Dept of Treasury Letter

Description

Here is a letter from the Director of the Secret Service to US
Rep. Don Edwards, D-California, in response to questions raised
by Edwards' Subcommittee. This copy comes from Computer Professionals
for Social Responsibility in Washington, DC.                          

                                         DEPARTMENT OF TREASURY
                                         UNITED STATES SECRET SERVICE
                                          WASHINGTON, DC 20223
                                         APR 30 1990

The Honorable Don Edwards
Chairman
Subcommittee on Civil and Constitutional Rights
Committee on the Judiciary
House of Representatives
Washington,  D.C.  20515

Dear Mr. Chairman:

Thank you for your letter of April 3, 1990, concerning your
committee's interest in computer fraud.  We welcome the
opportunity to discuss this issue with your committee and I
hope the following responses adequately answer your
questions.

Question 1:

Please describe the  Secret Service's process for investigating
computer related crimes under Title 18, United States Code,
Section 1030 and any other related statutes.

Response:

The process by which the  Secret Service investigates
computer related crimes is similar to the methods we use to
investigate other types of criminal investigations.  Most of the
investigative techniques are the  same; surveillances, record
checks, witness and suspect interviews, etc.  the primary
difference is we had to develop resources to assist in the
collection and review of computer evidence.

To provide  our agents with this expertise, the secret service
developed a computer fraud investigation course which, as of
this date, has trained approximately 150 agents in the proper  
methods for conducting a computer fraud investigation.  
Additionally, we established a computer  Diagnostics center,
staffed  with computer professional, to review evidence on
computer  systems.

Referrals of computer related criminal investigations occur in
much the same manner as any other case.  A victim sustains a
loss and reports the crime, or, a computer related crime is
discovered during the course of another investigation.

In the investigations  we do select, it is not our intention to
attempt to supplant local or state law enforcement.  We
provide enforcement in those cases that are interstate or
international in nature and for one reason or another are
beyond the capability of state and local law enforcement
agencies.

When computer related crimes are referred by the various
affected industries to the local field offices, the Special
Agent in  Charge (SAIC) determines which cases will be
investigated based on a variety of criteria.  Each SAIC must
consider the economic impact of each case, the prosecutive
guidelines of the United States Attorney, and the investigative
resources available in the office to investigate the case .

In response to the other portion of your question, the other
primary statute we use to investigate computer related crimes
is Title 18, United States  Code,  Section 1029 ( Access Device
Fraud).  This service  has primary jurisdiction in those cases
which are initiated outside a bank and do not involve  
organized crime, terrorism, or foreign counterintelligence
(traditional responsibilities of the FBI).

The term "access device" encompasses credit cards, debit
cards, automatic teller machines (ATM) cards, personal
identification numbers (PIN's) used to activate ATM machines,
credit or debit card account numbers, long distance telephone
access codes, computer passwords and logon sequences, and
among other things the computer chips in cellular car phones
which assign billing.

Additionally, this Service has primary jurisdiction in cases
involving electronic fund transfers by consumer (individuals)
under Title 15, U. S. code, section 169n (Electronic Fund
Transfer Act).  This could involve any scheme designed to
defraud EFT systems used by the public, such as pay by phone
systems, home banking, direct deposit, automatic payments,
and violations concerning automatic teller machines.  If the
violations can be construed to be a violation of the  banking
laws by bank employee, the FBI would have primary
jurisdiction.  

There are many other statutes which have been used to
prosecute computer criminals but it is within the purview of
the U.S. Attorney to determine which statute will be used to
prosecute an individual.

Question 2:

Has the Secret  Service ever monitored any computer bulletin
boards or networks?  Please describe  the procedures for
initiating such monitoring, and list those computer bulletin
boards or networks monitored by the Secret  Service since
January 1988.

Response:

Yes, we have occasionally monitored computer bulletin boards.  
The monitoring occurred after we received complaints
concerning criminal activity on a particular computer bulletin
board.  The computer bulletin boards were monitored as part of
an official investigation and in accordance with the directives
of the Electronic Communications  Privacy  Act of 1986 (Title
18 USC 2510)

The procedures used to monitor computer bulletin boards
during an official investigation have involved either the use of
an informant (under the direct supervision of the investigating
agent)  or an agent operating in an undercover capacity.  In
either case, the informant or agent had received authorization
from the computer bulletin board's owner/operator to access
the system.

We do not keep records of the bulletin boards which we have
monitored but can provide information concerning a particular
board if we are given the name of the board.

Question 3:

Has the Secret Service or someone acting its direction ever
opened an account on a computer bulletin board or network?  
Please describe the procedures for opening such an account and
list those bulletin boards or networks on which such accounts
have been opened since January 1988.

Response:

Yes, the U.S.  Secret Service has on many occasions, during the
course of a criminal investigation, opened accounts on
computer bulletin boards or networks.

The procedure for opening an account involves asking the
system administrator/operator for permission to access to the
system.  Generally, the system administrator/operator will
grant everyone immediate access to the computer bulletin
board but only for lower level of the system.  The common
"pirate" computer bulletin boards associated with most of
computer crimes have many different level in their systems.  
The first level is generally available to the public and does not
contain any information relation to criminal activity.  Only
after a person has demonstrated unique computer skills, been
referred by a known "hacker," or provided stolen long-distance
telephone access codes or stolen credit card account
information,  will the system administrator/operator permit a
person to access the higher levels of the bulletin board system
which contains the information on the criminal activity.

As previously reported in our answer for Question 2, we do not
keep records of the computer bulletin boards on which we have
established accounts.

Question 4:

Has the Secret Service os0someone acting under its direction
ever created a computer bulletin board or network that was
offered to the public?  Please describe any such bulletin board
or networks.

Response:

No, the U. S. Secret Service has not created a computer bulletin
board nor a network which was offered to members of the
public.   We have created an undercover bulletin board which
was offered to a select number of individuals who had
demonstrated an interest in conducting criminal activities.  
This was done with the guidance of the U.S. Attorney's  office
and was consistent with the Electronic Communications
Privacy Act.

Question 5:

Has the Secret Service ever collected, reviewed or
"downloaded" transmissions or information from any computer
network or bulletin board?  What procedures does the Secret
Service have for obtaining information from computer bulletin
boards or networks?  Please list the occasions where
information has been obtained since January 1988, including
the identity of the bulletin boards or networks,  the type of
information obtained,   and how that information was obtained
(was it downloaded, for example).

Response:

Yes, during the course of several investigations, the U. S.  
Secret Service has "down loaded" information from computer
bulletin boards.  A review of information gained in this manner
(in an undercover capacity after being granted access to the
system by it's system administrator)  is performed in order to
determine whether or not that bulletin board is being used to
traffic in unauthorized access codes or to gather other
information of a criminal intelligence nature.  At all times,
our methods are in keeping with the procedures as outlined in
the Electronic Communications Privacy Act (ECPA).

If a commercial network was suspected of containing
information concerning a criminal activity, we would obtain
the proper court order to obtain this information in keeping
with the ECPA.

The U. S. Secret Service does not maintain a record  of the
bulletin boards we have accessed.

Question 6:

Does the Secret Service employ, or is it considering employing,
any system or program that could automatically review the
contents of a computer file, scan the file for key items,
phrases or data elements, and flag them or recommend further
investigative action?  If so, what is the status of any such
system.  Please describe this system and research being
conducted to develop it.

Response:

The Secret  Service has pioneered the concept of a Computer  
Diagnostic Center (CDC)  to facilitate the review and
evaluation of electronically stored information.  To streamline
the tedious task of reviewing thousands of files per
investigation, we have gathered both hardware and software
tools to assist our search of files for specific information or
characteristics.  Almost all of these products are
commercially  developed products and are available to the
public.  It is conceivable that an artificial intelligence process
may someday be developed and have application to this law
enforcement function but we are unaware if such a system is
being developed.

The process of evaluating the information and making
recommendations for further investigative action is currently
a manual one at our CDC.  We process thousands of computer
disks annually as well as review evidence contained in other
types of storage devices (tapes, hard drives, etc.).   We are
constantly seeking  ways to enhance our investigative mission.  
The development of high tech resources like the CDC saved
investigative manhours and assist in the detection  of criminal
activity.

Again, thank you for your interest.  Should you have any further
questions, we will be happy to address them.

                                                 Sincerely,
                                                 /s/
                                                 John R.  Simpson, Director

cc: Honorable Charles E.  Schumer

Disclaimer:
Contents of this page are indexed from the Internet. All actions are under your responsability. Email us to report illegal contents or external links and we'll remove them immediately.

Please check the description for download links if any or do a search to find alternative books.

Can't Download?
Please search mirrors if you can't find download links for "Dept of Treasury Letter" in "Description" and someone else may update the links. Check the comments when back to find any updates.

Search Mirrors
Maybe some mirror pages will be helpful, search this book at top of this page or click here to find more info.

1. Ebooks list page : 189
2. [share_ebook] My Ladybird Treasury of Stories & Rhymes (My Treasury of Stories & Rhyme)
3. 15-Minute.Cover.Letter.Write.an.Effective.Cover.Letter.Right.Now.JISTs.Help.in.a.Hurry.Series
4. 15 Minute Cover Letter: Write An Effective Cover Letter Right Now
5. Payroll Dept Of Transportation v6.0
6. Payroll US Dept Of Labor WH347 v6.6
7. US Dept. of Energy mathematics handbooks
8. US Dept. of Energy chemistry handbooks
9. US Dept. of Energy mechanical science handbooks
10. US Dept. of Energy electrical safety handbook
11. US Dept. of Energy classical physics handbook
12. US Dept. of Energy handbook - Human Factors & Ergonomics
13. Dept of Army - M16A2 Rifle and M4 Carbine Operator
14. Dept of Army - M16A2 Rifle and M4 Carbine Operator
15. US Dept. of Energy - primer on lead-acid storage batteries
16. The Opening Gambit Vol 4 Summer 2006, Dept of Emergency Medicine at Vanderbilt