>Justice Tennent jailed Monks for 18 months, with the last 12 months of the sentence suspended on condition she be of good behaviour for three years.
>She was ordered to repay Aurora $193,187.43.
This is a horrendous miscarriage of justice. 4 months internet access = approx $80.
I'd rather someone was deterring Telstra from levying such exorbitant charges in the first place than wasting my tax dollars locking someone up for such a minor crime.
Assuming she had downloads running non-stop during the 4 months, at a maximum of 7 mbps (3g), she would have downloaded 8859 GB. With a $193000 bill, the "significant theft" was Telestra charging $22 per GB.
I don't understand what's "minor" about this crime.
If theft of meter SIM cards became endemic, the utility and the MNO would have to spend millions or even tens of millions of dollars to deploy countermeasures. That spend is entirely deadweight loss that exists solely to mitigate bad actors.
Not subverting your power meter seems like a pretty reasonable clause in the social contract that enables us all to have (extraordinarily) cheap and convenient electrical power.
It would have cost them far less if they had the foresight to consider the chances of it happening, or at least try and arrange it with Telstra, who's more than capable of doing so in a way that would mitigate abuse from the service?
How? How would it have cost them less? That seems like a good question to answer preemptively if you're going to make that argument. And, while you answer it, keep a running tally in your head of roughly how much it would cost in (1) legal fees and (2) delayed deployment (which has a cost you can break out in $/hour based on continued needless truck rolls as only one example) to negotiate that with the MNO.
When you're finished, weigh that cost against the benefit of reducing the legal fees for criminals who steal service from your meters.
They could have arranged with Telstra to cut off service to any meter that billed over $X in a month.
In fact, that should have been an obvious step to make, because a meter that was sending too much data was probably buggy, which could mean the data it was sending was probably worthless. The engineers who failed to include the cutoff were insufficiently paranoid.
What about meter diagnostics? "Cut off" means "cut off"; what if the utility needs the capability of remote snapshotting the memory or current firmware rev of a meter? (Having done multiple smart meter security review projects: this is not a crazy notion).
Yes, fellow geek, there will be some number that represents the maximum amount of bandwidth that might ever be used to diagnose a faulty meter. How much would it cost to figure that out? Again: weigh that against the business benefit of doing so.
The person who abused the meter SIM did not accidentally do so.
Now that this has happened, and both the MNO and the power company are trying to prevent it happening again, that would suggest they are changing the service, and thus the lawyers will be called back in again to amend the service agreement accordingly. Ignoring the costs associated with both the potential extra PR costs in cleaning this up, the costs associated with IT or modification to meters either installed or otherwise, or the costs with the power company's representation during the court case I could imagine that this return visit by the lawyers wouldn't be put onto the MNO's bill entirely, nor would they be getting a discount compared to the smaller amount of time I assume it would take to define the preventative requirements as part of the agreement before it was finalised.
I can only assume that the $22-per-gig plan doesn't actually exist on a consumer level. Instead, this is some bizarre charging agreement which works between Telstra and the electric company, specifically for smart meter applications (which presumably don't send all that much data). Nobody ever bothered to think about what would happen if the SIM were taken out and used elsewhere, though they really should have.
Since the electric company is already out of pocket for the $200K, and since it's not Telstra's fault (and hence Telstra shouldn't have to pay the $200K back either) I guess charging the woman the full $200K as a deterrent (assuming she can afford to pay it) isn't too bad.
It does sound like a pretty harsh sentence, but if she'd gotten away with a slap on the wrist imagine what would happen next -- everyone would be ripping apart their electricity meters to get cheap internet access.
This discussion also strips out everything that complicates the agreements utilities have with MNOs to handle smart metering traffic. These boxes get deployed in massive huge waves, tens of thousands at a time, and require terms of service that are not typical for normal MNO customers.
It's simply not reasonable to compare the rates payed by a utility for always-on reliable backhaul from hundreds of thousands of meters to those payed by a single mobile phone customer for "download web pages" data service.
Once again we see the phenomenon where technology makes everything easier, including criminal acts, resulting in shock and dismay when the consequences and penalties of those acts are not themselves mitigated by technology.
Yes, she did, but I can't say that it merits 6 months in jail.
Charging $193,000 for what someone here estimated was about 90GB of data is, itself, highway robbery. But that's Telstra's fault, not the power company's.
It might be highway robbery in the service model of iPhones downloading movies. That doesn't make it highway robbery in the context of access cards provisioned within the requirements and fee structure of a utility smart meter deployment. It does not all add up to the same thing.
90GB of data was stolen - nobody is defending that. Some of us have trouble believing that 90GB of data is actually worth the $193,000 as determined by the Telstra contract.
The actual "damage" seems pretty small when compared to crimes which carry similar sentences. If Telstra had a fairer billing system, then a more appropriate sentence would have been more likely.
You're right, it probably adds up to less. A utility company's meter likely doesn't demand the low latency that an iPhone user does. So, it's probably not even worth $80.
I agree. This is robbery! Completely anti-consumer! No sensible consumer or business could have pay this kind of service charge. Telstra could have easily block access to any individual with excessive network activity. The judge should reject this bill and ask arbitrator to come up with reasonable payment plan. Automatically upgrade her to unlimited plan and then add a small penalty should be a reasonable resolution.
Law maker should ban telco from excessive charge, say more than $1000 a month, unless authorized by the customer.
And what you are saying is that there is no possibility that such a feature network-wide (Email to main account holder: "Your phone bill has risen above $1,000 this month. Please make sure that this is not accidental.") would be useful to anyone else, ever.
Which is funny, because it's more or less standard in the UK, and most of the EU.
As far as the phone company is concerned, I'm sure that they can break the charges down by SIM. They'd never have discovered which person was the culprit if they couldn't do that, after all.
That is exactly what they did do in this case. Read the preceding comment carefully and you'll see that you've inadvertently shifted the goal posts; that comment suggests Telstra should be sending a warning to the person who stole the SIM card.
It took four months to discover this. That tells me that the power company demanded an audit, rather than Telstra informing them of anything. This inference is also consistent with the other case I linked to previously in which someone got a huge bill from them.
Had Telstra informed the power company (not the thief!) it undoubtedly would have been caught earlier, when a much smaller sum had been stolen. Moreover, given that black hats can clone SIMs and such, one might think that consumers should be able to demand reasonable protection from thievery from their telecom provider.
Please note that although it's possible that they have a rather long billing period (e.g. they only got bills every few months), such notices would only be useful if they could occur within a billing period, so it still would have helped protect the power company from theft of services.
I have no idea how you managed to carefully read any of the comments and still confused the account holder (the power company) with the woman who misused the SIM card, whether you were reading my comments or those of nagrom.
I cannot help but think that you are willfully misinterpreting my comment.
Substitute 'account' for 'phone' if you like. They can obviously break it down by SIM because otherwise they couldn't figure that this woman 'caused' these charges, right?
This reminds me of a little adventure when I travelled to Malaysia for a sales call. It was terrible but funny (it involved a business partner dropping my USB HSDPA modem into his glass of water). A subplot of it was I let him use my modem while roaming. In the same afternoon, while I was having tea (I mean a meeting/discussion), I got a call from my carrier, on my main cell phone number, who asked if I was the one who used the service in the morning. I said yes and I asked how much it was. The answer was in the range of US$400.
I suppose they would have offered to suspend the line immediately if I had said no.
$85,000 phone bill. "It turns out that he was being charged on a per-kilobyte basis because his unlimited browsing plan didn't cover using the phone as a modem. As a "goodwill" gesture, Bell Mobility has dropped the bill to measly $3,243."
"I have recently signed my BB 8800 up on a Telstra $39.95/mth plan which I understood was for unlimited email and internet browsing. I got the shock of my life when I checked my data usage online and saw a bill for $250+ after only a couple of days. On examining further I note that I have not been charged for blackberry.net connections but heavily charged for wap.telstra."
I do not accept the notion that these are remotely comparable situations.
I agree with you that b2c MNO fee structures are predatory.
I do not agree that the fee structure arranged between two giant corporations can be described as "predatory" when it happens to bite the ass of someone who breaks into their network and uses it to steal connectivity.
> I do not accept the notion that these are remotely comparable situations.
So you don't think that the power company got screwed here? We both know that it's unlikely that some random woman is going to be able to pay back a sum like that.
Would it really be so reasonable to expect the phone company to do something to at least warn people, whether businesses or private citizens, who are suddenly racking up over a hundred thousand dollars in charges from one phone so that they can do something about the bill?
"Warning! Our billing systems have detected that you may have inadvertently removed the SIM card from your power meter and plugged it into your mobile device. Please be aware that Enhanced Roaming Charges may apply to further usage."
"Warning! Our billing system has detected that your phone bill will be over $10,000, which is two orders of magnitude higher than any previous billing data."
As I already pointed out, this has affected more people than just those who steal SIM cards. And they should have known that an absurd level of charges were being racked up by a single SIM, so it's not like the phone company couldn't tell that it was abnormal.
The article did say at the end that they've put in measures to stop it happening again. Presumably something along the lines of monitoring usage per SIM. I would guess that it just didn't occur to the power company or Telstra that someone might steal the SIM and put it in their phone.
If I stole a SIM card and used it to download movies, I would fully expect to be liable for the cost of the data at whatever rate the SIM owner had agreed with the telco.
In this case the thief (or really the recipient of the stolen SIM) was unlucky that the data plan was a B2B contract designed for small quantities of data.
In Australia, all the mobile phone and data plans have massive penalties for exceeding your quota by even small amounts. My provider (and I suspect, all the others) deliberately obfiscates both the billing details and the plan rules to make it practically impossible to see how close to your limit your are.
To avoid crippling surprises, people to upgrade to plans they really don't need.
In the banking industry, banks are not allowed to profit from penalty fees (just recoup their losses). I think a similar approach in telecoms would be a good thing.
I say is telecom should not be allow to gouge consumers. They should not charge consumer an amount that is clearly not agreed upon.
If you have misconfigured an app on your phone and it run up $10,000 network charge in month. Will you hand over your $10,000 to the phone company? Do you think this is a fair charge?
Cap the telco off how much they can charge unless authorized. I think this is most fair for both party. Telco can cut off access, but no to gouge consumer.
Indeed. They're talking about informing the power company that someone is misusing one of their SIMs.
You know, so that they can discover the theft a bit faster than they did in this case, where it took them from November 19, 2009 until February 9, 2010. A lot less would have been stolen from the power company were that the case.
tptacek, in the scenario that I've construct, if you misconfigured an app that result in an astronomical bill, we you pay it without contest? Will you do it if you have to sell your house to pay off the phone company?
Maybe highway robbery, but pretty standard in Australia - mobile phones are expensive here. As someone pointed out in another comment, Telstra's standard price for off plan data is $2/Mb (for a consumer mobile, not a b2b contract which is presumably what the power company had). For 90Gb of data that works out at $180,000, so pretty consistent with the reported cost.
I don't understand this argument. Neither 1 day nor 10,000 days in jail repays damages to the utility; meanwhile, neither 1% nor 100% of damages serves society's goal of deterring crime. What is the point you are trying to make? That people should either be punished for crimes, or required to repay damages?
From what I can tell, virtually every crime against property has a process for settling damages irrespective of the amount of time served in prison. "10-15 months in jail AND a fine not to exceed $50,000", and so on.
The amount calculated as damages affects the kind of crime that it's categorized as though, which is why it's relevant. In the U.S. at least, if you cause $50 of damage, that's a different crime than if you cause $50,000 of damage, with different sentence ranges (same with theft, which has various categories based on dollar thresholds, and can actually switch it between a misdemeanor and felony).
That might not be the right way to do it, but it's the way it's currently done, anyway, which means that courts have to inquire into the "true" damages sustained in order to determine what crime the person should be charged with.
A solution could be not to take damages into account in cases like this, so the crime would just be "stealing a meter's SIM card and using it", which would be the same crime regardless of how much money that cost the utility.
It doesn't look to me like the detention time involved here was computed from the damages. The two issues are orthogonal. We appear to agree on this point.
They are not orthogonal. Amount of estimated damages differentiates between kinds of theft (petty larceny vs grand) and is pretty much directly used to calculate imprisonnement duration in hacking cases. Some 30000 USD/year, IIRC. That's why companies always inflate their damage reports. Severe abuse of justice for the defendant and the company risks pretty much nothing.
Companies "always" inflate their damage reports... but in this instance, the number cited came directly from their upstream billing. Can you square that circle for me?
In non-tech cases, my impression is that upstream billing isn't taken as solid proof of the amount of damage incurred. For example you might have a very expensive contract with a visits-your-house personal mechanic who you've agreed will be your exclusive car-repairer. Thus when you're hit in an accident, you automatically incur a large bill of $X, due to your pre-agreed subscription with the mechanic. But for either civil or criminal damage computation, a court would normally determine how much damage was caused by looking at what the repair cost would've been with a "normal" mechanic at prevailing rates instead.
...meanwhile, neither 1% nor 100% of damages serves society's goal of deterring crime.
I would tend to disagree with this. Having to repay damages removes the benefit associated with the crime, so for ordinary sane people, it would act as a deterrent. In my opinion, jail is more appropriate for crimes where the criminal is likely to be an ongoing danger to society and no other option (probation, mandatory classes, etc.) would have the desired effect.
It's not much of a deterrent if you only pay the damages (assuming a reasonable definition of damages, which apparently doesn't exist here).
You have a nonzero chance of getting away with the crime, in which case you don't pay - so your expected return for the crime is higher than for not committing it. This is exactly the kind of thing that higher deterrents are supposed to prevent.
I can understand being surprised, though - I can see how one would expect $100-$1000 (in actual damages, not deterrence), not ~$200 000. Theft is still theft, of course, but technology is a surprisingly powerful lever.
You're right, and I often sound like I'm blaming people for being surprised. People are right to be surprised. It's a reason, among many others, to be wary of the impact technology has on our life.
"Surprisingly powerful lever for criminality" is as good a summation of my thoughts on this as any I've heard; thanks!
Your rational argument would better apply, I think, to a black-hat hacker (say geohot, not totally blackhat but is a recent example) rather than poor, uneducated woman with bipolar disorder with a history of abuse.
That's a smokescreen. You will not find many people on HN who who think sentencing shouldn't be modified due to mitigating factors. I certainly don't think that.
But the arguments on this thread aren't only about going easy on someone simply because they're poor. They're also about how it's "highway robbery" for someone to go to jail and pay six figures for stealing a SIM card.
MAYBE an energy company shouldn't use unlocked 3G cards to insecurely transmit data and allow anyone who gets their hands on a card to rack up $200k? Just saying.
The SIM plan used by the electric company might come from a contract that favors small amounts of data transfer. A meter probably won't use many kilobytes or megabytes per month. If I were such a company I'd try to negotiate for expensive $/byte ratio and very low if negligible monthly fee, knowing I will only ever transfer small amounts of data.
To me the lesson would be that things break, and deals like this should probably include some sort of cushion. I'd be cautious of just banking on the fact that we'd never have to pick up a huge bandwidth bill because nothing would ever go wrong.
If the worst possible punishment for stealing something was that you had to pay back the cost of the item then the justice system would be doing a pretty piss-poor job of deterring theft.
That may be, but they are claiming that $193k+ is the cost of what she took, which I doubt very much is the case.
If someone steals a fake piece of art from my house worth $80, can I turn around and claim that it was the original and therefore worth millions that should be repaid to me?
However, when a utility gets a bill from an MNO for $193k for services they contractually agreed to, and that bill is a result of a criminal action or a tort, it becomes easy to establish $193k as basis for damages in court.
That contract could have been written to make them contractually liable for $75 trillion dollars. Following your logic, it would then be easy to establish $75 trillion dollars as a basis for damages.
(In US law, at least) Clauses that impose "penalties" which are not directly rooted in liquidated damages are unenforceable.
This is not a case about a penalty clause; the damages here emerge straightforwardly from the MNO's usage contract with the utility. The thief didn't stumble across a landmine clause that said "parties agree theft of SIM card incurs $100,000 of damage"; instead, the thief continuously used a metered service that resulted in a 6-figure charge.
One imagines it would be possible to dispute a six-figure liquidated damages claim by arguing that the metered charge was devised in such as way as to deliberately create a penalty clause. My point here being, these things aren't so black and white as to be trivially adjudicated by geeks on a message board. But I think we all in the back of our heads realize that the fee structure for smart meter mobile data isn't an elaborate scam to entrap SIM card thieves.
So, no, your example doesn't work. Companies cannot simply write "you owe me a zillionty squillion dollars if you steal my stuff" and have that hold up in court.
I wonder, however, if the power company will itself actually suffer $183,000 in damages. Every time I've heard of someone accidentally racking up insane charges like this, they've been able to negotiate it to something reasonable.
So I do believe that knowing the true damages, and not just the dollar figure specified by the contract, is relevant here.
The power company is presumably already forking over a huge amount of money to Telstra every month for data. This one event would have been a spike, but not a crazy dominant one.
If you or I accidentally ran up $200K in charges due to somebody stealing our SIM then yes, we could probably negotiate it down. In a big-business-to-big-business context, though, Telstra is as likely as not to say "Hey look, that's what the contract says, you signed it, so suck it".
Without any information to the contrary, I'm willing to believe that if the court decided that the actual damages to the power company were $183,000, then the actual damages were $183,000.
The two companies can write whatever they like in the contract between themselves. You seem to agree that the contract should be held to some standard of reasonableness where it is used to establish damages caused by some third party. You think 200K is reasonable. I do not.
The position you're advocating is that a contract between two private companies should be used to calculate damages for a criminal act. That's a very bad idea - it makes those companies legislators.
If the court considers the value of the item and agrees with the valuation of the shopkeeper then no.
If the shopkeeper says the loaf of bread was worth $200K and the the court doesn't question the amount because the shopkeeper has been billed $200K for replacement of said loaf according to a contract with the bakery, the shopkeeper and the bakery have legislated the punishment for the crime.
Besides, "eighty bucks" is a silly estimate anyway. Nobody in Australia will sell you unlimited 3G data for twenty bucks a month. If you think that's unfair compared to other countries, remember that Australia has a population density of two people per square kilometre, and that Telstra actually has a pretty darn good coverage in their 3G network (Optus and Vodafone are cheaper but can't be expected to work reliably outside major cities).
Somebody mentioned $22 a gig... well, the highest-data plan on http://www.telstra.com.au/mobile/browsing_packs.html is $69 for twelve gigs a month, with excess data charged at five cents a meg, or fifty dollars a gig. That sounds like a lot, but as we've said, the 3G network really isn't designed for individual customers doing terabytes of data per day... they clearly don't want you using 3G in that way.
But isn't it likely that the meter owner might strike a deal for thousands of devices which each send a very minor bit of data once or four times a month, and be able to structure that contract a little differently?
Most certainly. I'm just pointing out that $200,000 is, in fact, consistent with the prevailing market rates if you choose to download terabytes worth of data on your 3G modem.
We really don't know anything about this woman's financial situation apart from the fact that she's on a disability pension. A fine of $200K may not be "destroying her" financially. (Remember, this is Australia, where it's hard to buy a house for under a million dollars nowadays...)
Well then she should have used a reasonable rate plan and only spent $80, instead of using someone else's plan and racking up hundreds of thousands of dollars of their money.
She is a clueless, poor person. I agree she should be punished somehow, but this is a life devastating sentence, especially the $193K. How can you be so draconian?
If we want to follow the law to the letter we don't need judges, something like Watson would be more than adequate (and cheaper).
If Aurora actually paid that 193k, then she should repay them for it. But it's not clear to me from the article that they did, and I can't really imagine that they did. If Aurora never paid that bill, she ought to be liable to Telstra for whatever she can get them to reduce the bill to.
There's no indication that she's clueless or poor. A clueless person probably wouldn't have any use for the insane amount of data she downloaded. And a court probably wouldn't impose a $183,000 fine on a person who was both poor and disabled.
She's on a disability pension, but disability pensions aren't means-tested.
"You are 33 years old. You have one conviction for stealing in 2002. I accept it was probably a relatively minor matter because it was dealt with by way of a fine. Your upbringing was unstable in the extreme. You lived in the streets for most of your teenage years and became involved in drinking alcohol and drug taking. You have been diagnosed with depression and bi-polar disorder. You are socially isolated and spend long periods at home alone and accessing the Internet. You have no family support being largely estranged from parents and siblings. You are in receipt of a disability pension. You have incurred debts and have difficulty managing money. It is doubtful that you will ever repay the money stolen by your use of the card."
Evidently she spends a lot of time on the Internet, so she is not clueless in that sense, but from this description she doesn't sound very educated either.
Strikes me as it shouldn't be a question of if she knew, but rather is several months of Internet access worth nearly $200k?
Taking dspillett's example, if what the victim claimed (and even believed) to be a priceless Stradivarius actually turned out to be a modern mass-produced instrument, it'd be deeply unfair to make the defendant pay as if it were.
She almost certainly knew that she should not be using it. If I stole a priceless Stradivarius would I be punished any differently if in court I claimed to have thought it was just a cheap bit of wood with some strings attached?
The sentence does seem harsh to me too, but generally speaking ignorance is not an acceptable defence espscially when the ignorance is not knowing/caring about the scale of the offence rather than just being ignorant that it is an offence at all.
If I stole a priceless Stradivarius would I be punished any differently if in court I claimed to have thought it was just a cheap bit of wood with some strings attached?
Quite possibly. Intent often matters, e.g. involuntary manslaughter vs murder.
Actually, this is not true (at least in the US... not sure how it translates to other common law countries). Your mistake about the facts doesn't excuse you if you still knew you were committing a crime. (I'm having a hard time finding a concise source, but try googling "strict liability for grading").
As for murder, the penalties there do differ depending on your state of mind, but that's not an issue of mistake (you can't try to third-degree murder someone but mistakenly first-degree murder them).
Not to say I agree with the punishment in this case, though.
I agree you can't try to 3rd-degree murder someone and accidentally 1st-degree murder them, but you can try to non-fatally injure someone and, due to being mistaken about the facts, end up killing them (e.g. because you were mistaken about the effects of a poison you used). In that case, you do indeed get convicted of a lesser crime, if the court/jury believe you.
In the theft and criminal damages context, you could have an analog, though we don't currently, where being judged guilty of one of the more major theft or damages offenses (like "theft over $X") requires an intent to cause that level of theft or damages. If you meant to cause $50 in damages and actually caused $50k, that could be a lesser offense than if you meant to cause $50k in damages. You'd be found guilty of essentially "damage over $X but with intent to only cause damage under $X", the way 3rd-degree murder and manslaughter are lesser offenses due to the lack of intent to cause death, even when there was intent to violently injure non-fatally.
I'm still in law school, so I can't claim expertise yet, but my understanding is that accidentally killing someone while purposefully injuring them would be 1st-degree murder.
When you get excused is if you didn't act purposefully... e.g. if you drive your car recklessly and kill someone you'll be guilty of manslaughter. If you purposefully hit someone with your car you'll be guilty of murder even if you only meant to break a few bones.
that. and if the priceless stradivarius was trhow into the sidewalk like any other cheap violin. i doubt the case would take much the priceless part into consideration
But the SIM card was not just discarded where it could be picked up idly. To get at it a device had to be opened. OK so opening the device to get to the SIM probably wasn't difficult, but neither would be opened a violin case and you would not "accidentally" open the device and be surprised to find a SIM in there...
you are correct. but i was not saying anything about the SIM card theft. i was talking about in which case stealing a stradivarius might have it priceless value ignored by the judge.
A priceless stradivarious is a totally different ballgame than a very easily priced amount of gigabytes of 3G transfer. Some sense of market prices for what she actually used should have weighed in here, but obviously it didn't.
As I said elsewhere, even on Telstra's most data-generous plan they charge $69 a month for the first twelve gigs and fifty bucks a gig after that.
Basically they have a pretty tenuous, very expensive 3G network to serve an enormous sparsely populated area and they really don't want people to use it to download large amounts of data. They're happy to sell you a wired link for that purpose.
That is the same amount that Aurora was charged for the network access; essentially, she was ordered to make Aurora whole, which is basically the whole point of a civil action.
It certainly didn't cost Telstra $193K, and I seriously doubt Telstra held Aurora to that charge, at least not if they wanted to keep them as a customer.
NYC Cabs charge $2 per mile while their driving. So a 20 mile trip costs $40. But you're arguing that since the car gets 20 miles per gallon of gas, it should only cost $4.
Our product supports GPRS based barcode scanners which send data to our application. To prevent precisely this thing from happening, we advise our customers to make a special deal with the mobile carrier to ensure that the SIM card can't be used in any other device than the barcode scanner.
Considering that there is such a simple technical solution (IMEI lock) to this problem and considering the amount the Telco charged for the data in this case, I really think that the punishment here was too harsh.
The power company should at least pay for some of the charges due to not using a simple technical precaution (which, according to the article, they implemented for later customers) and the carrier, well... where I live extortion is a crime in itself and charging 193K for data traffic is just crazy.
Power companies were some of the first customers on Telstra's new M2M platform so it seems it wasn't standard operating procedure to lock the cards/accounts down at first. "An Aurora spokesman said once the company became aware of the problem [of unlocked SIM cards] with a small number of the company's meters it had taken steps with Telstra to prevent it recurring."
Telstra are the major Australian telco, and for a number of years (and still in a number of areas) pretty much a monopoly. They're infamous for their price gouging.
So, how could someone ring up $200k data bill? Here's Telstra's current mobile phone plans http://www.telstra.com.au/mobile/plans/phone_plan.html
Note, this includes a whopping $5 data/month at the bargain rate of $2/Mb
It wasn't that long ago they were selling 3 year, $29/month adsl plans that included 200Mb (yes, Meg) of data, and then charged $15/Mb for any used over that
Don't want to be devil's advocate here, but it clearly states on that page: "$2 per MB. You can add an extra 1GB Browsing Pack for an extra $10 a month." Not even in gray tiny text, and that doesn't sound overly expensive. // Okay I'll go wash my soul now.
News items like this make me sad. Reading the callous comments here (from people far more privileged than the convict) is even sadder. This and the misguided porn raid that was covered 2 days ago... and these are the ones that appear in HN. How many such injustices happen every day?
I think law schools should have mandatory "Internet Technology & Law" classes. I used to think that the judges in cases like music piracy were just dishonest and in bed with RIAA. Now, I understand the situation is even worse: they are totally clueless about basic technology. And, obviously, they are not intelligent enough to have a health curiosity and learn about these matters (the US Supreme Court judges, for example, have demonstrated that they do this).
I think law schools should have mandatory "Internet Technology & Law" classes.
I have no reason to believe that that interesting suggestion would help solve the problem you identify. My basis for saying this is that I attended a law school in the United States, where as far as I know all law students have to take a course in United States constitutional law to obtain their degrees, and yet I graduated in a class that included graduates who acknowledged to me that they had never, ever read the entire United States Constitution (which is only a few thousand words long). Making a course a required course does not seem to guarantee that students will learn the expected knowledge to be gained from the course. Isn't the same result found in university computer science courses?
Do you think people in the legal system will necessary make the case decisions you desire if they become more familiar with your preferred subset of industry knowledge? That's the nub of the issue here. The thread is a complaint about a judicial decision. The one thing judges become practiced in doing is evaluating which parties to a case are b___s____ing and which parties are being straight with the court and law-abiding in their actions outside court. A trial judge's judgment can be reversed by an appellate court if the appellate court determines that the trial judge misapplied the law to the case. But it is a rare circumstance when an appellate court reverses any finding of fact by a trial judge, because trial judges see the witnesses, review all the evidence submitted by all parties to the case, and hear motions from all parties about evidence should be admitted.
In general, I think that most young people who attend law school are more knowledgeable about the law after attending than before. (I cannot say the same with confidence about young people who attend colleges of education with respect to teaching.) But as someone with a legal background, some of the statements I see here about why the Australian judge's decision was an outrage are not convincing to me. Are you willing to consider the possibility that if all readers of HN became much more knowledgeable about the law, they might perhaps disagree with the dollar amount of the judgment, but support the finding of liability in the case?
Interesting. You're right, it happens in all vocations, students retention of material varies in direct proportion to the perceived importance of the topic. Not many people will work on constitutional law (not much money there, I guess); however, just by such reasoning the Internet Law course should be a hit, because cases involving technology are skyrocketing and will only increase.
Hmm, it seems Stanford Law school has tons of courses in 2nd/3rd year dealing with this, e.g. http://www.law.stanford.edu/program/courses/details/481/Comm.... I guess other law schools have it, too. So maybe we just have to wait until the tech savvy judges filter through the system.
So maybe we just have to wait until the tech savvy judges filter through the system.
By which point, probably about a generation from now, some new issue will have come up that our once-savvy judges are now clueless about. Serious question: is there any way to solve the insane round trip ping times between law and technology?
I don't understand your argument, because you've buried it under multiple layers of emotional appeal. Instead of passing judgement on the commenters on this thread, I think you'd be more persuasive if you started by composing a sharp argument for how the judgement here was "technically clueless". You should be prepared for people to rebut that argument.
Fair enough, "law is reason, free from passion" and it should be, so let me gauge back the emotion and analyze the sentence more rationally!
1) I am not trained in law in general, or Australian penal code in particular, but I don't have to be: There are some legal decisions that you just know are wrong, even though you may not be a legal expert, e.g. cutting off the right arm for theft (in sharia law), death penalty (exercised in Singapore and other countries) and death penalty in general, prosecuting minors for texting their own revealing photos, etc. Nassim Nicholas says in The Bed of Procrustes "My biggest problem with modernity may lie in the growing separation of the ethical and the legal." I feel this to be the case with this verdict, i.e. the law has been applied to the letter, without regard to the particular circumstance.
2) The "technical cluelessness" of the judge comes about from his prima facie acceptance of the charges applied to the usage. Aurora was billed $193,187.43 by the provider Telstra for data transfer between 19 November 2009 to 19 February 2010, approximately $64K a month. It is stated (http://www.supremecourt.tas.gov.au/cops/monks_k_m) that she has downloaded movies among other Internet activities (interesting that they didn't bring in piracy charges for the movies), the exact number of movies or the amount of data downloaded is not stated (this is one question the judge should have asked). The conviction is presented as "she has downloaded $200K worth of data, which is erroneous, this is what Aurora was billed. This is akin to RIAA suing for $9K per shared song (http://www.wired.com/listening_post/2007/12/us-department-o/), this doesn't mean that a song is "worth" that much. I am assuming that the 3G account for this SIM card is sporadically used for a high amount per megabyte. So what they did is to charge all Monks' usage using that rate. The judge could have investigated the amount of data usage and based his conviction on fair market value of that.
3) Now for the special circumstances, perhaps the more "emotional" part. As the judge describes
"You are 33 years old. You have one conviction for stealing in 2002. I accept it was probably a relatively minor matter because it was dealt with by way of a fine. Your upbringing was unstable in the extreme. You lived in the streets for most of your teenage years and became involved in drinking alcohol and drug taking. You have been diagnosed with depression and bi-polar disorder. You are socially isolated and spend long periods at home alone and accessing the Internet. You have no family support being largely estranged from parents and siblings. You are in receipt of a disability pension. You have incurred debts and have difficulty managing money. It is doubtful that you will ever repay the money stolen by your use of the card."
Not much more need to be said.
4) Here's the judge's main reasoning:
"That must operate to demonstrate to you that you cannot repeat this type of offending but also to demonstrate to others that, even though the initial theft of the card may not have been yours, your taking advantage of that theft to the extent you did will not go unpunished. I am conscious that you live in rental accommodation and that you may lose that if jailed. However, there is no choice in my view other than to impose a custodial sentence. However to recognize the mitigating factors and your prospects of rehabilitation with support, that will be partly suspended."
So, although he sympathizes with Monks' situation, he want to make an example out of her. He mentions that Monks will probably lose her rental accommodation if jailed. It is clear that she is incapable of paying back the compensation levy of $150 (will this bring additional fines?), let alone the $193K. If they are not going to get their money back, what good is the fine? It is clear that this is a message to everybody else.
5) What riled me in this case is that everybody is so sympathetic with RIAA cases, but when it comes to this case, which, in effect, is pretty much the same, people suddenly become strict law enforcers.
Intelligence is hard to define but I think the biggest component is a healthy curiosity for everything. If topic is related to your job this counts as double. Seeing judges not having a grasp of basic knowledge related to the Internet, when there are so many resources they can get information is inexcusable.
Judges basically rely on the trial lawyers to do all the research and package up all the information needed. Being able to detect BS in a description of the inner working of the internet or an ISP probably requires more background reading than that.
But at least some of the blame probably goes to the lawyers involved.
This sounds like the basis of a good argument for switching to an inquisitorial legal system (instead of an adversarial one). I find it unfortunate that a defendant has to be aware of and actively pursue every option for defense, and that "fact" within a courtroom differs from "fact" outside the courtroom. This is especially troubling because of the highly asymmetrical nature of the legal encounters the average person may have in his or her lifetime (e.g. corporation vs. person, government vs. person).
It's quite possible she got some useless lawyer representing her through legal aide. So a) they may not be smart enough to think about questioning the absurdity of the $200k b) they may not even care.
The smart meter probably doesn't transfer that much data under normal circumstances. I'd assume most of the expenses were due to exceeding the "data plan" for the card.
You don't think the power company is actually paying for a full $30-$40 a month 3G data plan do you?
This is actually pretty standard for these kind of cellular data collection systems. The company negotiates a ridiculously monthly rate for a bulk volume of devices, on the premise that those devices will be using very a low and probably consistent monthly amount of data.
In return, they usually have a very low data allowance and high to very high overage charges. Basically, it puts the pressure on the company to ensure that their equipment is properly configured and really doesn't use a large amount of data.
That's silly. These SIM cards are used for very low monthly transfer. The companies agree to them _because_ the devices won't use much bandwidth. Properly configured devices (i.e., when SIM cards aren't being stolen and used in laptops) will not ever encounter these overages.
So, why don't they internally cap the data available to a card of that type? This is a technical solution that would take what, 10 minutes? 20 minutes? Rather than allowing someone to run up $193k of overage charges (all the while cackling manically and rubbing their hands), why not behave in a reasonable fashion?
In effect, this charge is a life sentence to a person. You don't expect the lady to pay this back anytime in the next 30 years, do you? Bear in mind that she needs to fulfill her regular needs with a criminal record hanging over her head. And since the fine is administered by a court, I don't imagine that it will be defaultable.
If an individual did this to someone, there's no doubt that it would be looked-upon differently. It's done by a corporation with no physical body and people defend it.
The goal of a society should, in general, be to construct a reasonable, fair place for people to live. This woman did not get treated fairly.
Sure, a technical solution can and, probably, will be looked at at this point. That said, your blithe assumption that it's twenty minutes of work does belie an ignorance of how this stuff works. And you're castigating them for not putting one in place when it hasn't been, to the best of my knowledge, a significant issue in the past. Had there been a previous rash of SIM card thefts, something very well may have been done in the past.
In other words, I am reasonably certain that you have decided on your conclusion and are working backwards from there (see your nonsense about "cackling maniacally"). I am rather certain that this is an unacceptable way of looking at business or law.
As for whether the fine is equitable--well, let's see:
* The overage charges were part of a legal contract and agreed to by both consenting parties.
* An third-party agent--the thief--unlawfully incurred charges on behalf of the power company (charges that, one can presume, would have been an acceptable, if regrettable, cost of doing business had they been incurred, for example, due to a software fault in their power meters).
What do you think should happen? Do you think the telco should not be paid according to the agreement for their account? Should the power company pay it despite the SIM card against which the charges were levied being stolen? Or should the fine be levied against the thief who committed the wrong?
As is likely apparent, I am of the opinion that the thief should be forced to make good on her damages. They are not illusory damages; _someone_ will be made less than whole if the thief is not expected to provide compensation. And, no, I don't expect her to pay it back. But it is her obligation to make whole those she has wronged. Doing otherwise is neither reasonable nor fair.
The unforeseen cost of her action is quite high. That's unfortunate. But, at the end of the day: if you commit a crime against another person or entity, you _are_ culpable for the results. If she did not want to be held responsible for the results of stealing another's property, she shouldn't have stolen it.
Eropple: As is likely apparent, I am of the opinion that the thief should be forced to make good on her damages. They are not illusory damages; _someone_ will be made less than whole if the thief is not expected to provide compensation. And, no, I don't expect her to pay it back. But it is her obligation to make whole those she has wronged. Doing otherwise is neither reasonable nor fair.
Keyword: damages. Damages are not the same thing as missing out on an opportunity for profit through means of extortion.
Sure, she should pay for her damages caused to Telstra--they just need to give her an itemized receipt of expenses that she caused the company. This might include the amortized cost of hardware, maintenance, support staff, etc. However, these costs would certainly not include Telstra's insane profit margins. The purpose of most legal systems (Australia's too, I hope) is to maintain justice, not to serve as an alternative means of doing business. Somehow, I think Telstra might come up with a slightly smaller figure than 193k if required to itemize their damages.
The woman was not a party to the contract, so the damages should not be the contractual damages but the real damages incurred by telstra. Remember that what she actually stole was bandwidth from telstra's network, the method by which she did it hardly matters. $10.000 is a way more reasonable figure, even taking a profit margin for telstra into account. Asking for 200k in damages is using RIAA math.
Even at 200k, there has to be a sense of scale. Essentially this decision destroys her life. Leeching a bunch of movies over the course of 4 months is hardly worth having your life destroyed over. The crime does not match the punishment.
How exactly do you calculate what a profit margin for Telstra is? This I'm honestly curious about, as it seems to come off as rather kneejerk, more "this is what I think you _deserve_" than "this is what was agreed to as part of the contract that governed the use of this device."
Personally, I find the market value of the service - i.e., the stated rates of the contract - to be a reasonable starting point. If one finds this to be too high, perhaps one should not have stolen things in the first place.
She didn't know the "market value of the service." She knew the market value of consumer 3G, assuredly, but I wouldn't expect anyone who wasn't a telecom contract negotiator to know what power companies would be paying. Thus, your last sentence is meaningless: I suspect that she would indeed have found this "too high" if she had known, but rather would have been willing to pay a consumer-rated fine.
Say I steal a car. This car has a child in the back seat, but I am not aware of that. In fact, I go on being unaware of this for the whole time I am in possession of the car (and the child is fine, somehow.) When I am caught, do I receive the punishment for kidnapping, or simply for grand theft auto?
In the U.S.? Kidnapping, almost assuredly. Probably depends on the prosecutor. As it should - you kidnapped a kid. Doesn't matter if you knew he was in the backseat; you did it.
The cost of data on cell-phone plans has most certainly been an issue in the past. There are simply too many cases to cite. My service provider in the UK limits my data to £40/month and texts me to let me know that it is is over £20 when abroad. The same thing can be done in every service provider in the EU as far as I know. I don't for a minute think that Australia's telcos wrote all their own backend software and I don't believe that this would be a high technical cost. Everything that I ever read about service plans in Oz say that the telcos there are particularly bastardly and this story resonantes with that quite precisely.
As part of the fine, the telco should be made good on damage accrued, i.e. the actual cost incurred. I certainly don't expect the court to allow them to profit on the crime. The contract was between the power company and the telco. Since the data was not used by the power company, I don't see that the contract is a valid point of reference at all. If I cut through a mains water pipe and spill 20,000 gallons of water, should I be charged at $10 per 200ml as I may be charged that somewhere else in the country? No, that's ridiculous - it's the same argument that record labels use to calculate 'damage' from file-sharers.
"As is likely apparent, I am of the opinion that the thief should be forced to make good on her damages. They are not illusory damages; _someone_ will be made less than whole if the thief is not expected to provide compensation."
I agree with you! But saying that the telco will be made less than whole if they aren't paid according to a contract that she didn't know about (which gives unfeasibly high weighting to data charges on a plan she didn't know about and which has no relation to the cost of the data transfer) is absurd.
"The unforeseen cost of her action is quite high. That's unfortunate. But, at the end of the day: if you commit a crime against another person or entity, you _are_ culpable for the results. If she did not want to be held responsible for the results of stealing another's property, she shouldn't have stolen it."
You're not charging her cost. You're charging her almost pure profit.
Sure seems like someone should have looked at their data bill more often than every four months. So did they shut off the SIM once they knew it was stolen and being used, or did they allow her to rack up those ridiculous charges on purpose?
It sounds to me more like Telstra's standard rip off charging. Their excess usage charge across all plans (I think it's 25c/MB though has been higher in the past) and causes all kinds of problems where people (the ones who don't understand what a megabyte is) get $1,000+ bills without really doing all that much. A lot of these cases end up going to the ombudsman for resolution, so it's a hassle for all involved.
> using a stolen SIM card to download almost $200,000 worth of data from the internet.
What does '$200k worth' of Telstra data look like anyway?
If you're prepaying at the highest levels[1], it's $1.50/GB up to 10GB. If it was this, she must have downloaded a little over 130TB of data or been subject to one hell of an overage charge. Seems unlikely.
If you're using their 'extreme usage' standard plan[2], it's $5/GB up to 120GB, which may well be enough for dozens of movies. That plan is $600/mo or $15k over 2 years. Which means she's being accused of stealing over two decades' worth of their highest consumer data tier.
Either something's up with Telstra's corporate data rates or there are some incredibly customer-hostile penalties attached to these things.
Telstra almost certainly has a special deal with the power company--extremely low per-device rates for consistent very low bandwidth usage. They have a ton of these power meters out there and they don't exactly need a multi-gigabyte network plan.
Those overages are as high as they are because they're a deterrent from the power company from fielding broken hardware that uses more bandwidth than it should.
I assumed there must be some kind of special deal going on but the shape of it eluded me. This sounds reasonable. It also suggests the idea of bug/theft insurance for corporate hardware use - pay a little extra and maybe we'll alert you when your power meters develop a hunger for torrents.
Come to think of it, shouldn't Aurora have noticed a meter dropping off the grid and taken action to shut down that data account?
What I hate most in such cases is that the telco will just sit silent until it presents you an insane bill at the end of the month. How hard is it to implement a system that would compare each customer's last day's spending with their own 75-percentile daily spending over last 30 days and alert them of extraordinary activity? That would prevent 70% of such problems. 99% if something similar was implemented for roaming charges.
While I agree with your sentiment, we aren't talking about an MNO's business-to-consumer billing relationship; we're talking about the vastly-more-complicated relationship the MNO has with an electrical utility.
By way of comparison, if I accidentally spin up 4x as many EC2 large instances as I needed, I don't believe Amazon has a system to send me a message saying "you are doing something dumb, stop it".
My university does this, and sends me an email the second my bandwidth usage is showing 'unusual activity', usually triggered by skype (since it uploads a lot). So, not too hard.
But your university gives you a flat fee for bandwidth, does it not? If so, then their incentive is to help you use less. A telco which offers per-GB rates would rather you use more.
Exactly, so in this case the consequences to the convicted woman was a double whammy: the huge bill exaggerated the scale of her crime, which meant the uncompassionate legal system punished her with a jail term to match the "damages".
The legal system failed both in its discretionary punishment and in regulating the telco enough to avoid this situation and protect consumers.
This was a huge failure for the phone and energy company. There is no reason that kind of use should be allowed in the first place. Here in the US, a lot of GSM based alarm systems have SIM cards in them, but they are access controlled to prevent such theft and abuse. I'm not trying to excuse the woman's behavior, but Telstra needs to get their act together to prevent similar crimes in the future.
It shows that Aurora are being bent over a barrel by their suppliers data rates.
Negligent for not securing their meters and SIM cards better in the first place.
Do we really believe they didn't negotiate the bill down with their supplier when they found out about it. Even Telstra is usually willing to help out a little.
I'm confused. It sounds like she was given the sim card and didn't know it was stolen. Does Australia not do mens rea? Or does it not apply here for some reason?
I mean, common sense says she didn't think she was doing anything wrong.
It sounds like she was given the sim card and didn't know it was stolen.
That was her second story. Her first story was that she didn't know anything about it. Her second story was that some man she met on the internet (whom she could not identify any further except to give a name, despite the fact she had presumably exchanged physical goods with him) decided to ask her (a random stranger) to download a bunch of data for him because his modem was broken (despite the fact that they had no trouble talking on the internet).
It sounds to me like a completely bullshit story. I assume the judge saw it the same way. In fact, I'm guessing there was some other evidence which didn't get included in this story -- surely the electric company knows exactly whose meter the SIM card comes from?
I have a feeling that quite a few nerds would be pissed off enough about this to donate a cup-of-coffee to a "keep this poor woman out of jail" fund.
That, and hopefully something like that would bring publicity to the absurdity of this.
Granted, yes, what this woman did was completely wrong, and she should be punished for it. That punishment should be about on par with people who use cracked smart cards in their satellite receivers.
This nerd will be drinking my cup-of-coffee, not donating to keep a crook out of jail.
The only similarity between this and satellite crackers is that they both involve smart cards. (And the satellite people can pay for their own crimes/torts as well - keep MY coffee out of it).
I see many people comparing to consumer data plans, or even linking to Telstra's plans. That's pointless.
The power company is not using one of the standard Telstra plans. Think about it--the cheapest plan linked to is a minimum of $30/month. Does anyone really think the power company is going to be spending $30/month/meter to collect meter readings?
Of course not. They will have some kind of special rate structure where they pay a small or no monthly fee, and either have a small data quota, or perhaps have no quote but pay a fairly high rate per byte starting at the first byte.
Same thing happened here (South Africa) only on a much bigger scale. Hundreds of them were stolen. Can't remember what they were used for though (Wasn't smart meters).
I feel the supplier should carry part of the costs. Unlimited SIMs easily accessible with zero safeguards should attract a stupidity tax.
Interestingly the some of the sales material states "If a system is using more data than anticipated, Telstra Wireless M2M [Machine2Machine] Control Centre can alert you or automatically message directly to a device installed in the vehicle. Automated alerts and business rules monitor the health of the devices and instantly modify services based on exception activity." Guess Aurora weren't taking advantage of that.
"dozens of movies" for 193k? If she downloaded 199 movies (assuming they'd say "hundreds" if it were 200 or more) at 4GB each that's 796 GB or $242.46/GB. Sounds more like the power company was getting ripped off by their data provider.
3G bandwidth is a limited resource. There should be a way for clients to pay less if they know that they use little. However 3G providers misuse the deals with limits by charging insane amounts per megabyte made over the limit. Of course, they can lower the transfer rate instead, effectively helping the client not overcharging due to an error (because it's always an error). They don't do it because their nasty business model in such case is based on the clients who unknowingly make the error and pay dearly. Crooks.
In any sense, this phrase "...3G providers misuse the deals with limits by charging insane amounts per megabyte made over the limit." would be a textbook definition of usury.
There would be a certain amount of included data allowance per month for a set fee, and data use over that amount would be charged at a very high rate per MB.
Government monopoly. It's in Australia which has a telco monopoly.
Internet is very expensive there. I was there as a tourist and left earlier than planned because it was so hard/expensive to get internet access. In third world countries on the same trip it was easier/cheaper to get internet access than in Australia.
Does seem like excessive punishment to me, especially for someone who is in such hardship. Did Telstra really lose $193K on this incident? The cost to the state to imprison such barely harmful acts is definitely not worth it. All she deserves is a slap on the wrist, a small fine and some probation time.
Sigh. Except of course Tasmania isn't part of the US but one of the 6 states making up the Commonwealth of Australia. Otherwise it was a great theory...
People wonder why "women" find certain fields distasteful. came to HN: Number one topic for comments - about a "Woman".
Why say she is a woman? Depressing. Is it required? No it is just to stress the fact that women are stupid and perhaps deceitful than men. Yet my empirical suggests otherwise. So sad HN.
He said "woman" because it is the most frequently used term for "female human". [1]
Maybe it's just my poor english skills, but I see nothing implying that the woman was stupid in the title, not even some kind of subtle feminist-troll-bait. If anything, the title was suggesting that charging 200k for any amount of data one person could download with conventional hardware is ridiculous.
So could you kindly explain in simple words for the poor brain-atrophied male human I am[2], what in this title could be read as "women are stupid" and not as "a poor soul got screwed by a greedy telecom operator and an uninformed judge" ?
[2] Feel free to use this confession for a generalization about all men being stupid, I am sure we will all find it very amusing and some sarcasm-fu masters might even generalize in response that all feminists are paranoid.
I agree that it doesn't matter, but it's entirely conventional for "Man" / "Woman" to be used in news story headlines, so your charges of sexism are silly.
When I read stories like this (which I took care to do before commenting here), I wonder what hackers who are attempting to build software-as-a-service web-based start-ups think about this? Is it just plain immoral for a builder of a service to make a living from the service? Are creators of intellectual property not entitled to any protection of their property? Do you really want to live in a world in which any potential customer can steal your service rather than pay for it?
I don't want to live in a world where relatively harmless people receive draconian punishments for minor offenses but bankers steal billions without a sour glance.
But if I must choose, I'd choose the former over the latter even though it makes it more difficult for me to make a living.
This is a horrendous miscarriage of justice. 4 months internet access = approx $80.