Gonzalez Case Demonstrates Legal Challenges in Hacking Cases
U.S. prosecutors allege that Gonzalez, 28, was the ringleader of a series of computer data security breaches that compromised millions of credit and debit card accounts nationwide and led to tens of millions of dollars in losses to card issuers and consumers. Gonzalez is being held at the Metropolitan Detention Center in Brooklyn, awaiting trial in Federal court for the earliest of his alleged major breaches, that against the Dave & Busters restaurant chain.
Gonzalez also faces a federal indictment in Massachusetts relating to the TJX breach and in New Jersey related to the Heartland Payment Systems breach.
Gonzalez's trial begins Sept. 14 and prosecutors and Gonzalez's defense attorney, Rene Palomino, have been sparring over whether evidence the government said it gathered from an overseas laptop and server will be allowed in the trial.
The dispute revolves around whether foreign nationals involved in the gathering of evidence need to be in court in the U.S. in order for the evidence to be considered admissible, along with whether the data on the computer's hard drive and the Latvian server was changed or partially destroyed in the process of collecting it.
"The Foreign Computer Evidence was obtained with the assistance of the Latvian State Police and Turkish National Police, respectively. The government has submitted Mutual Legal Assistance Treaty requests to both Latvia and Turkey for testimony from the foreign nationals who assisted the United States government in obtaining the Foreign Computer Evidence," the prosecutors wrote in a letter. "The government, however, has no power to compel foreign citizens to testify in United States court proceedings. It is uncertain at this time whether these individuals will agree to travel to the United States for trial in this case, or even to be deposed, here or in their home nations. In any case, the government submits that their testimony is not required for admission of the Foreign Computer Evidence."
But Palomino fired back in an Aug. 6 letter, arguing that the chain of custody is essential to admissibility.
"The foreign computer evidence is inadmissible because the introduction of hearsay testimony concerning their seizure, handling storage, and forensic testing by foreign law enforcement and private individual, which establishes a crucial step in establishing chain of custody and authenticity, would violate Gonzalez Sixth Amendment right to confront the witnesses against him," Palomino wrote.
Prosecutors declined to comment on the evidence issue and Palomino did not return calls for comment.
One key problem with the evidence may be that U.S. Secret Service Agents did not first see some of the evidence when they arrested alleged Gonzalez co-conspirator Maksym Yastremskiy in Turkey in July 2007. Yastremskiy's arrest provided authorities with the laptop from his computer, which prosecutors alleged, provided them with evidence linking Gonzalez to both the hacking and card data thefts.
Palomino also argued that there are indications that Turkish officials had tampered with or changed some of the data on the hard drive before they broke it, rendering it inoperable and irreparable. He also raised similar issues around the Latvian server.
Prosecutors alleged that Gonzalez and the co-conspirators kept a lot of their data for hacking on a data server they leased in Latvia. U.S. authorities accessed the server.
Palomino argued that the data from the server showed signs of tampering and that Gonzalez has the right to cross examine the employee who did the imaging and disassembled the server. He also asserted that the treaty under which the government obtained the server provides for the employee to appear in court.
The government countered that Gonzalez has no claim to concern about the server data and how it was collected because he has never claimed to own it or the data.
Legal experts familiar with the issues would not comment for the record about the case specifics, but are following it for its potential for setting precedents for cases where card data is compromised across national borders.