DNS Abuse Forum - March 16

Home / Blogs

More on the Soloway Case

I've now read Soloway's plea agreement. Despite some claims from his lawyers that it's some kind of victory that he only pleaded to three of the 40 charges, with the rest being dismissed, it's clear from the agreement that he indeed did just about everything that the government charged.

The government as is usual had several similar charges in each category. That makes sense for a case that is going to trial; if there's a problem with one charge such as a witness not showing up, they can work on another one instead. In a guilty plea, one from each category is plenty, and the plea agreement makes it clear that the others are dropped not because he was innocent, but in return for promises of cooperation in the agreement.

Soloway's plea includes detailed confessions to charges of Mail Fraud, Fraud in Connection with Electronic Mail, and Wilful Failure to File [income tax] Return. The second charge is under 18 USC 1037, the criminal part of the CAN SPAM act, making this one of the first criminal CAN SPAM convictions. The seven identity theft charges were completely dismissed, so as previously noted, we won't find out (in this case, at least) whether using other people's return addresses in spam is enough to make an identity theft charge stick. From Soloway's point of view, that's not much of a victory since those charges only merit two years in jail, while the mail fraud is up to 20, CAN SPAM up to 5, and tax evasion one year.

The next step is the sentencing hearing, currently scheduled for June. At that time the government can, and presumably will, present all the evidence for all the charges, not just the three to which he confessed, and we'll find out how long he'll be off the streets.

By John Levine, Author, Consultant & Speaker

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Co-designer of the TCP/IP Protocols & the Architecture of the Internet


Re: More on the Soloway Case By Alessandro Vesely  –  Mar 30, 2008 12:45 am PST

I'm not much into law in general and US common law in particular. I would have thought identity theft, when used to commit another crime, weighted 20 years by itself. I tend to regard identity theft and computer hijacking as serious criminal offenses, respectively resembling kidnapping and housebreaking, and thus deserving, say, class B felony punishments. Is that a feeling more or less shared among computer users or is it me being disoriented?

In facts, there are various well conditioned techniques to protect against those kinds of abuses, while tools against generic spam and fraud are more fuzzy. Thus, it seems the more serious a threat is, the more effectively we are able to define it, as far as computable functions are involved. It is often disappointing to find out that the legal point of view doesn't match.

Perhaps law is just different than software. For one thing, no compiler can munch it: it can only be interpreted :-)

Add Your Comments

 To post your comments, please login or create an account.



DNS Security

Sponsored byAfilias

New TLDs

Sponsored byAfilias

Threat Intelligence

Sponsored byWhoisXML API

Brand Protection

Sponsored byAppdetex

Domain Names

Sponsored byVerisign


Sponsored byVerisign