Federal charges filed against an investigator for his work on behalf of Hewlett-Packard hint that more charges against others may be on the way.

The U.S. Attorney's Office for the Northern District of California filed felony charges Wednesday afternoon against Bryan Wagner, a Littleton, Colo., investigator who worked for HP as the company tried to root out the source of leaks from its board to the media.

Authorities charged Wagner with one count each of conspiracy and aggravated identity theft, and aiding and abetting, both felonies carrying fines of up to $250,000 or the twice the value of the property involved. The conspiracy charge carries a maximum penalty of five years imprisonment, while the identity theft charge carries a mandatory minimum of two years in prison.

The charges state that Wagner and known and unknown co-conspirators obtained and exchanged personal information, including Social Security numbers, dates of birth, addresses, and other information to get personal phone records for people targeted in HP's probe. Federal prosecutors are continuing to investigate the alleged conspiracy.

"Many times, in a criminal investigation, the first person who cooperates gets the least exposure," former FBI Special Agent Ken Springer said in an interview. "Usually, they would rather not go to trial. If you can get evidence on someone and get them to plead guilty, that's the best way to get justice."

Wagner's lawyer did not return a call for comment. Gentilucci and other HP employees and board members associated with the scandal have left the company, which has said it is fully cooperating with investigators. HP representatives declined to comment on the federal charges against Wagner.

HP filed a document nearly four months ago with the U.S. Securities and Exchange Commission saying a former HP employee, Tony Gentilucci, transferred at least one HP employee's Social Security number to an outside investigator during the company's probe. Gentilucci has not been charged in any investigation.

California Attorney General Bill Lockyer did charge Wagner, investigators Ronald DeLia, Matthew DePante, former HP counsel Kevin Hunsaker, and former board chairperson Patricia Dunn in a state case. Lockyer said the group conspired to use fraud or deception and unauthorized computer access to gain private records during the investigation. The defendants in that case have pleaded not guilty.

In the federal complaint, Wagner is referred to by name and by an alias, [email protected]. An AT&T letter identified someone using that account and one other from the same IP address as a person who impersonated or pretexted to access detailed online billing records for at least one target of the HP probe.

When HP first disclosed that its investigators had used questionable means to acquire information on employees, board members, and news reporters as well as their family members, the company's lawyers said that the methods appeared to be legal. Others suggested that pretexting is a gray area. Springer, founder and president of an investigative firm Corporate Resolutions, said that it has not been a gray area for some time.

"It has been clear for nine or ten years now that pretexting is not a gray area," he said. "It is forbidden fruit. Most investigators and lawyers know where to draw the line."

Springer said that board leaks are unacceptable, but investigators should not resort to impersonation, fraud, or deceit. He said that most companies require engagement letters that include language with assurances that investigators will not use those methods. He said they can use interviews and consider surveillance as a last resort, instead.

"In years back, lawyers would say, 'I don't care how you get it, just get me the information," Springer said. "There may still be some people out there who can get some access to that information but you can't use it, because if you do, they want to know where you got the information. Whether through discovery, or whatever, it's going to come out."