Wednesday, December 31, 2008

Constructive Possession

Most people know that law makes it a crime to possess certain things, like drugs or child pornography. Most people may not know that under the law, there are two kinds of possession: actual and constructive.

Here’s how a pattern jury instruction from the U.S. Court of Appeals for the First Circuit defines actual and constructive possession:
The term `possess’ means to exercise authority, dominion or control over something. It is not necessarily the same as legal ownership. The law recognizes different kinds of possession.

Possession includes both actual and constructive possession. A person who has direct physical control of something on or around his person is then in actual possession of it. A person who is not in actual possession, but who has both the power and the intention to exercise control over something is in constructive possession of it.
Pattern Jury Instructions: First Circuit 4.06 (1998).

I actually like the Model Penal Code’s formulation better. As I’ve noted before, the Model Penal Code is, as its name implies, a template of criminal statues that was intended to serve as a guide for state and federal legislators. This is how the Model Penal Code defines possession as an act that can support criminal liability:
Possession is an act . . . if the possessor knowingly procured or received the thing possessed or was aware of his control thereof for a sufficient period to have been able to terminate his possession.
Model Penal Code § 2.01(4).

As I’ve explained before, both state and federal laws make it a crime to knowingly possess child pornography. Usually, the evidence shows actual possession as, when, say, the investigators can prove he intentionally downloaded child pornography from the Internet to his hard drive.
Often in those cases, the downloaded images will be tidily assigned to various files . . . all of which makes it hard for the defendant to claim that he did not “knowingly procure” the images.

Sometimes, though, it’s difficult for the prosecution to prove possession, as it was in Barton v. State, 286 Ga. App. 49, 648 S.E.2d 660 (Georgia Court of Appeals 2007). Edward Barton was convicted of knowingly possessing child pornography and appealed, arguing that the state did not prove possession as required by the Georgia statute.

Here’s how the case began, according to the Court of Appeals:
[A]fter the Walker County Sheriff's Department began investigating allegations of child molestation against Barton, his wife provided authorities with Barton's laptop computer. Upon conducting a forensic examination of that computer, [officers] retrieved 156 images they believed met the definition of child pornography stored on the computer's hard drive.
Barton v. State, supra. Barton was indicted for possession of child pornography based on 106 of those images, challenging, as I noted, the state’s proof of “possession.”
[T]he State sought to prove Barton's knowing possession of child pornography via the testimony of Special Agent Ben Murray of the United States Secret Service, a forensic computer analyst. Murray testified that all computers store pictures or other information viewed over the Internet on the computer's hard drive, in temporary Internet file folders. There is nothing a user can do to prevent the computer from storing such items. Murray also explained that not everything stored in a computer's temporary Internet file folders results from the affirmative conduct of a computer user. Rather, even those images which `pop-up’ on a computer screen, even though neither sought nor desired by the computer user, are stored on the computer's hard drive. Furthermore, despite the fact that they are stored on the hard drive, Murray testified that no one using the computer can retrieve information stored in the temporary Internet file folders without special forensic software. No such software was present on Barton's computer.

Murray testified that each of the pornographic images on Barton's computer was stored on the hard drive of his computer, in temporary Internet file folders. This meant Barton had viewed the pictures over the Internet, but had taken no affirmative action to save them on his computer. Barton could not access or alter the pictures found stored on his computer's hard drive. Murray further testified that Barton had viewed all of the images within two separate time periods, totaling slightly less than four hours, on December 2 and 3, 2003. He offered no testimony as to whether the images resulted from some affirmative action by Barton, represented `pop-ups’ which appeared on Barton's computer, or both. Although Murray could not tell how long Barton had spent viewing each individual image, or how long he had kept those images open on his computer, he could say that Barton had never opened any image more than once.
Barton v. State, supra. Barton argued that the agent’s testimony was insufficient to
establish his knowing possession of child pornography because: (1) he took no affirmative action to store the images on his computer; (2) he was unaware that the computer had automatically saved those images to the hard drive; and (3) he had no ability to retrieve or access those images.
Barton v. State, supra.

The Court of Appeals began its analysis of Barton’s argument by noting that “the question . . . is whether . . . the mere accessing and viewing of pornographic materials over the internet, which results in those materials being stored on a computer's hard drive, constitutes the knowing possession of those materials”. Barton v. State, supra. It noted that none of the courts that had addressed this issue had found that someone can be
convicted of possessing child pornography stored in his computer's temporary internet file folders, also known as cache files, absent some evidence that the defendant was aware those files existed. Several . . . courts specifically found there can be no possession where the defendant is unaware the images have been saved in the cache files, reasoning that such ignorance precludes a finding that the defendant could exercise dominion or control over those images. . . . As one federal court has explained: `Where a defendant lacks knowledge about the cache file, and concomitantly lacks access to and control over those files, it is not proper to charge him with possession . . . of the child pornography images located in those files, without some other indication of dominion and control over the images.’
Barton v. State, supra (quoting U.S. v. Kuchinski, 469 F.3d 853 (9th Cir. 2006)).

The Barton court concluded, from this, that the prosecutor in the case before it “was required to show that Barton had knowledge of the images stored in his computer’s cache files” in order to convict him of knowingly possessing child pornography. Barton v. State, supra. It found that the prosecution had not done this:
The sole witness on this issue -- Agent Murra -- testified that Barton took no affirmative action to save these images to his computer, a conclusion supported by the fact that all of the pictures were stored on the cache drive as `thumbnails.’ See McDonald v. State, 249 Ga.App. 1 (2001) (citing expert testimony that “if only the ‘thumbnail’ image appeared on a hard drive, this would indicate no one ever [attempted] to download the [image]”). Murray offered no testimony indicating Barton was aware the computer was storing these images, but instead established only that these files were stored automatically, without Barton having to do anything.

Murray also testified that Barton would have been unable to view or access these images without using software that was not present on Barton's computer. Thus, there was no way Barton could have learned of the cache files in the normal course of using his computer. Nor did the State present any circumstantial evidence that would have allowed the jury to infer Barton's knowledge of these files -- i.e., they did not show that Barton was an experienced or sophisticated computer user who would have been aware of this automatic storage process. In short, the State presented no evidence that Barton was aware of the existence of the files at issue, and in doing so, they failed to prove that Barton knowingly possessed these images.
Barton v. State, supra.

The court therefore reversed Barton’s conviction. Since I suspect the reason the state did not present any other evidence showing Barton knowingly possessed the images – either actually or constructively – is because it didn’t have any. If that’s true, it presumably means Barton cannot, and will not, be convicted of possessing the images on his computer.

Monday, December 29, 2008

Jurisdiction and Practicing Medicine without a License

As I’ve noted before, jurisdiction is a court’s power to act in a case. If a court doesn’t have jurisdiction to hear and decide a particular case, then the judgment, or conviction, it enters will void and unenforceable.

As I’ve also noted, in criminal cases jurisdiction is a court’s power to adjudicate the charges brought against someone.


This post is about a rather unusual application of that principle.

In 2006, the San Mateo District Attorney filed a criminal complaint against Christian Hageseth, accusing him of practicing medicine in California without a license. Hageseth v. Superior Court, 150 Cal. App.4th 1399, 59 Cal. Rptr.3d 385 (California Court of Appeals 2007). What makes the case interesting is that Hageseth was never present in California “at any time during the commission of the criminal offense with which he is charged”. Hageseth v. Superior Court, supra. Here, according to the Court of Appeals are the facts that resulted in the charge:
The complaint is predicated on an investigative report of the Medical Board of California . . ., which the Board forwarded to the San Mateo County District Attorney as part of its referral of the case for criminal prosecution. The report states that, on or about June 11, 2005, John McKay, a resident of San Mateo County, initiated an online purchase of fluoxetine (generic Prozac) on `www. usanetrx. com,’ an interactive Web site located outside of the United States. The questionnaire McKay received and returned online, which identified him as a resident of this state, was forwarded by operators of the Web site to JRB Health Solutions for processing.

JRB, which has its headquarters in Florida and operates a server in Texas, forwarded McKay's purchase request and questionnaire to [Hageseth], its `physician subcontractor,’ who resided in Fort Collins, Colorado, and was licensed to practice medicine in that state. After reviewing McKay's answers to the questionnaire, [Hageseth] issued an online prescription of the requested medication and returned it to JRB's server in Texas. JRB forwarded the prescription to the Gruich Pharmacy Shoppe in Biloxi, Mississippi, which filled the prescription and mailed the requested amount of fluoxetine to McKay at his California address. Several weeks later, intoxicated on alcohol and with a detectable amount of fluoxetine in his blood, McKay committed suicide by means of carbon monoxide poisoning.
Hageseth v. Superior Court, supra.

The charge against Hageseth was filed under § 2052 of the California Business and Professions Code. Section 2052 “provides that any person who `practices . . . any mode of treating the sick . . . in this state, or who diagnoses, treats or prescribes for any . . . physical or mental condition of any person, without having at the time a valid . . . certificate as provided in this chapter or without being authorized to perform the act pursuant to a certificate obtained in accordance with some other provision of law is guilty of a public offense, punishable by a fine not exceeding ten thousand dollars, by imprisonment in the state prison, by imprisonment in a county jail not exceeding one year, or by both’”. Hageseth v. Superior Court, supra (quoting § 2052).

Hageseth moved to dismiss the charge on the grounds that the court lacked jurisdiction to hear the case because “all the alleged criminal acts occurred outside the state” of California. The trial court denied his motion and he appealed.

The Court of Appeals began its analysis of the jurisdiction issue by noting that § 27 of the California Penal Code says “persons are liable under the laws of this state . . . who commit, in whole or in part, any crime within this state.” It noted that because the issue of jurisdiction goes to the court’s power to hear a case, it is a legal issue that must be decided by the court, not by a jury. Hageseth v. Superior Court, supra. Hageseth argued that
his `act of practicing medicine began and ended with the writing of the prescription in Colorado,’ and `[t]he filling of the prescription, which occurred in Mississippi, was an entirely separate act, requiring a separate license’ for which he cannot be held criminally accountable. As [Hageseth] sees the matter, it is irrelevant whether he knew the medication he prescribed would be sent to California because his act ended with the writing of the prescription’.
Hageseth v. Superior Court, supra. The Court of Appeals responded by noting that under the “`detrimental effects’ theory of extraterritorial criminal jurisdiction,” acts “done outside a jurisdiction, but intended to produce and producing detrimental effects within it, justify a State in punishing the cause of the harm as if he had been present at the effect’”. Hageseth v. Superior Court, supra (quoting Strassheim v. Daily, 221 U.S. 280 (U.S. Supreme Court 1911)).

The Court of Appeals then found that the facts in this case supported the application of the “detrimental effects” theory of jurisdiction:
A preponderance of the evidence shows that, without having at the time a valid California medical license, [Hageseth] prescribed fluoxetine for a person he knew to be a California resident knowing that act would cause the prescribed medication to be sent to that person at the California address he provided. If the necessary facts can be proved at trial beyond a reasonable doubt, the People will have satisfactorily shown a violation of Business and Professions Code section 2052. It is enough for our purposes that a preponderance of the evidence now shows that [he] intended to produce or could reasonably foresee that his act would produce, and he did produce, the detrimental effect section 2052 was designed to prevent[, i.e., practicing medicine without a license.]
Hageseth v. Superior Court, supra.

The Court of Appeals then considered “whether it should make a difference that [Hageseth’s] offense took place in cyberspace rather than in the real space for which the jurisdictional statutes were designed.” Hageseth v. Superior Court, supra.

Hageseth argued that California’s “assertion of extraterritorial jurisdiction over his Internet conduct is unreasonable because (1) he and others are not on notice of the unlawfulness of such conduct, and (2) the assertion of jurisdiction would not deter others from his allegedly unlawful conduct, but (3) it would deter physicians licensed in other states from providing residents of this state many useful forms of medical assistance over the Internet.” The court rather summarily disposed of the first argument:
The claim that [Hageseth] and others like him who prescribe medications over the Internet lack notice of the unlawfulness of that conduct is unacceptable. California's proscription of the unlicensed practice of medicine is neither an obscure nor an unusual state prohibition of which ignorance can reasonably be claimed, and certainly not by persons like petitioner who are licensed health care providers. Nor can such persons reasonably claim ignorance of the fact that authorization of a prescription pharmaceutical constitutes the practice of medicine.
Hageseth v. Superior Court, supra.

The court found that his second argument could "not be so easily dismissed”, but ultimately rejected it. It found that while unscrupulous online physicians “usually do conceal their names, locations and state of licensure”, the California Attorney General told the Court of Appeals his office was having some success in dealing with the problem, and was not willing to accept that prosecuting those who violated California law would make it more difficult. Hageseth v. Superior Court, supra.

Finally, the Court of Appeals held that Hageseth’s third argument – that his prosecution would deter other doctors from providing care online – was not enough to overcome the applicability of the detrimental effects principle of criminal jurisdiction. The court noted that the California Code specifically authorized legitimate “telemedicine” (“health care . . . diagnosis, consultation [and] treatment . . . using interactive audio, video or data communications"), as well as online consultations between California-licensed physicians and physicians outside the state. Hageseth v. Superior Court, supra. It therefore held that the trial court had jurisdiction to try Hageseth on the charge against him.

I don’t think the case has gone to trial. The most recent story I can find is from late last year. It says Hageseth was extradited to California from Nebraska (“where he had been cited for speeding”) and was being held in the San Mateo County jail in lieu of $500,000 bond. (He had apparently successfully fought extradition from Colorado.) Michael Manekin, Doc Pleads Not Guilty to Practicing Sans License, San Mateo County Times (December 5, 2007). At that time, he had entered a not guilty plea to the charge, so I assume the case is still awaiting trial.

Friday, December 26, 2008

Fraud and Interstate Commerce

Section 1343 of Title 18 of the U.S. Code creates the crime of wire fraud as follows:
Whoever, having devised . . . any scheme or artifice to defraud, or for obtaining money or property by means of false or fraudulent pretenses, representations, or promises, transmits or causes to be transmitted by means of wire . . . communication in interstate or foreign commerce, any writings . . . for the purpose of executing such scheme or artifice, shall be fined under this title or imprisoned not more than 20 years, or both.
The interstate commerce requirement is the element that gives the federal government jurisdiction to prosecute what is otherwise a traditional state crime: executing (or trying to execute) a scheme to defraud someone out of money or other property.

Since the use of interstate commerce is the element that confers federal jurisdiction, a conviction under § 1343 can’t stand if the prosecution didn't prove the defendant used interstate commerce for the purpose of committing the crime.


That was an issue in a recent federal case from New York: U.S. v. Siembida, 2008 WL 4703015 (U.S. District Court for the Southern District of New York 2008). The case was a prosecution of George Siembida and Wayne Price for wire fraud and for conspiracy to commit wire fraud. At trial, each was committed on the conspiracy count and on two wire fraud counts. U.S. v. Siembida, supra. Here’s how the court summarized the facts that led to their being charged, and convicted:
The . . . defendants collected fees from customers for financial guarantee bonds purportedly issued by an Indonesian subsidiary of a well-established Germany-based financial services company, Allianz A.G. Financial guarantees or performance bonds are typically issued to provide comfort to one contracting party that the financial obligations of the other contracting party will be backed up by a solvent entity, such as a highly-rated insurer. At trial, it was undisputed that the Allianz bonds obtained by Price and Siembida for their clients during the period of the conspiracy were not, in fact, genuine obligations of any affiliate of Allianz.

The evidence at trial showed that Wayne Price and George Siembida operated separate and largely independent businesses. Price operated Melwain Enterprises, Inc. and Siembida operated All Clear Corp. The evidence showed that the two defendants were on notice that the bonds they provided did not represent valid obligations of Allianz but continued to sell them to unsuspecting customers. The nature of the financial guarantee business was such that the bogus nature of the bond would not ordinarily come to light unless and until the bond purchaser defaulted under its contract.
U.S. v. Siembida, supra. After being convicted, both defendants filed motions for acquittal on all counts. As the district court explained, a motion for acquittal should be granted only if the court concludes “there is `no evidence upon which a reasonable mind might fairly conclude evidence beyond a reasonable doubt,’ and the defendant shows that `no rational trier of fact could have found him guilty.’” U.S. v. Siembida, supra.

We’re only concerned with one of the issues raised by the motion for acquittal. The defendants moved to dismiss one of the wire fraud counts (Count Two), arguing that the government had not proven beyond a reasonable doubt that it was based on the transmission of a communication in interstate commerce. Basically, they argued that while there had been a communication, its transmission was purely intrastate – purely within a state – and therefore could not sustain the “in interstate commerce” element needed for a wire fraud conviction.

The district court disagreed:
Count Two . . .was premised upon an August 16, 2004 email from Siembida to Special Agent Michael Keeley of the FBI, who was posing as `Jay Parker’, a representative of a potential purchaser of a bond. Defendants assert that there was insufficient evidence from which a reasonable jury could conclude that the email passed through interstate commerce. The email, GX 1005, laid out a scheme for Siembida to send an invoice from his company, All Clear Corp., to `Parker’ for $6,000. `Parker’ would then collect $6,000 from his `client’ but forward only $5,000 to Siembida. In other words, Siembida's invoice would be the means for `Parker’ to deceive his `client’ into believing the entire $6,000 was for services rendered by All Clear Corp., when, in truth, $1,000 was to be retained by `Parker’ -- the equivalent of a kickback.

The August 16 email was sent by Siembida from his `adelphia.net’ email account and attached wiring instructions for payment. The email was sent to `Parker’ in Manhattan at an address ending in `nyc.rr.com.’ Both Siembida and the undercover agent were in New York at the time the email was sent and received. Siembida suggested using email for communications with the undercover agent. . . .

At trial, the government offered a stipulation among the parties that, if called, Hans Nielsen, a `Senior Messaging Engineer’ for Time Warner Cable who was employed by Adelphia from 2003 to early 2006, would testify that he was familiar with the Adelphia email system utilized by Siembida. It was further stipulated that the Adelphia servers were at the relevant time located in Coudersport, Pennsylvania and that any email sent via an `adelphia.net’ email address would have been routed through Coudersport. The stipulation further recited that Nielsen would testify that he examined an email sent by Siembida four days after the email at issue (on August 20) and concluded that Siembida had configured his email system to route through the Coudersport servers.

On these facts, a rational trier of fact could have found beyond a reasonable doubt that the August 16 email passed in interstate commerce. It would not be unreasonable to infer that the configuration of Siembida's email account as it existed on August 16 was identical to that on August 20, in the absence of evidence that would render the inference implausible. If the email was configured on August 16 in the manner in which it was configured on August 20, then according to the testimonial stipulation the email would have passed through servers physically located in Coudersport, Pennsylvania. A communication from one location within a state to another location within that same state which passes through another state may satisfy the interstate requirement, even if the defendant has no reason to know of the interstate character of the communication.
U.S. v. Siembida, supra.

It may seem an odd result, since the court is saying Siembida could commit wire fraud by sending an email even if he did not know and had no reason to know he was sending it via interstate commerce. It may seem odd because, as we all know, intent – in the form of purpose or knowledge – is a basic principle of criminal law. In a criminal trial, the prosecution has the burden of proving every element of the crime beyond a reasonable doubt . . . and intent is an element of most crimes, including wire fraud.

Here, though, we’re dealing with a different kind of element . . . an element that goes purely to establishing federal jurisdiction. In U.S. v. Feola, 420 U.S. 671 (1975), the U.S. Supreme Court held that “knowledge of the facts giving rise to federal jurisdiction is not necessary for conviction of a substantive offense embodying a mens rea requirement”. That holding is based on a principle of criminal law that has appeared in various sources, including the Model Penal Code. The principle is that statutes which define “crimes” sometimes include elements that do not go to the “harm or evil” the crime is intended to punish.

That’s what we have with wire fraud: The “harm or evil” it seeks to punish is defrauding someone; the use of the wires in interstate commerce, as I noted earlier, simply makes it a federal crime . . . it goes to jurisdiction, not to the essence of the crime itself.


In the Feola case, the defendants were convicted of assaulting federal agents. They appealed, arguing that they should not have been convicted because they did not know the men they assaulted were federal agents; they argued that such knowledge was an essential element of the crime. In other words, they argued that the “harm or evil” the crime sought to punish was the “crime of knowingly assaulting a federal agent.” The Supreme Court disagreed. It held, essentially, that the crime was not “knowingly assaulting a federal agent” but “assaulting someone who turns out to be a federal agent.” The Court found that the victims’ status as federal agents was jurisdictional, only; it meant the perpetrators could be prosecuted by the federal courts. Given that, it was not necessary that they knew the people they were assaulting were federal agents.

The Feola Court found that this approach was valid because the government still had to prove the defendants assaulted the men in question; to do that, the prosecution had to prove all the elements of assault, including the intent element. According to the Court, this approach did not violate any of the underlying principles that ensure fairness in the criminal law because the government still had to prove the defendants knew they were committing the crime of assault.

The same logic would apply in the Siembida case. The defendants knew they were committing fraud (according to the district court); it was not necessary that they know they were committing wire fraud by using email (which moved across state lines) to execute the fraud.

Wednesday, December 24, 2008

Invasion of Privacy

A few states have criminal invasion of privacy statutes. Most of them are pretty narrow in scope; they make it a crime to photograph or videotape someone when they’re in a bathroom or a dressing room or similar places. Other invasion of privacy statutes make it a crime to photograph or videotape someone’s “intimate parts” under their clothes.

That’s not the kind of invasion of privacy I want to talk about. I want to talk about the kind of privacy invasions criminalized by an Oregon statute:
[A] person commits the crime of invasion of personal privacy if:

(A) The person knowingly makes or records a photograph, motion picture, videotape or other visual recording of another person in a state of nudity without the consent of the person being recorded; and
(B) At the time the visual recording is made or recorded the person being recorded is in a place and circumstances where the person has a reasonable expectation of personal privacy.
Oregon Revised Statutes § 163.700(1).

This post is not about a criminal invasion of privacy case. It’s about a civil case in which an invasion of privacy claim was raised by one spouse against the other. The case didn’t involve photographing a spouse “in a state of nudity”, but it does involve the rather dicey issue of whether one spouse CAN invade the privacy of the other.

The case is In re Marriage of Tigges, 2008 WL 5274401 (Supreme Court of Iowa, 2008). Here, according to the court, are the facts that led to the suit being filed:
Jeffrey and Cathy Tigges. . . . were married on December 31, 1999. Jeffrey surreptitiously installed recording equipment and recorded Cathy's activities during the marriage in the marital home. The equipment included a video cassette recorder positioned above a ceiling, a camera concealed in an alarm clock located in the bedroom regularly used by Cathy, and a motion sensing `optical eye’ installed in the headboard of the bed in that room. Cathy discovered her activities in the bedroom had been recorded when she observed Jeffrey retrieving a cassette from the recorder. . . .

Cathy took [the cassette]. . . .When she viewed the tape, Cathy discovered it revealed nothing of a graphic or demeaning nature. . . . [It] recorded the `comings and goings’ from the bedroom she regularly used. Notwithstanding [that]. . . . Cathy. . . . felt violated, fearing Jeffrey had placed, or would place, other hidden cameras in the house.

Jeffrey filed for dissolution of marriage. In her answer, Cathy alleged she was entitled to compensation for Jeffrey's `. . . violation of her privacy rights’ as a consequence of his surreptitious placement of the video equipment and recording of her activities.
In re Marriage of Tigges, supra.

In deciding whether Cathy could obtain compensation for Jeffrey’s videotaping of her, the court had to decide “whether a claim may be brought by one spouse against the other for an invasion of privacy resulting from surreptitious videotaping.” In re Marriage of Tigges, supra. It was no clear if Jeffrey installed the surveillance equipment before or after the couple separated, but the court decided that did not matter:
[W]e conclude Cathy had a reasonable expectation that her activities in the bedroom of the home were private when she was alone in that room. Cathy's expectation of privacy is not rendered unreasonable by the fact Jeffrey was her spouse at the time in question, or by the fact that Jeffrey may have been living in the dwelling at that time.
In re Marriage of Tigges, supra.

In finding that Cathy did have a reasonable expectation of privacy in her bedroom, the Iowa Supreme Court relied on reasoning in an opinion by a Texas court in Clayton v. Richards, 47 S.W.3d 149 (Texas Court of Appeals 2001):
`When a person goes into the privacy of the bedroom, he or she has a right to the expectation of privacy in his or her seclusion. A video recording surreptitiously made in that place of privacy at a time when the individual believes that he or she is in a state of complete privacy could be highly offensive to the ordinary reasonable person. The video recording of a person without consent in the privacy of his or her bedroom even when done by the other spouse could be found to violate his or her rights of privacy.

`As a spouse with equal rights to the use . . . of the bedroom, it would not be . . . an invasion of privacy for a spouse to open the door of the bedroom and view a spouse in bed. It could be argued that a spouse did no more than that by setting up a video camera. . . . It is not generally the role of the courts to supervise privacy between spouses in a mutually shared bedroom. However, the videotaping of a person without consent or awareness when there is an expectation of privacy goes beyond the rights of a spouse because it may record private matters, which could be exposed to the public eye. The fact that no later exposure occurs does not negate that potential and permit willful intrusion by such technological means into one's personal life in one's bedroom.
In re Marriage of Tigges, supra (quoting Clayton v. Richards).

The Iowa Supreme Court therefore found that Cathy did have a reasonable expectation of privacy in her bedroom:
Even if . . . Cathy was observed by other family members including Jeffrey, who, from time to time, entered the bedroom with her knowledge and consent, she was not in `public view’ and did not forfeit her right to seclusion . . . when she was alone in that room. As we observed in [a prior case], `[p]ersons are exposed to family members and invited guests in their own homes, but that does not mean they have opened the door to television cameras.’ . . . Any right of access to the bedroom held by Jeffrey did not include the right to videotape Cathy's activities without her knowledge and consent.
In re Marriage of Tigges, supra.

A New Jersey court reached a very different conclusion in another divorce case. In Colon v. Colon, 2006 WL 2318250 (New Jersey Superior Court 2006), the trial court found that the wife had invaded her husband’s privacy by “placing and using video surveillance cameras” in a room in their house that the husband used as an office. The New Jersey Superior Court disagreed:
The tort of unlawful intrusion of privacy is established by common law in New Jersey. In Hennessey v. Coastal Eagle Point Oil Co., 129 N.J. 81, 609 A.2d 11 (1992), the Supreme Court held that `[o]ne who intentionally intrudes . . . upon the solitude or seclusion of another or his private affairs . . . is subject to liability . . . for invasion of his privacy, if the intrusion would be highly offensive to a reasonable person.’ . . . The issue of whether the conduct is `highly offensive to a reasonable person’ turns on whether there is a reasonable expectation of privacy. . . . Here the trial judge made no finding that defendant had a reasonable expectation of privacy in the home office, and the evidence is to the contrary, since the office was next to the master bedroom and was used not only by defendant but by plaintiff and the children, who freely entered the room.
Colon v. Colon, supra.

It’s a difficult issue, one that’s likely to come in more cases as spouses and people living together become more accustomed to using technology to spy on each other. We’ve talked about it in a couple of my cybercrime classes.

Basically, the question is whether privacy is a zero-sum commodity. That is, the issue is whether I lose my privacy when I share aspects of my life with others, as in when I live with someone else. I don’t think I do . . . or should. In a law review article I wrote several years ago, I researched privacy at English common law, which provided the foundation for the notions of privacy in the face of government action we implement via our Fourth Amendment. I found a few old cases in which courts mentioned that privacy encompassed the inhabitants of a home . . . the family, the servants, etc. Now they, of course, were speaking of privacy against outsiders – non-inhabitants of the home – who sought to find out what was going on, or had gone on, inside.

I wonder whether the activity that became the focus of invasion of privacy claims in these – and other, similar – cases is really about privacy at all. That is, I wonder if the betrayal is the act of installing and using surveillance equipment to record what goes on in a presumptively private place or whether the betrayal is really the act of sharing that information with others . . . with outsiders. Some of the language in the Tigges opinion makes it sound like Cathy Tigges felt it was a betrayal simply for Jeffrey to install the surveillance equipment, but I can’t tell for sure if that was actually the concern that led her to feel she had been “damaged” by what he did.

I guess what I’m saying is that when we share our homes and our lives with spouses, partners and family members, we know, at some level, we are also sharing information about ourselves with them. We also, I think, assume they will not share that information with others – with outsiders – without our knowledge and permission. It’s as if we make a limited surrender of our privacy (which would presumably mean privacy is not a zero-sum commodity but can, instead, exist in degrees) as part of sharing our lives; part of that limited surrender is, I think, an implicit assumption that it is essentially a privileged act. In other words, it’s something like what happens when a client comes to consult a lawyer; the client tells the lawyer all the discreditable information that is relevant to the issue the lawyer is being consulted about, assuming that the lawyer will keep all of that information confidential.

Or maybe that’s not it at all. Maybe the de facto assumption of shared privacy we have in marriages and other relationships has a completely different conceptual basis. Whichever it is, I suspect courts will have to come up with a principled, consistent approach to scenarios like those in the Tigges and Colon cases.

Monday, December 22, 2008

Cartoons . . . Again

A couple of weeks ago, I did a post about the Australian case in which a court held that cartoons showing Lisa, Bart and Maggie Simpson having sex with each other (who comes up with this stuff?) was child pornography under Australian law.

I explained that cartoons do not constitute child pornography under U.S. law because the U.S. Supreme Court held, in Ashcroft v. Free Speech Coalition, 535 U.S. 234 (2002), that child pornography can only be criminalized because, and to the extent that, its creation involved the use of real children. The Court said that if real children are not involved, then the material is speech protected by the First Amendment.

This post is also about cartoons showing children engaged in sexual activity, but the legal issues are different.


In 2003, the Prosecutorial Remedies and Tools against the Exploitation of Children Today Act (PROTECT Act), Pub.L. 108-21, Title V, § 504(a), 117 Stat. 681, created several new crimes, one of which is producing, receiving, possessing or manufacturing obscene child pornography. The offense is codified as 14 U.S. Code § 1466A.

Section 1466A defines obscene child pornography as “a visual depiction of any kind, including a drawing, cartoon, sculpture, or painting,” that depicts (i) a minor engaging in sexually explicit conduct and is obscene (§ 1466a(a)(1); or (ii) “an image that is, or appears to be, of a minor engaging in graphic bestiality, sadistic or masochistic abuse, or sexual intercourse and lacks serious literary, artistic, political, or scientific value.” (§ 1466A(a)(2)). The second option is intended to implement the U.S. Supreme Court’s standard for determining what is, and is not, obscene: In Miller v. California, 413 U.S. 15 (1973), the Court held that to be constitutional under the First Amendment, obscenity statutes must “be limited to works which, taken as a whole, appeal to the prurient interest in sex, which portray sexual conduct in a patently offensive way, and which, taken as a whole, do not have serious literary, artistic, political, or scientific value.”

This post is about the U.S. Court of Appeals for the Fourth Circuit’s recent decision in U.S. v. Whorley, 2008 WL 5265645. Whorley was convicted of violation § 1466A under the first alternative noted above, i.e., possessing a visual depiction that depicts a minor engaged in sexually explicit conduct and is obscene. The conviction was based on his “receiving on a computer 20 obscene Japanese anime cartoons depicting minors engaging in sexually explicit conduct”. U.S. v. Whorley, supra.

On appeal, Whorley challenged the conviction, arguing that this part of the statute
is unconstitutional as applied to the cartoon drawings that formed the basis for the charges . . . because cartoon figures are not depictions of actual people. He argues that § 1466A(a)(1) necessarily requires that the visual depictions be of actual minors and that if the depiction of an actual minor is not required, then § 1466A(a)(1) would be unconstitutional on its face. . . .
U.S. v. Whorley supra. As I explained in my prior post on a prosecution involving cartoons, under the Supreme Court's decision in Ashcroft, the First Amendment would bar criminalizing the possession of cartoons, even if they depicted children engaged in sexual activity. Whorley was relying on that case in making the argument outlined above.

But he was not convicted of a child pornography crime. He was convicted of violating § 1466A, which is kind of a fused child pornography-obscenity statute. As I noted above, the Supreme Court has held that material which is obscene under the Miller standard can be criminalized without violating the First Amendment. (As I noted in an earlier post, I have my doubts as to whether the obscenity exception to the First Amendment will survive in a networked world, but that’s another issue entirely.)

Whorley lost. The Fourth Circuit began by noting that – as you can see from the portion of the statute quoted above -- § 1466A explicitly applies to cartoons. It also pointed out that one section of § 1466A -- § 1466A(c) – “unambiguously states that `[i]t is not a required element of any offense under this section that the minor depicted actually exist.’” U.S. v. Whorley, supra. The court then addressed the issue I noted above, i.e., that § 1466A is really an obscenity statute:
[Whorley argues] that if an actual minor is not required to be depicted in § 1466A(a)(1), then the statute is unconstitutional. . . . There is. . . no suggestion that the cartoons in this case depict actual children; they were cartoons. Relying . . . on Ashcroft v. Free Speech Coalition, Whorley points to the observation made in that opinion that the First Amendment does not protect `. . . obscenity, and pornography produced with real children,’ but that a ban on non-obscene material that did not use real children was impermissibly overbroad. . . . The Court in Ashcroft noted further that [its decisions] `provide[d] no support for a statute that eliminates the distinction [between actual and virtual child pornography].’ Thus, he asserts that the First Amendment protects non-obscene pornography that does not depict real children.

But in making his argument, Whorley ignores the language of § 1466A(a)(1), which prohibits visual depictions of minors only when they are obscene. . . . Ashcroft itself noted that obscenity in any form is not protected by the First Amendment. . . . Thus, regardless of whether § 1466A(a)(1) requires an actual minor, it is nonetheless a valid restriction on obscene speech under Miller, not a restriction on non-obscene [child] pornography. . . .
U.S. v. Whorley, supra.

The crime § 1466A(a)(1) creates is peculiar. It’s an obscenity crime, which seems unproblematic at first glance, but I wondered why we needed another federal obscenity crime when several already existed. Section 1462 of Title 18 of the U.S. Code has been around since 1948 and, since it criminalizes importing obscene materials, could have been used to prosecute Whorley to the extent that the cartoons he downloaded were obscene. That brings me to the other aspect of the § 1466A(a)(1) crime: It seems like an end run around the Supreme Court’s holding, in Ashcroft, that virtual child pornography cannot be criminalized. This statute criminalizes virtual child pornography, but only if it’s obscene, which seems redundant and . . . peculiar.

Section 1466A(a)(1) was apparently added to the federal criminal code as the result of a suggestion made by the National Center for Missing and Exploited Children. In testimony the Center submitted to Congress when it was considering the PROTECT Act, NCMEC said the best way to deal with child pornography is to use obscenity crimes because “99-100 percent of all child pornography would be found to be obscene by most judges and juries.” NCMEC, 149 Cong. Rec. S2573-02, S2580 (Feb. 24, 2003). It seems, then, that the § 1466A(a)(1) was intended to be an end run around the Ashcroft Court's holding.

I really don’t know what I think of this decision. It’s absolutely correct in terms of the language of § 1466A; the crime for which Whorley was convicted was an obscenity crime, not a child pornography crime. But I’m not sure I think prosecuting someone for downloading obscene cartoons depicting children is a particularly good use of federal resources.

Friday, December 19, 2008

MySpace as a Rat

In checking Westlaw for reported criminal cases involving social networking sites like MySpace and Facebook, I found something interesting.

It’s really quite amazing how often these sites – MySpace, anyway – are being used as what we might call incidental sources of criminal evidence. The best way to explain that, is to describe a few of the reported cases in which this has happened.


We’ll go in reverse chronological order, so let’s start with an opinion the U.S. District Court for the District of Minnesota issued on November 14: U.S. v. Martin, 2008 WL 5095986. It addressed motions to suppress filed by two defendants in what seems to be a prosecution for illegally possessing certain firearms.

One of the motions sought to suppress evidence seized from “Meal Ticket Foods” in St. Paul, Minnesota. The defendant who filed the motion argued that it was not based on probable cause to believe a weapon or weapons would be found at this location. In its opinion, the district court notes that the affidavit an ATF agent submitted in support of the issuance of the warrant provided the following information:
The ATF . . . believed that Black P-Stone gang members owned and operated the Meal Ticket Foods business. Officers had identified the owner of the business as Akbar Abdul-Ahad . . . and the co-owner as Vito Corleone Williams.

On April 10, 2008, pursuant to a wire tap . . . the police intercepted a telephone call between Vito Williams and Robert Herron in which Williams `swore’ that he had `a big-ass gun right here.’ On April 13, 2008, . . . the police intercepted another telephone call . . . between Vito Williams and Akbar Abdul-Ahad. Williams, who was at the Meal Ticket Foods store, told Akbar Abdul-Ahad he could not find the `heat.’ Based on prior training and experience, Agent Voth knew the term `heat’ referred to a firearm. Akbar Abdul-Ahad informed Williams that he had wrapped it in a towel and placed it in the bathroom. The police were actually able to view photographs of the bathroom on the website `MySpace,’ which also depicted other images and photographs of the Meal Ticket Foods store as well as images of the gang.
So photos Abdul-Ahad posted on MySpace provided part of the probable cause on which the warrant was based. The district court held that the information above coupled with over information was sufficient to establish probable cause for the issuance of the warrant, and so denied Mr. Abdul-Ahad’s motion to suppress. U.S. v. Martin, supra.

In State v. Soza, 2008 WL 4455613 (Arizona Court of Appeals 2008), a witness known as Matthew C. identified Soza as the man who shot Lee L. in the parking lot of a Tucson night club after being shown “a photograph of him on a `MySpace’ internet web account.” State v. Soza, supra. In People v. Sanchez, 2008 WL 4381648 (California Court of Appeals 2008), an officer investigating Sanchez for a gang-related battery used MySpace to find “photographs of Sanchez” and two others “making gang hand signals.” People v. Sanchez, supra. That seems to have been used to tie him to the gang and, inferentially, to the man who had been battered for testifying against a gang member in another trial.

In People v. Ibarra, 2008 WL 4329899 (California Court of Appeals 2008), Ibarra was charged with attempted murder and assault with a firearm based on his participation in an incident in which a member of a rival gang was shot. People v. Ibarra, supra. As part of proving that Ibarra was involved with a gang, at his trial the prosecutor “played a DVD made from viewing [his] MySpace page in which [he] raps about his gang associations” and a gang rivalry that was also relevant to the charges. People v. Ibarra, supra.

In State v. Felts, 2008 WL 2521663 (Tennessee Court of Criminal Appeals 2008), Felts was convicted of aggravated kidnapping based on his abducting the victim while “armed with an `SK’ assault rifle.” State v. Felts, supra. A woman who witnessed the abduction “helped Detective Rickie Morris locate the defendant's `MySpace’ internet page, which contained a picture of the defendant holding an SKS assault rifle.” State v. Felts, supra. She also said the “rifle appeared to be the same one used during the offenses.”

In U.S. v. Ebersole, 263 Fed. Appx. 251 (U.S. Court of Appeals for the Third Circuit 2008), the defendant’s MySpace page was admitted to put an email he sent in context. The issue was whether the email constituted a threat; the prosecution used comments on his MySpace page support the proposition that “any reasonable person” would have interpreted his email as a threat. U.S. v. Ebersole, supra.

There are a few more, but I assume you get the idea. There are a number of other cases in which MySpace or Facebook are more centrally involved in the prosecution, as when the sites are used to try to lure a minor into having sex or play a role in a sexual assault on an adult.

Those cases, though, aren’t relevant to the issue I find interesting: the fact that people are putting all kinds of incriminating evidence on MySpace (and, probably, Facebook) pages without ever considering that it can come back to bite them. Law enforcement officers must love this. I wonder how long they’ve been aware of this option?

Most of the cases I find in which MySpace or Facebook coincidentally provide evidence that can be used in an investigation and/or trial seem to have been decide in 2008 . . . which, of course, doesn’t mean the cases themselves arose in 2008. Factoring in the usual times taken to get a case to and through trial (most of these are appellate court cases) and then to appeal, it looks like they’ve been using social networking sites for, say, a couple of years.

I’d assume that use will only become more prevalent, at least unless and until people began to realize the consequences of putting all that personal information out there for the bad and good guys to find.

Wednesday, December 17, 2008

Chain of Custody in Remote Computer Searches

Last week, I did a post on the European Union’s proposal to let police officers conduct remote searches of computers, presumably by using Trojan horse programs. In that post, I talked about what would be needed for such searches to be lawful under our 4th Amendment, i.e., what might be involved in getting a Trojan horse warrant.

This post – which may be pretty short – is about another issue remote searches would almost certainly raise: the issue of authenticating evidence allegedly obtained by using a Trojan horse program on a suspect’s computer.

As I explained in a post I did earlier this year, one of the things the prosecution (or the defense, when the defense is trying to introduce evidence) has to do in order to be able to get an item into evidence is to “authenticate” it, i.e., to show it is what it purports to be. Rule 901 of the Federal Rules of Evidence addresses this requirement (every state has a similar rule of evidence or statutory provision).

Rule 901(a) says that the “requirement of authentication . . . as a condition precedent to admissibility is satisfied by evidence sufficient to support a finding that the matter in question is what its proponent claims.” Rule 901 also gives a number of examples of how evidence can be authenticated, two of which could be relevant in this context: Testimony by a “witness with knowledge” that “a matter is what it is claimed to be”; distinctive characteristics of the item. Rule 901(b)(1) & 901(b)(4).


A Minnesota court recently gave what I consider to be a really lucid explanation of the authentication requirement and how it can be satisfied. The case is State v. Kottom, 2008 WL 4977337 (Minnesota Court of Appeals 2008). Mr. Kottom (who I can tell I do not like at all) was charged with unlawfully buying and selling wild animals and several charges related to his unlawful use of traps to ensnare wild animals. One of the items of evidence against him was a videotape taken by a surveillance camera at the scene of one of his crimes.

On appeal, he argued that the trial court erred in admitting the video, claiming “the state failed to authenticate the evidence and did not establish the chain of custody.” State v. Kottom, supra. The court of appeals explained the requirements for lawfully admitting the videotape:
Authentication is a condition precedent to admissibility. . . . `If, upon consideration of the evidence as a whole, the court determines that [it] is sufficient to support a finding by a reasonable juror that the matter in question is what its proponent claims, the evidence will be admitted.’ State v. Hager, 325 N.W.2d 43, 44 (Minn.1982). When evidence is not unique or readily identifiable, the integrity . . . of the evidence must be authenticated by establishing the chain of custody. `Chain-of-custody authentication requires testimony of continuous possession by each individual having possession, together with testimony by each that the object remained in substantially the same condition during its presence in his possession.’ . . . In order to establish a valid chain of custody, the state must reasonably demonstrate that the evidence offered is the same as that seized and it is in substantially the same condition at the time of trial as it was at the time of seizure.
State v. Kottom, supra. The court noted that the proponent of the evidence does not have to negate “all possibility of tampering or substitution, but rather only [show] that it is reasonably probable that tampering or substitution did not occur.” State v. Kottom, supra. And like many other courts, this court noted that inferences concerning tampering or substitution “may well affect the weight of the evidence accorded it by the factfinder”. State v. Kottom, supra.

The state used the first alternative cited in Federal Rule of Evidence 901 to establish the chain of custody for the videotape in this case:
[Officer] Stage testified that he and two other officers set up the video camera and viewed the tape. . . . One of the officers, Lieutenant Michael Ramstorf, testified that several days after the case began, he left his position and handed off all evidence to Lieutenant Gregory Payton. Ramstorf testified that the videotape was kept in an evidence locker in his office until he gave it to Payton. Payton testified that the videotape was kept in an evidence locker, which is a gun safe that only he had access to. The officers' testimony established the authenticity and the chain of custody of the evidence. Therefore, the district court did not abuse its discretion in admitting the evidence.
State v. Kottom, supra. The same procedure is used, and works, when the evidence is, say, a gun or a computer or hard copy documents or most anything else that qualifies as evidence.

This procedure is used, and also works, when the evidence is a seized hard drive or an image taken of a hard drive . . . because in either instance, you have the kind of public evidence collection that occurred in the Kottom case or in every case that’s arisen until recently (or, maybe, that has arisen unless and until law enforcement really gets into the business of using remote Trojan horse searches of computers).

On the one hand, you could argue that it should work equally well for remote computer searches since the officers who run the Trojan horse program can explain what they did (maybe keep a log of what they did with it?) and then use either or both of those to show the chain of custody. This alternative would be the virtual analog of officers’ going into a house, searching the house for, say, a stolen handgun, finding the handgun and seizing it; the chain of custody would be their testimony as to how they found the gun, followed by their testimony and any available documentation showing how and where it was stored after they got it. For the chain of custody to be valid, they need to show – as the officers showed in the Kottom case – that there were no breaks in the chain, i.e., that the evidence was in their possession from the moment they seized it until it’s offered into evidence.

The problem I can see with this scenario is that the defense can point out – absent the officers’ generating some kind of detailed, absolutely unimpeachable log of everything they did – that this search was purely virtual and therefore invisible to any outside observers. I can see a defense attorney arguing that the officers who conducted the remote Trojan horse search of a computer – especially a computer that was part of a large network in a business or school – actually or potentially erred in ways that make the evidence inadmissible. The defense could argue, for example, that the officers got the wrong computer in the networked scenario; the defense could also argue that the officers tampered with (created or altered data) the evidence they claim to have found by using the Trojan horse program or substituted evidence that was actually taken from another computer for what was found on the suspect’s computer.

Not being technologically adept, I don’t know how easy it would be to generate a log or other real-time, detailed record that could establish the virtual chain of custody in this kind of situation. Even if it is possible to do something like that, though, I suspect defense attorneys could use the residual alternative the Kottom court noted to their advantage. That is, I suspect they might have some success arguing to the jury that the evidence cannot be trusted because – unlike the Kottom video secured in an evidence locker and gun safe – its provenance is simply too uncertain.

Monday, December 15, 2008

eWMDs

Maybe you’ve seen the recent Hoover Institution report which argues that botnets and malware constitute “electronic Weapons of Mass Destruction” or eWMDs.

The authors of the report say they created the eWMD term (or acronym, I guess), and I’m sure they did.
My focus in this post is not on innovative semantics but on the notion that botnets and/or malware constitute a kind of weapon of mass destruction. To put it simply, I disagree.

The notion that computer technology can be equated to WMD’s arose in discussions of cyberterrorism. I did a blog post a couple of years ago in which I explained why equating computer technology to bombs, bugs and toxic chemicals misunderstands the nature of computer technology as an offensive device.

In that post I noted something the authors of the Hoover Institution report also concede: Computers are not particularly useful in inflicting mass carnage. When I speak on this issue, I point out that no computer attack – however devastating – could cause the sheer carnage we saw in the 9/11 attacks or the Mumbai attacks or any of a number of other, tragically similar events. Bombs and guns are splendid implements for those engaged in the theatrics of blood; biological and chemical weapons won’t shed blood, but they could trigger the same visceral response terrorists have elicited with bombs and munitions.

The authors of the Hoover Institution report concede this, as I said, but their comeback to that is that even if “software and data are securely backed up, there is still potential for great loss due to an eWMD attack.” Of course there is. Many of us having been saying that for years.
At another point in their report, the Hoover Institution authors analogize the attacks on the Pentagon computers to a digital blockade, another point I have trouble grasping, at least in the context in which it is made. Yes, of course, a DDoS or any other type of computer attack that shuts down a system is functionally analogous to a blockade; one of the authors of this report was one of the defenders when Estonia suffered a massive cyberattack last year, an attack that essentially took Estonia off the digital grid for a couple of weeks.

That kind of attack is the functional equivalent of a naval blockade, but I don’t see a blockade as synonymous with WMD. Indeed, I see the two as constituting very different types of aggressive action. Blockades interrupt activity of some kind (e.g., transport, commerce, military activity); destruction eliminates or damages people and assets. I suppose, logically, destruction could be analogized to a blockade in the sense that both deprive people of things (life/health and property in one instance, activity in the other), but I think that analogize is excessively literal and ignores the important distinctions between the two types of aggressive action.

At another point in the report, the Hoover authors note that while they hope (as do I) that computer technology will “never be able to cause the loss of life that other weapons of mass destruction . . . can cause, they should still be recognized as having the potential to destroy livelihoods or even entire economies”. As to the first point, I absolutely do not deny that computer technology could someday be used as a real WMD; Skynet comes to mind, for those of use who’ve seen the Terminator movies. But, as far as I know, we’re not there yet.

As to the author’s real point – the premise that computer technology can be used to destroy livelihoods or economies – I agree. I don’t know if we’re actually at that point yet; the DDoS attack on Estonia had the potential to do terrible damage to that country’s economy if it had been sustained for months or a year or more . . . but I’m not sure that is a realistic possibility at the moment, at least not for non-governmental actors. I don’t know if the U.S. military and the militaries of a number of other countries could mount an attack like that, but let’s assume they could.

This brings us to an issue I analyzed a bit in a law review article I published last year and that I’ve analyzed in a great more depth in a book that will be coming out early next year (and I will, of course, announce when it is published). I agree with the Hoover authors that computer technology can be used aggressively, to inflict various types of damage on civilian victims and/or on a nation-state. I disagree with them, though, when it comes to analogizing this type of activity to the use of real-world WMDs. As I explain in my new book, I think this type of activity constitutes something different, something that can be far more subtle in its implications than is the use of conventional WMDS.

The authors of the Hoover article seem to be really talking about the use of computer technology to wage warfare, an issue they specifically take up later in their article. As I explain in my new book (I did not intend this post to be a commercial for the book, but it’s hard to talk about these issues without referencing it), I think computer technology can and will be used to wage warfare . . . but I don’t think it is/will be conventional WMD warfare. One difference is deniability: (As I explain in the book,) when Hitler – or, more properly, when a LOT of men wearing German uniforms, speaking German and using vehicles and other implements with German insignia on them – invaded Poland, it was pretty clear that this was warfare.
As the Estonia episode illustrates, it an be difficult to tell whether a cyberattack is war – which means it’s launched by a hostile nation-state – or whether it’s . . . something else. In the book, I argue that cyberwar could become the province not just of nation-states; in the real-world, only nation-states can wage war because only they can assemble the massive manpower, firepower and other technical power needed to do so.

That is changing. We already have groups like Al Qaeda who consider themselves to be at war with the U.S., which causes legal and practical problems; the U.S. is not willing to treat Al Qaeda operatives as combatants because they really don’t qualify as that term is defined in instruments like the Geneva and Hague Conventions. They’re not, though, simply criminals; and while the U.S. ostensibly treats them as terrorists (a type of criminal, under the law), many of its actions implicitly indicate that they are being approached as something more.


Getting back to my primary point, I note in the book that computer technology is, by its very nature, democratic. That is, groups – even individuals – can control computer technology to launch what can be – as Estonia discovered – very devastating attacks, “soft” attacks on communications and other systems. The ripple effects of those attacks could, indeed, be devastating . . . but not destructive, not in the WMD sense of being destructive.

I guess my ultimate point of disagreement with the Hoover authors is that I think they raise very valid concerns about a very likely threat, but I think they distort the validity of their analysis by predicating it on a false analogy . . . the WMD analogy. I also think some of their proposed solutions – like calling in the National Guard when an attack has been launched – are not particularly good ones. A point I spend a great deal of time on in the book is the response issue, which is very complex in the U.S.; our laws divide the responsibility for responding to attacks between law enforcement (crime and terrorism) and the military (war). The two cannot combine forces, particularly not if the attacks is or seems likely to be crime or terrorism.

Ultimately, I think that division of responsibility is a very good idea; perhaps it’s simply because I’m used to this system, but I would be concerned about fusing the two, even in the limited context of responding to cyberattacks. The architects of the U.S. Constitution very much wanted to ensure a division between civilian and military response authority to prevent overreaching by the latter and a consequent erosion of the authority and independence of the former. I don’t think our military has any interest in doing either of those things, but they are products of the current system. I have concerns as to where we might go if we erased, or even eroded, the division between the two and let military personnel participate in active law enforcement investigations.

But that’s a bit of a tangent, one I’ll come back to, maybe when the book comes out.

Saturday, December 13, 2008

Fantasy Crime


You can file this post under shameless self-promotion: My law review article on "fantasy crime," i.e., crime in virtual worlds like Second Life and World of Warcraft, has just been published.

If you'd like to find out more about the published version of the article (and where to find it), you can do that here.

You can download the original draft of the article here.

Or you can just ignore the whole thing.

Friday, December 12, 2008

MapQuest as Hearsay

As I explained in an earlier post, the U.S. states and the federal legal system all bar the admission of hearsay, except pursuant to certain exceptions. I noted that these rules define hearsay, essentially, as “a statement, other than one made by the declarant while testifying at the trial or hearing, offered in evidence to prove the truth of the matter asserted.” Federal Rules of Evidence, Rule 801(c).

As I explained in that earlier post, the problem with hearsay is that the party against whom it is being offered can’t effectively challenge its truth or falsity because it consists of a witness’ repeating what someone else said to him, outside of court. So if, say, in a murder trial Fred takes the stand and says, “Sheila told me the defendant committed the murder,” that’s hearsay. The attorney for the defendant can try to challenge Fred’s credibility with regard to whether not Sheila really told him that, but there’s no way the defense attorney can challenge Sheila’s credibility . . . because she isn’t there.

A recent Delaware case raised the as far as I know novel question of whether or not MapQuest printouts constitute hearsay. The case is Jianniney v. State, 2008 WL 5076466 (Delaware Supreme Court 2008). Here are the facts that led to Mr. Jianniney’s being convicted of the sexual solicitation of a child:
On February 28, 2006, Jason Baker [a pseudonym] was 13 years old and home from school on suspension. At about 11:30 a.m., he was working outside his house, in Glasgow Pines, Delaware, when a man, later identified as Christopher Jianniney, approached him and began talking to him. . . . did not respond, and went into his house. At about 6:00 p.m., as Baker was taking trash . . . to the curb, Jianniney approached him again. This time Jianniney offered Baker $40 if Baker would show his penis to Jianniney. Baker ran into his house and called his mother, who came home right away. Baker and his mother drove around the neighborhood in an unsuccessful effort to find the car that Jianniney drove away in-a rusty colored pickup truck with a white roof and Maryland license plates. Baker and his mother then reported the incident to the police.

In 2006, Jianniney lived with his parents, and worked as a driver for Wilson Fuel Services, in Elkton, Maryland. On February 28, 2006, Jianniney punched in at 7:59 a.m., made eight fuel deliveries, then returned to Wilson Fuel for his lunch break. He went out for afternoon deliveries and punched out for the day at 4:08 p.m. According to his father, Jianniney was home, having dinner and helping to clean up after dinner, from about 5:15 p.m. until well after 6:00 p.m.

But two other witnesses placed Jianniney on the street where Baker lived at 6:00 p.m. One neighbor, Cheryl Besteder, testified she saw Jianniney leave the house of another neighbor, Leland Brown, at about 5:30 p.m. and watched as he played basketball with some children on the street. Besteder had seen Jianniney in the neighborhood several times, and identified his car as being an older, brownish, pickup truck with a light top. Brown testified that Jianniney occasionally helped him work on his car, and Jianniney was supposed to come work on his car on February 28th. Brown said that he never saw Jianniney that day, because Brown fell asleep after he came home from work.
Jianniney v. State, supra.

The MapQuest evidence pertained to the testimony of another witness, a defense witness:
Jerry Wilson, owner of Wilson Fuel, testified about Jianniney's work schedule on February 28th. Using Jianniney's fuel delivery tickets, Wilson provided estimates of the time it would take to drive to each location and deliver fuel. Wilson based those estimates on his familiarity with the roads and delivery locations. He testified that Jianniney would not have had time to get to Baker's house by 11:30 a.m. after completing his morning deliveries. On cross-examination, Wilson acknowledged that he was familiar with MapQuest and had used that website to determine how long it would take to get from one place to another. After the trial court admitted a batch of MapQuest printouts of driving directions and driving times, the State compared the MapQuest time estimates with Wilson's time estimates. In several instances, Wilson estimated twice as much time as the MapQuest estimate.
Jianniney v. State, supra. The jury convicted Jianniney and he appealed.

As the Delaware Supreme Court noted, the “sole issue on appeal” was “whether the trial court . . . violated Jianniney's constitutional right to confront witnesses by admitting the MapQuest printouts.” Jianniney v. State, supra. The MapQuest printouts were hearsay because they were statements by an out of court declarant –MapQuest – offered to prove the truth of the matters they concerned. The trial court admitted the printouts under an exception to the hearsay rule. Rule 803 of the Delaware Rules of Evidence states that items falling into any of 25 categories “are not excluded by the hearsay rule”. Delaware Rule of Evidence 803. Each of the categories is based on a principle that justifies not excluding the evidence in question as hearsay.

The trial court admitted the MapQuest printouts under Delaware Rule of Evidence 803(17), which allows the admission of “[m]arket quotations, tabulations, lists, directories or other published compilations, generally used and relied upon by the public or by persons in particular occupations.” The rationale underlying this exception to the general rule barring the admission of hearsay is “trustworthiness” deriving from “general reliance by the public or by a particular segment of it, and the motivation of the compiler to foster reliance by being accurate.” Advisory Committee Note to Federal Rule of Evidence 803.

The prosecution used the MapQuest printouts to impeach Wilson’s testimony, i.e., to show his time estimates were incorrect. To establish that the MapQuest printouts were admissible under Delaware Rule of Evidence 803(17), the prosecutor used Wilson’s testimony “that he was familiar” with MapQuest and “had used it.” Jianniney v. State, supra. During the appeal, the prosecution argued this was sufficient: “Wilson himself testified that he had used MapQuest before to obtain an estimate of the driving time between two points. Wilson's testimony was sufficient to establish that the public used and relied on the MapQuest information.” Appellee’s Brief, Jianniney v. State, supra.

The Delaware Supreme Court did not agree:
If the Mapquest printouts only identified streets, driving routes, and driving distances associated with those routes, Jianniney probably would not have objected to their admission. . . .

[H]owever, the Mapquest printouts were admitted for the truth of the website's driving time estimates. Yet the State offered no evidence that those estimates are relied upon by the public or professional drivers. Woods testified that he had used Mapquest at some unspecified time. That hardly establishes general use and reliance by the public. Moreover, Mapquest expressly disclaims the accuracy of its information:

THIS WEBSITE AND THE MATERIALS ARE PROVIDED WITH ALL FAULTS ON AN “AS IS” AND “AS AVAILABLE” BASIS. MAPQUEST, ITS LICENSORS AND OTHER SUPPLIERS DISCLAIM ALL WARRANTIES ... INCLUDING THE WARRANTIES THAT THE WEBSITE AND MATERIALS ARE FREE FROM DEFECTS....

* * *

Please note that the Materials may include technical inaccuracies or typographical errors. In addition, you may find that weather, construction projects, traffic conditions, or other events may cause road conditions to differ from the listed results.
Jianniney v. State, supra.

The Delaware Supreme Court held, therefore, that the record in the case “does not support a finding that the Mapquest travel time estimates” were properly admitted under Delaware Rule of Evidence 803(17). Jianniney v. State, supra. Notwithstanding that, it upheld the conviction:
We are satisfied that the trial court's error in admitting this evidence was harmless beyond a reasonable doubt. First, it was not particularly persuasive. Mapquest's estimates of driving times, as both Woods and Jianniney pointed out, failed to account for traffic, weather, time of day, or type of vehicle. Second, the Mapquest evidence, even if fully accepted by the jury, only established that it might have been possible for Jianniney to travel to Baker's neighborhood at 11:30 a.m. It did not address Jianniney's whereabouts at 6:00, when the crime was committed. Third, a disinterested witness saw Jianniney and his pickup truck on Baker's street at 6:00 p.m. Another disinterested witness testified that Jianniney was supposed to come by that day after work. This was not a close case, and the inadmissible evidence was only minimally prejudicial, if at all.
Jianniney v. State, supra.

Wednesday, December 10, 2008

The Nigerian Defense?

A couple of years ago, I did a post on the Trojan horse defense, i.e., the claim that a Trojan horse program put the child pornography on the defendant’s hard drive.

This post is about what might be called the Nigerian Defense.


it was raised by Jeffrey Kelly, who was charged with forgery and theft “after he presented two counterfeit checks to a bank in Valdez”, Alaska. Kelly v. State, 2008 WL 612807 (Alaska Court of Appeals 2008). Here, according to the court of appeals, are the essential facts that led to the charges:
Kelly went to the First National Bank Alaska in Valdez on March 10, 2005, and presented a check for $30,000. Kelly was told it would take a while for the check to clear because the check was drawn off of a Canadian bank. Kelly returned to the same bank on March 24, and presented a check for $9,960. The supervisor at the bank, Linda A. Goebel, approved the check for immediate deposit. According to Goebel, Kelly told her the check was good, that he had received it from a stock transaction, and that he had recently cashed a similar check at the bank. Goebel testified that she mistakenly thought the check was for approximately $900 and made the funds available for Kelly's immediate use. Kelly's account was credited for the full amount ($9,960), and he spent a large portion of the money within a short period of time.

Later, the bank discovered that the checks were counterfeit, and it put a hold on Kelly's account. On April 6, Goebel contacted Kelly. . . . Kelly met with Goebel's supervisor on April 11, and he promised to pay back the money. Kelly signed a loan agreement and provided collateral for the amount he had already spent -- approximately $6,452.
Kelly v. State, supra. Ms. Goebel also contacted the
Valdez Police Department and reported the incident. Investigator Daniel C. Mott contacted Kelly on April 16 and again on April 21. Kelly initially repeated his story about having received the checks from a stock transaction. But Kelly then changed his story -- he said he received the checks from a woman who had e-mailed him from Nigeria requesting help in bringing her family to the United States.
Kelly v. State, supra.

Kelly was, as I noted above, charged with forgery and theft based on his presenting and cashing the counterfeit checks. He went to trial and the jury convicted him on all counts. Kelly v. State, supra.

He appealed his convictions, arguing, among other things, that the trial judge erred in not letting him admit all of the emails he claimed to have received from the person who allegedly perpetrated the Nigerian scam that got him into trouble:
Kelly's defense was that he was the victim of an Internet scam. Kelly did not testify, but sought to admit his version of the facts through e-mail communications with the Nigerian scammer. Specifically, Kelly asserted that he had been contacted through e-mail by a woman claiming to be from Nigeria who needed his help in bringing her family and money to the United States. The e-mail scammer promised that if Kelly would assist her, she would let him have a share of the money. The woman sent Kelly some official looking documents and the two checks that he later presented to the First National Bank.

Kelly admitted that, by the time of trial, everyone knew that this was a common Internet scam. But he pointed out that, at the time he received the e-mail, the scam was not as widely known. He argued that he was not very smart, that he was defrauded, and that he was a victim of the scam. He claimed that, at the time he presented the checks, he had no intent to defraud the bank.

Judge Schally allowed Kelly to admit into evidence the e-mails he sent and received up until April 6, the date when the bank confronted Kelly with the fact that the checks were counterfeit. Kelly argues that it was error for Judge Schally to not admit e-mails sent and received after April 6 into evidence.

Kelly asserts that the e-mails after the 6th were admissible to show his innocent state of mind regarding the validity of the checks. Specifically, Kelly argues that `[t]he post-April 6 e-mails were important to [Kelly's] defense because they would have established that, even after he was in criminal trouble, he still believed the checks were genuine and was seeking assurances and explanations from the Nigerians.’
Kelly v. State, supra.

The theft and forgery charges against Kelly both required that he act with a particular level of mens rea, or intent. The forgery charge required that, acting with the “intent to defraud” his victim, Kelly have uttered a forged instrument, including a check. Alaska Statutes § 11.46.505(a)(1). “Uttering” a forged instrument is defined as “to issue, deliver, publish, circulate, disseminate, transfer, or tender” a forged instrument, such as a check. Alaska Statutes § 11.46.580(b)(1). The theft charged required that, acting with the “intent to deprive another of property or to appropriate property of another to oneself,” Kelly have obtained the property of another. Alaska Statutes § 11.46.130(a)(1).

To commit either or both crimes, therefore, Kelly would have to have acted with the intent to defraud the bank and thereby unlawfully obtain property belonging to it when he tendered the checks to the bank. The intent to defraud (how he goes about getting the property) and the intent to commit theft (actually getting the property) both implicitly require that the defendant have known that what he was doing was “wrong.”

Kelly’s defense at trial was based on the premise that “the state's case centered on proving that Kelly knew the checks were counterfeit” Appellant’s Brief, Kelly v. State, supra. On appeal, the defense argued that the emails were “being offered to show the `core of our defense’ - that Kelly believed the checks to be genuine and that he also was a victim of the Nigerians' scam.” Appellant’s Brief, Kelly v. State, supra.


That’s a perfectly legitimate defense theory. If it were true, then Kelly would not have had the intent required to commit either theft or fraud.

The issue on appeal, though, was not whether he had been allowed to present that defense at all. Instead, the issue on appeal went to the propriety of the trial court’s refusing to admit the post-April 6 emails, i.e., the emails that allegedly involved communications sent after it had become apparent the checks were no good.

The Alaska Court of Appeals held that the trial court acted correctly in refusing the admit these emails, for two reasons. The first went to the nature of the evidence itself:
`A defendant's self-serving statements are hearsay and cannot be admitted into evidence unless they qualify under some exception to the hearsay rule or are used for a non-hearsay purpose.’ Judge Schally did not abuse his discretion in finding that Kelly's later e-mails were self-serving hearsay statements that had little probative value. The essential question . . . was whether Kelly, at the time he presented the counterfeit checks, had an intent to defraud. Kelly's state of mind after he was confronted with the fact that the checks were counterfeit was not relevant. Even if Kelly did not know at the time he passed the checks that they were counterfeit, it proves very little that Kelly made statements professing his innocence after he was confronted with the fact that the checks were counterfeit.
Kelly v. State, supra.

The other reason went, essentially, to the effect of not introducing these emails:
Kelly was able to fully establish his defense through the e-mails sent and received before April 6, which were admitted. These e-mails tended to show that Kelly was contacted by the Internet scammer. And the e-mails tended to establish the scammer's method of operation. The question at trial was whether Kelly was actually fooled by the scam and had no intent to defraud the bank when he presented the checks. The e-mails that the court allowed into evidence permitted Kelly to present this defense. Therefore, even if Judge Schally had erred in refusing to allow Kelly to admit the later e-mails, any error would be harmless.
Kelly v. State, supra. The appellate court therefore affirmed Kelly’s conviction.