Sanford Wallace Faces Justice for Facebook Spam

Self-proclaimed “Spam King” Sanford Wallace turned himself in to FBI agents on Friday, according to Melinda Haag, U.S. Attorney for the Northern District of California.

According to an indictment against him, Wallace was wanted for sending spam messages to approximately 500,000 Facebook users from November 2008 to March 2009. His actions allegedly resulted in more than 27 million spam messages.  

Wallace, 43, also made his initial appearance in federal court on Friday.  According to a press release from the U.S. Department of Justice, he was released on a $100,000 unsecured bond and ordered to obey all civil orders including not accessing MySpace or Facebook.  

Sam O’Rourke, Deputy General Counsel of Intellectual Property at Facebook, posted his reaction on the Facebook Blog.

In the most recent update to a post entitled, “The Fight Goes On,” O’Rourke writes, “We applaud the efforts of the U.S. Attorney’s Office and the FBI to bring spammers to justice and will continue to pursue and support both civil and criminal consequences for spammers and others who attempt to harm Facebook or the people who use our service.”

On July 6, a federal grand jury in San Jose, CA, indicted Wallace on multiple counts of fraud and related activity in connection with sending unwanted messages and Wall posts. Wallace was also charged with three counts of intentional damage to a protected computer and two counts of criminal contempt, according to the press release announcing his indictment.

On March 2, 2009, March 24, 2009 and Sept. 18, 2009, U.S. District Court Judge Jeremy Fogel, in the case of Facebook, Inc. v. Sanford Wallace, et al, ordered Wallace not to access Facebook’s network. The indictment alleges that in April 2009, Wallace violated the order by logging into his Facebook account while he was on a Virgin Airlines flight from Las Vegas to New York.  In addition, Wallace violated the order in January and February 2011 by maintaining a Facebook profile entitled “David Sinful-Saturdays Fredericks,” the release says.

As O’Rourke notes, Wallace now faces jail time. According to the Justice Department, the maximum penalty for each count of fraud and related activity in connection with electronic mail is three years in prison and a fine of $250,000 and the maximum penalty for each count of intentional damage to a protected computer is 10 years in prison and a fine of $250,000. The maximum statutory penalty for each count of criminal contempt is determined by the court. 

In October, the Facebook blog notes the company was awarded $711 million in damages against Wallace. While Facebook did not expect to receive the majority of the award, O’Rourke noted, “We hope that this will act as a continued deterrent against these criminals.”

In an update to the blog in March 2010, Facebook says the court issued a temporary restraining order against Wallace and two other spammers, Adam Arzoomanian and Scott Shaw, because they violated the Computer Fraud and Abuse Act, the California Anti-Phishing Act and the Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM).

In November 2009, Facebook says it received an $873 million judgment made against Adam Guerbuez and Atlantis Blue Capital for sending “sleazy messages” to people on Facebook. 

According to the press release, Wallace’s next scheduled appearance is August 22.

 _______________________________________________________________________________

Meet up with top voices in search, social, display, and email marketing during ClickZ’s Connected Marketing Week, Aug. 15-19, in San Francisco.

Share and Enjoy

Researchers show power of Facebook facial-recognition software

Facebook has come under a lot of heat for its facial-recognition software, in which the social networking site has been automatically enrolling its more than 750 million users.

But Facebook has made it clear that the software, which automatically tags people in photos, isn’t going anyway anytime soon. In fact, facial-recognition software is growing and is being used and further developed by Facebook, Google, Apple and the U.S. government.

On Friday Carnegie Mellon University researcher Alessandro Acquisti showed off his research, funded in part by the U.S. Army, on how facial-recognition technology can be used with Facebook profile photos to match names and other identification data to pictures.

Acquisti presented his findings, alongside fellow researchers Ralph Gross and Fred Stutzman, at the Black Hat Technical Security Conference in Las Vegas, according to tech website Cnet, which reported on the group’s presentation. 

The researchers set up a computer webcam on the Carnegie Mellon campus and asked people to volunteer to have their pictures taken, Cnet said.

Those photos were then cross referenced with a database the team built of about 25,000 Facebook profile photos (all Facebook user names and photos are publicly shared with the world afterall), the report said.

The researchers found that facial recognition software identified 31% of the students by name, Cnet said.

Acquisti then demonstrated an app for Apple’s iPhone that can “take a photograph of someone, pipe it through facial-recognition software, and then display on-screen that person’s name and vital statistics,” the report said.

“Facial visual searches may become as common as today’s text-based searches” and that has “ominous risks for privacy,” Acquisti said in the Cnet report. 

“What we did on the street with mobile devices today will be accomplished in less intrusive ways tomorrow,” he said in the report. “A stranger could know your last tweet just by looking at you.”

In yet another demonstration, about 6,000 profile photos and names from a dating site were cross referenced with 277,978 Facebook profile photos and names and “about 1 in 10 of the dating site’s members — nearly all of whom used pseudonyms — turned out to be identifiable,” Cnet said.

In a draft of the researcher’s presentation, posted online and titled Faces of Facebook: Privacy in the Age of Augmented Reality, they even said they’ve been able to use profile photos and facial-recognition software to get details such as birthdate and social security number predictions.

RELATED:

Facebook’s facial recognition violates German privacy laws, officials say

Facebook data privacy questioned by Denmark, Finland, Norway and Sweden

Facebook under scrutiny for face-recognition feature from privacy group, lawmakers

– Nathan Olivarez-Giles

twitter.com/nateog

Image: Screenshot of a slide in a draft of the Carnegie Mellon University presentation at the Black Hat Technical Secuity Conference in Las Vegas titled Faces of Facebook: Privacy in the Age of Augmented Reality. Credit: Alessandro Acquisti, Ralph Gross and Fred Stutzman /Carnegie Mellon University

Share and Enjoy