Searching over 5,500,000 cases.

Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.

United States v. Gasperini

United States District Court, E.D. New York

May 31, 2017



          NICHOLAS G. GARAUFIS, United States District Judge.

         Defendant Fabio Gasperini ("Defendant") is charged with two counts of computer intrusion, one count of conspiracy to commit wire fraud, one count of wire fraud, and one count of conspiracy to commit money laundering. (See Indictment ("Ind.") (Dkt. 3) ¶¶ 11-21.) The charges stem from Defendant's alleged creation of a "bother" to further a "click fraud" perpetrated against advertising companies. (Id. ¶¶ 1-10.) The Government alleges that Defendant and others obtained unauthorized access to computers in the U.S. and around the world and remotely directed those computers to fraudulently inflate the number of times that online advertisements were "viewed."

         Currently pending before the court are Defendant's motion to dismiss the indictment (Mot. to Dismiss ("MTD") (Dkt. 9)), motion for a bill of particulars (Mot. for Bill of Particulars ("BOP Mot.") (Dkt. 36)), and motion for disclosure of grand jury materials (Mot. for Grand Jury Tr. ("GJ Mot.") (Dkt. 35)). For the following reasons, Defendant's motions to dismiss and for disclosure of grand jury materials are DENIED and his motion for a bill of particulars is GRANTED IN PART and DENIED IN PART.


         A. Allegations

         The following statement of facts is drawn from the Indictment, the Complaint, and an Affidavit submitted in connection with Defendant's extradition to the United States.

         Defendant is an Italian national who resided in Rome at all relevant times. (Ind. ¶ 1.) The Government's primary allegation is that Defendant engaged in "click fraud, " a scheme in which an individual:

1) enters into a contract with an advertising company in which the individual (a) places online advertisements onto a websites and (b) receives compensation from the company based on the number of times that users "click" on their ads, and then
2) places malicious software ("malware") onto one or more third-party computers and servers that directs those computers to click on their advertisements and artificially drives up the number of "clicks" for which the individual is compensated.

(See id. ¶¶ 1-4.) In connection with these schemes, individuals may develop a "botnet, " defined by the Indictment as "a network of computers, such as servers, infected with malicious software without the users' knowledge or authorization." Id. ¶ 1.) The botnet's creator can then remotely direct the network of compromised computers to engage in coordinated action and, in a "click fraud" scheme, can "remotely command a botnet to flood a particular website advertisement with electronic communications that register with the advertising company as clicks by a human user." (Id. ¶ 4.)

         The Indictment alleges that between February 2011 and June 2016, Defendant and others "surreptitiously gained entry into multiple computer servers ... in the United States and elsewhere" without authorization (id. ¶ 6) and "installed... malicious software, " creating a botnet (id. ¶ 7). The Indictment alleges that, "[i]n establishing this botnet, [Defendant] also obtained unauthorized access to sensitive data and files stored on the compromised servers." (Id.) Defendant allegedly used the botnet to commit "click fraud" against various businesses and advertising companies, including one named Italian advertising company. (Ex. A. to Opp'n to MTD ("Extradition Aff.") (Dkt. 27-1) ¶ 10.) The Indictment further alleges that Defendant laundered proceeds from the alleged "click fraud" through other individuals "in order to conceal the nature of the payments and his identity." (Ind.¶ 10.)

         B. Procedural History

         Defendant was arrested in Amsterdam in June 18, 2016, and extradited to the United States on April 20, 2017. (Opp'n to MTD ("MTD Opp'n") (Dkt. 27) at 2.) On August 4, 2016, a federal grand jury returned an Indictment charging Defendant with two counts of computer intrusion (the "Computer Intrusion Counts"), wire fraud and conspiracy to commit wire fraud (the "Wire Fraud Counts"); and conspiracy to launder money. (Ind. ¶¶ 11-21.)

         On April 24, 2017, Defendant moved to dismiss the Indictment. (See MTD). Defendant subsequently moved for both a bill of particulars and for disclosure of grand jury material. (See BOP Mot.; GJ Mot.)


         A. Motion to Dismiss the Indictment

         Defendant's motion to dismiss asserts three primary arguments: (1) the Computer Intrusion Counts under 18 U.S.C. §§ 1030(a)(2) and 1034(a)(4) are insufficiently pled; (2) the statutes underlying the Wire Fraud Counts cannot be applied extraterritorially; and (3) application of the Wire Fraud and Computer Intrusion Counts to Defendant would violate his due process rights. (MTD at 2.) The court disagrees with Defendant on each of these points and accordingly denies Defendant's motion to dismiss.

         1. Legal Standard

         "[An] indictment... must be a plain, concise, and definite written statement of the essential facts constituting the offense charged" Fed. R. Crim. P. 7(c). "[A]n indictment is sufficient if it, first, contains the elements of the offense charged and fairly informs a defendant of the charge against which he must defend, and, second, enables him to plead an acquittal or convictions in bar of future prosecutions for the same offense." United States v. Alfonso, 143 F.3d 772, 776 (2d Cir. 1998) f quoting Hamling v. United States, 418 U.S. 87, 117 (1974)). This generally requires an Indictment to "do little more than [] track the language of the statute charged and state the place and time (in approximate terms) of the alleged crime." United States v. Walsh, 194 F.3d 37, 44 (2d Cir. 1999) (internal quotation marks and citations omitted).

         Defendants may raise pretrial challenges to the sufficiency and specificity of an indictment "if the basis for the motion is reasonably available and the motion can be determined without a trial on the merits." See Fed. R. Crim. P. 12(b)(3)(B)(iii), (v). "[I]n deciding a pretrial motion to dismiss, the Court must accept the Government's factual allegations as true, " United States v. Carnesi, 461 F.Supp.2d 97, 98 (E.D.N.Y.2006), and the "indictment must be read to include facts which are necessarily implied by the specific allegations made, " United States v. Stavroulakis, 952 F.2d 686, 693 (2d Cir. 1992) (internal quotation marks and citation omitted).

         2. Alleged Insufficiency of the Computer Intrusion Statutes

         Defendant contends that the Indictment fails to allege several essential elements necessary to the Computer Intrusion Counts.[1] Specifically, Defendant argues that the Indictment fails to allege (1) that he accessed a "protected computer"; (2) that he gained "actual access" to information on those computers; (3) that he "obtained information" through the alleged unauthorized access; and (4) that Defendant derived any value from the intrusions. (See generally MTD at 3-6.) Before addressing these alleged insufficiencies, the court briefly reviews the statutes at issue in those counts and identifies the elements that the Government must allege » in the Indictment. The court concludes that the Indictment contains sufficient allegations to survive a motion to dismiss.

         a. The Computer Intrusion Statutes

         i. 18 U.S.C. § 1030(a)(4) (Count One)

         Section 1030(a)(4) states that:

[Whoever] knowingly and with intent to defraud, accesses a protected computer without authorization... and by means of such conduct furthers the intended fraud and obtains anything of value [commits a crime], unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5, 000 in any 1-year period.

18 U.S.C. § 1030(a)(4) (emphasis added). A "protected computer" is, inter alia, "a computer [] which is used in or affecting interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication." Id. § 1030(e)(2)(B). Courts have interpreted this definition to include "effectively all computers with Internet access." United States v. Valle, 807 F.3d 508, 528 (2d Cir. 2015) (quoting United States v. Nosal. 676 F.3d 854, 859 (9th Cir. 2012)).

         ii. 18 U.S.C § 1030(a)(2) (Count Two)

         Section 1030(a)(2) makes it a crime to "intentionally access[] a computer without authorization ... and thereby obtain ... [information from any protected computer." 18 U.S.C. § 1030(a)(2). "Protected computer" here has the same meaning as that noted above.

         b. Alleged Defects

         i. Failure to Allege Access to a Protected Computer

         Defendant claims that the Indictment fails to sufficiently allege that he accessed a "protected computer." (See MTD at 4-5.) As noted, however, the term "protected computer" encompasses "effectively all computers with Internet access."[2] Valle, 807 F.3d at 528 (internal quotation marks and citation omitted). The allegations that Defendant transmitted malware electronically in support of an online click fraud scheme necessarily involve internet-connected computers. (See Ind. ¶ 5-10.) Moreover, the Indictment's recitation of both Computer Intrusion Counts alleges that he accessed "one or more protected computers." (Id. ¶¶ 12, 14) Both separately and taken together, these allegations are sufficient to inform the Defendant of the charge against him with respect to that element. See Stavroulakis, 952 F.2d at 693 (stating that the "indictment must be read to include facts which are necessarily implied by the specific allegations made.")

         Accordingly, the court denies Defendant's motion to dismiss based on the claimed failure to allege that he accessed a "protected computer."

         ii. Failure to Allege "Actual" Access

         Defendant maintains that the Indictment fails to allege that he had "actual access" to any U.S. servers, and at most alleges control of an automated botnet that provided the "capability to intrude into computers." (MTD at 3.) In connection with this argument, Defendant points to a statement in the affidavit submitted in support of his extradition that Defendant's "malicious software was found" in Queens-based law firm's server. (Id. at 4 (citing Extradition Aff. ¶ 9).) Defendant claims this allegation cannot support actual access because, at the time the malware was "found, " Defendant was in custody. (See MTD at 4.)

         Despite Defendant's contentions, however, the Indictment avers at several points that Defendant had actual access to computer servers, including access gained as part of the process of installing the malware. (See Ind. ¶¶ 6, 7, 12, 13.) These statements track the language of the statute and, combined with the approximate statements of dates and locations contained in the Indictment, are sufficient to withstand a motion to dismiss at this stage.

         To the extent that Defendant's challenge is based on the Extradition Affidavit, that argument is not properly raised in a motion to dismiss. In weighing the validity of the Indictment, the court may not consider outside evidence. See, e.g.. United States v. Foxworth, No. 3:06-CR-81 (AHN), 2006 WL 3462657, at *3 (D. Conn. Nov. 16, 2006): cf. also United States v. Brown. 321 F.Supp.2d 598, 600 (S.D.N.Y. 2004) ("[I]t is axiomatic that... a defendant may not challenge a facially valid indictment prior to trial for insufficient evidence."). Further, it is not clear that the affidavit in fact supports Defendant's position, as it alleges that Defendant "gained entry into multiple servers." (Extradition Aff. ¶ 5.)

         For these reasons, the court denies Defendant's motion to dismiss based on the claimed failure to allege "actual ...

Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.