Texas attorneys slam IRS for misconduct

April 14th, 2007

I’m intrigued by the thought distortions that plague the typical tax protester – but it seems unfair to ignore the other side of the coin, which would be IRS agents or prosecutors who believe that they can ignore the law the same way that tax protesters do. Two attorneys in Texas – husband and wife, a criminal defense and a family law attorney, respectively – were subjected to a degrading and incredibly invasive investigation and prosecution, based upon the testimony of a disgruntled ex-employee with a boyfriend serving an 18-year sentence in federal prison. Apparently the ex-employee was hoping that if she could get her employer convicted, the boyfriend would be freed.

The attorneys not only won their criminal tax fraud cases, they came back and sued IRS using the Federal Tort Claims Act, then negotiated a $1.34M settlement.

Good for them for fighting back and standing up for themselves.

Posted in Taxes | No Comments »

Homeland Security’s Automated Targeting System

December 2nd, 2006

A number of people have recently discussed the Automated Targeting System – a database system maintained by the Bureau of Customs and Border Protection (BCP) which retains data about, among other things, travelers who enter or leave the United States, along with various data about the travelers. The data retained includes, allegedly, meal preferences.

More details are available in the Federal Register notice published on November 2, 2006.

It turns out that the docket number published in the notice is incorrect, which makes it tough for people to read others’ comments about the system, or to comment on it. The correct docket number is DHS-2006-0060, as discovered by phik – comments can be read or added at http://www.regulations.gov.

The comments received when I read them were, with a few exceptions, likely to be ineffective. They were of the “You guys should not implement this new program because the government is stupid and can’t be trusted!” variety.

I am not going to argue that the government is not stupid, or that it can be trusted, but the above is not an especially persuasive approach.

First off, as should be clear from reading the Federal Register notice, the program is not new. The Federal Register notice – and the accompanying Privacy Impact Assessment – reveal that this database has been maintained for several years now, and the notice is intended to update the required disclosures about federal databases.

Of course, the fact that this has been going on for years doesn’t mean that it’s the right thing to do – it just means that arguments which begin with “You shouldn’t start doing this!” immediately reveal the author as out of touch with the basic facts regarding the program .. and if the author of the comments is confused about those facts, it’s very easy to dismiss their opposition as uninformed rantings in reaction to imaginary problems.

Also unfortunate is the siren’s song of wholesale rejection of keeping any sort of list regarding bad people and/or airline passengers. While that approach may be philosophically attractive, it’s politically a nonstarter, especially after the 9/11 blamefest whereby Democrats blame 9/11 on Republicans, Republicans blame 9/11 on Democrats, progressives blame 9/11 on whatever the opposite of progressives are (libertarians?), and vice versa.

Pretty much everyone seems ready to blame 9/11 on the government somehow, saying that if only someone had kept a list of Bad People, and somehow the airlines – or someone else – had looked up the names of all airline passengers against the Bad People list, well, then we wouldn’t have had 9/11.

It’s really tough to make a list of Bad People, and it’s really tough to make private parties (like airlines) check passenger lists check against the Bad People list .. especially without also creating problems such as false positives, where people like Ted Kennedy, nuns, and babies end up on the Bad People (a/k/a No Fly or selectee) list .. and without turning the Bad People list into some sort of giant blacklist that lets the government turn off someone’s ability to function in modern society.

But those practical problems don’t seem to have deterred people from calling for “the government” to “do something” to prevent “another 9/11″ .. so we end up with garbage like the ATS, which is unlikely to prevent terrorism, but is likely to create annoying and difficult-to-fix problems for people over the next several decades.

So it’s politically impractical to suggest that DHS and BCP should abandon their attempts to create a Bad People list, because that’s exactly what the public, Congress, and the intelligence and law enforcement communities are demanding that they do.

As a practical matter, we’re left with arguing about the implementation of the Bad People list.

This particular model doesn’t strike me as an especially good one. In particular, there are a number of elements that are poorly considered-

  • Data is retained in the system for up to 40 years
  • Individuals have no right to inspect the data kept about them
  • Individuals have no right to challenge or correct false or misleading data

We’ve had something like 40 years’ experience with consumer credit files and consumer credit reporting – a records system which is supposed to drop information after only 7 to 10 years, and where individuals do have a right to inspect and a limited right to correct mistakes. That 40 years’ experience has shown that almost every individual’s record contains inaccuracies, and that a significant number of individuals’ records contain substantial inaccuracies.

Further, it should be clear to anyone who cares to pay attention that identity theft – which is deeply tied to the creation and maintenance of incorrect information about individuals’ actions, purchases, travel, residences, and so forth – is presently a significant problem, and there is no reason to expect that the identity theft problem will get better in following years. I’d be amazed if there’s anyone familiar with the issues who doesn’t think the problem is going to get much worse.

So – in the face of what can only be described as a deeply flawed implementation of a much simpler system with a much shorter lifetime, greater opportunities to correct errors, and much less catastrophic consequences for failure – DHS is essentially recreating that flawed implementation, but without any of the safeguards present in the current model. (Those safeguards, frankly, are gutless and virtually useless – but they’re a lot stronger than what’s available under the DHS ATS model.)

But wait – that’s not the only big problem with the ATS system.

Not only does the ATS system seem designed to collect and maintain a giant library of mistaken information – and not only are the individuals tracked by the system unable to meaningfully investigate the information used against them – the DHS’ rules allow the unverified data to be shared with effectively everyone BUT the individual who is the subject of the records.

The rules for the ATS system allow DHS to share the data with, among others-

  • Federal, state, local, tribal, or foreign governmental agencies or multilateral governmental organizations responsible for investigating or prosecuting the violations of, or for enforcing or implementing, a statute, rule, regulation, order, or license, where CBP believes the information would assist enforcement of civil or criminal laws
  • Federal, state, local, tribal, or foreign governmental agencies maintaining civil, criminal, or other relevant enforcement information or other pertinent information, which has requested information relevant or necessary to the requesting agency’s hiring or retention of an individual, or issuance of a security clearance, license, contract, grant, or other benefit and
    disclosure is appropriate to the proper performance of the official duties of the person making the disclosure;
  • a court, magistrate, or administrative tribunal in the course of presenting evidence, including disclosures to opposing counsel or witnesses in the course of civil discovery, litigation, or settlement negotiations, or in response to a subpoena, or in connection with criminal law proceedings;
  • contractors, grantees, experts, consultants, students, and others performing or working on a contract, service, grant, cooperative agreement, or other assignment for the Federal government, when necessary to accomplish an agency function related to this system of records, in compliance with the Privacy Act of 1974, as amended;
  • Federal, state, local, tribal, or foreign governmental agencies, if necessary to obtain information relevant to a DHS decision concerning the hiring or retention of an employee, the issuance of a security clearance, the reporting of an investigation of an employee, the letting of a contract, or the issuance of a license, grant or other benefit and disclosure is appropriate to the proper performance of the official duties of the individual making the disclosure;
  • Federal, State, local, tribal, or foreign governmental agencies or multilateral governmental organizations, for purposes of assistingsuch agencies or organizations in preventing exposure to or transmission of a communicable or quarantinable disease or for combatting other significant public health threats;
  • Federal and foreign government intelligence or counterterrorism agencies or components where CBP becomes aware of an indication of a threat or potential threat to national or
    international security, or where such use is to assist in anti-terrorism efforts and disclosure is appropriate to the proper performance of the official duties of the person making the disclosure;
  • Federal, State, local, tribal, or foreign governmental agencies or multilateral governmental organizations where CBP is aware of a need to utilize relevant data for purposes of testing new technology and systems designed to enhance border security or identify other violations of law

.. so you can’t see what data is maintained about you in the system for the next 40 years, but DHS can share the data with local law enforcement, foreign intelligence agencies, your county health department, the local animal control agency seeking to enforce pet license laws, tax collectors, John Poindexter’s TIA project .. and the ATS data may be available in discovery if you’re involved in a lawsuit or a divorce.
For better or for worse, as a society we’ve argued and blamed ourselves into a posture where it’s politically infeasible to back away from keeping a list of Bad People. However, that doesn’t mean that it has to be configured as badly as DHS proposes with the ATS system. If DHS anticipates that they’re going to be extracting information from Jet Blue and Southwest Airlines and passing it along to municipal and county-level employees, it’s ridiculous to assert that there’s a strong government interest in preventing people from inspecting their own records – apparently everyone else can.

The ATS system would be much more sensible if it were configured either so that information in the system cannot be shared outside of DHS or used for non-DHS purposes; or if it were configured with the understanding that widespread dispersion of the information is essential to widespread usage of the information, and accordingly individuals should have the right to inspect and correct inaccurate information maintained about them inside the system.

EPIC has a good page about the ATS system at http://www.epic.org/privacy/surveillance/spotlight/1006/default.html

Posted in Privacy | No Comments »

Turing’s Treatise on the Enigma

January 24th, 2006

Almost 10 years ago, I requested a copy of Turing’s Treatise on the Enigma from the National Archives & Records Administration via the Freedom of Information Act; when I received it, I only had a flatbed scanner, and sheet-fed scanners were either prohibitively expensive or aggravatingly unreliable, so these 119-odd pages of cryptographic history languished unpublished on the Web, at least in their original form. (A painstakingly retyped version is available at http ://f.home.cern.ch/f/frode/www/crypto/Turing/.)

Happily, technology and bandwidth have become cheaper in the intervening years, and I now lease office space that includes a modern copier that can scan to PDF as easily as making a photocopy.

Thus, I can now make the original images (as received from NARA) available online at http ://parrhesia.com/turing.pdf. (The link has been CORALized for faster response.)

It’s tough to read because this is a scan of a photocopy of a photograph (microfilm?) of the original – but if you’ve ever wondered what Alan Turing’s handwriting looked like, or want to remember what it was like to produce a document before White-Out existed, here you go.

Posted in Cryptography | No Comments »

SLAPP suit – Eagle Broadband v Does

October 7th, 2005

I got a copy today of the complaint in
Eagle Broadband v. Does, a suit filed October 5 in Santa Clara County Superior Court, which may be of interest to others. (If you have trouble reading the complaint, try saving it to your local machine and opening the local copy.)

Posted in SLAPP | No Comments »

Michael Lynn’s presentation at Black Hat

July 29th, 2005

John Young at Cryptome has made available a PDF with the now-suppressed slides from Mike Lynn’s controversial presentation at the Black Hat security conference in Las Vegas this week. Unfortunately, it’s tough to get through to Cryptome due to demand – so I’m making the file available via the Coral distribution network so that everyone can read it without beating up on John’s server too badly.

Posted in IP | No Comments »

Tax Protestor Doesn’t Lose Criminal Trial

June 30th, 2005

Recently, one of my neighbors was acquitted in a federal criminal trial. The jury considered four charges: one count of conspiracy to defraud the government by impairing the calculation or collection of tax, and three counts of wilfully aiding the filing of amended income tax returns which were false with respect to a material matter.

My neighbor – Joe Banister, a former special agent for the IRS, is also licensed as a CPA. (”Special Agents” at IRS are considered federal law enforcement officers, who carry firearms, have the power to make arrests, and investigate criminal tax law violations; as opposed to “Revenue Agents” who conduct examinations (”audits”) or “Revenue Officers” who collect tax debts.

Apparently, at some point during Mr. Banister’s employment with IRS, he got sucked into one of the “tax protestor” movements, leading to his resignation from IRS. He has since published materials describing his there-is-no-income-tax theory, and apparently talked the owner of a Sacramento-area business into filing “zero returns”, which show that no tax is due, and hence all amounts withheld should be returned to the taxpayer (though that doesn’t seem like the right term for a zero return filer.)

It’s unfortunate that tax protestors are trying to use the acquittal to prove more than it does – it’s the jury’s decision that, in this case, the prosecutors didn’t prove, beyond a reasonable doubt, that Joe Banister committed the crimes he was charged with. Acquitting Joe Banister for conspiracy and filing a false return doesn’t prove that it’s legal to file a zero return any more than Michael Jackson’s acquittal proves that child molestation is legal – nor did the acquittals of Robert Blake and OJ Simpson prove that murder is legal.

I did find these notes sent by Banister’s jury to be interesting, though it’s tough to figure out exactly what the jury was thinking –

So while it’s obviously a good result for Joe Banister, it’s not a good foundation for any sort of argument about whether or not it’s a good idea – or legally required – that US citizens and residents pay income tax.

In particular, it’s worth remembering that while Joe Banister managed to escape conviction, his client – the person who actually filed the zero returns at issue – is currently sitting in a federal prison after being convicted for tax fraud, as a result of filing the returns.

I haven’t read the trial transcripts, but my understanding is that Joe Banister’s argument was that, essentially, his role was that of a CPA preparing tax returns based on the legal and factual arguments of his client, and that it wasn’t reasonable to hold him – as a paid preparer – liable for the position that his client chose to take on the tax return.

Banister has also been disbarred from practice before the IRS, and disciplinary charges are apparently pending before the California Board of Accountancy.

Posted in Taxes | 2 Comments »

Concealed carry permits and homicide rates

June 17th, 2005

Just to see if there’s an easy parallel to the More Guns Less Crime argument, I decided to compare the concealed carry permit issue rate to homicide rates. I found the California Dept of Justice’s page of homicide statistics per county per year. Turns out the five counties with the worst homicide rates in 2003 were:

Sierra .0286%
Inyo .0109%
Los Angeles .0107%
Mendocino .0102%
Alameda .0095%

and nine counties tied for the best, with no homicides in 2003:

Alpine
Amador
Colusa
Del Norte
Lassen
Marin
Mariposa
Modoc

There were two big surprises for me in those lists – that Sierra County turned out to have the worst rate, and that Marin County had no homicides in 2003. Looking at both counties over the longer time periods shown in the CA DOJ statistics, it looks like both entries are statistical outliers.

Sierra County only had two homicides during years 1994-2003; one in 1999 and one in 2003. If that one homicide in Sierra County in 2003 hadn’t happened, Sierra County would move from the county with the worst rate to tied for the best rate.

Marin County’s mean homicides per year during the years 1994-2003 was 2.7.

When the CA DOJ calculates homicide rates, they exclude counties with populations below 100,000 because they believe the statistics are misleading in that context. See Appendix I.

Posted in Guns | 1 Comment »

Concealed Carry Permits in California, per capita by county

June 16th, 2005

I happened to notice that the California Dept of Justice’s Firearms Division has placed online a report listing, by county, the number of concealed handgun permits issued during the period 1990-2003. I thought it would be interesting to compare the issue rates by population – so I found some census population estimates by county, and combined the data sets, to get the per capital CHL’s issued in California. Turns out there’s some pretty big variation – between 3.5 percent of the population (Modoc County, for example) to .0013 percent (San Francisco County).

The five counties with the most CHL’s per capita were:

Modoc 3.5893%
Sierra 3.3409%
Trinity 3.1167%
Alpine 2.8950%
Amador 2.2939%

The five counties with the fewest CHL’s per capita were:

San Francisco .0013%
Santa Clara .0112%
Alameda .0139%
Los Angeles .0141%
Santa Cruz .0175%

Here are the county-by-county numbers for 2003, in descending order by ratio of CHL’s to residents. Also, here’s the data as a CSV file if you want to look at it yourself.

Posted in Guns | No Comments »

Blog insurance?

December 5th, 2004

Matt Homann suggests “Blogging Insurance“, whereby some benevolent organization – such as big law firms, or blog software firms, or Google ,(or Santa Claus?) will pay for insurance, meant to fund the legal defense (or indemnification?) where bloggers are sued.

Apparently the genesis of this discussion (other commentators have proposed a “Blogger Legal Defense Society“) came when a blogger posted first an audio clip, then a transcript, of the episode of Jeopardy where the record-winning contestant finally lost. Sony TV sent him cease-and-desist letters, and the blogger took down the content because he was concerned about his ability to enter into a war-of-attrition lawsuit against Sony.

I don’t imagine that the people who are talking about “blog insurance” or “blogger legal defense” really intend to exclude Internet authors or publishers who aren’t using blog software, or who aren’t creating traditional frequently-updated informal-tone websites. At least I hope they don’t intend that. More reasonably, I expect that what they’re proposing is some sort of general protection for little guys who are threatened by big evil bullies. That’s a nice sentiment, and hopefully people are, and will continue to be, sympathetic to underdogs.

There are two problems with the approaches discussed, however. The first is known to economists as “moral hazard” – the tendency of people to alter their behavior when they know another party is bearing the risk associated with their behavior. The second, related problem involves distinguishing between defensible and indefensible claims.

It’s not clear to me that it makes any sense to create an environment where we’re effectively saying “Write anything you want – you don’t need to be worried about accuracy, some nice people will pay for your attorney if you get sued.” It’s especially ironic to adopt that posture with respect to (stereotypically) individuals, but to expect others (stereotypically “corporations”) to scrupulously comply with laws regarding privacy, fair information practices, and accurate credit reporting.

I think it’s even weirder to imagine that perhaps the AmLaw 200 – the firms who make their money representing, typically, the Fortune 500 – will somehow pony up cash to pay for insurance to cover the defense costs for the defendants who are creating the problems that AmLaw 200 are hired to solve.

Ok, I’ll admit that it actually makes sense, in a perverse way, but I don’t think that’s what the original commenator intended. Going back and reading his post again, it’s clear that it’s not – his message has plenty of qualifiers discussing frivolous litigation and in-the-right bloggers – but not a defense fund, or an insurance fund, for everyone who manages to piss someone else off, whether they deserved it or not.

Ultimately, I think the EFF already does a pretty good job taking care of this – they provide active assistance in cases they find particularly important or egregious, and maintain a “cooperating attorneys” mailing list to help find volunteer or low-cost attorneys for cases where EFF isn’t going to intervene directly.

I don’t mean to say that there’s no problem here, or that since EFF exists nobody needs to care about free speech, but I think it makes a lot more sense for individual defendants to continue to seek help as individuals based on the righteousness of their individual circumstances, rather than lump true underdogs-in-need together with people who deliberately seek drama and excitement and trouble, and won’t be satisfied until they find it.

Posted in IP | No Comments »

November 17th, 2004

John Young pointed out that the ND CA PACER site now has images online for the ND CA MPAA suit – I grabbed them, here they are for free. I skipped paying for the ADR order and the notification to the Copyright Office that suit had been filed. I don’t have time to monkey with an index page for that directory right now, but the files are there if anyone’s interested.

I haven’t seen any substantive discussion of the progress of the case, so here’s my 30-second version: the MPAA has sued 12 unnamed defendants (all SBC Internet customers, as I read the complaint) for distributing movies using P2P software. The defendands are sued as “john does”. The MPPA asked the court for permission to conduct discovery against SBC Internet to learn the identities of the 12 defendants, whose IP addresses are disclosed in the complaint. The judge granted permission for discovery from SBC against only the first defendant, discussing problems which arose in other DirectTV anti-piracy litigation.

Posted in IP | 1 Comment »

November 16th, 2004

So the MPAA has apparently filed suits across the country against P2P filesharers allegedly sharing copyrighted movies. MSNBC mentions that a suit has been filed in the Eastern District of Missouri (St. Louis) – the documents in the case are available via PACER. I downloaded the docs that looked marginally interesting and am making them available here to save everyone else having to pay $.07/page. Here’s the complaint, Exhibit A, the disclosure of corporate interests, the civil cover sheet, and the certificate of original filing.

Posted in IP | No Comments »

November 10th, 2004

One more link with lots of good data about how electronic voting systems work (or don’t) – this report prepared for the Ohio Secretary of State in December, 2003.

Posted in IP | No Comments »

November 10th, 2004

I sent this message to the ABA’s Solosez mailing list, a discussion group frequented by attorneys in solo practice and small firms – sometimes the discussion is about legal topics, other times it’s whatever’s on people’s minds. In this case, voting.

A few days later, my friend Andy sent me a link to the http://www.blackboxvoting.org site, discussing the potential for vote fraud and a giant FOIA/public records request the site’s operator(s) have sent to local voting officials looking for evidence of trouble or tampering in electronic voting.

I was curious about the electronic voting systems used here in Santa Clara County (Sequoia), and found a few links -

Posted in Voting | No Comments »

October 9th, 2004

More re Indymedia -

sent to John Young’s Cryptome mailing list

    Message-ID: <4918801a0410091806728a832@mail.gmail.com>
    Date: Sat, 9 Oct 2004 18:06:24 -0700
    From: Greg Broiles
    To: John Young
    Subject: Re: [Cryptome] Indymedia Raid
    Cc: cryptome@cryptome.org
    In-Reply-To:

    On Sat, 09 Oct 2004 20:03:03 -0700, John Young wrote:
> Greg,
>
> I understand the action taken in the US, but was not
> a similar action required directly in the UK for physical
> property located there? Or are these remote-controlled
> actions capable of reaching into secondary countries?
> I know that Rackspace is responsible for the UK sub,
> but does not UK law require a grounds for any action
> on its territory?

    I don't know what UK law requires - from a US law perspective, I would
    expect the US company to be in hot water with a US judge if it didn't
    cooperate with US legal process, even if the subject of the order
    happened to be outside the territorial US.

> Second, could Rackspace not have contested the order, or
> is such an order from a "Commissioner" not contestable?
> Or did Rackspace just roll over?
>
> Then, perhaps Rackspace contested and can not reveal that.

    Rackspace could have contested the subpoena in US court if they chose
    to; the order appointing the Commissioner is a final appealable order,
    so this could have even gone up the appeals chain to the Court of
    Appeals and been offered to the US Supreme Court, if the parties had
    been inclined to do so.

    I don't know if Rackspace did contest the order, and the record is
    sealed (or difficult to find online), or if Rackspace declined.

> Did you find any evidence that Rackspace had a reason to
> go along beyond the court order, say, government business
> or problems with the government.

    I don't know of anything one direction or the other - I recall that
    Verio was relatively independent in its judgement regarding legal
    process, until they were purchased by a Japanese company, and the US
    government raised the issue that Verio's facilities might then be
    outside the reach of US law enforcement/intelligence subpoenas and
    process, and Verio then expressed a willingness to be as cooperative
    as other ISP lap-dogs.

> Peculiar that Rackspace does not make an effort to
> explain why its custormer's interest was not paramount.

    I would not be surprised if the subpoena itself directs Rackspace to
    keep the existence or contents of the subpoena (and the items(s)
    produced in response) confidential - I am not certain that the
    "commissioner" would have a defensible basis for making such a demand,
    especially absent an order from a real US judge or magistrate allowing
    for such a secrecy order.

    On the other hand, in these days of the Patriot Act, it's hard to be
    sure that there hasn't been some obscure legislation passed allowing
    the issue of (probably unconstitutional) secrecy orders.

    My hunch is that there isn't a defensible secrecy order in place here,
    since the FBI and Rackspace have been willing to talk to the press -
    in other cases (such as the ACLU suit re National Security Letters)
    the parties have acted much more circumspect in even discussing the
    existence of an active case.

    I think there are two aspects to this case which are of interest: the
    appropriateness of the seizure/disclosure, and the interruption of
    service to the Indymedia servers.

    So far, I haven't heard anything which suggests that the disclosure
    was legally incorrect, although Rackspace could probably have resisted
    it more vigorously.

    On the other hand, I think it's harder to justify failing to restore
    the machine to service after the FBI got what they asked for.

    Assuming that the FBI asked for the actual, physical hard disk, it
    still seems that Rackspace could/should have restored Indymedia's
    server from backup, allowing them to continue to function while the
    FBI continued with their work. In particular, I note that Rackspace's
    website at
    seems to suggest that all Rackspace servers are centrally backed up,
    such that it should have been possible for them to restore Indymedia
    to service within a few hours.

    Given what's now known about this incident, I'm having a hard time
    imagining what the foreign government(s) wanted as evidence from the
    hard disk(s). It's not like there's a lot of room to dispute whether
    or not the photos in question were being served from that machine.

    Rather, I suspect that the purpose of this action was to disrupt
    operation of the Indymedia sites, which is certainly not what Congress
    intended when they enacted 28 USC 1782 - nor even what was likely
    contained in the application to the US district judge/magistrate for
    designation of the AUSA as a commissioner.

    Nothing in this message is intended as legal advice.

    --
    Greg Broiles, JD, EA
    gbroiles@gmail.com (Lists only. Not for confidential communications.)
    Law Office of Gregory A. Broiles
    San Jose, CA

Posted in Search and seizure | No Comments »

October 9th, 2004

I did some reading re the Indymedia incident where computer(s) used to operate a collection of news websites were turned over to the US government, apparently pursuant to a request from a foreign government.
Read the rest of this entry »

Posted in Search and seizure | No Comments »