Exclusion from participation in federal contracts or programs is a longstanding civil sanction that agencies often bring to bear after an individual or company is convicted under various U.S. federal criminal laws. Last November, in a memorandum to the heads of all executive departments and agencies, the Director of the Office of Management and Budget cited one form of exclusion, suspension and debarment, as "a powerful tool" in ensuring responsible conduct by federal contractors and grantees.
While exclusions of various types are used throughout the federal government, it is unusual for federal courts to overturn exclusion decisions by executive departments. But on July 27, in Friedman v. Sebelius, a three-judge panel of the U.S. Court of Appeals for the District of Columbia Circuit did just that, in reversing a decision by the U.S. Department of Health and Human Services (HHS) to exclude three corporate executives from participation in federal health-care programs.
Friedman involved three executives at the Perdue Frederick Company, which manufactured the painkiller OxyContin. Perdue Frederick was convicted of a federal felony, misbranding of OxyContin, and the three executives were convicted under the “responsible corporate officer” doctrine -- a legal doctrine under the Food, Drug and Cosmetic Act that reportedly is seeing increased use by enforcement authorities -- of a federal misdemeanor, misbranding of a drug. Based on their convictions, the Secretary of HHS, Kathleen Sebelius, excluded them from participation in Federal health care programs for 12 years, pursuant to a federal statute that permits the Secretary to exclude individuals or entities convicted under federal or state law of a misdemeanor relating to controlled substances.
On appeal, Senior Circuit Judge Douglas Ginsburg, writing for the Court, held that the statute authorized the Secretary’s exclusion of the three executives, but that her decision was "arbitrary and capricious for want of a reasoned explanation for the length of their exclusions" (page 3), particularly because her decision failed "to explain its departure from the agency’s own precedents" (page 26). The Court remanded the decision to the U.S. District Court for the District of Columbia with instructions to remand it to HHS "for further consideration consistent with this opinion" (page 27).
In strict terms, the decision directly applies only to HHS, because the decision is based on a statute empowering the HHS Secretary. Nonetheless, its application of the "arbitrary and capricious" standard should send a clear signal to other departments and agencies that they will need to adhere to, or carefully to explain departures from, their own precedents in future debarment or exclusion proceedings.
Subscribe To
Posts
All Comments
Tuesday, July 31, 2012
Human-on-Technology and -Human Crime - When Hackers Attack
As if the term "hacker" wasn't already "charged with connotation," as Randy Abrams of NSS Labs recently put it, a recent report from Australia adds a new and more literal connotation. According to the Melbourne Herald Sun, an individual in Tailem Bend, South Australia, Bryce Kingsley Quilley, pleaded guilty to charges of unlawful modification of computer data, threatening to cause harm, and threatening to damage property, after he hacked three times into an ISP's servers and, on the same day, "threatened to burn down the offices of the ISP and, while armed with an axe, threatened to cause harm to its owner." The article does not specify whether the axe in question was the Axe of Frozen Death, the Axe of Earthly Sundering, or a mere mortal artifact from a local hardware store. Sentencing submissions are due to the court in August.
Monday, July 30, 2012
Human-on-Technology Crime - When Slot Players Attack
Technology inspires frustration. Everyone who has ever witnessed a computer crash that results in the loss of critical files, or simply watched a tablet, mobile phone, or other digital device suddenly pull a Rip Van Winkle, knows the sweet temptation of adjusting the offending device with the nearest blunt instrument, or even hands and feet. (On several occasions when my office computer has chosen catatonia as a systems response, the mere thought of using the Louisville Slugger in my office as a programming tool has proved surprisingly satisfying, even calming.) No wonder that, according to TechNewsDaily, a 2011 survey by the security software firm Avira found that approximately 39 percent of people frustrated by a computer have cursed or yelled at the computer out loud and 9 percent have hit the computer with an object such as a fist or baseball bat.
Sadly, in the gaming world computer-driven slot machines are far more likely than their home/office kin to be the victims of assault. The New York Times recently reported that since the new Resorts World Casino in Queens, New York opened in October 2011, "the police have arrested 41 people accused of damaging its machines," compared to "19 arrests of casino patrons for larceny, mostly picking pockets, and 19 arrests for assault." The notion that, unlike a street mugging, no slot ever forced a player to give up his or her money apparently is not part of the decisional calculus that leads some players to misdemeanor prosecution or payment of thousands of dollars for the damage they cause.
Although the Times quoted the Queens District Attorney as saying that overall the casino "has so far proved to be a remarkably safe place," digital slots should take little comfort. After all, when a disgruntled player starts a beatdown on a hapless slot, casino security are unlikely to better the response time of even the most dedicated police department. Maybe slots programmers should take pity on their creations and build in cameras and algorithms that allow computers to determine when a human face shows happiness or frustration, so a slot about to be dry-gulched can call for help. Even on a casino floor, there's need for a neighborhood watch.
Sadly, in the gaming world computer-driven slot machines are far more likely than their home/office kin to be the victims of assault. The New York Times recently reported that since the new Resorts World Casino in Queens, New York opened in October 2011, "the police have arrested 41 people accused of damaging its machines," compared to "19 arrests of casino patrons for larceny, mostly picking pockets, and 19 arrests for assault." The notion that, unlike a street mugging, no slot ever forced a player to give up his or her money apparently is not part of the decisional calculus that leads some players to misdemeanor prosecution or payment of thousands of dollars for the damage they cause.
Although the Times quoted the Queens District Attorney as saying that overall the casino "has so far proved to be a remarkably safe place," digital slots should take little comfort. After all, when a disgruntled player starts a beatdown on a hapless slot, casino security are unlikely to better the response time of even the most dedicated police department. Maybe slots programmers should take pity on their creations and build in cameras and algorithms that allow computers to determine when a human face shows happiness or frustration, so a slot about to be dry-gulched can call for help. Even on a casino floor, there's need for a neighborhood watch.
Friday, July 27, 2012
Philippine Authorities Arrest 21 Phone and Internet Fraudsters Targeting Chinese
On July 21, the Focus Taiwan News Channel reported that Philippine authorities had arrested 21 members of a ring conducting phone and Internet fraud in Angeles City, led by a Taiwanese man residing in the Philippines. According to the report, an investigator stated that "[w]hen police raided the fraud ring's bases, the members were caught attempting to
burn and destroy evidence. . . . During initial
questioning, 13 members of the fraud ring said they were from Taiwan, while eight said they were from China . . . ." The investigator also said that most of the victims of the scheme -- in which ring members posed as law enforcement authorities, local officials, or customer service
personnel "to trick or threaten victims into transferring money to the ring" (according to Focus Taiwan) -- were from China. The article also reported a clear disparity in pay between Taiwanese and Chinese members of the ring: Taiwanese "were paid between NT$30,000 (US$999.56) and NT$40,000 per month," while the Chinese received only 2,000 yuan (US$312.73) per month.
CIFAS Reports "Unprecedented Levels" of Identity Crime in United Kingdom
On July 24, CIFAS, the United Kingdom's fraud prevention service, issued its Fraudscape Bulletin 2012. According to the CIFAS press release on the Bulletin, which drew on fraud statistics for the first half of 2012, CIFAS members reported "data driven identity crime at unprecedented levels." Among other findings, the release reported that "The use of fake identity details, or the impersonation of an innocent victim (Identity Fraud) now accounts for 1 in 2 of all frauds identified" and that "Account - or facility - takeover frauds constitute 15% of all frauds, meaning that nearly two thirds of all frauds (65%) now relate directly to the abuse of identity details such as dates of birth, postcodes, email addresses and passwords."
The release also noted, in unusually emphatic language: "While the 5% increase in overall fraud levels during the first half of 2012 is noteworthy enough, the fact that identity fraud (the use of a false identity or the identity details of another person) now accounts for 50% of all frauds is unprecedented. In addition, 15% of all recorded frauds in the first half of 2012 related to the takeover or hijacking of a customer's account. This means that frauds relating to the misuse of identity details now account for an astonishing 65% of all fraud."
The release also noted, in unusually emphatic language: "While the 5% increase in overall fraud levels during the first half of 2012 is noteworthy enough, the fact that identity fraud (the use of a false identity or the identity details of another person) now accounts for 50% of all frauds is unprecedented. In addition, 15% of all recorded frauds in the first half of 2012 related to the takeover or hijacking of a customer's account. This means that frauds relating to the misuse of identity details now account for an astonishing 65% of all fraud."
"Romance" Scams Around the World
Although online "romance scams" -- fraud schemes that seek to exploit the trust of Internet users hoping for love and companionship -- have been prevalent for more than a decade, operators of the schemes are reaching into more and more corners of the globe. Even as warnings about such schemes proliferate on government and law enforcement websites in Australia, Canada, India, New Zealand, the United Kingdom, and the United States, and on various private-sector sites, romance scammers continue to ply their trade with apparently growing success.
In the United Kingdom, a study -- by Professor Monica Whitty of the University of Leicester and Dr. Tom Buchanan of the University of Westminster, with government funding and support from the Serious Organised Crime Agency -- found that as many as 200,000 residents of Britain may have become romance-scam victims. The researchers' study of the problem is continuing.) In the United States, according to the Internet Crime Complaint Center (IC3), romance scams in 2011 were the fourth-most frequently reported online scam, with reported losses of $50.4 million -- an average of $138,000 per day (though such data do not reflect the vast numbers of people who do not report being defrauded in such schemes). One recent media report even identified romance-scam victims in Brunei.
Moreover, romance-scam operations can be found in numerous countries around the world. The Canadian Anti-Fraud Centre, after analyzing romance-fraud complaints in just a three-month period from December 2010 to February 2011, found "payout locations" (i.e., locations where someone connected with the scheme was able to obtain payouts of funds that the victims had sent through money-transfer services) "in 11 different countries including, Canada, Philippines, United Kingdom, Nigerian, Ghana, Cote D’Ivoire, Russia, Ukraine, Malaysia, Italy and Iraq."
Just last month, Colorado authorities indicted a mother and daughter living in the state for their roles in a Nigerian-based romance scheme that allegedly took in more than $1 million from 374 victims who thought they were being contacted by U.S. armed forces members. The ABC News report on the indictment stated that the 374 victims were located in the United States and 40 other countries, and that the defendants, apparently operating as "money mules" for the Nigerian operation, wired funds "addressed to 112 different names in Nigeria, . . . [and] to individuals in Ecuador, Great Britain, India, United Arab Emirates and the U.S."
In the United Kingdom, a study -- by Professor Monica Whitty of the University of Leicester and Dr. Tom Buchanan of the University of Westminster, with government funding and support from the Serious Organised Crime Agency -- found that as many as 200,000 residents of Britain may have become romance-scam victims. The researchers' study of the problem is continuing.) In the United States, according to the Internet Crime Complaint Center (IC3), romance scams in 2011 were the fourth-most frequently reported online scam, with reported losses of $50.4 million -- an average of $138,000 per day (though such data do not reflect the vast numbers of people who do not report being defrauded in such schemes). One recent media report even identified romance-scam victims in Brunei.
Moreover, romance-scam operations can be found in numerous countries around the world. The Canadian Anti-Fraud Centre, after analyzing romance-fraud complaints in just a three-month period from December 2010 to February 2011, found "payout locations" (i.e., locations where someone connected with the scheme was able to obtain payouts of funds that the victims had sent through money-transfer services) "in 11 different countries including, Canada, Philippines, United Kingdom, Nigerian, Ghana, Cote D’Ivoire, Russia, Ukraine, Malaysia, Italy and Iraq."
Just last month, Colorado authorities indicted a mother and daughter living in the state for their roles in a Nigerian-based romance scheme that allegedly took in more than $1 million from 374 victims who thought they were being contacted by U.S. armed forces members. The ABC News report on the indictment stated that the 374 victims were located in the United States and 40 other countries, and that the defendants, apparently operating as "money mules" for the Nigerian operation, wired funds "addressed to 112 different names in Nigeria, . . . [and] to individuals in Ecuador, Great Britain, India, United Arab Emirates and the U.S."
Wednesday, July 25, 2012
"Emergency" Schemes - United States and Beyond
On July 13, ABC News posted an article and video of a "Nightline" story about so-called "stranded traveler" schemes, in which scammers hack into someone's email account and proceed to email that person's contacts that the accountholder has been "stranded" (e.g., mugged or arrested) in a foreign country and urgently needs money. The Nightline segment features Charles Pavelites, an FBI Special Agent with the Internet Crime Complaint Center.
This report is simply one of the latest in a spate of recent media and law enforcement reports about the growing variety of "emergency" or "grandparent" scams in a growing number of countries such as Canada, Haiti, Japan, the United Kingdom, and the United States. In Japan, where the "grandparent" scam came to light a number of years ago as the "It's me" scam, on January 20 the Tokyo Reporter (a ready guide to the dark side of life in Japan) posted an article stating that the National Police Agency had tracked a 34 percent increase in "It's me" fraud from 2010 to 2011, involving a reported $138 million in losses. The Japan Times published an article on April 27 reporting that an "It's me" scammer has even written a book (in Japanese) about his experience in such frauds.
This report is simply one of the latest in a spate of recent media and law enforcement reports about the growing variety of "emergency" or "grandparent" scams in a growing number of countries such as Canada, Haiti, Japan, the United Kingdom, and the United States. In Japan, where the "grandparent" scam came to light a number of years ago as the "It's me" scam, on January 20 the Tokyo Reporter (a ready guide to the dark side of life in Japan) posted an article stating that the National Police Agency had tracked a 34 percent increase in "It's me" fraud from 2010 to 2011, involving a reported $138 million in losses. The Japan Times published an article on April 27 reporting that an "It's me" scammer has even written a book (in Japanese) about his experience in such frauds.
Australia - Mass-Marketing Fraud "Back with a Vengeance"?
On July 18, the Melbourne Age published an article by journalist Eileen Ormsby on a purported surge in mass-marketing fraud schemes targeting Australians. (The article refers to Nigerian scammers being "back with a vengeance," without citing any data to suggest that such schemes were ever away.) The article provides some interesting details about various Australian victims who were defrauded in classic romance or auction-website schemes, including the scammers' use of technology to disguise their voices or make it appear that they are on live webcams with the victims.
Those interested in Ormsby's writing on crime can check out her blog, All Things Vice.
Those interested in Ormsby's writing on crime can check out her blog, All Things Vice.
Sunday, July 15, 2012
Internet Fraud and Kidnaping in Benin
Europe 1 and Agence Frence-Presse reported on May 31 that an American Internet fraud victim who had been abducted the week before in Benin was freed, and two Nigerian kidnapers apprehended, according to the Benin Interior Ministry. A Ministry spokesman stated that the American "was found in the Mono [a department of Benin at the border with Togo] and two of his kidnapers, who were Nigerian, were arrested and in the hands of the Benin police." The spokeman credited the combined efforts of the FBI and the Benin police.
Fraud and Identity Theft in North Africa
Three recent news reports (translated from French) provide examples of fraud and identity theft affecting North African countries:
- Le Temps d'Algérie, April 11: According to information received from the Wilaya de Annaba detachment of the Algerian National Gendarmerie, police uncovered a recent scheme involving misuse of current postal accounts. An individual reportedly withdrew 174 million centimes from the postal account of D.N., a 67-year-old doctor, using a fraudulent check and a form of false identification. Police questioned the reported author of the scheme, M.R., a 57-year-old man, who had obtained a checkbook of postal checks from the El Kala post and telecommunications bureau, and falsified a driver's license in the victim's name. Police also found that the postmaster of that post office, Dj. D., a 49-year-old man, had participated in the falsification. They arrested M.R. just when he was preparing to take money again, as well as a third participant, A.W., a 42-year-old man, who was an accomplice in and a financial beneficiary from the scheme. A fourth person, Y.L., a 46-year-old man, who was a former postal inspector in the Amirouche post office in Annaba, was reportedly a fugitive. Police presented the local tribunal's Public Prosecutor with the interrogation of the El Kala postmaster for charges of forgery and use of forgery, impersonation, and theft in the amount of 174 million centimes. One defendant was placed under a committal order and the others, including the postmaster, were placed on bail.
- Le Temps d'Algérie, April 11: According to information received from the Wilaya de Annaba detachment of the Algerian National Gendarmerie, police uncovered a recent scheme involving misuse of current postal accounts. An individual reportedly withdrew 174 million centimes from the postal account of D.N., a 67-year-old doctor, using a fraudulent check and a form of false identification. Police questioned the reported author of the scheme, M.R., a 57-year-old man, who had obtained a checkbook of postal checks from the El Kala post and telecommunications bureau, and falsified a driver's license in the victim's name. Police also found that the postmaster of that post office, Dj. D., a 49-year-old man, had participated in the falsification. They arrested M.R. just when he was preparing to take money again, as well as a third participant, A.W., a 42-year-old man, who was an accomplice in and a financial beneficiary from the scheme. A fourth person, Y.L., a 46-year-old man, who was a former postal inspector in the Amirouche post office in Annaba, was reportedly a fugitive. Police presented the local tribunal's Public Prosecutor with the interrogation of the El Kala postmaster for charges of forgery and use of forgery, impersonation, and theft in the amount of 174 million centimes. One defendant was placed under a committal order and the others, including the postmaster, were placed on bail.
Cybercrime - EC Proposes Euro Cybercrime Center
CeriseClub's April 12 issue reported that the European Commission (EC) has proposed the creation of a dedicated European center to combat cybercrime. According to the article, which drew on a March 28 EC press release and an AFP report, The Center's objective would be to assist Member States in combating the activities of organized criminals online, with data theft and pedophilia as its two main priorities. The Center would be located on the premises of Europol in The Hague and could be operational by January 2013 if Europol's budget authority adopted the proposal.
If the Center is established, it would focus on online frauds, organizations disseminating pedophilic images, and "phishers." The Commissioner responsible for security, Cecilia Malmstrom, reportedly stated that "people are afraid of using their computers and we must restore their confidence." The Center also would be responsible for warning States about leading computer threats, and exploring networks of computer criminals. The article also cited the highly debatable statistic, included in the EC press release, that cybercrime costs US $388 billion a year.
If the Center is established, it would focus on online frauds, organizations disseminating pedophilic images, and "phishers." The Commissioner responsible for security, Cecilia Malmstrom, reportedly stated that "people are afraid of using their computers and we must restore their confidence." The Center also would be responsible for warning States about leading computer threats, and exploring networks of computer criminals. The article also cited the highly debatable statistic, included in the EC press release, that cybercrime costs US $388 billion a year.
Internet Fraud - France
While law enforcement agencies, academics, and commercial enterprises in many countries seek to understand the nature and growth of fraud, much, if not most, of the discussion focuses on complaints, news reports, and other materials available in English. To broaden the picture, we need to seek out materials in other languages, including French, on fraud-related activities. Here's the first in a continuing series of summaries of news reports in Francophone jurisdictions about fraud:
Subscribe to:
Comments (Atom)