Jan 012011
 
 January 1, 2011  Breaches, Court

Back in August 2009, I noted the conviction of  a former SSA employee, Roberto Rodriguez. At the time, I reported:

Roberto Rodriguez, 54, formerly of Fort Lauderdale, FL, was convicted by a jury on July 29, 2009 of seventeen counts of exceeding his authorized access to a government computer. Rodriguez is scheduled to be sentenced on October 9, 2009, before U.S. District Court Judge William J. Zloch.

Rodriguez, while an employee at the Social Security Administration’s Teleservice Center Office in Fort Lauderdale, FL, exceeded his authorized access to a Social Security Administration computer, and obtained personal identification information of 17 individuals, including their names, dates of birth, Social Security numbers, and summary earnings information.

It is not clear from the press release what Rodriguez’s motivation was in obtaining the individuals’ data and what, if anything, he did with it.

Thanks to a helpful site reader, I just learned that there had been an appeal of his conviction. The Eleventh Circuit Court of Appeals ruling on his appeal provides some additional detail as to Rodriguez’s motivation in accessing the personal information: he knew the people and was not using the information for any financial gain on his part. From the court’s December 27th opinion:

The main issue in this appeal is whether the prying by a former bureaucrat is criminal: that is, whether the defendant violated the Computer Fraud and Abuse Act, which prohibits “intentionally access[ing] a computer without authorization or exceed[ing] authorized access, and thereby obtain[ing] . . . information from any department or agency of the United States.” 18 U.S.C. § 1030(a)(2)(B). Roberto Rodriguez, a former employee of the Social Security Administration, appeals his conviction for violating the Act on the grounds that he did not exceed his authorized access to his former employer’s databases and that he did not use the information to further another crime or to gain financially. The Administration prohibits accessing information on its databases for nonbusiness reasons, and Rodriguez at trial admitted that he accessed information for nonbusiness reasons when he obtained personal identifying information, such as birth dates and home addresses, of 17 persons he knew or their relatives. Rodriguez also appeals his sentence of 12 months of imprisonment on the ground that it is unreasonable. Because the record establishes that Rodriguez exceeded his authorized access and the Act does not require proof that Rodriguez used the information to further another crime or to gain financially, we AFFIRM his conviction. We also conclude that Rodriguez’s sentence is reasonable.

I’ve uploaded a copy of the opinion, here.  Lest anyone think that this was just casual snooping with no real ill effects,  the record makes clear that in some cases, Rodriguez used the information he obtained to contact women in whom he had a romantic interest – an interest that was disconcerting, at best, and stalking, at worst.  As one example:

Dana Fennell, a professor of sociology from Mississippi, testified that shemet Rodriguez at a Unitarian Universalist church study group when she wasvisiting her parents in Florida. Fennell interviewed Rodriguez for a study on thehealth effects of religion, but she did not consider him to be a friend. After Fennellreturned to her home in Mississippi, she received flowers from Rodriguez onValentine’s Day even though she had not given Rodriguez her address. Rodriguez5later arrived at Fennell’s doorstep unannounced, and Fennell was surprised andfrightened by his presence. On another occasion, Rodriguez mentioned Fennell’sfather’s birthday to Fennell even though she had never mentioned her father toRodriguez. Rodriguez also told Fennell that he had the ability to listen to thetelephone conversations of others. Rodriguez later called Fennell to wish her ahappy “half-birthday” although she did not recall telling Rodriguez her date ofbirth. Rodriguez accessed Fennell’s personal information on Administration databases 65 times, and he accessed the personal information of Fennell’s motherand father multiple times.

Sorry, the comment form is closed at this time.