On Q Professional Investigations

A prominent Florida lawyer accused of masterminding a $300 million gambling scheme under the guise of a veterans charity says he has done nothing wrong and simply advised his client about applicable law.

Kelly Mathis, who also served in a standard role for a lawyer, as a registered agent for some of his client’s companies, is thought of as a down-to-earth, hardworking attorney and was formerly president of the local bar association. In a Wednesday interview in his lawyer’s office, the Vanderbilt University law grad said prosecutors who contend the Internet sweepstakes gambling cafes were not legal under state law are “trying to force a connection” between his legal work and the alleged criminal conduct when none exists, the Associated Press reports.

Mathis says he did months of in-depth research before concluding that the plan by his clients—Jerry Bass and Johnny Duncan and their Allied Veterans of the World company—to operate the cafes was legal.

He said he was paid standard legal fees for the work he did, and did not get a cut of the profits from Allied Veterans, which authorities contend provided only about 2 percent of what it brought in to causes benefiting veterans. Seminole County, he contends, has targeted him because he sued over its opposing stance on Internet gambling cafes.

“The law is filled with ambiguities. The lawyer’s job is to come up with a legal opinion to advocate for that position,” Mathis told the AP. “Even right now in the state of Florida, there is no appellate court opinion. There is no definitive black-and-white answer. I and my clients were complying with the law.”

View Source

Daniel Klaidman of The Daily Beast reports that the White House will soon take the power to launch lethal drone strikes away from the CIA and make the program the exclusive domain of the Defense Department. Because the military and intelligence services operate under a different set of rules, the move would consolidate all drone operations under a single command and a single set of procedure. It could also (potentially) add new layers of transparency and accountability to what has become one of the government’s most controversial operations.

The shift may not change much in the real world of missile strikes and terrorist hunting, as drones will continue to be a major tool in the U.S. arsenal. However, it could signal a major shift in the legal and diplomatic basis for the program. For example, one of the most important distinctions between CIA operations and military ones is the difference between “covert” and “clandestine.” The military can keep its “clandestine” activities classified or secret—like say a SEAL team raid to kill a wanted terrorist. But if Congress or a judge asks, they can’t pretend they didn’t happen. The CIA, on the other hand, is allowed to declare certain missions to be “covert.” (Like say, sneaking American citizens out of a hostile country.) That means that, legally, they can deny that program even exists, shielding those responsible from accountability and hiding them from the public.

That extra layer of accountbility matters a lot when making life or death decisions. Currently, the CIA has the power to decide on its own if a terorist is going to be targeted, and in certain circumstances can carry out an attack without further authorization. The most notable exception is Pakistan, where the Armed Forces require presidential authorization to carry out a mission within its borders, but the CIA doesn’t.

As far back as last fall it was reported that John Brennan, who was then the President’s chief counterterrorism advisor, was already looking to consolidate drone operations under the umbrella of Pentagon, believing that the military was better suited to handle armed drone operations. He seemed to be growing more uncomfortable with the idea of the Central Intelligence Agency morphing from a spy outfit into a lethal fighting force, especially one that decides on its own who deserves the “lethal” part. Meanwhile, the Defense Department has much stricter requirements that must be met before carrying out a military operation in a foreign country, the White House and Congress have more power over generals (and their budgets) than they do secret agents, and international law and diplomacy helps to keep uniformed soliders on a tighter leash.

It’s interesting to see that even though Brennan is now in charge of the CIA he hasn’t changed his mind about dumping drones from his portfolio, and is legitimately committed to seeing the agency focus more on its spying roots. Giving the power to strike overseas solely to the president may not ease everyone’s fears about the drone program, but at least it makes it slightly easier to keep an eye on it.

View Source

The Obama Administration is headed to court today to argue that warrantless GPS tracking is just fine.

The administration will present its arguments before a federal appeals court today, despite the U.S. Supreme Court last year ruling that a warrant was needed to attach a GPS device to a suspected criminal’s vehicle. According to Wired, which first reported on the story, the government believes that the high court’s ruling does not account for all scenarios, and wants to see where its ruling should and shouldn’t be held up.

The Supreme Court’s ruling last year was not exhaustive, the government argues. And in many cases, exemptions exist in which a judge would not need to sign a warrant to monitor someone, including issues at the border and with people on probation and students, according to Wired.

The Supreme Court ruled in a unanimous decision last year that the Fourth Amendment protection of “persons, houses, papers, and effects, against unreasonable searches and seizures” would be violated if law enforcement agencies were allowed to attach a GPS device to a suspect’s vehicle without obtaining a warrant. The decision involved a case in which District of Columbia police placed a GPS tracking device on the car of suspected cocaine dealer Antoine Jones. Following a conviction, the U.S. Court of Appeals for the District of Columbia in 2010 threw it out, saying a warrant was required to track Jones and fellow defendant Lawrence Maynard.

For the government, warrantless GPS tracking could prove to be an important law-enforcement tool, its attorneys have argued. In papers filed with the court, the government has said that because of the high court’s ruling, “law enforcement officers could not use GPS devices to gather information to establish probable cause, which is often the most productive use of such devices.”

View Source

JP Morgan Chase denied this evening that it had suffered a hack that many customers claimed had suddenly reduced their checking account balances to zero.

After discovering the apparently empty accounts via the Internet or mobile devices, many Chase banking customers turned to Twitter to express their frustration and show screen shots of zero balances. Other users were greeted with messages that their bank account balances were unavailable.

But a spokesperson for the bank told CNET this evening that the problem was related to an internal issue and not a security breach.

“We have a technology problem regarding customers’ balance information that we are working to resolve,” the spokesperson said. “It has nothing cyberthreats; it’s an internal issue. We are very sorry to our customers for the inconvenience.”

The representative said credit card and mortgage accounts were unaffected by the issue. She did not say how many customers were affected or when it expected to have the issue resolved.

Chase issued a statement on its support account on Twitter a couple of hours later indicating it had resolved the issue:

“*UPDATE* We’re back to business as usual on http://Chase.com & Mobile. Apologies again for the trouble & thank you for your patience.”

Customers’ suspicions about a possible security breach are natural, with the zero balances appearing less than a week after a massive distributed-denial-of-service attack rendered Chase’s Web sites useless for many hours. Customers trying to use the site’s tools were instead greeted with a note that the site was “temporarily down.”

Hackers have ratcheted up their assaults on financial institutions in recent months, using DDoS attacks to take down Wells Fargo, Bank of America, Chase, Citigroup, HSBC, and others. Though initially it was unclear who was behind the attacks, government officials and security researchers said in January that Iran was responsible for these cyberattacks.

In its December report, security company McAfee said that attacks on U.S. financial institutions are only going to increase in 2013. The firm said that this isn’t just a possibility; it’s a “credible threat.” Anonymous has also threatened to increase its activity in 2013.

View Source

Two California men have been indicted for allegedly hacking point-of-sale terminals at Subway shops to steal at least $40,000.

Prosecutors accused Shahin Abdollahi, aka “Sean Holdt,” and Jeffrey Thomas Wilkinson of hacking at least 13 point-of-sale (POS) terminals to install software that fraudulently loaded at least $40,000 onto Subway gift cards, according to an indictment unsealed in Boston on Friday (see below). The pair then allegedly used the cards to make purchases at Subway shops and sold them on eBay and Craigslist.

Abdollahi owned a Subway franchise in Southern California from 2005 to 2008 and later ran a business called POS Doctor that sold POS terminals to Subways across the country, according to the Justice Department. Around 2011, Abdollahi allegedly sold terminals to Subway franchises in California, Massachusetts, and Wyoming that were loaded with LogMeIn, a remote desktop tool.

Both defendants were charged with one count of conspiracy to commit computer intrusion and wire fraud, as well as with a separate count of wire fraud.

This isn’t the first time Subway POS terminals have fallen victim to intrusion. Last year, two Romanian men pled guilty to hacking point-of-sale terminals at hundreds of Subway sandwich stores in the U.S. to steal credit card data from more than 146,000 accounts.

Interestingly, the indictments were announced by Carmen Ortiz, the U.S. attorney for Massachusetts, who oversaw the criminal case of Aaron Swartz before the Internet activist’s suicide in January.

View Source

Officials said most victims of the bar shooting belonged to a taxi drivers union.

At least seven people were killed and four wounded on the outskirts of the Mexican resort area of Cancun Thursday when two men armed with automatic rifles and a handgun opened fire in a bar in a working class neighborhood, according to media reports.

The shootings took place at The Mermaid Bar, far from Cancun’s popular hotel zone, the spring break destination for thousands of American college students.

Public Safety Secretary Jesus Aiza said most of the victims belonged to a taxi drivers union, according to the Associated Press. Soldiers were assigned to guard those being treated at a hospital.

Aiza said the gunmen arrived in two cars Thursday afternoon, went inside the bar and began shooting.

Reuters noted that Cancun, located on the northeast coast of the Yucatan Peninsula, has largely escaped the kind of drug violence that has plagued other parts of the country.

The Telegraphnoted that armed army personnel regularly patrol the most popular tourist beach and hotel spots.

Last month in Acapulco, a fading vacation spot on the Pacific coast, six Spanish tourists were raped by hooded men at a beach house.

View Source

What would a tax season be without confusion and last-minute changes?

First up, a lot of H&R Block customers are irate about a glitch that will delay their federal tax refunds by weeks.

For days, H&R customers complained on Facebook that they weren’t getting a clear explanation as to why their refunds were delayed. As it turns out, there was a problem with returns that included Form 8863, which is used to claim two higher education credits — the American Opportunity Tax Credit and the Lifetime Learning Credit.

“H&R Block has confirmed with the IRS that there was an issue with a limited number of software company products that affected some tax returns filed between Feb. 14 and 22, 2013,” the company said.

The IRS says the glitch has affected about 10 percent of the 6.6 million total returns claiming the credit. “The problem resulted in those tax returns requiring additional review,” the IRS said.

H&R Block won’t say how many of those returns were prepared by the company, noting that the language in the IRS statement said the problem involved a “limited number of software company products.” Yet it’s been mostly H&R Block customers who are taking to the Internet. A “Demand H&R Block Refund Our Filing Fees” page has been created on Facebook.

“I’m not able to divulge how many of our clients are impacted, but we are contacting them all directly,” H&R Block spokesman Gene King said in an e-mail.

King said that any problems that occurred with Form 8863 have been fixed and that H&R Block clients don’t need to take any immediate action.

“It’s important to note that the tax returns were prepared accurately,” he said. “The error occurred in e-file processing.”

The IRS issued an alert to tax professionals Feb. 20, pointing out that they had noticed instances in which certain checkboxes on Form 8863 were not correctly completed, causing processing delays. Software packages needed to be modified to correct the issue, the alert said, adding, “Please communicate this information to the practitioner community to avoid delays in processing returns.”

The IRS said that in a situation like this, it can typically take up to eight weeks to resolve the problem. But the agency is working to speed up the process. However, it “may need as much as four to six weeks” to get refunds to taxpayers.

“We are taking special steps to help taxpayers,” the IRS said in a statement, adding that it was “working aggressively to address this situation and hopes to reduce those projected refund time frames further.”

The delay in processing the returns may also affect families applying for financial aid through the Free Application for Federal Student Aid, or FAFSA. If you are affected, you can enter your tax return information manually and later update it once your return has been processed.

The IRS said taxpayers who filed a Form 8863 with their tax return during the time period in question can check “Where’s My Refund?” on www.irs.gov. “If taxpayers have not received a refund date and filed during the affected period, they should contact their software provider to determine if they may be in the affected group,” the agency said.

Note that there is no need to check “Where’s My Refund?” more than once a day. The system is usually updated each night.

Okay, on to another issue for this tax season and next.

If your lender cancels or forgives your mortgage debt, you generally have to pay tax on that amount. The lender is required to report the amount of canceled debt to you and the IRS on a Form 1099-C, Cancellation of Debt.

But during the housing crisis, when foreclosures skyrocketed across the country, Congress passed the Mortgage Forgiveness Debt Relief Act. It was designed to provide at least some relief to people who had lost their homes.

The act was scheduled to expire in 2012. But as part of the last-minute deal to avoid the “fiscal cliff,” the debt relief was extended for one more year, until Dec. 31, 2013.

The law allows people to exclude income from the discharge of debt on their principal place of residence. In addition to foreclosure, debt reduced because of a mortgage restructuring also qualifies for relief.

The maximum qualified debt you can exclude under this exception is $2 million, according to the IRS. The limit is $1 million for a married person who files a separate tax return. If you qualify, report the excluded debt on Form 982. Submit the completed form with your federal income tax return.

Close to 230,000 taxpayers have claimed a discharge of qualified principal residence debt for tax year 2010, the most recent year for which there is data, the IRS said.

Ah, just another complicated tax year.

View Source

Nogales, Ariz. — A Mexican man was arrested Tuesday at the Nogales Commercial Facility for attempting to smuggle more than a ton of marijuana into the United States.

U.S. Customs and Border Protection officers referred the 35-year-old driver of a tractor-trailer he was driving for an additional inspection. After an anomaly was discovered using a commercial x-ray system, a CBP narcotics detection canine alerted to the presence of drugs co-mingled within a shipment of bell peppers. A further search led to the discovery of 280 packages of marijuana worth slightly more than $1,068,000. The drugs and tractor-trailer were processed for seizure. The subject was turned over to Immigration and Customs Enforcement’s Homeland Security Investigations.

“CBP officers in Nogales made use of several layers of enforcement to identify and locate the marijuana,” said Nogales Port Director Guadalupe Ramirez. “Our people used their experience and dedication to prevent these drugs from entering our nation.”

CBP’s Office of Field Operations is the primary organization within Homeland Security tasked with an anti-terrorism mission at our nation’s ports. CBP officers screen all people, vehicles and goods entering the United States while facilitating the flow of legitimate trade and travel. Their mission also includes carrying out border-related duties, including narcotics interdiction, enforcing immigration and trade laws, and protecting the nation’s food supply and agriculture industry from pests and diseases.

View Source

SAN FRANCISCO — Google on Tuesday acknowledged to state officials that it had violated people’s privacy during its Street View mapping project when it casually scooped up passwords, e-mail and other personal information from unsuspecting computer users.

In agreeing to settle a case brought by 38 states involving the project, the search company for the first time is required to aggressively police its own employees on privacy issues and to explicitly tell the public how to fend off privacy violations like this one.

While the settlement also included a tiny — for Google — fine of $7 million, privacy advocates and Google critics characterized the overall agreement as a breakthrough for a company they say has become a serial violator of privacy.

Complaints have led to multiple enforcement actions in recent years and a spate of worldwide investigations into the way the mapping project also collected the personal data of private computer users.

“Google puts innovation ahead of everything and resists asking permission,” said Scott Cleland, a consultant for Google’s competitors and a consumer watchdog whose blog maintains a close watch on Google’s privacy issues. “But the states are throwing down a marker that they are watching and there is a line the company shouldn’t cross.”

The agreement paves the way for a major privacy battle over Google Glass, the heavily promoted wearable computer in the form of glasses, Mr. Cleland said. “If you use Google Glass to record a couple whispering to each other in Starbucks, have you violated their privacy?” he asked. “Well, 38 states just said they have a problem with the unauthorized collection of people’s data.”

George Jepsen, the Connecticut attorney general who led the states’ investigation, said that he was hopeful the settlement would produce a new Google.

“This is the industry giant,” he said. “It is committing to change its corporate culture to encourage sensitivity to issues of personal data privacy.”

The applause was not universal, however. Consumer Watchdog, another privacy monitor and frequent Google critic, said that “asking Google to educate consumers about privacy is like asking the fox to teach the chickens how to ensure the security of their coop.”

Niki Fenwick, a Google spokeswoman, said on Tuesday that “we work hard to get privacy right at Google, but in this case we didn’t, which is why we quickly tightened up our systems to address the issue.”

Last summer, the Federal Trade Commission fined Google $22.5 million for bypassing privacy settings in the Safari browser, the largest civil penalty ever levied by the F.T.C. In 2011, Google agreed to be audited for 20 years by the F.T.C. after it admitted to using deceptive tactics when starting its Buzz social network. That agreement included several rather vague privacy provisions.

The new settlement, which requires Google to set up a privacy program within six months, is more specific. Among its requirements, Google must hold an annual privacy week event for employees. It also must make privacy certification programs available to select employees, provide refresher training for its lawyers overseeing new products and train its employees who deal with privacy matters.

Several provisions involve outreach. Google must create a video for YouTube explaining how people can easily encrypt their data on their wireless networks and run a daily online ad promoting it for two years. It must run educational ads in the biggest newspapers in the 38 participating states, which besides Connecticut also include New York, New Jersey, Massachusetts, California, Ohio and Texas.

“There are minimum benchmarks Google has to meet,” said Matthew Fitzsimmons, an assistant Connecticut attorney general who negotiated with the company. “This will impact how Google rolls out products and services in the future.”

Marc Rotenberg of the Electronic Privacy Information Center said the agreement was “a significant privacy decision by the state attorneys general,” adding that “it shows the ongoing importance of the states’ A.G.’s in protecting the privacy rights of Internet users.”

Read More

If you “Like” lots of people, places and things on Facebook, you may get rewarded with discounts and special offers. But new research out today shows that these public Likes reveal more about you than you may think.

Using a dataset of more than 58,000 Facebook users in the USA collected between 2007 and 2012, researchers at the University of Cambridge in the United Kingdom were able to accurately predict certain qualities and traits, such as race, age, IQ, sexuality, personality, substance use and political views using Facebook Likes alone.

The Likes include photos, friends’ status updates, Facebook pages of products, sports, musicians, books, restaurants or popular websites.

“Likes represent a very generic class of digital records, similar to Web search queries, Web browsing histories, and credit card purchases,” says the study in Proceedings of the National Academy of Sciences.

The participants gave researchers access to their Facebook pages and they completed a variety of online tests, including personality and IQ. Their Likes were fed into algorithms and researchers created statistical models that were able to predict the personal details using Facebook Likes alone. Results were corroborated with information from the Facebook profiles and personality tests.

“Each person, on average, liked 170 things,” says psychologist Michal Kosinski, the study’s lead author. “Some liked only one thing and there were people who liked thousands of things. We removed those. We looked at people who liked between one and 700 different things.”

Sam Gosling, a psychologist at the University of Texas at Austin, calls it a “landmark study” because it illustrates “how things are no longer ephemeral.” He has been studying Facebook behavior since 2006, and has seen this new study.

“You ‘Like’ something. You leave a comment on somebody’s wall. They are now recorded in a way that machines can calibrate and measure them with great accuracy,” he says. “Together, they add up to substantially more information from which you can make quite reasonably accurate predictions.”

Fred Wolens, a Facebook spokesman at its headquarters in Menlo Park, Calif., says the predictions are “hardly surprising.”

“No matter the vehicle for information — a bumper sticker, yard sign, logos on clothing, or other data found online — it has already been proven that it is possible for social scientists to draw conclusions about personal attributes based on these characteristics,” he says.

Rebecca Lieb, a digital media analyst at the Altimeter Group, a consulting firm in New York City, agrees.

“Advertising and marketing focus on this, but it’s important not to isolate this as only an online issue or a social network issue,” she says. “Data is being collected at every stage of our lives. If you’re using a credit card, you’re opening yourself up to as much data collection as if you’re using Facebook or searching online and getting cookies collected in your browser.”

The study found the highest accuracy for ethnic origin and gender, with African Americans and Caucasians correctly classified in 95% of cases. Males and females were correctly classified in 93% of cases; Christians and Muslims in 82% of cases. Sexual orientation was easier to distinguish among males (88%) than females (75%).

The study notes that Likes that are the “best predictors of high intelligence include ‘Thunderstorms,’ The Colbert Report, ‘Science” and ‘Curly Fries.’ Low intelligence was indicated by liking (Facebook pages for) ‘Sephora,’ ‘I Love Being A Mom,’ ‘Harley Davidson’ and ‘Lady Antebellum.’ ” Researchers gave no further explanation of these findings.

The study also suggests that the findings may have “negative implications for personal privacy.”

David Jacobs, consumer privacy counsel for the Electronic Privacy Information Center, a public interest research center in Washington, that focuses on civil liberties and privacy, says this study aligns with others involving predictions based on social networking information.

“This is not unique to Facebook and is not even unique to social networking in general,” Jacobs says. “It’s one of the implications of Big Data and in this case Big Data in a social networking context. Lots of information makes for certain inferences and sensitive predictions.”

“It’s the current state of the digital world,” adds Kosinski.

View Source