We begin to learn now who knew and when, in an article in the Washington Post. They did broad background checks on their targets, but also on relatives of their targets. They tried to recover a stolen Keyworth laptop, so they could examine it. They targetted and sought phone records and fax records of relatives, like wives, of board members and reporters too. They got the records for 240 of 300 phone numbers they went after. The spyware sent to the reporter at CNET was not just to track email forwarding. It was keylogging software.
Now as to who knew and when, the Post got hold of a report by the Boston PIs:
The Feb. 10 report, obtained by The Washington Post, summarized in eight pages how investigators, to identify an internal leak of confidential HP information, surreptitiously followed HP board member George A. Keyworth II while he was giving a lecture at the University of Colorado. They watched his home in Piedmont, Calif. They used photographs of a reporter to see if the reporter met with him. And they tried to recover a laptop computer stolen from him in Italy so they could analyze its contents.
The report, prepared by a consulting firm in Needham, Mass., hired to investigate leaks to the media, was sent to four HP executives, including HP's ethics director. That suggests that senior HP employees were aware of the spying tactics used as early as February. The report was sent to Kevin Hunsaker, senior counsel and HP ethics director; Frederick P. Adler, an HP information security employee; Vince Nye, a senior investigator; and Anthony Gentilucci, an HP global investigations manager in Boston
The New York Times has more gruesome details. They discussed the feasibility of planting spies in newsrooms as clerical or cleaning personnel. In January, HP's Kevin Hunsaker asked HP's Anthony Gentilucci, head of HP's investigations unit, if the cell phone records were being obtained legally and got the answer that they were obtained by "some ruse", that it was "on the edge but aboveboard" and that they used pretexting all the time in other investigatory work. "I shouldn't have asked," Hunsaker wrote back.
There just is nothing left to say.
Update There is, however, something else to report,
from CNET on the timeline:
Two CNET News.com reporters were told Tuesday that their phone records were accessed the week of Jan. 17, the week before CNET News.com published a key story on a management and board retreat held earlier that month. A representative for Perkins said on Wednesday that Dunn told him that the stepped-up leak investigation did not start until after the Jan. 23 article was published.
"It was Tom Perkins's understanding that the CNET article triggered the investigation," Perkins spokesman Mark Corallo told CNET News.com on Wednesday.
And MarketWatch has this:
The congressional probe into the pretexting scandal at Hewlett-Packard Co. could soon step up to another level as the chairman of the House committee investigating the matter is considering asking for special subpoena power in the case, a spokesman for the committee said Wednesday....
eparately, committee spokesman Terry Lane said the panel is scheduling another hearing about pretexting for Sept. 29. The committee plans to call as witnesses the CEOs of wireless companies Verizon Communications, Alltel Corp., Cingular, T-Mobile, and U.S. Cellular. Federal Trade Commission Chariman Deborah Platt Majoras and Federal Communications Commission Chairman Kevin Martin will also be invited to testify, Lane said.
And the Wall St. Journal, for those who have a sub, has an article accessible from their home page titled H-P's Dunn Was Closely Involved In Leak Probe --Emails Point to Prime Role
Of Chairman, Top Counsel In Setting Direction, Tactics," and the headline says it all:
As early as summer 2005, Hewlett-Packard Co. Chairman Patricia Dunn and General Counsel Ann Baskins helped direct the company's board-leak investigation, as part of the planning and execution of many steps of the probe, internal H-P emails suggest....
The emails indicate that the two were kept well informed of the investigation's tactics and progress by the H-P security officials who ran the probe, as well as by some of the private investigators H-P hired to assist the computer company.
It's worth getting a sub just to follow the Wall St. Journal's coverage. It's clear HP seriously miscalculated in going after journalists. They didn't like it one little bit. Now they have gotten hold of emails to and from the snoopers and HP personnel. They have an August 6, 2005 email from HP's inhouse investigator Anthony Gentilucci to Patricia Dunn, with a 3-page memo titled "Investigative Plan of Action and Questions Requiring Input." The memo was also sent to inhouse general counsel Ann Baskins, Jim Fairbaugh, HP's director of global security, and Ronald DeLia of Boston fame. The email asked for input on "intelligence gathering" involved in the 2005 investigation, code named KONA (later KONA I, when the January 2006 investigation got airborne, code named KONA II), and mentions a "tentative management briefing" on KONA set for Aug. 31. The Wall St. Journal:
It is unclear if this meeting took place. If it did, it raises the question of who else in H-P's management, including CEO Mark Hurd, knew about the extent of the leak probe in summer 2005.
They also have an email from Dunn to Gentilucci acknowleding the email and saying she'll get back to him. And the Wall St. Journal also tells us that the House Energy and Commerce Committee has asked Joe Depante, owner of Action Research Group of Melbourne, Fla., one more gumshoe firm involved in the HP snoopery, to testify at the September 28 hearing. Larry Sonsini retained Washington attorney Michael Madigan to represent him and he will testify, according to the article.
As for AT&T, a judge has just given it subpoena powers, according to SLTtoday:
AT&T, which is cooperating with a California investigation into whether investigators for Hewlett-Packard Co. broke state laws, can subpoena Internet service providers to identify users who set up false online accounts, a judge ruled.
This would be in connection with AT&T's John Does case we told you about earlier. And another target has come to light, according to Red Herring, the CTO:
The circle of Hewlett-Packard employees investigated by the computer maker has widened to include Shane Robison, the company’s chief technology officer, according to a source close to the matter at the time. ...
he source suggested HP’s decision to investigate Mr. Robison stemmed from the fact that he was considered a close ally of board members Tom Perkins and George Keyworth at a time of bitter infighting among HP’s directors.
2d Update: You will not believe this. They pretexted to get outside counsel Larry Sonsini's phone records too, as reported by the Wall Street Journal on Moneyweb:
A person familiar with the matter said Mr. Sonsini, of law firm Wilson, Sonsini, Goodrich & Rosati, also was pretexted in the board-leak probe.
Is there any profession that needs privacy more than a lawyer? Clients depend on their lawyers to keep their secrets. And now all his clients are looking at their datebooks and calendars and asking themselves, did Larry call me in January of 2006? And who will hire a lawyer who is known to be the subject of surveillance?
A former FBI guy who became an HP employee warned someone in the company that what was happening might not be legal:
A computer-crimes specialist with Hewlett-Packard Co. emailed his superiors this year warning that the company's investigation of board leaks -- then still in progress -- was being conducted in a manner that could be illegal, according to people familiar with the situation.
So now the investigators investigating the HP investigators will have to try to figure out who got that email and what happened next. But somebody knew there was an issue.