After Patrice Antoinette Bernard was convicted of “accessing
a government computer without authority, accessing computers, and identity
theft” in violation of North Carolina law, she appealed. State
v. Bernard, 762 S.E.2d 514 (Court of Appeals of North Carolina 2014). This opinion’s description of the facts from
which this prosecution arose is a little murky, but it seems that until July
11, 2008, Bernard was an employee of the North Carolina Agricultural and Technical State University (which the opinion refers to as “A&T”), “but her
employment was terminated.” State v. Bernard, supra.
The Court of Appeals explains that “on or about 8 September
2009”, Detective M. Tillery, of the North Carolina Agricultural and Technical
State University Department of Police & Public Safety applied for a search
warrant for Road Runner Hold Company LLC” based on an affidavit in which he
outlined these facts:
On September 3, 2009 I, Detective M.
Tillery, responded to 1020 Wendover Avenue, Greensboro, NC, which is property
of NC A & T State University. The complainant, Mrs. Linda McAbee, Vice
Chancellor of Human Resources at NC A & T SU, stated that someone accessed
her NC A & T SU email account without her permission. The complainant
stated that the unknown and unauthorized user(s) created an email which
intended to deceive Administrators of the university.
The complaint stated that the
information contained in the email addressed an issue which NC A & T State
University and [defendant] Mrs. Patrice A. Bernard (Petitioner) is/was in
litigation in Guilford County, North Carolina. The complainant also stated that
the unauthorized email was sent on August 30, 2009 at 18:49 EST.
This affiant discovered through court
documents that the petitioner filed a grievance in April 2008 in response to a
termination letter dated April 22, 2008. According to court documents, the
petitioner [defendant] received a Reduction In Force (RIF) letter indicating
that her position would be eliminated for funding reasons. The petitioner filed
an appeal.
University Administrators have been
communicating with Mrs. McAbee to resolve this issue through legal means. Mrs.
McAbee stated that someone accessed her email, constructed a bogus
communication, and emailed the document to University Administrators in an
effort to rehire or compensate the former employee, [defendant] Mrs. Patrice
Bernard.
Mrs. Lisa Lewis–Warren, Department of
Information Technology with NC A &T SU stated that her department
conducted forensic analysis on Mrs. McAbee's desktop computer and the campus
Network System. Mrs. Warren stated that her department discovered that the
unauthorized communication was not sent from Mrs. McAbee's desktop computer.
Mrs. Warren stated that the NC A & T SU IT Department analysis indicated that an unauthorized person accessed Mrs.
McAbee's university email account and other current employees email accounts of
NC A & T SU, several times for several minutes from IP Address
65.190.107.64, between August 28, 2009 through September 2, 2009.
This affiant knows that many
individuals and businesses obtain their access to the Internet through
businesses known as Internet Service Providers (`ISPs’). ISPs provide their
customers with access to the Internet using telephone or other
telecommunications lines; provide Internet email accounts that allow users to
communicate with other Internet users by sending and receiving electronic
messages through the ISPs' servers; remotely store electronic files on their
customers' behalf; and may provide other services unique to each particular
ISP.
Through this affiant['s] training and
experience, when an ISP or other providers uses dynamic IP addresses, the ISP
randomly assigns one of the available IP addresses in the range of IP addresses
controlled by the ISP each time a user dials into the ISP to connect to the
Internet. The customer's computer retains that IP address for the duration of
that session, and the IP address cannot be assigned to another user during that
period. . . .
Through this affiant['s] training and
experience, a static IP address is an IP address that is assigned permanently
to a given user or computer on a network. A customer of an ISP that assigns
static IP addresses will have the same IP address every time.
Through this affiant['s] training and
experience, ISPs maintain records pertaining to the individuals or companies
that have [a] subscriber account with it. Those records could include
identifying and billing information account access information in the form of
log files, email transaction information, posting information, account
application information, and other information both in computer data format and
in written record format. ISPs reserve and/or maintain computer disk
storage space on their computer system for the use of the Internet service
subscriber for both temporary and long-term storage of electronic
communications with other parties and other types of electronic data and
files. E-mail that has not been open is stored temporarily by an ISP incident
to the transmission of the e-mail to the intended recipient, usually within an
area known as the home directory.
Through my training and experience this
affiant knows that when an individual uses a computer to obtain unauthorized
access to a victim computer over the internet, the individual's computer will
generally serve both as an instrumentality for committing the crime, and also
as a storage device for evidence of the crime. The computer is an
instrumentality of the crime because it is used as a means of committing the
criminal offense.
State v. Bernard,
supra.
“Based on these facts”, Tillery sought “a search warrant to
seize anything within the possession of Road Runner regarding IP Address
65.190.107.64 between the dates of August 28, 2009 and September 2, 2009.” State v. Bernard, supra. The magistrate
issued the search warrant and “[o]n or about 15 September 2009,” Tillery
applied for an amended search warrant based on the same facts and requesting
the same information to be seized; again, the magistrate issued the search
warrant. State v. Bernard, supra. “On
or about 15 September 2009,” Time Warner Cable's Subpoena Compliance Team,
wrote Tillery and informed him that the IP Address at issue was assigned to
Bernard. State v. Bernard, supra.
“On or about 16 September 2009,” Tillery again applied for a
search warrant, but this
`time for [Bernard’s] home, vehicle, and
her person. [His] factual basis for the warrant was the same as the Road Runner
search warrants except he added that `[t]he ISP, Road Runner Hold Co LLC RRMA,
identified IP Address 65.190.107.64 connection as being assigned to [defendant]
Patrice Bernard located at 2722 Chadbury Drive Greensboro, North Carolina. This
is the petitioner who is/was in litigation against NC A & T State
University in Guilford County, North Carolina.’
The magistrate issued the search
warrant. On or about 23 September 2009, Tillery again applied for a search
warrant based on the same facts as in the other search warrants, this time
specifically requesting to search a computer seized during the search of [Bernard’s]
home. The magistrate issued the search warrant. All of the search warrants
except for the one regarding [her] computer were returned by Tillery.
State v. Bernard,
supra. (For the process of returning
a warrant, see North Carolina General Statutes § 15A-257.)
“On 20 September 2010, [Bernard] was indicted for accessing
a government computer without authorization, felony accessing computers, and
identity theft.” State v. Bernard, supra. On February
22, 2013, Bernard “filed a motion to suppress `evidence obtained as a result of
any supposed forensic examination’ of her computer because the information on
her seized computer was manipulated.” State
v. Bernard, supra. The trial judge
issued a ruling on the motion in which he found, among other things,
`9. That Detective Tillery processed
all seized property, including all computers and the above described paper
documents, at North Carolina A &T State University Campus Police
Headquarters;
20. That after processing all property
seized from the defendant's home Detective Tillery stored all seized property
in the North Carolina A & T State University Campus Police Evidence
Management System;
21. That Detective Tillery checked out
the computer hardware seized from the defendant's home from North Carolina A
& T State University Campus Police Evidence Management System and delivered
same to Detective Flinchum for purposes of a computer forensic examination on
September 23rd, 2009;
22. That Detective Flinchum performed
his forensic examination and returned the computer hardware to Detective
Tillery, who again entered the computer hardware into the North Carolina A
& T State University Campus Police Evidence Management System;
23. That Detective Flinchum found no
evidence that the computer hardware seized from defendant's home had been
accessed, powered-on or manipulated in any way from the time the hardware was
seized until Detective Flinchum began his forensic examination on September
23rd, 2009[.]’
State v. Bernard,
supra. The trial judge therefore
denied Bernard’s motion to suppress. State v. Bernard, supra.
In reviewing the denial of her motion to suppress the Court
of Appeals addressed, among other things, Bernard’s argument that “Detective
Tillery was biased against her.” State
v. Bernard, supra. It disposed of
that issue relatively quickly, noting that
[w]e are not aware of any case law nor
has [Bernard] directed us toward any indicating that the investigating
officer's negative view or bias against a defendant may invalidate the
application for the search warrant.
Regardless of the investigating
officer's attitude, the question remains whether the facts as presented to the
magistrate establish `there is a fair probability that contraband or evidence
of a crime will be found in a particular place’. State v.
Hunt, 150 N.C. App. 101, 562 S.E.2d 597 (North Carolina Court of Appeals
2002). There was information to support
the issuance of the search warrant, including a letter from Time Warner Cable
to Detective Tillery which identified defendant's IP address as the source of
the fraudulent emails.
State v. Bernard,
supra.
The court also addressed Bernard’s argument that the Campus
Police did not have he “jurisdiction . . . to carry out a search of a private
residence which was not on the campus of A & T.” State
v. Bernard, supra. The Court of Appeals noted that his was “a
more difficult question”, as Bernard argued that the “A & T campus police
acted beyond their statutory authority by executing a search warrant at her
home.” State v. Bernard, supra.
It began its analysis of the issue by explaining that
`[a]search warrant may be executed by
any law-enforcement officer acting within his territorial jurisdiction, whose
investigative authority encompasses the crime or crimes involved.’ North Carolina General Statutes § 15A–247. `The territorial jurisdiction of a campus
police officer shall include all property owned or leased to the institution
employing the campus police officer and that portion of any public road or
highway passing through such property or immediately adjoining it, wherever
located.’ North Carolina General Statutes § 116–40.5(a).
Furthermore, North Carolina
General Statutes §§ 74E–6, 74G–6, and 160A-288 provide campus
police with the ability to cooperate with other law enforcement agencies and
enter into joint agreements and mutual aid agreements that extend the campus
police agencies jurisdiction. . . . In 1998, A & T and the City
of Greensboro entered into an `AGREEMENT FOR POLICE COOPERATION AND MUTUAL AID’
(`Agreement’) which provided that:
`The Campus Law Enforcement Agency will
have primary authority for investigation as described in Paragraph 2.2,
although such investigation may require that officers of the Campus Law
Enforcement Agency make inquiries and arrests beyond the perimeter of Campus in
the following cases:
An offense committed on Campus for
which [the] alleged perpetrator or suspect is no longer present on campus,
whether or not officers are in active and immediate pursuit[.]’
State v. Bernard,
supra.
The Court of Appeals therefore found that
the A & T campus police had
authority to investigate `[a]n offense committed on Campus’ even if the suspect
`is no longer present on’ the campus. Thus, the question is whether defendant's
offense was `committed on Campus[.]’
[She] was charged with accessing
computers under North Carolina General Statutes § 14–454(b) and accessing a
government computer without authority under North Carolina General Statutes § 14–454.1(b); both of these crimes are in Article 60 of the North Carolina
General Statutes. See North Carolina General Statutes §§
14–454; –454.1 (2009). North Carolina General Statutes § 14–453.2 provides,
`Any offense under this Article [60] committed by the use of electronic
communication may be deemed to have been committed where the electronic
communication was originally sent or where it was originally received in this
State. “Electronic communication” means the same as the term is defined
in North Carolina General Statutes § 14–196.3(a).’ North Carolina General Statutes § 14–453.2
(2009).
North Carolina General Statutes §
14–196.3(a) defines `[e]lectronic communication’ as `[a]ny transfer of
signs, signals, writing, images, sounds, data, or intelligence of any nature,
transmitted in whole or in part by a wire, radio, computer, electromagnetic,
photoelectric, or photo-optical system.’ North Carolina General Statutes
§ 14–196.3(a).
Under this broad definition of
electronic communication, . . . defendant `sent’ an `electronic
communication’ when she accessed the email account of an employee of A & T
and sent a false email. North Carolina General Statutes § 14–453.2. . . .
Under North Carolina General
Statutes § 14–453.2, defendant’s `offense[s were] committed on Campus’ since
she sent the email through the A & T computer servers on the campus and
pursuant to the Agreement, A & T campus police had jurisdiction to execute
a search warrant at her private home. This argument is overruled.
State v. Bernard,
supra. For these and other reasons,
the Court of Appeals affirmed Bernard’s convictions. State
v. Bernard, supra.
No comments:
Post a Comment