HP Spying Allegations Probed by U.S. DoJ

The U.S. Department of Justice is asking questions about conduct by Hewlett-Packard that has embroiled the technology company in controversy.

HP acknowledged in a U.S. Securities and Exchange Commission filing Monday that it is cooperating with an inquiry by the U.S. attorney for the Northern District of California into possibly illegal tactics used by investigators hired by HP to investigate news leaks from the company’s board members.

HP described the U.S. attorney’s inquiry as “informal” and said the questions are similar to those asked by the attorney general of California. HP is based in Palo Alto, Calif. “We are cooperating fully with these inquiries,” HP said in its SEC filing.

A spokesman for the U.S. attorney’s office in San Francisco, Luke Macaulay, said the FBI is joining the U.S. attorney in “investigating the processes employed” by HP.

The probes are looking into the use of “pretexting” to search phone records to determine which board members may have been talking to reporters. The phone records of nine reporters from various news organizations were also obtained to determine whom their sources from within HP might have been on stories about the company.

Pretexting refers to posing as a phone company customer to get access to personal records. California Attorney General Bill Lockyer says a crime was committed in connection with the pretexting, but his office is still investigating what crime and by whom.

Also Monday, the two top-ranking members of the U.S. House Energy and Commerce Committee asked HP Chairwoman Patricia Dunn to disclose the identities of the outside firms that conducted the investigation for the board.

The committee is investigating the protection of personal information from Internet data brokers and gave HP until Sept. 18 to provide detailed information about its probe, according to a letter to Dunn cosigned by U.S. Reps. Joe Barton (Republican from Texas) and John Dingell (Democrat from Michigan).

“The committee is troubled by this information, especially given that it involves HP—one of America’s corporate icons—using pretexting and data brokers to procure personal telephone records … without [people’s] knowledge and consent,” the representatives stated. The letter was also cosigned by ranking members of the committee’s Subcommitteee on Oversight and Investigations.

HP spokesman Ryan Donovan said HP “intends to cooperate … and will provide the necessary facts and information requested by the subcommittee.” HP has previously declined to identify the private firms employed to conduct the probe.

The scandal has brought pressure on Dunn, who ordered the investigation but claims that she didn’t know the outside investigative firm hired to trace the leaks would use pretexting. HP’s board is meeting Monday for the second straight day to discuss its response to the controversy.

Former HP director Thomas Perkins, who quit in protest in May because of the way the investigation was conducted, called on Dunn to resign. His statement, released Saturday by his attorney, was prompted by Dunn’s comments in media interviews last week in which she alleged that it was Perkins who wanted “more aggressive measures” used to investigate the leaks, including use of lie detectors on board members.

“I am saddened, but not surprised, that Patricia Dunn has attacked me personally for doing my job. I acted not from any ill will toward Ms. Dunn but to protect the best interests of HP. I think the past months and days have shown that those interests are best served if Ms. Dunn would resign from the board,” said Perkins in his statement.

The U.S. Federal Communications Commission (FCC) also is investigating HP. The FCC reportedly sent a “letter of inquiry” to AT&T asking how its customer phone records may have been accessed, according to an Associated Press report. An FCC spokesman could not confirm that.

HP’s internal probe identified director George Keyworth as the source for a CNet Networks story about HP’s strategy that the technology news website posted in January. He refused to resign when asked to do so by Dunn in May, but the board has since voted not to renominate him to his seat.

-Robert Mullins, IDG News Service (San Francisco Bureau)

Related Links:

• No Decision at Sunday HP Board Meeting (CIO)
• HP Obtained Reporters’ Phone Records in Probe
• HP SEC Filing Reveals Board Infighting, Leaks
• Snooping, by Hook or by Crook

Keep checking in at our CSO Security Feed page for updated news coverage.