----, ----, 1994 WL 523211, at *6 (5th Cir.1994) (citing N. Singer, 2A Sutherland Statutory Construction, s 46.05, at 103 (5th ed. 1992)). Title II generally proscribes unauthorized access to stored wire or electronic communications. Section 2701(a) provides: Except as provided in subsection (c) of this section whoever-- (1) intentionally accesses without authorization a facility through which an electronic communication service is provided; or (2) intentionally exceeds an authorization to access that facility; and thereby obtains, alters, or prevents authorized access to a wire or electronic communication while it is in electronic storage in such system shall be punished.... 18 U.S.C. s 2701(a) (emphasis added). As stated, the district court found that the Secret Service violated s 2701 when it intentionally accesse[d] without authorization a facility [the computer] through which an electronic communication service [the BBS] is provided ... and thereby obtain[ed] [and] prevent[ed] authorized access [by appellants] to a[n] ... electronic communication while it is in electronic storage in such system. 18 U.S.C. s 2701(a). The Secret Service does not challenge this ruling. We find no indication in either the Act or its legislative history that Congress intended for conduct that is clearly prohibited by Title II to furnish the basis for a civil remedy under Title I as well. Indeed, there are persuasive indications that it had no such intention. First, the substantive and procedural requirements for authorization to intercept electronic communications are quite different from those for accessing stored electronic communications. For example, a governmental entity may gain access to the contents of electronic communications that have been in electronic storage for less than 180 days by obtaining a warrant. See 18 U.S.C. s 2703(a). But there are more stringent, complicated requirements for the interception of electronic communications; a court order is required. See 18 U.S.C. s 2518. Second, other requirements applicable to the interception of electronic communications, such as those governing minimization, duration, and the types of crimes that may be investigated, are not imposed when the communications at issue are not in the process of being transmitted at the moment of seizure, but instead are in electronic storage. For example, a court order authorizing interception of electronic communications is required to include a directive that the order shall be executed "in such a way as to minimize the interception of communications not otherwise subject to interception". 18 U.S.C. s 2518(5). Title II of the ECPA does not contain this requirement for warrants authorizing access to stored electronic communications. The purpose of the minimization requirement is to implement "the constitutional obligation of avoiding, to the greatest possible extent, seizure of conversations which have no relationship to the crimes being investigated or the purpose for which electronic surveillance has been authorized". James G. Carr, The Law of Electronic Surveillance, s 5.7(a) at 5-28 (1994). Obviously, when intercepting electronic communications, law enforcement officers cannot know in advance which, if any, of the intercepted communications will be relevant to the crime under investigation, and often will have to obtain access to the contents of the communications in order to make such a determination. Interception thus poses a significant risk that officers will obtain access to communications which have no relevance to the investigation they are conducting. That risk is present to a lesser degree, and can be controlled more easily, in the context of stored electronic communications, because, as the Secret Service advised the district court, technology exists by which relevant communications can be located without the necessity of reviewing the entire contents of all of the stored communications. For example, the Secret Service claimed (although the district court found otherwise) that it reviewed the private E-mail on the BBS by use of key word searches. Next, as noted, court orders authorizing an intercept of electronic communications are subject to strict requirements as to duration. An intercept may not be authorized "for any period longer than is necessary to achieve the objective of the authorization, nor in any event longer than thirty days". 18 U.S.C. s 2518(5). There is no such requirement for access to stored communications. Finally, as also noted, the limitations as to the types of crimes that may be investigated through an intercept, see 18 U.S.C. s 2516, have no counterpart in Title II of the ECPA. See, e.g., 18 U.S.C. s 2703(d) (court may order a provider of electronic communication service or remote computing service to disclose to a governmental entity the contents of a stored electronic communication on a showing that the information sought is "relevant to a legitimate law enforcement inquiry"). In light of the substantial differences between the statutory procedures and requirements for obtaining authorization to intercept electronic communications, on the one hand, and to gain access to the contents of stored electronic communications, on the other, it is most unlikely that Congress intended to require law enforcement officers to satisfy the more stringent requirements for an intercept in order to gain access to the contents of stored electronic communications. [FN8] At oral argument, appellants contended (for the first time) that Title II's reference in s 2701(c) to s 2518 (which sets forth the procedures for the authorized interception of wire, oral, or electronic communications) reflects that Congress intended considerable overlap between Titles I and II of the ECPA. [FN9] As stated, s 2701(a) prohibits unauthorized access to stored wire or electronic communications. Subsection (c) of s 2701 sets forth the exceptions to liability under subsection (a), which include conduct authorized: (1) by the person or entity providing a wire or electronic communications service; (2) by a user of that service with respect to a communication of or intended for that user; or (3) in section 2703, 2704 or 2518 of this title. 18 U.S.C. s 2701(c) (emphasis added). [FN10] Appellants overemphasize the significance of this reference to s 2518. As discussed in notes 6-7, supra, it is clear that Congress intended to treat wire communications differently from electronic communications. Access to stored electronic communications may be obtained pursuant to a search warrant, 18 U.S.C. s 2703; but, access to stored wire communications requires a court order pursuant to s 2518. Because s 2701 covers both stored wire and electronic communications, it was necessary in subsection (c) to refer to the different provisions authorizing access to each. III. For the foregoing reasons, the judgment is AFFIRMED. FN1. Section 2000aa(a) provides that it is unlawful for a government officer or employee, in connection with the investigation ... of a criminal offense, to search for or seize any work product materials possessed by a person reasonably believed to have a purpose to disseminate to the public a newspaper, book, broadcast, or other similar form of public communication.... Among the items seized was a draft of GURPS Cyberpunk, a book intended by SJG for immediate publication. It was one of a series of fantasy role-playing game books SJG published. "GURPS" is an acronym for SJG's "Generic Universal Roleplaying System". "Cyberpunk" refers to a science fiction literary genre which became popular in the 1980s, which is characterized by the fictional interaction of humans with technology and the fictional struggle for power between individuals, corporations, and government. FN2. Kluepfel, the Assistant United States Attorney, and Agents Foley and Golden were also sued. In addition to the statutory claims, appellants also claimed violations of the First and Fourth Amendments to the United States Constitution. And, in September 1992, they added state law claims for conversion and invasion of privacy. Prior to trial, the claims against the individuals were dismissed, and appellants withdrew their constitutional and state law claims. FN3. Appellants raised two other issues regarding damages, but later advised that they have been settled. And, prior to briefing, the Secret Service dismissed its cross-appeal. FN4. An "electronic communication" is defined as: any transfer of signs, signals, writing, images, sounds, data, or intelligence of any nature transmitted in whole or in part by a wire, radio, electromagnetic, photoelectronic or photooptical system that affects interstate or foreign commerce, but does not include-- (A) the radio portion of a cordless telephone communication that is transmitted between the cordless telephone handset and the base unit; (B) any wire or oral communication; (C) any communication made through a tone-only paging device; or (D) any communication from a tracking device (as defined in section 3117 of this title).... 18 U.S.C. s 2510(12). FN5. Title I of the ECPA increased the statutory damages for unlawful interception from $1,000 to $10,000. See Bess v. Bess, 929 F.2d 1332, 1334 (8th Cir.1991). On the other hand, as noted, Title II authorizes an award of "the actual damages suffered by the plaintiff and any profits made by the violator as a result of the violation, but in no case ... less than the sum of $1000". 18 U.S.C. s 2707(c). As discussed, the individual appellants each received Title II statutory damages of $1,000. FN6. Wire and electronic communications are subject to different treatment under the Wiretap Act. The Act's exclusionary rule, 18 U.S.C. s 2515, applies to the interception of wire communications, including such communications in electronic storage, see 18 U.S.C. s 2510(1), but not to the interception of electronic communications. See 18 U.S.C. s 2518(10)(a); United States v. Meriwether, 917 F.2d 955, 960 (6th Cir.1990); S.Rep. No. 99-541, 99th Cong., 2d Sess. 23 (1986), reprinted in 1986 U.S.C.C.A.N. 3555, 3577. And, the types of crimes that may be investigated by means of surveillance directed at electronic communications, 18 U.S.C. s 2516(3) ("any federal felony"), are not as limited as those that may be investigated by means of surveillance directed at wire or oral communications. See 18 U.S.C. s 2516(1) (specifically listed felonies). FN7. Stored wire communications are subject to different treatment than stored electronic communications. Generally, a search warrant, rather than a court order, is required to obtain access to the contents of a stored electronic communication. See 18 U.S.C. s 2703(a). But, compliance with the more stringent requirements of s 2518, including obtaining a court order, is necessary to obtain access to a stored wire communication, because s 2703 expressly applies only to stored electronic communications, not to stored wire communications. See James G. Carr, The Law of Electronic Surveillance, s 4.10, at 4-126--4-127 (1994) (citing H.R.Rep. No. 99-647, 99th Cong., 2d Sess. 67-68 (1986)). FN8. The ECPA legislative history's explanation of the prohibitions regarding disclosure also persuades us of the soundness of Turk's interpretation of "intercept" and our understanding of the distinctions Congress intended to draw between communications being transmitted and communications in electronic storage. In describing Title II's prohibitions against disclosure of the contents of stored communications, the Senate Report points out that s 2702(a) (part of Title II) "generally prohibits the provider of a wire or electronic communication service to the public from knowingly divulging the contents of any communication while in electronic storage by that service to any person other than the addressee or intended recipient." S.Rep. No. 99-541, 97th Cong. 2nd Sess. 37, 1986 U.S.C.C.A.N. 3555, 3591 (emphasis added). It then goes on to state that s 2511(3) of the Wiretap Act, as amended by Title I of the ECPA, "prohibits such a provider from divulging the contents of a communication while it is in transmission". Id. (emphasis added). FN9. It goes without saying that we generally will not consider issues raised for the first time at oral argument. For this rare exception, the parties, as ordered, filed supplemental briefs on this point. FN10. Section 2703 sets forth the requirements for governmental access to the contents of electronic (but not wire) communications. For electronic communications that have been in electronic storage for 180 days or less, the government can gain access to the contents pursuant to a federal or state warrant. 18 U.S.C. s 2703(a). For communications that are maintained by a remote computing service and that have been in storage for more than 180 days, the government can gain access by obtaining a warrant, by administrative or grand jury subpoena, or by obtaining a court order pursuant to s 2703(d). 18 U.S.C. s 2703(b). Section 2704 also deals only with electronic communications; it provides, inter alia, that a governmental entity may include in its subpoena or court order a requirement that the service provider create and maintain a duplicate of the contents of the electronic communications sought. 18 U.S.C. s 2704. ------------------------------ Date: Thu, 23 Oct 1994 22:51:01 CDT From: CuD Moderators Subject: File 8--Cu Digest Header Information (unchanged since 23 Oct 1994) Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are available at no cost electronically. CuD is available as a Usenet newsgroup: comp.society.cu-digest Or, to subscribe, send a one-line message: SUB CUDIGEST your name Send it to LISTSERV@UIUCVMD.BITNET or LISTSERV@VMD.CSO.UIUC.EDU The editors may be contacted by voice (815-753-0303), fax (815-753-6302) or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL 60115, USA. Issues of CuD can also be found in the Usenet comp.society.cu-digest news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT libraries and in the VIRUS/SECURITY library; from America Online in the PC Telecom forum under "computing newsletters;" On Delphi in the General Discussion database of the Internet SIG; on RIPCO BBS (312) 528-5020 (and via Ripco on internet); and on Rune Stone BBS (IIRGWHQ) (203) 832-8441. CuD is also available via Fidonet File Request from 1:11/70; unlisted nodes and points welcome. EUROPE: from the ComNet in LUXEMBOURG BBS (++352) 466893; In ITALY: Bits against the Empire BBS: +39-461-980493 In BELGIUM: Virtual Access BBS: +32.69.45.51.77 (ringdown) UNITED STATES: etext.archive.umich.edu (192.131.22.8) in /pub/CuD/ ftp.eff.org (192.88.144.4) in /pub/Publications/CuD/ aql.gatech.edu (128.61.10.53) in /pub/eff/cud/ world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/ uceng.uc.edu in /pub/wuarchive/doc/EFF/Publications/CuD/ wuarchive.wustl.edu in /doc/EFF/Publications/CuD/ EUROPE: nic.funet.fi in pub/doc/cud/ (Finland) ftp.warwick.ac.uk in pub/cud/ (United Kingdom) JAPAN: ftp.glocom.ac.jp /mirror/ftp.eff.org/Publications/CuD The most recent issues of CuD can be obtained from the NIU Sociology gopher at: tk0gphr.corn.cso.niu.edu (navigate to the "acad depts;" "liberal arts;" "sociology" menus, and it'll be in CuDs. COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing information among computerists and to the presentation and debate of diverse views. CuD material may be reprinted for non-profit as long as the source is cited. Authors hold a presumptive copyright, and they should be contacted for reprint permission. It is assumed that non-personal mail to the moderators may be reprinted unless otherwise specified. Readers are encouraged to submit reasoned articles relating to computer culture and communication. Articles are preferred to short responses. Please avoid quoting previous posts unless absolutely necessary. DISCLAIMER: The views represented herein do not necessarily represent the views of the moderators. Digest contributors assume all responsibility for ensuring that articles submitted do not violate copyright protections. ------------------------------ End of Computer Underground Digest #6.95 ************************************