The case against Patricia Dunn, the former chairman of Hewlett-Packard, and other defendants in the pretexting scandal may be over, but the fallout continues as lawmakers push for tighter controls on telephone records, including the use of encryption.
Charges against Dunn were dismissed Wednesday by a judge in a Santa Clara County court in California. Three other defendants will also see their charges dismissed if they complete 96 hours of community service. The state had originally filed felony charges after HP disclosed that telephone records of board members and reporters were obtained by its hired investigators through pretexting, or false pretenses. HP was investigating a boardroom leak.
The about-face by the state in pursuing these charges raises questions about whether former California Attorney General Bill Lockyer had a case to begin with. After Lockyer left the post when the new term began in January, James Brosnahan, Dunn's attorney, said he began contacting people in charge of the case under the new attorney general, Jerry Brown.
"The charges were brought by Mr. Lockyer at the height of the publicity, and when that happens, it's difficult to resist sometimes," Brosnahan said. "Our view was Patricia Dunn was not guilty of a crime."
Brosnahan said he sent Brown's office a 23-page memo detailing the problems and issues in the case. It's an unusual step because the memo also outlined his defense strategy for his client. Among the points Brosnahan raised, and it's an issue still being debated in Congress, is how unsettled the law on pretexting remains.
It was only after the HP scandal broke that California Gov. Arnold Schwarzenegger signed into law a bill that makes pretexting a crime. Previously, the state used other laws, such as those involving identify theft, to make its case.
"The case that was brought initially did not have a strong legal foundation," said Burton Wiand, a former enforcement lawyer at the U.S. Securities and Exchange Commission, and now a lawyer at Fowler White Boggs Banker in Tampa, Fla. Wiand said it was difficult to find specific prohibitions against pretexting at the time this case was brought, outside of the laws governing financial firms.
Congress acted, and President Bush in January signed the Telephone Records and Privacy Protection Act, which sets fines and jail terms of up to 10 years in prison for pretexting.
Regardless of the legal uncertainties, Dunn and others, including HP CEO Mark Hurd, faced a difficult time with lawmakers, who were incredulous over the use of pretexting to obtain the telephone records of board members and reporters. A hearing in September before the U.S. House Energy and Commerce Committee was particularly contentious.
"I'm still waiting for somebody to describe a legitimate way short of a subpoena [for someone to] obtain other persons' phone records without their permission," said U.S. Rep. Joe Barton (R-Texas), former chairman of the committee, at the hearing.
And the Energy and Commerce Committee isn't done with pretexting. Its new chairman, U.S. Rep. John Dingell (D-Mich.), has introduced legislation on pretexting and last week held a hearing on his bill, the Prevention of Fraudulent Access to Phone Records Act.
The act spells out a number of steps that carriers will have to take to improve security, including encrypting customer records. In testimony last week, Steve Largent, president and CEO of the Cellular Telecommunications & Internet Association, a wireless industry trade group, said the provision "would increase costs, potentially delay response to legitimate customer service inquiries and needlessly complicate carrier storage and access methods."