At the very bottom of the 240 page PDF, beginning on page 238 in that PDF, plaintiff Mike Honda For Congress requests judicial notice of three items. The first two items are from the Federal Election Commission (FEC). The third item is described as—
3. LinkedIn profile of Brian Parvizshahi, attached as Exhibit 2 to the accompanying Declaration of Michael Beckendorf (downloaded from http://www.linkedin.com/in/brianparvi (last visited Sept. 17, 2016).
This third item is said to be “relevant” as follows—
Brian Parvizshahi’s LinkedIn profile is relevant, for it shows that Mr. Parvizshahi (1) was already employed by Defendant Ro for Congress, Inc. when he repeatedly accessed Mike Honda for Congress’ confidential, proprietary data, (2) was working as Ro for Congress, Inc.’s Data Director when he repeatedly accessed Mike Honda for Congress’ confidential, proprietary data, and (3) was promoted to Campaign Manager and was working as Campaign Manager for Ro for Congress, Inc. when he repeatedly accessed Mike Honda for Congress’ confidential, proprietary data.
In the absence, though, of any evidence that the purported “Brian Parvizshahi’s LinkedIn profile” was created or controlled by defendant Brian Parvizshahi, I don't think a court should rely on that for the truth of anything contained in the profile.
Of course it's the Arum Group's responsibility. But it's also Parvizshahi's responsibility. Saying it's not is like saying that two years ago you lent a key to someone who was once a friend, and forgot to get it back, and then you had a falling out. But you just discovered that he's been letting himself into your house and making lunch for himself when you're away.
Even if it was an automatic sync, Parvizshani would have known.
Now, whether Khanna has any culpability is another matter. You'd have to show that he knew, or should have known. Did he think Parvizshani was just a genius at coming up with leads to people with money, or did he hire Parvizshani in the first place knowing that he had Honda's donor list?
This is a civil lawsuit. There is no "innocent until proven guilty". It goes by preponderance of the evidence, not proof beyond a reasonable doubt.
"Technically he can say it was automated synchronization and good luck to the plaintiff to prove it was not."
He can say that. But if he says that under oath (and he almost certainly will be deposed) then, if it's a lie, he's committing perjury, and now he's potentially facing jail time. If he WAS the one who leaked the list to the paper, how sure is he that it can't be traced back to him if the paper and/or email providers are subpoenaed?
One thing I find interesting is that the lawsuit alleges things like loss of trust of the donors. Sorry, but that loss of trust is actually deserved if you don't secure your donor's private emails, regardless of whether the defendants actually accessed the list. They didn't notice that the former intern still had access when they switched to the new election cycle - you'd think they'd review their authorized access list at least that often. They didn't even notice his continued access when the paper published a leaked copy of the donor list three and a half years after that intern quit the campaign.
Another thing I find interesting is that, at the time they discovered the breach, they apparently felt the need to notify at least five different consulting companies that were apparently already working for them. Do congressional campaigns normally have that many? But maybe that's one reason why they never noticed. Too many people in the campaign, many of which don't even directly work for the campaign. And maybe that's why they didn't do more diligence when the leak came - too many people they didn't really know had access to the list anyway.
Another point not brought up in this write-up: Arum Group was no longer working with Honda's campaign and hadn't been for several years. So not only did Parvizshahi still have access to the files when he should not have so did the Arum Group. Immediately upon severing their contract with Honda's campaign the Arum Group should have deleted the voter information files and rescinded all access.
Spoken like somebody who has never configured themselves out of a remote machine.
These hacks, are by definition experimental. The likelyhood of things going wrong in a way that breaks network connectivity is actually quite high.
Not to mention that simply pulling the CAT5 out of the machine, is often the first move made by admins when they detect a compromise.
Yes, the binaries are often left behind. That is not necessarily within the control of the hacker. It is a known risk.
And since the risk is known, doing so makes the accidental dissemination of their tools criminal negligence. They knew that there would be side effects. They did it anyway. The side effects caused a loss. The parties who have experienced a loss have a case.
The fact that the source refers to binaries being left behind as being the result of "lazy" people, is telling. This is either an attempt to obfuscate the situation, or the source isn't close enough to the metal to know much.
My understanding is that national security does not mitigate the related liability.
However the area 51 chemical burning case seems to suggest that the POTUS may just declare the NSA's activities legal by presidential order, as Bill Clinton did when workers were poisoned by burning dioxin at groom lake.
Of course this begs the question of "Who else have they forgot to cut off access to?" especially for the docs leaked to the press. If they forgot about one guy from 4 years ago, there has got to be others as well.
Technically he can say it was automated synchronization and good luck to the plaintiff to prove it was not. Considering we still consider people innocent until proven guilty. Of course some things seem to have changed.
the NSA was "watching the internet closely" to see if anyone else started using these tools
You must be confusing the 3 letter acronym agencies. It's the FBI that crafts conspiracies, provides tools to conduct illegal activity, and then waits for some unsuspecting idiot to follow them into a jail sentence.
The NSA simply waits for something bad to happen and then complains that they need more power to prevent this from happening again in the future.