Private credit files on display in fraud case Secret Service used real cards to catch suspect who sought to steal data

August 27, 1996|By LOS ANGELES TIMES

When U.S. Secret Service agents set a trap for a young computer operator who had expressed an interest in stealing credit information, they baited it well: with real credit-card numbers from real customers.

The young man, Ari Burton of Las Vegas, went for it, was arrested, and was charged with possession of stolen credit information -- charges to which he ultimately pleaded guilty. That ended the case against Burton, but the card holders' information did not stay secret with the Secret Service.

Detailed credit histories of 35 Citibank card holders, none of whom gave their permission for their files to be accessed, ended up with the defendant, his lawyers and anyone else who got a copy of the case file.

Included in it: names, addresses, home phone numbers, Social Security numbers, credit-card numbers, available credit lines and outstanding balances -- more than enough for anyone to run up huge tabs on unsuspecting customers.

The card holders were never warned that their information had been used in a sting, nor that it had subsequently been shared with the defendant and others. In fact, a few of the card holders learned of the disclosure only when the defendant's father wrote asking whether they had authorized the release of the information. Others found out just last week, three years after the information was first released, when contacted by a reporter.

Told of their unwitting involvement in a federal sting, many were furious.

" I'm upset, I'm real upset," said Joe Becker of Costa Mesa, Calif. "I want to know how this happened."

"I never authorized anything like that," said Sarah DiBoise, who lives in Atherton, Calif. "I am certainly bothered by it."

And Sam Zadeh, who lives in New York, deplored what he called the "bank and law enforcement agency invading our privacy."

The same revelations that left card holders smoldering also raised troubling questions about the conduct of the government and of the bank that released private information to the Secret Service. Some of those questions ripple into delicate areas of criminal law -- topics such as the right of defendants to evaluate evidence against them and the right of uninvolved citizens to maintain their privacy while federal agents go about the business of corralling bad guys.

Why, lawyers, card holders and others asked, would the Secret Service use real card-holder information for sting operations? And even if, for legal reasons, it feels compelled to use actual credit histories, why not seek permission from card holders first? Authorities in some other parts of the country say they do not use real credit information, and Citibank stresses that the Burton case was an aberration. But investigators and prosecutors in Las Vegas said that the techniques used to nab Burton are employed in other instances.

In fact, Secret Service agents in Las Vegas say the use of real credit information is forced upon them by federal law requiring authorities to demonstrate that a suspect actually possessed something illegal in order to win in court.

"In something of this nature, the crime is the illegal obtaining of what is called the access device," said Jerry Wyatt, assistant special agent in charge of the Secret Service office in Las Vegas. "Unless the access device is a real number, it's just a number."

Following that theory, some authorities argued that if the Secret Service had supplied Burton with fake credit-card information, Burton could not have been found guilty of attempting to steal real credit-card histories.

But that reading of the law is hotly contested by experienced lawyers. Although it is a violation of federal law to have unauthorized possession of an access device -- another name for a credit-card number -- it also is against the law to attempt to possess such a device, even if that attempt turns out not to be successful.

Legal experts said agents could make up fictitious customers and generate false credit histories, then use that information in sting operations. Even without a handoff of real credit information, prosecutors still could charge the objects of the stings with attempting to steal credit-card numbers, an approach that might slightly complicate criminal cases but that would protect card holders.

Wyatt said he was not familiar enough with the facts of the Burton case to know why that approach was not adopted. Nor could he say how many cases each year involve the knowing transfer of actual credit information from the government to criminal suspects -- only that such cases are not unusual.

At the U.S. attorney's office in Las Vegas, the chief of that office's criminal division agreed that other tactics might have minimized the risk to card holders in the Burton case, but he said the Las Vegas office typically uses real credit-card numbers of actual card holders in charging suspects such as Burton.

Baltimore Sun Articles
Please note the green-lined linked article text has been applied commercially without any involvement from our newsroom editors, reporters or any other editorial staff.