decoration decoration
Stories

GROKLAW
When you want to know more...
decoration
For layout only
Home
Archives
Site Map
Search
About Groklaw
Awards
Legal Research
Timelines
ApplevSamsung
ApplevSamsung p.2
ArchiveExplorer
Autozone
Bilski
Cases
Cast: Lawyers
Comes v. MS
Contracts/Documents
Courts
DRM
Gordon v MS
GPL
Grokdoc
HTML How To
IPI v RH
IV v. Google
Legal Docs
Lodsys
MS Litigations
MSvB&N
News Picks
Novell v. MS
Novell-MS Deal
ODF/OOXML
OOXML Appeals
OraclevGoogle
Patents
ProjectMonterey
Psystar
Quote Database
Red Hat v SCO
Salus Book
SCEA v Hotz
SCO Appeals
SCO Bankruptcy
SCO Financials
SCO Overview
SCO v IBM
SCO v Novell
SCO:Soup2Nuts
SCOsource
Sean Daly
Software Patents
Switch to Linux
Transcripts
Unix Books
Your contributions keep Groklaw going.
To donate to Groklaw 2.0:

Groklaw Gear

Click here to send an email to the editor of this weblog.


Contact PJ

Click here to email PJ. You won't find me on Facebook Donate Paypal


User Functions

Username:

Password:

Don't have an account yet? Sign up as a New User

No Legal Advice

The information on Groklaw is not intended to constitute legal advice. While Mark is a lawyer and he has asked other lawyers and law students to contribute articles, all of these articles are offered to help educate, not to provide specific legal advice. They are not your lawyers.

Here's Groklaw's comments policy.


What's New

STORIES
No new stories

COMMENTS last 48 hrs
No new comments


Sponsors

Hosting:
hosted by ibiblio

On servers donated to ibiblio by AMD.

Webmaster
Financial Times: HP spied on employees too - Updated
Wednesday, September 13 2006 @ 08:59 PM EDT

This story just keeps on growing. And it gets uglier and uglier. Or sillier and sillier, depending on your sense of humor.

Now the Financial Times' Kevin Allison reports that a memo sent to HP employees by Patricia Dunn on Tuesday listed categories of victims of privacy invasion, and the list includes two HP employees, not just board members:

Private investigators working for Hewlett-Packard’s board spied on two employees in addition to board members and journalists in an attempt to uncover a boardroom leak, it was revealed on Wednesday....

Patricia Dunn, HP’s chairman, said in a message to employees on Tuesday that investigators hired to ferret out a boardroom mole had used questionable tactics on “certain directors, two employees and a number of individuals outside the company including journalists”.

What does that mean, "certain directors"? I thought the story was that the reason Ms. Dunn couldn't find out the details of the spy mission was because she herself was a target, which implied that all the directors were subject to investigation. But the memo says only "certain directors" were subject to questionable tactics, not all, and that raises some questions in my mind.

If the "questionable tactics" were only used against some directors, does that signify that at some point, the investigation had been narrowed down to certain ones on the board and certain employees, and somebody at that point had to say, Carry on, men, and now dig deeper? No? What else can it mean? And does that mean HP spied on all its employees and then narrowed it down to two, giving only them the "questionable tactics" treatment? I realize HP has been cost-cutting, but I think the story would be better for HP if the "questionable tactics" were used across the board, so to speak, no pun intended.

And I'm sure we'd all like that "number of individuals outside the company" quantified. Is it the nine journalists and two family members, Stephen Shankland's dad and Dawn Kawamoto's husband, or are there more yet to be revealed?

I must point out that the fact that the Financial Times has this memo demonstrates that the leaks at HP have yet to be altogether plugged. Or it might be getting worse. Maybe some HP employee got so mad at hearing what happened, he or she decided to become a leaker too. That's the thing about mean mistrust. It's contagious.

Listen. If you're at HP and yearning to leak to the media, don't call us, 'kay? Email either. IM isn't safe. If you simply must leak something, might I suggest the Linux pigeon protocol? It's that or we're back to sneakernet. Trust no one.

: )

Think about Trusted Computing, folks, in this context. Who'll need PIs then? Your own computer will be spying on you night and day. What a glorious future awaits us all. I'm afraid it'll be the Comfy Chair for anyone crazy enough to become a journalist in that Brave New World.

"Confess! Confess! Confess! Confess!"

Update: HP has now hired a law firm to represent it in the criminal matters, according to Justin Scheck's article, "HP (Sans Sonsini) Sits Down with Feds," in Law.com:

In fact, the troubled tech company has hired Morgan, Lewis & Bockius as it tries to fend off various criminal investigations .... On Monday, Morgan, Lewis lawyers sat down with San Francisco federal prosecutors in hopes of forestalling federal criminal charges.

The Monday meeting involved a "proffer" — a normal step these days in white-collar investigations, in which a company under scrutiny offers up information to the government with certain conditions, as a means of showing good-faith cooperation with investigators.

They've hired another outside firm to make sure any future investigations are handled legally, following advice from Wilson, Sonsini. And Mercury News reports that the PI has been identified:

The operator of a small Massachusetts security firm has been identified by a source as the individual Hewlett Packard retained to investigate boardroom leaks to the media. The individual is Ronald R. DeLia, according to a source familar with the HP board investigation. DeLia is listed in public documents as the registered agent of the Boston-area company Security Outsourcing Solutions.

So now Massachusetts authorities are involved:

"We can confirm that the California Attorney General has contacted our Attorney General Tom Reilly regarding this HP matter," said Meredith Baumann, a spokeswoman for Reilly's office. "We have offered our assistance with the investigation."

And you can read Patricia Dunn's apology to Peter Burrows of BusinessWeek, one of three BusinessWeek reporters whose phone records were accessed. BusinessWeek had this statement:

"We are deeply disturbed that our First Amendment rights and the privacy rights of three of our journalists have been violated," says BusinessWeek Editor-in-Chief Stephen J. Adler. "These actions by Hewlett-Packard and its agents potentially endanger the confidentiality of our sources and undermine our good-faith efforts to report matters of public interest. In addition, they invade the privacy not only of our reporters but of all their phone contacts. We urge Hewlett-Packard immediately to provide a detailed account of exactly which records they obtained so we can take appropriate steps to limit the damage."


  


Financial Times: HP spied on employees too - Updated | 161 comments | Create New Account
Comments belong to whoever posts them. Please notify us of inappropriate comments.
Corrections
Authored by: bbaston on Wednesday, September 13 2006 @ 09:43 PM EDT
So PJ can find 'em!

---
IMBW, IANAL2, IMHO, IAVO
imaybewrong, iamnotalawyertoo, inmyhumbleopinion, iamveryold

[ Reply to This | # ]

Off Topic
Authored by: bbaston on Wednesday, September 13 2006 @ 09:44 PM EDT
Supply links as appropriate, please!

---
IMBW, IANAL2, IMHO, IAVO
imaybewrong, iamnotalawyertoo, inmyhumbleopinion, iamveryold

[ Reply to This | # ]

Finally in the pocket book
Authored by: bbaston on Wednesday, September 13 2006 @ 09:53 PM EDT
From the Financial Times article:
"Concerns that board members and executives could become caught up in the legal fallout of the spying scandal sent HP shares down 1.5 per cent on Wednesday to $36.37."
'Bout time stock purchasers showed some concern!

---
IMBW, IANAL2, IMHO, IAVO
imaybewrong, iamnotalawyertoo, inmyhumbleopinion, iamveryold

[ Reply to This | # ]

    Don't claim EVERYTHING for Linux: it looks really cheesy...
    Authored by: Anonymous on Wednesday, September 13 2006 @ 09:55 PM EDT
    PJ, what you call the "Linux Pigeon Protocol" is entirely independent of Linux: it is an experimental protocol published in a couple of April 1 RFCs, such as RFC 2549. I know that you love Linux, but this really does look very cheesy indeed, attaching the Linux label to something that had nothing to do with Linux.

    [ Reply to This | # ]

    Scapegoat?
    Authored by: SpaceLifeForm on Wednesday, September 13 2006 @ 10:14 PM EDT
    Executives believed to have been most directly privy to boardroom discussions include Ann Baskins, the company’s general counsel and secretary.

    As head of HP’s legal department, Ms Baskins was also ultimately in charge of making sure that the leak investigation ordered by Ms Dunn was carried out.

    ---

    You are being MICROattacked, from various angles, in a SOFT manner.

    [ Reply to This | # ]

    Off Topic Spying Stories
    Authored by: tce on Wednesday, September 13 2006 @ 10:16 PM EDT
    Shall we gather our favorite organization spying / tech-spies-on-us stories
    here?

    [ Reply to This | # ]

    The saddest part of this
    Authored by: Anonymous on Wednesday, September 13 2006 @ 10:20 PM EDT
    Where I came from, the highway patrol used to set up all sorts of speed traps
    and ambushes for traffic. I remember many people complaining about it, and it
    was the topic of a few political platforms but somehow, nothing was ever done
    about it.

    One day, a state rep was driving down the road and got caught in one of these
    ambushes. He raised Holy Hell and in less than a week, a problem for the little
    guy for the last 20 years was magically solved when the problem started to
    affect the 'big fish'.

    I see the samething here. What was just a problem before is now a big problem
    since it's affecting the 'big fish'. It's really really sad.

    [ Reply to This | # ]

    Credit where Due Dept.
    Authored by: hardmath on Wednesday, September 13 2006 @ 11:10 PM EDT
    It's hard to tell from a distance, but it sounds as if P. Dunn is trying to come
    clean with the staff at HP about the extent of misconduct in an effort to put
    the ethical and potentially legal breaches behind them.

    From a morale standpoint it's arguably The Right Thing To Do.

    regards, hm


    ---
    Please be honest with us as trust is our watchword in this transaction. (a
    Senior Credit Officer, sharing vast sums of money owed to a deceased client)

    [ Reply to This | # ]

    Trusted Computing
    Authored by: kawabago on Wednesday, September 13 2006 @ 11:21 PM EDT
    The funny thing about the Trusted Computing platform is that being trusted is
    it's weakness. But don't worry, nobody wants it except Microsoft and corporate
    copyright holders. It's going to be in Vista, which nobody wants. In fact it
    looks like we may not even have to break Trusted Computing, it will probably go
    down the same drain Microsoft is circling right now.

    [ Reply to This | # ]

    "Boston Private-Investigation Firm Is Tied to H-P Boardroom Probe"
    Authored by: Brian S. on Wednesday, September 13 2006 @ 11:46 PM EDT

    For the past week, Hewlett-Packard Co. has refused to identify private investigators the company retained to investigate leaks by its board of directors. People familiar with the matter say H-P has told them one of the investigators connected to the case is Ronald R. DeLia, from a small Boston firm called Security Outsourcing Solutions Inc. that says it specializes in corporate-security investigations..... Wall Street Journal


    MASSACHUSETTS AUTHORITIES WORKING WITH CALIFORNIA

    The operator of a small Massachusetts security firm has been identified by a source as the individual Hewlett Packard retained to investigate boardroom leaks to the media.

    The individual is Ronald R. DeLia, according to a source familar with the HP board investigation. DeLia is listed in public documents as the registered agent of the Boston-area company Security Outsourcing Solutions...... Mercury News


    Brian S.

    [ Reply to This | # ]

    Linux Pigeon Protocol?
    Authored by: ssavitzky on Thursday, September 14 2006 @ 12:03 AM EDT

    It's actually just the Linux implementation of CPIP -- Carrier Pigeon Internet Protocol. I wrote a song about it a few days after it was done.

    There's an LPP as well; it's the Line Printer Protocol, if I remember correctly.

    ---
    Never anger a bard, for your name sounds funny and scans to Greensleeves.

    [ Reply to This | # ]

    Financial Times: HP spied on employees too
    Authored by: Anonymous on Thursday, September 14 2006 @ 12:21 AM EDT
    Many other companies spy on their employees as well. Only difference is that HP
    was caught at it.

    [ Reply to This | # ]

    Is the 'Pretexting' a pretext?
    Authored by: SpaceLifeForm on Thursday, September 14 2006 @ 12:22 AM EDT

    Naturally, the pretexting sounds plausible.
    Suppose the call records were obtained from another source.
    All things considered, it would not surprise me.


    ---

    You are being MICROattacked, from various angles, in a SOFT manner.

    [ Reply to This | # ]

    Comfy Chair
    Authored by: Anonymous on Thursday, September 14 2006 @ 01:29 AM EDT
    "Brazil"

    They used probably some HP technology.

    [ Reply to This | # ]

    FreeS/SWAN
    Authored by: Anonymous on Thursday, September 14 2006 @ 02:33 AM EDT
    I would like to call everybodies attention to a gpl project that allows you to
    use strong encryption over any connection between two computers who used the
    software. It just sits on your network and encrypts everything that goes out on
    the internet to any other computer that is likewise equiped. You can put any
    kind of traffic across it. Just imagine it, you could make phone calls (voip)
    to others, without much chance that anyone like HP could eavesdrop. Well, the
    NSA on the otherhand probably could, still. Of course, if the usage became wide
    enough, they would have quite a problem on their hands. In fact, they might
    even have to be a lot more discerning in who they spied on.

    Dan

    [ Reply to This | # ]

    Financial Times: HP spied on employees too - Updated
    Authored by: Anonymous on Thursday, September 14 2006 @ 03:57 AM EDT
    HP Board lacks integrity

    The spying scandal is a sorry comedown for a company that HAD a reputation for
    excellence and integrity.

    The board's actions have been more of the CYA variety than of truthfulness.

    * WHAT PHONE RECORDS? The board played dumb when they realized that directors'
    phone records were used in the leak investigation. No one asked, "How did
    we get these records?"

    * BOARD MEMBER RESIGNED FOR "PERSONAL REASONS": Perkins resigned in
    May. HP resisted proper reporting to the SEC of the reasons for Perkins'
    resignation until the past few days.

    * STONEWALLING: Dunn and Hurd have made only weak apologies. Dunn has been far
    more strident about tracing the leaks from an individual than about the
    corporate breech of integrity in fraudulent investigations.

    * PROTECTING CRIMINALS: HP has refused to identify the private investigation
    firm or the third party investigators who are suspected of doing the
    pretexting.

    * WEAK APPEASEMENT: Recent announcement of Board changes are weak.
    1. Dunn remains chair for 4 MONTHS.
    2. She remains on the Board.
    3. She will be replaced by Mark Hurd, who is also CEO and President.
    4. The Board will backtracking on its new rule, that the Chair and CEO would be
    different people. This weakens HP's Corporate Governance.

    If the Board had any integrity, it would have acted...
    * immediately, upon learning of wrong doing
    * without coverup, without excuses
    * without compromise to the offenders

    The Board must demand Dunn's resignation from the Board. (There will be more
    legal fallout for HP if she remains, than if she leaves and HP cooperates fully
    with the California State, Federal, Congressional, SEC and FBI investigations).

    The Board needs to have a non-executive Chair. There needs to be a check on the
    CEO.

    The Board must make a public statement, repudiating in the strongest terms, the
    tactics used by its private investigators, and reiterating its stand on
    corporate integrity.

    The Board must take ACTION to convince the business and investment community
    that it is determined to regain the mantle of integrity and excellence it once
    had under Hewlett and Packard.

    [ Reply to This | # ]

    "certain directors"? A simple alternative.
    Authored by: rao on Thursday, September 14 2006 @ 09:10 AM EDT
    What else can it mean?

    It could just mean that when they found what they were looking for they stopped the investigation.

    [ Reply to This | # ]

    I wonder who else has been....
    Authored by: Anonymous on Thursday, September 14 2006 @ 09:35 AM EDT
    I wonder if we will ever hear about the PI's other customers?
    It would be interesting get a look at his billing records, and see if there were
    any other major corporations on his customer list.

    [ Reply to This | # ]

    At HP, we never stop asking "What if?"
    Authored by: Anonymous on Thursday, September 14 2006 @ 12:37 PM EDT
    Seen on Slashdot:
    "What if I need to circulate my resume?"

    [ Reply to This | # ]

    Slate has the Perkins-Sonsini correpondence
    Authored by: _Arthur on Thursday, September 14 2006 @ 12:56 PM EDT
    Why Dunn Resigned
    http://www.slate.com/id/2149379/?nav=fix

    Notice that on page 5, Sonsini outright lies to Perkins, stating that only HP
    employees phone records were obtained.

    1) Most Board Directors aren't HP employees
    2) The 9 journalists certainly were not
    3) The 2 family members even less

    [ Reply to This | # ]

    Groklaw © Copyright 2003-2013 Pamela Jones.
    All trademarks and copyrights on this page are owned by their respective owners.
    Comments are owned by the individual posters.

    PJ's articles are licensed under a Creative Commons License. ( Details )