Alibris Charged w/Intercepting Email
December 26, 1999
Prosecutors in Boston's US District Court charged Internet bookseller
Alibris, with 10 counts of intercepting electronic communications and
access device fraud. Communications sent to book dealers from Amazon.com
were intercepted by Alibris by their wholly owned ISP, Valinet. Similar
to President Clinton's "I didn't inhale" rhetoric, Emeryville, California
based Alibris claims that it didn't read any of the email messages or
passwords that it unlawfully intercepted from on-line rival Amazon.com.
CEO Martin Manley, former Assistant Secretary of Labor in the Clinton
administration, who was appointed by Secretary of Labor Robert Reich in
January 1994 in part to "improve business results" has admitted to the
wrong-doing, and claims that today Alibris is a different company. The
interception took place when current Alibris Chairman and founder, Dr.
Richard M. Weatherford, operated a company under their prior name Interloc.
Dr. Weatherford holds a Ph.D. from UCLA.
western Massachusetts area is an intellectual book epicenter due in part
to the presence of five institutions of higher learning: Smith College,
Mt. Holyoke, Amherst, Hampshire College, and University of Massachusetts.
Many book dealers used Valinet as an ISP. Incoming Valinet email intended
for local bookdealers was filtered for source Amazon.com and was captured
in log files under direction from the original Alibris/Interloc management
The case was heard before Judge Michael A. Ponsor in the U.S. District
Court in Springfield, Massachusetts. A maximum fine of $250,000 for each
count means that Alibris could have ended up paying $2.5million in penalties.
this year, Forbes described Alibris' growth as "stunning." Corporations
and individuals need to be held accountable for breaches of privacy and
some of them are learning the hard way. When administering and managing
messaging on behalf of a paying customer, it is not always clear where
to draw the line as far as access goes. ISPs and ASPs need to be very
specific in their service level descriptions about what they consider
management, and what they consider access.
Intercepting email under the guise of "management" is not acceptable.
This case is extremely important and will set a precedent for future cases
involving email interception. If the service level description does not
define the management reasons for accessing and moving email files, then
legally any access that has not been previously agreed upon by the owner
is data theft.