The publication two weeks ago by Wired Magazine of the tale of an Arizona programmer facing prison time over software used in connection with online gambling has reraised serious questions about prosecutorial misconduct in pursuing gambling-related cases.

Titled “Write Gambling Software, Go to Prison,” the piece by Kim Zetter explored the story of Bob Stuart, whose family-operated Extension Software generated about $2.3m in sales, largely to offshore companies who in turn sub-licensed the software to firms running online gambling sites, including sportsbetting.

The charges brought by New York County, NY prosecutor Cyrus R. Vance Jr. were for aiding and abetting illegal gambling, even though the prosecutors didn’t declare exactly which companies Stuart and Extension Software aided and abetted, nor how Stuart could be responsible for the use of his product in jurisdictions where it was and is fully legal.

And there was worse. Wired published an excerpted page of a plea agreement proposed by the SDNY to Stuart, in which Stuart would be “allowed” to plead guilty to two felonies connected to money laundering and abetting gambling, as long as he agreed to secretly install backdoor code into his program that would allow the DOJ to spy on anyone using Extension Software’s product, Action Sportsbook International (ASI).

As the published document shows, Stuart was expected to dance to the District Attorney’s every whim. Here’s the actual text:

Robert Stuart shall actively participate in ongoing investigations by the District Attorney. Active participation shall be as the District Attorney directs and only as the District Attorney directs. Active participation may include, but is not limited to, engaging in transactions, attending meetings, aiding in the design of software used to obtain records, usernames, passwords, and other information stored on websites using ASI, making telephone calls, and recording, or consenting to the recording thereof, transactions, meetings and telephone calls.

In other words, the SDNY asked Stuart to agree to install extra code in his program to essentially steal all customer information and transactions. Given that most of Extension’s customers are offshore themselves, and were open to sportsbetting from worldwide customers (not just the US), the above represented an attempt to violate the privacy codes of just about every other country in the world.

When Stuart refused to sign and agree to enable spying by the US, Vance and the SDNY went ahead with the indictment.

The story is a huge “wow,” even if half the outlets that re-reported it didn’t catch the fact that the indictment itself was old news. But it’s not a “wow” because of the US government attempting to go after a programmer, as the Wired story and title would have one believe.

Indeed, this isn’t even the first time programmers have been targeted. David Parchomchuk of ThrillX Systems was targeted in a similar way by Maryland prosecutors in conjunction with that state’s Blue Monday crackdown against other offshore sites in 2011, an indictment which was made to go away in a minimum way not long after.

The extent to which the responsibility for the software’s final use was being stretched here should be evident from the bluster in SDNY attorney Vance’s PR quote:

These defendants abetted large-scale illegal gambling in the U.S. and abroad. In doing so, they gave bettors an easy way to place illegal wagers, and created an appetite for further unlawful activity.

But as Wired discovered, there was a lot more to the story. And there may even be more to this than Wired knows.

UltimateBet Parallels

As one of the leading researchers and writers on the Absolute Poker and UltimateBet insider cheating scandals, I’ve learned a great deal about the operations and history of those two sites, in both the people involved and the other sorts of business they ran.

UltimateBet, in particular, is a comparison worth bringing up in conjunction with these recent Stuart/Extension indictments. UltimateBet’s parent company, Excapsa, was a thinly veiled operation that pretended to be out of Toronto but was in reality run out of Portland, Oregon.

UltimateBet was born from a concern called ieLogic, which produced a product called ieSnare that was used throughout the online gambling industry. The product was developed primarily to stop credit-card fraud by identifying and cross-linking customers’ computers and internet connections.

Eventually, after ieLogic moved to the tallest building in Portland, occupying an entire floor of the monolith known as “Big Pink,” the company was split into two. ieLogic itself was transformed into a holding company (Excapsa), while much of the actual software development behind ieSnare was transitioned into a new company, called iovation.

Iovation with its new non-gambling face, was targeted toward major, mainstream US concerns, including Intel and Hewlett-Packard. The company still offers ieSnare and related spying (“anti fraud”) products. And, all the iovation business went on right across the hall from where UB decision-making still occurred.

The problem with the Stuart story? This writer/researcher is aware of the plethora of evidence that federal prosecutors already possess—and have had in their possession for years—regarding the real nature of UB and the roles of its primary executives. Those included poker players such as Russ Hamilton and Mansour Matloubi in addition to ieLogic/iovation business and software execs Greg Pierson, Jon Karl and others.

Then there are the rumors. Among the things I’ve been told (but cannot confirm) is that iovation has been involved in some sort of government contract in connection with its ieSnare suite for several years. Can I prove it? Of course not, nor is iovation likely to pick up the phone and offer relevant info.

Yet the known facts regarding Pierson and other iovation execs, just as with Hamilton, dwarf by orders of magnitude the allegations against Stuart, the Arizona programer. Those facts and documents, which the DOJ surely possesses, also include every bit the same type alleged aiding and abetting, in this case by allowing a similar cast of offshore sites to process payments with less fraud.

It’s just a small portion of what iovation/ieLogic/Excaspa/UltimateBet was involved in. And yet Pierson and Co. have never been charged… with anything. True, this is a charge brought by a New Yourk County DA, not the feds, but inter-jurisdictional cooperation on gambling matters happens in NYC as a matter of course. It’s hard to believe that Stuart and this matter isn’t also somewhere on the DOJ’s tracking list.

Stuart being charged here doesn’t make any sense anyway, and it’s hard to imagine the feds not getting involved in one of these offshore gambling cases when they have the chance; the SDNY has shown intense interest in such matters. Or perhaps those unsubstantiable rumors have merit. At the risk of being labeled a conspiracy theorist, which I’m generally not, there’s sometimes value in remembering Occam’s Razor, which reminds us that the simplest, most obvious explanation is also often the likeliest one.

In this case, old Occam’s idiom suggests that maybe iovation’s execs cut a deal long ago, and that in exchange for non-prosecution, their software is now riddled with the same type of backdoor spying capabilities that Vance and his NY County wanted to put into Stuart’s ASI software. Does the same thing exist at some federal level, with an iovation-operated ienare or mpsnare trojan spying for the USA?

The counter-argument isn’t great for prosecutors, either, in which they are often accused of flea-stomping and looking for cases that are easy to win, and, yes, this could be another example.

It’s a jump from Bob Stuart’s Extension Software to the considerations regarding iovation, but would iovation’s software suite withstand a true, independent third-party audit and reverse engineering? Such a deconstruction is probably the only way the real answers in this will come out.

One thing’s for sure: The behavior exposed by Wired is a shoddy excuse for what the United States is supposed to represent. Now it’s up to others to determine just how isolated an occurrence that behavior happens to be.