Working with Legal Counsel

CFEs can deter fraud resulting from irresponsible, anonymous Internet postings, but they can only do it with assistance from their in-house or retained legal counsel. Counsel will know the pitfalls and domestic and international laws that CFEs need to consider when investigating cybersmear attacks.

These comments were posted on siliconinvestor.com, owned and operated by InfoSpace Inc., an Internet Service Provider (ISP):

“TMRT [2TheMart.com Inc.] is a Ponzi scam that Charles Ponzi would be proud of. … The company’s CEO, Magliarditi, has defrauded employees in the past. The company’s other large shareholder, Rebeil, defrauded customers in the past. … they were dumped by their accountants. … these guys are friggin liars. … why haven’t they told the public this yet. … Liars and criminals. … Lying, cheating, thieving, stealing, lowlife criminals. … Look out below. … this stock has had it. … get short or sell your position now while you still can. … They [TMRT] are not building anything except extensions on their homes. … bail out now.” 

The comments were made by numerous anonymous Internet users, who had published allegedly libelous comments against 2TheMart.com Inc.

QUESTIONS FROM CFES 

CFEs should ask:

• Are these comments about 2The Mart.com Inc. true or false, or are they partially true?
• Are the comments the ravings of a former employee; a disgruntled current employee, shareholder, or vendor; or a competitor of 2The Mart.com Inc.?
• Are the comments from a sociopath?
• Is this the tip of the iceberg of a fraud?

Working with legal counsel, CFEs need to comprehend the reasoning and interpretation of major legal principles when investigating comments in cybersmear attacks. Due diligence demands that CFEs investigate the validity and reliability of anonymously posted comments regardless of the levels of the rants.

The working relationship between legal counsel and the CFE must already be strong when a cybersmear attack has questioned the firm’s credibility, integrity, and reliability. Legal counsel will review for potential claims involving defamation, violations of securities laws, the breach of employment contracts, infringement of trademark or other intellectual property rights, breach of confidentiality, trademark infringements, trade secrets, as well as other business torts.

WHO ARE THESE PEOPLE? 

We still don’t know who the anonymous posters were in the 2TheMart.Com Inc. case. What we do know is that these people were anonymous Internet posters who were allegedly grieved, angry, upset, disappointed, and furious about the business dealings of 2TheMart.com Inc. They created a cybersmear attack against the company.

A cybersmear attack is an allegedly libelous defamatory memorandum, note, correspondence, or communication that has been published, posted, or placed on the Internet against an individual or organization (“CyberLaw: The Law of the Internet,” chapter 3, by Jonathan Rosenoer, Springer-Verlag, 1997).

Normally, there’s no simple audit trail to determine a cybersmearer’s real identity, which is helpful for obtaining evidence to verify the allegations. However, CFEs must be sensitive and responsive to the legal protocols that have been established by the courts when working with their legal counsel to determine when, where, why, and how to uncover and ascertain who the anonymous poster is.

Depending upon risk analysis, legal counsel might begin with a “cease and desist” letter to the anonymous author and contact the ISP to remove the comment.

Legal counsel might also ask the ISP to notify the anonymous logger that his or her membership is the “sole discretion” of the provider, and counsel might attempt to persuade the ISP to cancel the person’s membership.

Such efforts, however, might be futile because ISPs generally are immune from being held liable for publishing user-generated statements under the U.S. Communications Decency Act of 1996 (CDA). Under the CDA, ISPs might publish a harmful statement by another party and refuse to remove the statement even if the provider knows the statement is false. Accordingly, ISPs generally won’t reveal user information unless compelled to do so under the law.

One tactic to compel disclosure is to file a “John Doe” lawsuit against the anonymous posters and then subpoena the ISPs to reveal the defendants’ identities and other relevant account information. In response, the anonymous poster might challenge such efforts by petitioning the court to quash the subpoena, citing the First Amendment and established balancing protocols laid out by the courts.

Moreover, 26 states have enacted regulations preventing Strategic Lawsuits against Public Participation (SLAPP), which are meritless suits designed to intimidate and silence critics who have expressed views that fall within the ambit of protected speech by burdening them with legal defense costs and the threat of liability.

Anti-SLAPP statutes typically seek to protect a speaker whose alleged conduct arose from exercising his First Amendment rights by requiring the plaintiff to show a probability of success on the merits before a court will uphold a subpoena to discover the anonymous poster’s true identity.

CFEs, therefore, will need to provide legal counsel with the necessary documentation that establishes evidence within the legal “procedural balancing act” in which the courts balance the defandant’s rights to speak anonymously and the plaintiff’s rights to defend its interest and reputation.

BALANCING ACT 

The case of 2TheMart.com Inc. provides CFEs with necessary guidance to understand the procedural balancing act developed by the courts. The seminal case on this issue is Doe v. 2TheMart.com Inc., 140 F.Supp 2d 1088, 1097 (W.D. Wash. 2001) – that’s the U.S. District Court for the Western District of Washington.

2TheMart.com Inc. was already in serious legal trouble in the Federal Central District Court of California when the anonymous posters published allegedly libelous comments against the company on the Internet.

After 2TheMart.com Inc.’s stock price dropped, its shareholders had brought a derivative class action suit against the company, its officers, and directors for fraud, alleging that the company had misled them about its expectations. As part of its defense strategy, the company sought a subpoena, pursuant to Fed.R.Civ.45 (a) (2), for the identification of 23 anonymous InfoSpace users including Truthseeker, Cuemaster, and NoGuano, who posted messages on the message board or communicated with the users who posted such messages.

The anonymous “non-party individual” (neither the defendant or plaintiff in litigation) Internet poster, NoGuano, filed a motion to quash the subpoena for discovery contending that enforcing the subpoena would violate his right to speak anonymously. On April 26, 2001, District Judge Thomas Zilly, speaking for the U.S. District Court for the Western District of Washington, ruled that 2TheMart.com Inc. wasn’t entitled to the identification of the 23 anonymous Internet posters and quashed the subpoena.

In reaching its decision, the U.S. District Court adopted a balancing test to determine if the civil litigants’ need for identification was greater than the posters’ First Amendment rights of anonymous free speech. This balancing test imposes a high threshold upon subpoena requests that encroach on the First Amendment rights to speak anonymously.

According to the rulings, the litigant seeking an order to enforce a civil subpoena to identify an anonymous “non-party individual” who has expressed himself over the Internet must meet four requirements:

1. The subpoena seeking the information was issued in good faith and not for any improper purpose.

2. The information sought relates to a core claim or defense.

3. The identifying information is directly and materially relevant to that claim or defense.

4. Information sufficient to establish or to disprove the claim or defense is unavailable from any other source.

Concerning the second and third elements, 2TheMart.com Inc. claimed that information sought was necessary to validate its core defense that the drop in stock prices wasn’t caused by the defendants but by the anonymous posters who violated federal securities laws by using the message boards to manipulate the company’s stock price.

The court held that 2TheMart.com Inc. “failed to demonstrate that the identity of these Internet users is directly and materially relevant to a core defense in the underlying securities litigation.” The stock of 2TheMart.com Inc. didn’t drop in price during the anonymous postings as was contended by the company. Accordingly, John Doe’s motion to quash the subpoena was granted. Thus, there was insufficient evidence to support 2TheMart’s allegations that the anonymous posters had engaged in a stock manipulation scheme, which caused the company’s stock price to drop.

Additionally, it was reported in the Los Angeles Times that Deloitte & Touche LLP ended its relationship with 2TheMart.com Inc. one month after it was hired (“Deloitte & Touche Backs Away From 2TheMart,” by David Evans, Los Angeles Times, July 16, 1999, as quoted in Bloomberg News).

2TheMart.com then hired Grant Thornton, but it too resigned and said it would “no longer be able to rely on management’s representations … and [2TheMart.com] does not have adequate internal controls or the appropriate level of management or board oversight,” according to the SEC’s April 12, 2000, 8-K/A form on 2TheMart.com.

(On Nov. 11, 2008, an administrative law judge issued an order revoking the registration of each class of 2TheMart’s securities for failing to file required annual and quarterly reports, from 2000 through 2008; reference Federal Register/Vol. 73, No. 227. On Dec. 23, 2008 the SEC finalized the order against 2TheMart.com. Inc., Release No. 59156, File No. 3-13294.)

Because 2TheMart lacked sufficient evidence to support its request to learn the identities of the anonymous posters, it couldn’t answer the fundamental question, “Who are these people?” And if a CFE is investigating a fraud allegedly committed by a company’s management, the CFE, like 2TheMart’s auditors, should “not rely upon the management’s representation.”

Therefore, while working with legal counsel, CFEs must continuously exercise due professional care to obtain relevant, competent, and sufficient evidence that directly relates to the courts’ procedural balancing act.

ADDITIONAL COURT REQUIREMENTS 

The case of Dendrite International Inc. v. John Doe No. 3, (775 A. 2d 756 N.J. Super Ct. App. Div. 2001) provides more guidance for CFEs who are investigating comments made by an anonymous individual.

“John Doe No. 3,” an anonymous poster who denied ever working for Dendrite, accused the president of Dendrite of changing revenue recognition accounting, which led to a boost in earnings after the Center for Financial Research and Analysis Inc. and TheStreet.com published a report questioning the change in revenue recognition. In response to these statements, Dendrite filed a lawsuit against numerous named John Doe defendants, including John Doe No. 3, alleging that this individual defamed Dendrite and misappropriated trade secrets. Prior to service of process, Dendrite sought to unmask the identity of John Doe No. 3. In support of its request, Dendrite contended that John Doe No. 3’s messages constituted defamation. The court denied Dendrite’s motion for seeking disclosure of this individual’s identity. Dendrite appealed and the appellate division of the Superior Court of New Jersey affirmed the lower court’s decision with the following requirements.

The court held that:

1) The plaintiff is to “undertake efforts to notify the anonymous poster that they are the subject of a subpoena or application for an order of disclosure and withhold action to afford the fictitiously named defendants a reasonable opportunity to file and serve opposition … These notification efforts should include posting a message of notification of the identity discovery request to the anonymous user on the ISP’s pertinent message board.”

2) The plaintiff is to “identify and set forth the exact statements purportedly made by each anonymous poster that plaintiff alleges constitutes actionable speech.”

3) “[M]ust produce sufficient evidence supporting each element of its cause of action, on a prima facie basis, prior to a court ordering the disclosure of the identity of the unnamed defendant.”

4) If the court “concludes that the plaintiff has presented a prima facie cause of action, the court must balance the defendant’s First Amendment right of anonymous free speech against the strength of the prima facie case presented and the necessity for the disclosure.”

The court concluded that the application of these procedures is on a case-by-case basis.

Thus, the main thrust for the CFE in working with legal counsel is that each and every cause of action must have sufficient evidence that sets forth a prima facie cause of action. Prima facie means that the plaintiff has brought together sufficient evidence to produce a rebuttable presumption that the alleged conduct has been committed.

The requirement of a prima facie case is a sizeable evidential burden for the CFE’s investigation. In the Dendrite case, the court of appeals imposed the rule that “the plaintiff should provide sufficient evidence to satisfy a standard analogous to the probable cause standard used in criminal investigations. This standard required Dendrite to “make some showing that an act giving rise to civil liability actually occurred and that the discovery is aimed at revealing specific identifying features of the person or entity who committed the act.” Again, this is an extremely high burden to discover the identity of the anonymous poster because it requires that plaintiff conduct an investigation to obtain sufficient evidence to establish every element of a cause of action before filing suit.

RANTING AND HYPERBOLE 

Global Telemedia Int’l v. Doe, 132 F. Supp. 2d 1261 (C.D. Cal. 2001) provides the CFE with an additional glimpse into researching to support the assertions. This case demonstrates that irrational ranting, hyperbole, and defamation must be countered by professional skepticism in attitude and response when working with legal counsel.

Global Telemedia Int’l (GTMI), a publicly traded telecommunications company, filed suit against anonymous posters for, among other things, making allegedly defamatory statements on an Internet message board. On Dec. 20, 2000, two of the four John Does filed separate motions to strike GTMI’s claims, contending that the statements were an exercise of their right of free speech that was of public concern. GTMI had an opportunity to overcome the defendants’ motions and discover the posters’ identities if it was able to demonstrate a probability of success on the merits of its defamation claims.

The following is a quote from the John Doe, No. 3’s text within the order granting defendants’ special motion to strike:

“get off my back cowboy I am ready to send that message to the powers that be since you just accused me of being a druGgie, libel slanderous cheap attack. This company has put it up your arse again this week no filing no nothin no chance to buy it OFF SHORE ON INTERNATIONAL EXCHANGES, dill weed I bet you get your frustrations worked out at the YMCA stupid flippin ... I got info comin at you that will make you puke about this stock and then you can thank me.”

Here’s another quote from the same person:
“akitaman we did get news today! another board poster says the PR will come out tomorrow ... rolfmao that was funnier than some of my jokes today ... another day with GTMI steering the sinking ship, but don’t worry they are headed for the calmer waters of the carribean where your money will be safe from federal authorities,,now thats newz, speling was for hyplori :)”

The U.S. District Court for the Central District of California found that the postings were filled with hyperbole, exaggerations, a tirade of short-hand phrases, and language that wasn’t based on factual documents and evidence, and that a reasonable reader wouldn’t consider that the expressions were realistic. Based upon this finding, the court determined that GTMI’s defamation action would fail because the postings were opinions rather than facts. The court also ruled that GTMI’s claim would fail because the facts didn’t support its contention that the postings caused the stock to lose value. Therefore the plaintiff’s claims were dismissed.

INTERNATIONAL SETTING 

Internet cybersmear attacks can be global, which can confound the legal issues. CFEs must know different countries’ legal protocols of identifying anonymous posters so they can pursue due diligence.

Every country has its set of laws and regulations that must be followed. For example, South Korea passed a cyber defamation law providing that an Internet user must attach his actual names to his posted comments if the website has more than 100,000 distinctive visitors per day. If the individual refuses to affix his name then that poster must attach his national identification number.

In India, the ISP and a blogger might be liable if a court determines that the language used is defamatory.

Canadian laws, similar to U.S. laws, support strong anonymity, but there are differences in protocol and interpretation.

In the United Kingdom, individuals or groups that participate in the publication of defamatory statements can be held liable for libel unless they establish a defense of privilege or a defense of justification or fair comment.

In Australia, defamation is based upon strict liability. A strict liability offense is one in which no criminal intent is required (i.e., the prosecution must prove only that the defendant performed the act and doesn't have to prove that the conduct was performed with any particular mental state).

As a general rule, German law provides that false statements damaging the credit of another will give rise to defamation liability if the creator of the libelous statement can’t prove the truth of the allegation or comment. Recently, a German national, Frederick Toben, was prosecuted and sentenced for 10 months imprisonment for using his Austrian website for spreading Holocaust denial arguments.

ETHICS HOTLINES CAN BE ‘STEAM BLOWERS’ 

Firms can prevent fraud-inducing and profit-depleting tirades on blogs and websites by instituting internal and external anonymous ethics hotlines. (Of course, CFEs also know that hotlines are great tools for finding and containing many types of occupational fraud.)

Anonymous hotlines can obtain information that’s objectively measurable and not impaired by emotion. Again, CFEs, working with legal counsel, can contribute distinctive due diligence in the installation, maintenance, and monitoring of hotlines.

If a firm doesn’t have an ethics hotline, an anonymous poster might rationalize that he has to go outside the organization for retribution. So companies must design independent third-party hotlines that will convince disgruntled stakeholders that their complaints will be taken seriously.

Anonymous posters have many opportunities for giving fraudulent or damaging messages: blogs, websites, bulletin boards, and social networking sites, among others. Anonymous posters’ pressure or incentive might come from the continued perception, rational or not, that organizations aren’t correcting problems. If the posters believe they will pay for their non-anonymous complaints, they might go outside organizations to vent. And employees, stakeholders, family members, and friends might give would-be fraudsters additional pressure to post their false accusations.

If a firm’s hotline is controlled by the public relations, human services, or legal departments, then disgruntled stakeholders might not feel secure against retribution. Therefore, the best option is a third-party ethics hotline, which shows stakeholders that the company is complying with federal and state statutes and provides the personal comfort zone for would-be anonymous posters.

DON’T BE A LONE-RANGER CFE 

CFEs can discover, limit, or deter fraud from irresponsible, anonymous Internet posters, but they can only do it with assistance from their in-house or retained legal counsel.

Counsel will know the cases, pitfalls, and domestic and international laws that CFEs need to consider when preparing investigative reports to determine if comments in cybersmear attacks are true, partially true, or false. Also, legal counsel can help to find identities of Internet posters.

If CFEs go at it alone, organizations can lose trade secrets and market share from illegal and fraudulent anonymous postings.

Michael Stagar, MBA, CFE, CPA, CPHIMS, CITRMS, owns and manages a CPA firm in Cleveland, Ohio. 

Erik Stagar is a tactical data system operator with the United States Marine Corp Reserves.  

The Association of Certified Fraud Examiners assumes sole copyright of any article published on www.Fraud-Magazine.com or ACFE.com. Permission of the publisher is required before an article can be copied or reproduced.