Japanese National Police Agency Reports on COVID-19 Cybercrime Cases in First Half of 2020

As numerous countries around the world continue to grapple with the COVID-19 pandemic, it is important for governments and law enforcement to maintain a steady and comprehensive focus on the trends in COVID-related crime.  While reported rates for crimes involving physical force, such as assaults and property crimes, have dropped this year in multiple countries such as the United States, Canada, France, and the United Kingdom,  a number of those countries have also seen substantial increases in reported rates for cyberattacks and other cybercrimes exploiting the pandemic.  For example, Canadian firms reportedly have been “bombarded” by COVID-related cyberattacks, and the Federal Bureau of Investigation has reported on upsurges in COVID-related online fraud and various categories of cyberattacks (malware, phishing, and ransomware).

One country that is seeing a marked disparity between the reported incidence of physical crimes and COVID-themed cybercrimes is Japan.  This past summer, the Japanese National Police Agency (NPA) released statistics showing that for the first half of 2020, Japan was “on course to set a record for the fewest criminal cases in a postwar year,” with an overall 15.4 percent decrease in crime compared to the first half of 2020.

On October 1, however, the NPA released statistics showing that in the first half of 2020, police across Japan had handled 608 COVID-19 cybercrime cases. The principal categories of those cases included the following:

  • Face Mask Order Fraud: 286 cases (47 percent) were fraud cases that involved members of the public failing to receive face masks that they had ordered online.
  • Government-Benefit Fraud: 155 cases (25 percent) were apparent fraud cases in which people were sent suspicious emails, from alleged mobile phone companies, that instructed recipients to apply for government-offered cash benefits via a website link.
  • Credit-Card Theft: 55 cases (9 percent) involved the theft of credit-card data that would-be purchasers of face masks had provided.
  • Obstruction of Business: 57 cases (9 percent) involved obstruction of business, “such as false information posted online claiming that infected people were in certain eateries.”  Some of these cases reportedly led to police action.
  • Malware: The NPA also confirmed multiple cyberattacks on companies, which included hackers reportedly posing as a public health center and urging email recipients to open files attached to those emails.

In addition, the NPA reported a total of 885 fraudulent-money transfer cases in the first half of 2020 involving Internet banking services, with losses totaling approximately ¥512 million (US$4.8 million).  The NPA indicated that a majority of those cases involve cybercriminals falsely representing themselves as financial institutions or parcel delivery firms and urging victims to access phishing sites where their personal data can be stolen. Japanese police reportedly have arrested a small number of individuals who fraudulently applied for government funds intended to assist businesses during the pandemic.  So far, however, there are no indications that Japan, or any other country for that matter, can successfully track and apprehend a significant number of those responsible for COVID-related online crimes.

Federal Court Awards Centripetal Networks $1.9 Billion in Patent-Infringement Trial Against Cisco Networks

In recent years, a number of companies have embraced, in principle and practice, the concept of “efficient infringement” of other companies’ patents.  The concept, which bears some similarity to the concept of “efficient breach” in contract law, refers to the situation in which a company “deliberately chooses to infringe a patent given that it is cheaper than to license the patent.”

Because of various legal and regulatory changes over the past decade, Professors Adam Mossoff and Bhamati Viswanathan have argued, “a company economically gains from deliberately infringing patents” and “pays less in either legal fees or in court-ordered damages than it would have paid in a license negotiated with a patent owner.”  As they noted, a company’s calculation of the costs of efficient infringement fails to take into account that efficient infringement, like opportunistic breaches of contract, “threaten the viability of legal institutions and the policies that drive them, such as incentivizing investments and promoting commercial transactions.”

A recent federal court decision in a highly publicized patent trial may prompt companies to reconsider whether “efficient infringement” is necessarily less costly than licensing.  On October 5, 2020, the U.S. District Court for the Eastern District of Virginia, after a 22-day bench trial, found not only that Cisco Systems had infringed four patents that cybersecurity solutions provider, Centripetal Networks, asserted, but that the case was “an egregious case of willful misconduct beyond typical infringement.”

In support of that conclusion, the District Court made numerous findings and conclusions, including:

  • Four of the patents that Centripetal asserted were valid and directly infringed, and Centripetal had proved that direct infringement of each element of the asserted claims by a preponderance of the evidence;
  • Centripetal and Cisco were direct competitors with regard to the infringing software as well as firewalls;
  • Enhanced damages were warranted by the evidence, given Cisco’s willful infringement of the four patents; and
  • Cisco had pre-suit knowledge of Centripetal’s asserted patents.

Under the patent damages provisions of the relevant patent statute, 35 U.S.C. § 284, a court is authorized to “increase the damages up to three times the amount found or assessed.”  In this case, the District Court concluded that the relief due to Centripetal included the following elements:

  • Actual Damages: Actual damages that Centripetal suffered as a result of Cisco’s infringement totaled $755,808,545.  Because of Cisco’s “willful and egregious” infringement, those damages were multiplied enhanced by a factor of 2.5x to equal $1,889,521,362.50.
  • Pre-Judgment Interest: The District Court awarded Centripetal pre-judgment interest of $13,717,925 applied to the actual damages before enhancement plus Centripetal’s costs.  After adding the enhanced damages and pre-judgment interest, the District Court directed a total award of $1,903,239,287.50, payable in a lump sum due on the judgment date.
  • Running Royalty:  In addition, the District Court imposed a running royalty of 10 percent on the apportioned sales of the accused products and their successors for a three-year period, followed by a second three-year term with a running royalty of 5 percent on those sales.  The Court also specified that for the first three-year term of 10 percent, the annual royalty “shall not be less than $167,711,374.10 and shall not be more than $300,076,834,” and for the second three-year term of 5 percent, the annual royalty “shall not be less than $83,855,867.00 and shall not be more than $150,038,417.” (Emphasis omitted)

Cisco has stated that it will appeal this decision to the U.S. Court of Appeals for the Fourth Circuit.  It is possible that the Fourth Circuit could reach a different conclusion regarding the computation of damages and the running royalty.  It appears less likely, however, that the Fourth Circuit would reverse the District Court’s decision altogether, given the District Court’s thorough review of the evidence at trial and its efforts to reach its conclusion by comparing this case to other cases in which enhanced damages have been awarded.

In any event, this decision should serve notice that patent infringements can sometimes be highly inefficient for willful infringers.  Whether or not it indicates that the pendulum is beginning to swing, however slowly, in favor of smaller patentholders confronted with infringement by larger competitors remains to be seen.

Hong Kong Customs Arrests Director of Possible Shell Company on Charges of Laundering $51+ Million

As a swift followup to its recent arrests of six individuals (including five family members) allegedly involved in a money laundering scheme that moved more than $387 million, Hong Kong Customs arrested the director of a possible shell company for her alleged role in laundering more than $51 million (HK$400 million).

According to Hong Kong Customs, in connection with Operation Shadow Hunter, in which the first six individuals were arrested two weeks ago, Customs investigators reviewing documents seized in the operation found the company director’s business registration.  The investigation found that “the suspect’s bank accounts were tied to more than 100 suspicious financial transactions involving about HK$400 million in 2018 and 2019.”  Another source said that “the amount of money was unusual given the woman’s profile and background, adding that less than HK$1,000 [US$129] remained in her accounts.”

A law enforcement source also stated that “the woman knew the family members [previously arrested], and that a small portion of the HK$400 million had been transferred to multiple bank accounts owned by the family.”  Most of the money was reportedly “transferred to bank accounts of other shell companies,” and that those bank accounts “were also linked to money laundering activities the family was allegedly involved in.”  Investigators are still seeking to determine whether the same ringleader is behind the director and the family.

This latest arrest provides further confirmation that Operation Shadow Hunter is the largest money laundering investigation in Hong Kong’s history, and indicates that Hong Kong Customs likely has far more ground to cover in discovering the full scope and extent of this laundering operation.

Hong Kong Customs Arrests Family Accused of Laundering $387 Million

At a time when the financial sector globally is looking at leading-edge anti-money laundering (AML) systems and RegTech tools as “a rich area of development,” it is important to remember that money launderers continue to succeed in moving vast amounts of criminal proceeds through the global financial system with the simplest of laundering techniques.

A notable example of that fact came to light last week in Hong Kong, when Hong Kong Customs announced that it had arrested six people, including a family of five and the licensee of a money changer, on money laundering charges in the “largest money laundering case in its history.”  The case allegedly involved a total of more than US$387 million (more than HK$3 billion).

According to Hong Kong Customs, it began an investigation in 2020 after identifying a money laundering syndicate.  The initial investigation found that the family of five involved in the case “had opened more than 100 personal bank accounts in various local banks to deal with over [HK]$3 billion of suspected crime proceeds since 2018, in which [HK]$170 million was related to the money changer licensee.”

The investigations also determined “that the background and the financial status of the family members involved were highly incommensurate with the large-value transactions of their personal bank accounts.”  It identified a total of approximately HK$30 million of assets that the arrested persons held.  That total included approximately HK$15 million in bank deposits and two properties with net asset values of approximately HK$7 million and $8 million, respectively.

With regard to the money changer, Customs stated that “[i]t is not ruled out” that that individual “had used personal bank accounts of third parties to deal with large-value transactions from unknown sources, in an attempt to use the money changer company to disguise the money laundering activities.”

Ultimately, on September 10 Customs conducted an operation, designated “Operation Shadow Hunter,” in which 30 officers raided four residences and a licensed money changer and arrested the family of five and the licensee of a money changer.  It also froze the HK$30 million of the arrested persons’ assets.

All six individuals were arrested for conspiring to violate the money laundering offense in section 25 of the Hong Kong Organized and Serious Crimes Ordinance.  Under section 25 of the Ordinance, it is an offense for someone to deal with any property, knowing or having reasonable grounds to believe that that property in whole or in part, and directly or indirectly, represents any person’s proceeds of an indictable offence. The maximum penalty for a conviction on indictment is 14 years’ imprisonment and a fine of HK$5 million, as well as confiscation of the criminal proceeds.

Under the Anti-Money Laundering and Counter-Terrorist Financing Ordinance (AMLO), it is an offense for a licensed money service operator to contravene the AMLO regulations,  The maximum penalty for a conviction on indictment is seven years’ imprisonment and a HK$1 million fine.

This case indicates that AML compliance officers need to ensure that their compliance programs continue to address all categories of indicators and not assume that money launderers are no longer using more basic laundering techniques.

Danish Foreign Affairs Ministry Publishes Report on Using Digital Technologies to Combat Corruption

Over the last several years, there has been growing recognition that technology — as Carlos Santiso of the Development Bank of Latin America put it — “is becoming a key ally in the fight against corruption.”  A recent report by the Danish Ministry of Foreign Affairs (available here) provides a detailed review of the ways in which digital technologies can be used to combat corruption.

The report, titled “Code to Integrity,” addressed four “avenues” for use of digital technology:

  • Avenue 1: “Use open data and open contracting to provide transparency.”  On this topic, the report advocated two principal approaches: (1) turning the public sector “into an open data platform, as public data belongs to the people and is the most valuable resource for governments to tackle corruption”; and (2) using open big data “to investigate specific patterns, and as input to design predictive analytics tools to spot corruption risks.”
  • Avenue 2: “Use e-governance to mitigate corruption opportunities.”  On this topic, the report commented that technology “takes out ‘the human hands’ when citizens or businesses deal with public authorities, reducing the opportunity for corruption.”  It advocated three principal approaches: (1) moving services online “to give citizens and the private sector direct access to public services and information and to reduce the opportunities for corruption by limiting human interaction”; (2) experiment with the use of blockchain “to enable transparent and tamper-proof transactions of money and data, giving citizens ownership of their data”; and (3) designing “principle-based policies that stipulate issues such as when to make human interventions in machine decisions.”
  • Avenue 3: “Use blockchain to ensure rights and prevent fraud.”  On this topic, the report stated that blockchain’s potential as an anti-corruption tool “is of particular interest because of its ability to keep records securely and transparently, ensuring rights to aid, land, money and preventing fraud.”  It recommended two approaches: (1) Putting records on the blockchain” in a shared digital database that every individual has equal access to and ownership over”; and (2) using blockchain “to transfer resources quickly, effi­ciently and securely,” and “to secure the integrity of public goods, records and certificates, limiting the space for corruption.
  • Avenue 4: “Use crowdsourcing to enable whistleblowing and complaints over corruption.”  On this topic, the report recommended two approaches: (1) Using crowdsourcing platforms “to provide citizens and business with a way to complain about and report corruption publicly”; and (2) cooperating “with trusted organisations and busines­ses to provide whistleblower platforms to expose corrupt behaviour inside the public sector.”

The report also discussed a number of impediments to implementing the recommendations.  In addition to the global “digital divide,” which stems from the “wildly uneven” distribution of Internet access around the world, the report expressed concern about five categories of gender imbalances that should be considered in pursuing digitalization of anti-corruption measures, in order to avoid exacerbating those inequalities.

These five categories of gender imbalances are:

  • 1.  The “digital gender gap.”  On this point, the report referred to the “lower degree of access to technology and lower digital literacy” for women around the world.
  • 2.  Discrimination in ownership of economic resources.  On this point, the report referred to the fact that “in most poor communities, women face discrimination in terms of financial independence, ownership of economic resources and with regard to inheritance rights.”
  • 3.  Greater frequency of women in the informal sector.   On this point, the report expressed concern that, because “women in Africa for example have a higher employment rate than men in the informal sector and lower representation in company ownership, there is a risk that solutions based on formal [existing] data will not capture the real significance of women in the productive sectors.”
  • 4.  Less access to formal identification.  On this point, the report stated that a formal identification “is the key to unlocking access to a number of digital anti-corruption tools such as registering a business online, paying taxes through mobile money, making a bid for public procurement contracts, voting or registering property ownership on a e-governance platform.”  An estimated one billion people around the world, however, lack formal identification, and “coverage gaps are largest in low income countries, with women and the poorest 40% at the greatest risk of being left behind.”
  • 5.  Risk of sexual extortion.  On this point, the report noted that “[b[ecause of unequal power relations, women are likely to experience corruption differently than men, especially in situations where power is abused to obtain a sexual benefit or advantage.”  It speculated that technology-based solutions “could assist women in reporting such instances, without having to challenge the entrenched power relations directly.”

Finally, with regard to these five imbalances, the report stated its intention “to initiate a conversation about the importance of adopting a gender sensitive approach to digitalisation in anti-corruption, especially considering the structural disempowerment of women in access to economic and digital resources.”  To that end, it discussed how these imbalances pertained to each of the four avenues listed above.

Anti-corruption scholars and advocates should read the report closely.  Because the report’s stated aim was “to initiate a conversation[n] about the role of new technologies in the fight against corruption,” they should take up the key points n the report to continue and expand the discussion, including with experts in blockchain and artificial-intelligence technology.