US racketeering law enters the world of cybercrime

Filed Under: Featured, Law & order

Gavel on laptop. Image courtesy of ShutterstockA Las Vegas court convicted a cybercriminal under RICO (Racketeering Influenced Corrupt Organizations Act) law last week, in what may well turn out to be a landmark case.

The US RICO law allows for anyone found guilty of racketeering offences, if seen to be part of organized criminal activity, to be subject to extra-heavy jail terms and fines, and implicitly extends responsibility for crimes committed by any gang member to any other member of the same organisation.

Part of the aim of the RICO law is to enable the conviction of gang leaders who have ordered their subordinates to commit crimes but not taken part themselves.

In the past RICO law has generally been used against mafia-type gangsters and global drug cartels, and this is thought to be the first time it has been used to target online criminals. Other unusual areas where the law has been invoked include the Catholic Church, the LAPD and the Hell's Angels.

The crook in question in this case, 22-year-old Arizonan David Ray Camez, was a relatively small-time fraudster already serving jail time on forgery charges. He was a member of cybercrime forum Carder.su, where he bought bank card data, fake identity documents and bespoke counterfeiting services.

Camez was tracked down after a parcel of fake credit cards was intercepted en route to a post box in Arizona, subsequently linked to Camez.

He later bought more counterfeit items on the forum, infiltrated by the same undercover FBI agent involved in other cybercrime forum cases such as DarkMarket.

The gang connection is the forum itself, which the US prosecutors successfully argued was equivalent to an organised crime ring, although others have compared it to a "criminal eBay".

The Russian-run forum was a hub for all sorts of cybercriminal shenanigans, much more than the carding which gave it its name, with its own escrow system to keep the crooks honest. Estimates of the number of users seem to vary wildly, ranging from 5,500 to 7,900.

The Camez case and the history of Carder.su has been followed in depth by Wired.

A major part of the case for counting the forum as a criminal organisation as recognised under RICO law was that there was a vetting process for new members.

Silk Road logoThe precedent this sets will doubtless be a little worrying for many internet users operating on the fringes of legality - file sharers and underground marketplaces like the now-infamous Silk Road being prime examples.

Almost everything useful on the web has some sort of "vetting process" for new members, even if it's only confirming that you have access to the email account you've provided.

How high the bar is set for accepting this as proof that a website's users constitute a (potentially criminal) organisation seems likely to be contested in a lot of future cyber-RICO cases.

The racketeering activities covered by RICO are quite broad and varied, covering various kinds of counterfeiting and copyright infringement as well as the murder, kidnap and arson usually associated with violent organised crime.

Indeed the definition of racketeering under the RICO act seems to include everything from "white slave traffic" to "unauthorized fixation of and trafficking in sound recordings and music videos of live musical performances".

So could YouTube users find themselves up on RICO charges? Unlikely perhaps, as there seems to be a requirement that racketeering activities make you some money.

With penalties even harsher than the already tough sentences available to US prosecutors, RICO means Mr Camez faces up to 40 years imprisonment for the two indictments required for the law to kick in.

Ostensibly, the main purpose of jail sentences is to punish and rehabilitate offenders, with scaring the hell out of other potential offenders so they avoid breaking laws a secondary byproduct.

It seems this dissuasion tactic is becoming an ever bigger weapon against cybercriminals.

Don't do crimes, people.


Image of gavel and handcuffs courtesy of Shutterstock.

, , , ,

You might like

4 Responses to US racketeering law enters the world of cybercrime

  1. Computer crime refers to any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Thanks for the information about "Law Enters The World Of Cyber-crime"

  2. BrewNQue · 314 days ago

    An interesting RICO charge was made here in Little Rock, AR. A local real estate developer was convicted of insurance fraud for burning down his mansion and claiming it was an accident. What triggered the RICO charge was his mansion had been offered for sale on a real estate website that was accessible from anywhere in the country, hence, a fraud involving interstate commerce.

  3. Stoat · 314 days ago

    There's a hell of a lot lot of real online organised crime which can be prosecuted under RICO laws. I've been arguing in favour of that for more than 15 years.

    A good example would be to go after the Canadian Pharmacy spam gangs.

    I'm torn. It's good that RICO is finally being used. It's not so good that not-very-obvious instances such as this and the real estate developer referenced in comments are being used as initial cases.

  4. maikah · 314 days ago

    What about elected officials asking for money with promises they know they cannot keep? Compared to Congress, the Mafia is a charitable organization :D

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

John Hawes is Chief of Operations at Virus Bulletin, running independent anti-malware testing there since 2006. With over a decade of experience testing security products, John was elected to the board of directors of the Anti-Malware Testing Standards Organisation (AMTSO) in 2011.