http://news.com.com/HP+studied+infiltrating+newsrooms/2100-1014_3-6117508.html By Damon Darlin and Kurt Eichenwald The New York Times September 19, 2006 Hewlett-Packard conducted feasibility studies on planting spies in news bureaus for two major publications as part of an investigation of news leaks from the company's board, an individual briefed on the company's review of the operation said Tuesday. The studies, referred to in a Feb. 2 draft report for a briefing of senior management, included the possibility of placing investigators acting as clerical employees or cleaning crews in the San Francisco offices of CNET and The Wall Street Journal. It is not clear whether the plan was ever acted upon. The report was sent on Feb. 1 by Anthony R. Gentilucci, HP's Boston-based manager of global investigations, to four others, including Kevin T. Hunsaker, a senior counsel in HP's legal department and the company's chief ethics officer. "Feasibility studies are in progress for undercover operations (clerical) in CNET and WSJ offices in SF," the memo said, referring to two publications in which reports of the company's board discussions had appeared. Under a section labeled "Investigation Activity Update," with the subtitle, "Covert Operations," it also called for examining the use of cleaning employees at those locations. The consideration of undercover agents inside news organizations adds a new element to what is known of the HP investigation, which prominently included the use of subterfuge to gain the phone records of company directors, employees, journalists and others. An e-mail message obtained by The New York Times from someone with access to the company's investigative material shows that leading members of the team supervising the investigation knew of the methods at least as early as January and raised questions about their legality. The disclosure came yesterday as investigators examined the role of a man from the Omaha area who may have obtained private phone records on HP's behalf, according to people briefed on the company's review of the operation. California and federal prosecutors are exploring whether laws were broken in the investigation, particularly in the use of pretexting --a technique in which an investigator masquerades as someone else to obtain that person's calling records from a phone company. The prosecutors are also trying to determine who in the company knew of the possibly illegal activities. Concern over legality was reflected in an e-mail message sent on Jan. 30 by Hunsaker, the chief ethics officer, to Gentilucci, the manager of global investigations. Referring to a private detective in the Boston area whom the company had hired, Ronald R. DeLia, he asked: "How does Ron get cell and home phone records? Is it all above board?" Gentilucci responded that DeLia, owner of Security Outsourcing Solutions, had investigators "call operators under some ruse." He also wrote: "I think it is on the edge, but above board. We use pretext interviews on a number of investigations to extract information and/or make covert purchases of stolen property, in a sense, all undercover operations." Hunsaker's e-mail response, in its entirety, said: "I shouldn't have asked..." It is unclear who, if anyone, in the company was then briefed on what he had learned. People who have seen other material from HP's investigation said that Hunsaker, in supervising the operation, communicated frequently with Patricia Dunn, the company's chairwoman, about its progress. But they said it was not clear when Dunn, who ordered the investigation, learned of the methods used. Hunsaker did not respond to a request for comment. Gentilucci referred all inquiries to HP's corporate offices, which said it had no comment. The HP investigations were initiated early in 2005, around the time of Carly Fiorina's ouster as chairwoman and chief executive, and then resumed in January. The two phases--each begun after accounts of board members' discussions appeared in news articles--were code-named Kona I and Kona II, according to several people who saw the company's investigative records. The names are intriguing; Dunn's vacation home is in Kona, Hawaii. Not all board members were targets in the investigation, according to people who had seen some of the company's investigatory materials. The detectives seemed to focus on allies of Thomas Perkins, Dunn's board antagonist. In the first phase of the investigation, the targets were Perkins, George Keyworth and Robert E. Knowling Jr., a director who stepped down last September. Fiorina was also a target, the documents show. In the second phase, Keyworth, his wife, Perkins and two other directors--Lucille S. Salhany, a former television executive, and Richard A. Hackborn, a former HP executive--were targets. Both phases used pretexting, according to documents the company has given various investigators. Another target was Shane Robison, an executive vice president and chief strategy and technology officer. Robison is not on the board, but was a liaison to its technology committee, on which Keyworth and Perkins served. A company memo, described to a reporter, instructs detectives to obtain the records of Dunn and Robison for the sake of completeness. Perkins resigned in June in protest over the investigation. Keyworth, identified as having given information to reporters, agreed last week to resign from the board after Dunn said she would step down as chairman in January. In addition to HP directors, nine journalists and two employees, those whose phone records were obtained included Larry Sonsini, the outside counsel, a spokeswoman for his law firm, Wilson Sonsini Goodrich & Rosati, said Tuesday, confirming a report in The Wall Street Journal. The identification of a man from the Omaha area as a possible participant in the operation provides a potentially critical link in a chain that has stretched from HP's sprawling Silicon Valley headquarters to its security operations in Boston and to detective agencies there and in Florida. The man, Brian Wagoner, has spent several years working for the Action Research Group, a Florida detective agency, according to a relative of Wagoner. The Florida agency has been identified by people briefed on HP's review of its operation as a contractor for Security Outsourcing Solutions, DeLia's firm. An e-mail message to Hunsaker, the HP ethics officer, indicates that he was aware of the involvement of the Action Research Group in the operation. On Feb. 7, DeLia informed Hunsaker that he had sent an e-mail message to "my source in FL and asked him if there were any state laws prohibiting pretexting telephone companies for call records." DeLia gave the response from that firm, presumably Action Research: "We are comfortable there are no Federal laws prohibiting the practice." He added that he had been using the firm for eight to 10 years. DeLia did not respond Tuesday to requests for comment. Action Research and Wagoner, the Omaha man, had been linked before. His name appeared in connection with Action Research in April, when congressional investigators studying pretexting interviewed James Rapp, a Denver man convicted in 2000 of illegally obtaining phone records. Rob Douglas, an information security expert who was a consultant to the congressional investigation, said Rapp had disclosed his employment for years with the Action Research Group. Rapp told investigators that after his own conviction, which led to the shutdown of his business, some of his employees went to work for Action. Among them was Wagoner, whom Rapp identified as his nephew during the interview with congressional investigators, Douglas said. Rapp said in an interview Tuesday that Brian Wagoner split his time between the Omaha and Denver areas and had worked for Action Research. "I know for a fact there's been correspondence between he and Action for many, many years," Rapp said. Rapp said he had spoken with Wagoner twice Tuesday and described him as "nervous and hesitant." "He keeps trying to tell me that Action doesn't do that kind of work any more," Rapp said. But he said Wagoner had told him that he did believe he had worked on HP case. "He did do the work," Rapp said. "He does remember that." Matt Richtel contributed reporting. Entire contents, Copyright © 2006 The New York Times. All rights reserved. Copyright ©1995-2006 CNET Networks, Inc. All rights reserved. _________________________________ HITBSecConf2006 - Malaysia The largest network security event in Asia 32 internationally renowned speakers 7 tracks of hands-on technical training sessions. Register now: http://conference.hitb.org/hitbsecconf2006kl/
This archive was generated by hypermail 2.1.3 : Wed Sep 20 2006 - 03:20:33 PDT