Friday, June 29, 2012

Unauthorized Access, Identity Theft and the Fired Employee

This post examines a New York court’s opinion addressing Basil Agrocostea’s motion to dismiss the “accusatory instrument” filed against him “for facial insufficiency.”  People v. Agrocostea, 2012 WL 2273595 (New York City Criminal Court 2012).  We’ll get to the charges in the “accusatory instrument” in a bit.  First, I need to parse out what is going on here. 

According to New York’s Criminal Procedure Law § 1.20(1), an “accusatory instrument” is “an indictment, . . . an information. . . a misdemeanor complaint or a felony complaint.” Agrocostea was charged by a misdemeanor complaint.  People v. Agrocostea, supra.

As § 1.20(7) also notes, a misdemeanor complaint is

verified written accusation by a person . . . filed with a local criminal court, which charges one or more defendants with the  commission of one or more offenses, at least one of which is a misdemeanor and none of which is a felony, and which serves to commence  a criminal action but which may not, except upon the defendant's consent, serve as a basis for prosecution of the offenses charged therein.

Unless a defendant pleads guilty to the charges in the misdemeanor complaint or waives his right to be prosecuted by an information, “the misdemeanor complaint must be replaced prior to trial with an information meeting the requirements for facial sufficiency.”   People v. Agrocostea, supra.  So, Agrocostea was apparently trying to stop this prosecution from going any further, i.e., to the filing of an information or an indictment.

The opinion doesn’t specifically say this, but as far as I can tell Agrocostea’s motion to dismiss was filed under New York’s Criminal Procedure Law § 170.35, which says an accusatory instrument, as defined above, can be dismissed as “defective” when it “is not sufficient on its face pursuant to the requirements of” New York’s Criminal Procedure Law § 100.40.  Section 100.40(4)(b) says a misdemeanor complaint is “sufficient on its face when” the

allegations of the factual part of such accusatory instrument and/or any supporting depositions which may accompany it, provide reasonable cause to believe that the defendant committed the offense charged in the accusatory part of such instrument.

According to this opinion, “reasonable cause” exists when

`evidence or information which appears reliable discloses facts or circumstances which are collectively of such weight and persuasiveness as to convince a person of ordinary intelligence, judgment and experience that it is reasonably likely that such offense was committed and that such person committed it. . . . ‘

People v. Agrocostea, supra (quoting New York Criminal Procedure Law § 70.10(2)). A “conclusory allegation” that the defendant committed the crime does not constitute “reasonable cause”.  People v. Agrocostea, supra.

And that brings us to the facts in the case.  The opinion notes that the “factual portion of the” misdemeanor complaint alleged that

on January 26, 2012 at about 2:00 hours inside of 499 Seventh Avenue in the County and State of New York, defendant committed these offenses under the following circumstances:

Deponent is informed by Steven Goldglit, of an address known to the District Attorney's Office, that informant is the managing partner of Goldglit and Company, an accounting firm located at the above location. Informant states that [Agrocostea] was formerly employed at Goldglit and Company, and that on January 20, 2012, [his] employment was terminated. Informant states that on January 26, 2012, an email was sent from [Agrocostea’s] business email account to which reads, in substance:


Informant states that the email purports to be signed by informant, but that informant did not sign said email.

Deponent is further informed that informant did not send the above stated email, that [Agrocostea] does not have access to his computer, computer network, and email account, and that he does not have permission or authorization to use said email account.

Deponent is further informed that informant has read a letter dated February 20, 2012, directed to a client of Godglit and Company and signed by [Agrocostea], which letter enclosed a copy of the above-mentioned email and which letter described said email as `PRAISE COURTESY OF MY FORMER EMPLOYER.’

People v. Agrocostea, supra.

The opinion also notes that “the supporting deposition” said Agrocostea “was fired on January 11, 2012”, well before the email in question was sent.  People v. Agrocostea, supra.  As a result of the allegations outlined above and, presumably, further elaborated on in the “supporting deposition”, Agrocostea was charged with unauthorized use of a computer in violation of New York Penal Law § 156.05 and with identity theft in the third degree in violation of New York Penal Law §190.78.  People v. Agrocostea, supra.

As to the unauthorized use of a computer charge, Agrocostea argued that the misdemeanor complaint failed “to allege facts to establish that [he] knowingly used or accessed the informant's computer without authorization.”  People v. Agrocostea, supra.  More precisely, he argued that the complaint was “facially insufficient because it [did] not demonstrate that he sent the email or how he accessed the informant's email account”.   
People v. Agrocostea, supra.

The court did not agree:

The supporting deposition alleges that [Agrocostea] was fired on January 11, 2012. The accusatory instrument alleges that thereafter, on January 26, 2012, an email was sent from the informant's email account to the email address basyagro expressing regret for firing [Agrocostea] and requesting that [he] be considered for employment. The complaint further alleges that the email purports to be sent by the informant, but that the informant did not send the email.

The complaint also references a letter, dated February 20, 2012, signed by [Agrocostea] and sent to one of the informant's clients. This letter references the content of the email sent from the informant's email account.

These allegations, taken together, given a fair and not overly technical reading are sufficient to meet the burden of reasonable cause to believe that [Agrocostea] knowingly accessed [the deponent’s] computer without permission.

People v. Agrocostea, supra.

The judge also found that given that “the email was sent shortly after” Agrocostea was fired, that it commended his “job performance, expresse[d] regret for firing him, urge[d] that he be considered for employment, and is attached to a letter” in which Agrocostea  “endors[ed] its content,” she could “draw the reasonable inference” that Agrocostea “accessed the informant's email account and sent the email for the purposes of obtaining employment.”  People v. Agrocostea, supra.

She also noted that the statute defining the offense does not require the prosecution to

allege precisely how [Agrocostea] accessed the informant's email account, but merely that [he] knowingly used or accessed the informant's computer or computer network without permission. It is well known that an individual need not be present or ever have had contact with the computer terminal of another in order to access their email account or computer network.

Based upon the foregoing, the facts of the instant complaint provide the Court reasonable cause to believe [Agrocostea] knowingly accessed his former employer's email account or caused it to be used to send an email that he was not authorized to send.

People v. Agrocostea, supra.  She therefore denied his motion to dismiss the unauthorized access charge.  People v. Agrocostea, supra.

The judge then took up Agrocostea’s argument that the complaint lacked “sufficient allegations to establish that [he] assumed the informant's identity.”  People v. Agrocostea, supra.  She noted that the statute at issue, New York Penal Law § 190.78, states that a person is guilty of identity theft in the third degree when he/she

knowingly and with intent to defraud assumes the identity of another person by presenting himself or herself as that other person, or by acting as that other person or by using personal identifying information of that other person, and thereby: (1) obtains goods, money, property or services or uses credit in the name of such other person or causes financial loss to such person or to another person or persons or (2) commits a class A misdemeanor.

People v. Agrocostea, supra.

She therefore found that the

allegations of the complaint are sufficient to meet the burden of reasonable cause to believe that [Agrocostea], with the intent to defraud potential employers assumed his former employer's identity, by sending an email through his employer's email account, in the name of his employer, for the purpose of obtaining employment.

The accusatory instrument further supports the reasonable inference that [Agrocostea] distributed this email to others.

People v. Agrocostea, supra.

Given all this, the judge denied Agrocostea’s motion to dismiss the complaint for facial insufficiency.  People v. Agrocostea, supra.  So, that presumably means he either pleads guilty to the charges in the misdemeanor complaint or goes to trial on the complaint (if he waives his right to be charged by a information) or on the felony complaint that would replace it. 

Wednesday, June 27, 2012

Wi-Fi, Curtilage and Kyllo

After being indicted for “interstate cyberstalking” in violation of 18 U.S. Code § 2261A and identity theft in violation of 18 U.S.Code § 1028, Shawn Sayer filed a motion to suppress certain of the evidence the government intended to use at trial.  U.S. v. Sayer, 2012 WL 2180577 (U.S.District Court for the District of Maine 2012).
This, according to the opinion in which the court rules on the motion, is how the case arose:
While living in Maine, the victim dated [Sayer]. In January 2006, after they broke up, [he] began to stalk and harass the victim. . . . [Sayer] was convicted in Maine Superior Court for stalking the victim [who] obtained a protection from abuse order against [him] and in February 2008 [Sayer] was convicted of violating that protective order. On several occasions in October 2008 men came to the victim's home saying they had met her on the Internet and were looking for sexual encounters. Later, [she] found an ad on Craigslist under the heading `casual encounters’ that provided pictures of her in lingerie [Sayer] had taken before they split up. . . . [T]he ad included directions to her home and a list of `sexual things’ she would do when they got there.

To get away from the stalking, [she] changed her name and moved to Louisiana. In August 2009, the same thing started to happen -- men whom she did not know started to arrive at her home in Louisiana, saying they had met her on the Internet and were looking for sexual encounters. During August 2009, a sexually explicit video of the victim, consensually taken with [Sayer] while they were dating, was posted on several adult pornography sites. These sites also listed the victim's new name as well as her original given name and her Louisiana address. The internet postings were not made by the victim.

In September 2009, a new Facebook account was created in [her] name and included a photograph of her. The victim did not create this account, but the IP address of where the account was created was in Biddeford, Maine and assigned to Richard Cook, who lived across the street from [Sayer] and had an unsecure wireless internet connection. 

U.S. v. Sayer, supra.
(As the judge notes, the “government’s contention” in the indictment is that after she moved to Louisiana to “escape him,” Sayer, who was “still in Maine”, created the “fictitious internet advertisements and social media profiles” described above for the purpose of cyberstalking the victim.   U.S. v. Sayer, supra.)
“Based on” the information outlined above, a federal judge issued a warrant to search Sayer’s home “and to seize computers, computer equipment, cameras, and computer records or data.”  U.S. v. Sayer, supra.  That led to his being indicted on the charges noted above and to the issuance of the search warrant.  U.S. v. Sayer, supra.
Sayer’s first argument in his motion to suppress was “that law enforcement violated his Fourth Amendment rights by obtaining certain information without a warrant on October 29, 2009, inside the curtilage of his residence.”  U.S. v. Sayer, supra.  More precisely,
[w]hat law enforcement did was drive into his driveway entrance, ostensibly to turn around, and while in the entrance used a laptop computer to determine what wireless signals could be detected there.

U.S. v. Sayer, supra.  Whether what the officers did violated the 4th Amendment depends on the answers to two related questions:  Were the officers on the curtilage of Sayer’s residence when they checked for wireless signals?  And was checking for wireless signals a 4th Amendment “search”?  Like the judge, we’ll examine the questions in this order.
As Wikipedia notes, “curtilage” is a legal term that is used to “define the land immediately surrounding a house or dwelling. . . . within which a home owner can have a reasonable expectation of privacy [under the 4th Amendment].”  Basically, the concept of curtilage is used to distinguish between the area proximate to a home, which is protected by the 4th Amendment’s ban on “unreasonable” searches and seizures, and the area beyond the curtilage, which is considered “open fields” not protected by the 4th Amendment.  The issue arises because the 4th Amendment creates a right to be free from unreasonable searches of our “persons, houses, papers, and effects”.  Houses and their contents, then, are clearly protected; and since land surrounding the home is neither “papers,” “persons” nor “effects”, the issue was whether the 4th Amendment only applies to the home and its interior or also protects at least some of the surrounding land. 
In U.S. v. Dunn,480 U.S. 294 (1987), the Supreme Court noted that it has historically distinguished between the “curtilage”, which is protected, and “open fields” which, as noted above, are not.  Or, as this judge put it, the “`curtilage’” of a house is “an area that should be treated as the home itself as distinguished from open fields that might surround it.”  U.S. v. Sayer, supra.  The judge also noted that the Dunn Court said
curtilage questions should be resolved with particular reference to four factors: the proximity of the area claimed to be curtilage to the home, whether the area is included within an enclosure surrounding the home, the nature of the uses to which the area is put, and the steps taken by the resident to protect the area from observation by people passing by.

U.S. v. Sayer, supra (quoting U.S. v. Dunn, supra).
He applied these factors to the Sayer case and found the “officers did not invade the curtilage” of his residence.  U.S. v. Sayer, supra.  According to the judge, Sayer’s
driveway entrance satisfies none of those four factors. His driveway entrance is not close to his home; there is no enclosure; the area is used to access the driveway from the public street (for example by delivery people); and nothing protects the area from observation by people passing by. A photograph of the house and driveway makes that all obvious. . . .

Moreover, the First Circuit has stated: `If the relevant part of the driveway is freely exposed to public view, it does not fall within the curtilage.’ U.S. v. Brown,510 F.3d 57, 65 (1st Cir.2007). That is the case here.

U.S. v. Sayer, supra. 
He then took up the second question:  Sayer argued that “regardless of the legality of the driveway turnaround, it was still an illegal warrantless search to do a `wireless survey of WiFi/Internet signals’ on October 29, 2009.”  U.S. v. Sayer, supra.  In making this argument Sayer relied on the Supreme Court’s decision in Kyllo v. United States, 533 U.S. 27 (2001), which I’ve discussed in prior posts.
In Kyllo, federal agents who suspected Danny Lee Kyllo was growing marijuana in his
home in a triplex, . . . used a thermal-imaging device to scan the triplex to determine if the amount of heat emanating from it was consistent with the high-intensity lamps typically used for indoor marijuana growth. The scan showed that Kyllo's garage roof and a side wall were relatively hot compared to the rest of his home and substantially warmer than the neighboring units. Based in part on the thermal imaging, a Federal Magistrate Judge issued a warrant to search Kyllo's home, where the agents found marijuana growing. 

U.S. v. Kyllo, supra. 
After Kyllo was indicted on a drug charge, he moved to suppress, claiming the use of the thermal imager was a 4th Amendment “search” which was unlawful because it was conducted without a warrant or an applicable exception to the warrant requirement.  U.S. v. Kyllo, supra.  He lost at the district court and court of appeals levels, but the Supreme Court agreed with him, holding that
obtaining by sense-enhancing technology any information regarding the interior of the home that could not otherwise have been obtained without physical `intrusion into a constitutionally protected area,’ Silverman v. U.S., 365 U.S. 505 (1961), constitutes a search -- at least where (as here) the technology in question is not in general public use. This assures preservation of that degree of privacy . . . that existed when the 4th Amendment was adopted. On the basis of this criterion, the information obtained by the thermal imager in this case was the product of a search.

U.S. v. Kyllo, supra. 
So, Sayer was trying to do the same thing Kyllo did, i.e., argue that the agents’ using a laptop to attempt to detect wireless signals was a 4th Amendment “search”, at least under Kyllo.  Unfortunately for Sayer, his judge did not buy the argument:
Unlike Kyllo, what law enforcement detected here was not a signal that was in or coming from [Sayer’s] residence; instead, the assertion is that the detected signals came from a wireless router in a neighbor's house across the street. (Apparently part of the government's case is that [Sayer] used others' wireless access so that his actions could not be traced to him.)

Moreover, the technology that they used is in general public use; anyone with a laptop with wireless capability can find evidence of WiFi signals. This is not Kyllo 's advanced technology `not in general public use.’

U.S. v. Sayer, supra. 
The judge also noted that if the officers did not “invade his curtilage,” Sayer “has no standing to object to their discovery of the signals they detected, because they did not come from [him] or his residence, but from others.”  U.S. v. Sayer, supra. 
As I noted in an earlier post, the legal term “standing” has a specific meaning in the context of 4th Amendment law. As a U.S. District Court explained, someone who is
seeking to exclude evidence allegedly obtained in violation of the 4th Amendment must have standing to challenge the illegal conduct that led to the discovery of the evidence. `[T]o say a party lacks 4th amendment standing is to say that his reasonable expectation of privacy has not been infringed. . . .’

U.S. v. King, 560 F.Supp.2d 906 (U.S. District Court for the Northern District of California 2008) (quoting U.S. v. Taketa, 923 F.2d 665 (9th Circuit Court of Appeals 1991)).
To establish that he had standing, Sayer had to show he had a reasonable expectation of privacy in the place and/or item searched. U.S. v. King, supra. As I explained in an earlier post, to have such an expectation, Sayer had to show (i) that he subjectively (personally) believed the place/thing was private and (ii) his belief is one society (objectively) is prepared to accept as reasonable.  According to this judge, Sayer had not done that.
If you’d like to read a little more about the case, including Sayer’s sentence, and see a photo of him, check out the news story you can find here

Monday, June 25, 2012

The Whistleblower, the Sheriff and “Unauthorized Intrusion”

After Wilfrido Mata sued Harris County, Texas under the state’s Whistleblower Act, Harris County “filed a plea to the jurisdiction”, which meant the County claimed the court didn’t have jurisdiction to hear the case.  Mata v. Harris County, 2012 WL 3212707 (Texas Court of Appeals 2012).  The judge agreed with the county and granted its plea, after which Mata appealed to the state Court of Appeals.  Mata v. Harris County, supra.

We’ll get to the legal issues in a moment.  First, the facts:  Mata was employed by the

Harris County Sheriff's Office as the director of infrastructure technology. In September 2009, Chief Administrative Officer John Dyess informed Mata that the Sheriff's Office would undergo a security audit of its computer systems. Sheriff Adrian Garcia convened a meeting attended by Dyess, Mata, and Robert Erwin, who was not a Harris County employee at that time. . . .

Erwin began to discuss `getting a view’ of the computer system; Mata [said] . . . the `Harris County Infrastructure Technology office’ and its director, Bruce High, should be involved in the security audit. Dyess objected. . . . Erwin [said] . . .he did not need High's participation because Erwin could use `packet sniffing’ to obtain information about the routers and passwords for the network without the knowledge of anyone at `Harris County ITC,’ including High

Mata v. Harris County, supra.

According to Mata, he “objected to this `unlawful intrusion into the Harris County computer system,’” but Sheriff Garcia and Dyess ordered him to cooperate.  Mata v. Harris County, supra.  Mata was so “`[d]isturbed by the plan to ‘hack’ into Harris County's computer system at the order of the Sheriff,’” that he met with the FBI on

several occasions and . . . the FBI asked him to cooperate . . . by wearing a recording device to a meeting with Erwin and others. Mata agreed; but in a meeting with Dyess in October 2009, Mata informed Dyess about his cooperation with the FBI and his belief the project with Erwin was unlawful. 

Mata v. Harris County, supra.

In November of 2009, Mata “received `documented counseling’” and in February of 2010 he received “an `average’ performance review.”  Mata v. Harris County, supra.  He was fired in May of 2010, after which he filed this suit.  Mata v. Harris County, supra.

Under the Texas Whistleblower Act, a “state or local governmental entity” cannot “terminate the employment of . . . a public employee who in good faith reports a violation of law by the employing governmental entity or another public employee to” a law enforcement authority.”  Texas Government Code § 554.002(a).  Another provision allows a public employee who alleges that he/she has been a victim of such conduct to “sue the employing . . . governmental entity for” appropriate relief. Texas Government Code § 554.0035.  It waives the governmental entity’s sovereign immunity “to the extent of liability for the relief” allowed under the state Whistleblower Act. Texas Government Code § 554.0035.  

In his suit, Mata alleged the facts above and claimed the actions noted above were retaliation for his “good faith report of a violation of the law, including . . . conspiring and/or attempting to compromise a computer system without the consent of the owner in violation of Section 33.02 of the Texas Penal Code and 18 U.S.C. § 1030.” Mata v. Harris County, supra.  Both “criminalize accessing computers without authorization or consent of the owner.”  Mata v. Harris County, supra.  In its plea to the court’s jurisdiction, Harris County argued that the facts in Mata’s petition for relief

affirmatively negates the existence of jurisdiction because (1) Mata alleged only a `plan’ or `intent’ to hack into Harris County's computer system; (2) there was no conspiracy because there was no agreement to commit the alleged underlying crime; and (3) there was no conspiracy under Texas law because the alleged underlying crime was not a felony.

Mata v. Harris County, supra. 

The Court of Appeals began its analysis of the existence of jurisdiction by noting that to “establish a waiver of governmental immunity under the Texas Whistleblower Act, a plaintiff must (1) be a public employee; and (2) allege a violation of the Act.”  Mata v. Harris County, supra.  It also noted that an

`actual violation of the law is not required by the Whistleblower Act. [It] requires only a good-faith belief that a violation of law has occurred.’  City of Elsa v. Gonzalez, 325 S.W.2d 622 (Texas Supreme Court 2010).  An employee's “report of an alleged violation of law may be in good faith even though incorrect . . . as long as a reasonable person with the employee's same level of training and experience would have believed that a violation had occurred.’  ”Town of Flower Mound v. Teague, 111 S.W.3d 742 (Texas Court of Appeals 2003).  

Accordingly, `when an employee believes and reports in good faith that a violation has occurred, but is wrong about the legal effect of the facts, he is nevertheless protected by the whistleblower statute.’  Texas Department of Criminal Justice v. McElyea, 239 S.W.3d 842 (Texas Court of Appeals 2007).

The Court then explained that (i) someone violates Texas Penal Code 33.02 if he/she knowingly accesses a computer or computer system without the owner’s consent; (ii) one violates 18 U.S. Code § 1030 if he/she accesses a computer without authorization or by exceeding authorized access and thereby obtains information from the computer; (iii) under Texas’ attempt statute, one commits the crime of attempt if he/she commit an act that constitutes more than “mere preparation” toward the commission of the target crime, i.e., the intended crime; and (iv) commits the crime of conspiracy if he/she, acting with the intent that a felony be committed, agrees with “one or more persons” that one or more of them will commit the crime.  Mata v. Harris County, supra. 

Harris County claimed Mata’s belief he was reporting a violation of the law was not reasonable because (i) neither of the statutes makes it a crime to “plan” or “intend” to “hack into a computer”, which is all Mata reported; (ii) there was no conspiracy because Mata said the hacking scheme was “ordered” by the Sheriff, and “when a supervisor orders a subordinate to take some action, he is not making an ‘agreement’ with the subordinate;” and (iii) accessing a computer without authorization is a misdemeanor under Texas Penal Code § 33.02 and under Texas law, a conspiracy does not exist unless the conspirators intend to commit a felony.  Mata v. Harris County, supra. 

As to the first issue, the Court of Appeals held that “a person in Mata's position reasonably could believe he was reporting a violation of law -- a conspiracy or attempt to access a computer system without authorization or consent” so it was not necessary for him to allege that there had been “an actual ‘accessing’“ of a computer system.  Mata v. Harris County, supra.  It noted that someone can be convicted of conspiracy or attempt even “though the underlying offense was never committed.”  Mata v. Harris County, supra.  As I’ve noted, both are inchoate, or incomplete, offenses.

As to the second issue, the court noted that Harris County cited “no authority for the proposition that the existence of an employer-employee relationship precludes a conspiratorial agreement, and authority exists to the contrary.” Mata v. Harris County, supra.  It therefore held that it was reasonable for Mata to believe there was a conspiracy to violate Tex. Penal Code Ann. § 33.02 or 18 U.S.C. § 1030.”  Mata v. Harris County, supra.

Finally, the Court of Appeals noted that while “some violations of Section 33.02 of the [Texas] Penal Code are misdemeanors for which a conspiracy could not be formed”, Mata also alleged that the conspirators had agreed to violate 18 U.S. Code § 1030. Mata v. Harris County, supra.  It found that because § 1030 “criminalizes conspiring or attempting to” violate its provisions, “with no apparent requirement that the conspirators intended for a felony to be committed”, it “was reasonable for Mata to believe he was reporting a violation of law.”  Mata v. Harris County, supra.

The court therefor reversed the trial court’s order dismissing the case and remanded it “for further proceedings.”  Mata v. Harris County, supra.

If you’d like to read more about the case at its onset, and see a video report on it, check out the news story you can find here.  

Friday, June 22, 2012

Privacy, Stored Communications and the “Shared Workplace Computer”

This post examines a civil case that raises interesting legal issues concerning workplace privacy and the federal Stored Communications Act, among other issues.  The case is Doe v. City of San Francisco, 2012 WL 2132398 (U.S. District Court for the Northern District of California 2012) and this, as the opinion notes, is basically what it is about:

Plaintiffs Maura Moylan (formerly referred to as `Jane Doe’; hereinafter `Moylan’) and Anne Raskin (`Raskin’) contend that they were bullied, harassed, and discriminated against on the basis of gender by Defendants while employed by the Department of Emergency Management `“DEM’), and suffered further violations of their right to privacy and of the federal Stored Communications Act when Defendants accessed Moylan's email from a shared workplace computer. 

Doe v. City of San Francisco, supra. 

Moylan and Raskin sued the City and County of San Francisco, Janice Madsen, Kym Dougherty, Audrey Hillman, Heather Grives and “Does 1-10”.  Doe v. City of San Francisco, supra.  Complaint, Doe v. City of San Francisco, et al., 2010 WL 4633993.  Paragraph 6 of the Complaint explains that the City and County of San Francisco

(`CCSF’), is a political subdivision of the State of California. . . . CCSF has created and operates the Department of Emergency Management which oversees the Division of Emergency Communications (`DEMDEC’). Plaintiff is informed and believes DEMDEC is a separate unit or division of Defendant CCSF, organized and existing pursuant to the rules promulgated by the CCSF.

Complaint, Doe v. City of San Francisco, et al., supra.

Paragraphs 7-10 of the Complaint say Madsen, Dougherty, Hillman and Grives (i) are “United States citizen[s] and resident[s] of the State of California” and (ii) were, at “all times relevant” to the claims in the Complaint, “supervisory employee[s] of . . . CCSF,” and acted “within the course and scope of [their] employment with and pursuant to and under color of the authority of Defendant CCSF and/or DEMDEC.”  Complaint, Doe v. City of San Francisco, et al., supra. It also states that each of them is “being sued herein in her individual capacity as well as her capacity as supervisory employee of Defendant CCSF.”  Complaint, Doe v. City of San Francisco, et al., supra.

Paragraph 11 of the Complaint says the plaintiffs included the ten “John Doe” defendants because they did “not know their true names and/or capacities at” when they filed the Complaint.  Complaint, Doe v. City of San Francisco, et al., supra.  It also says that, if and when they ascertain the identities of the Doe Defendants, they will seek the court’s permission to amend the Complaint and add them as defendants under their own names.  Complaint, Doe v. City of San Francisco, et al., supra.

Before we get into the facts and legal claims at issue, I need to note what the court is doing in this opinion.  The Complaint asserts claims under the federal Stored Communications Act and for invasion of privacy, intentional infliction of emotional distress and gender discrimination in violation of California law.  Complaint, Doe v. City of San Francisco, et al., supra at ¶¶ 138-169.  We’re only concerned with the first two. 

A “seven-day jury trial was held” and on April 11, 2012 the jury returned its verdict. Doe v. City of San Francisco, et al., supra.  The jury found for the plaintiffs on all their claims and assessed damages, as I calculate it, of $220,000 for Moylan and $42,000 for Raskin.  Verdict, Doe v. City of San Francisco, et al., 2012 WL 1945186.  “[A]t the close of evidence,” i.e., before the case was given to the jury, the defendants “timely moved for judgment as a matter of law under Federal Rule of Civil Procedure 50.” Doe v. City of San Francisco, et al., supra

As Wikipedia explains a motion for judgment as a matter of law “is a motion made by a party, during trial, claiming the opposing party has insufficient evidence to reasonably support its case.”  As this opinion notes, under Rule 50(a)(1) of the Federal Rules of Civil Procedure,

[i]f a party has been fully heard on an issue during a jury trial and the court finds that a reasonable jury would not have a legally sufficient basis to find for the party on that issue, the court may:

(A) resolve the issue against the party; and (B) grant a motion for judgment as a matter of law against the party on a claim or defense that, under the controlling law, can be maintained or defeated only with a favorable finding on that issue.

Doe v. City of San Francisco, et al., supra (quoting Rule 50(a)(1)).

Under Rule 50(b) of the Federal Rules of Civil Procedure, if the judge does not grant the motion for judgment as a matter of law, “the court is considered to have submitted the action to the jury subject to the court's later deciding the legal questions raised by the motion.”  Doe v. City of San Francisco, et al., supra (quoting Rule 50(b)).  “No later than 28 days after” judgment is entered on the jury’s verdict, the party who filed the Rule 50 motion can “file a renewed motion for judgment as a matter of law”, which is clearly what happened here.  Doe v. City of San Francisco, et al., supra (quoting Rule 50(b)). We are only concerned with the Stored Communications Act and invasion of privacy claims.

Both apparently arose from a single incident.  The Complaint says that on November 26. 2009, Moylan was told she was the subject of “an internal investigation” and on November 27, she met with a “union representative, Ron Davis and Terry Daniels from DHR to discuss the investigation.  Complaint, Doe v. City of San Francisco, et al., ¶¶ 97-98.  Davis told Moylan that Madsen

sat down at one of the community computer in a supervisor's office and `happened to find’ eight (8) or nine (9) emails up on the screen in full view for her to see. Daniels [said] this happened on October 18, 2009. Purportedly, these emails all came from [Moylan’s] personal Yahoo!™ account. Daniels [said her] Yahoo!™ account had a box that was checked that kept her logged on, and [she] allegedly `forgot’ to hit the `sign off’ button. 

Thus, when Madsen went to use the computer, it showed [Moylan] as still logged on, so `she decided to snoop.’ . . . [T]he emails were dated from September 2008 to July 2009. According to Daniels, Madsen, `only’ printed-out nine (9) or (10) emails but DEC was only `concerned’ about two (2) of the emails. Daniels showed [them] to [Moylan] and Davis. [Moylan] expressed extremely confidential, personal and private matters in these emails.

Complaint, Doe v. City of San Francisco, et al., ¶ 99.  Later, the Complaint says Madsen and Dougherty accessed Doe’s email account without her permission and “reviewed, printed, and republished private and confidential emails between” Moylan and Raskin. Complaint, Doe v. City of San Francisco, et al., ¶ 129.  The Stored Communications Act (SCA) and invasion of privacy claims arise from the accessing of the email account(s). 

The judge noted that the SCA “provides a cause of action against anyone who `intentionally accesses without authorization a facility through which an electronic communication service is provided . . . and thereby obtains . . . access to [an]. . .  electronic communication while it is in electronic storage.’” Doe v. City of San Francisco, et al., supra (quoting 18 U.S. Code §§ 2701(a)(1) and 2707(a)).  He noted that the U.S. Court of Appeals for the Ninth Circuit has compared the Stored Communications Act to trespass, so it protects stored communications just as the law of trespass protects items stored in a rented commercial storage facility. Doe v. City of San Francisco, et al., supra. 

The defendants in this case argued that Moylan’s and Raskin emails were

open at the time they were accessed by Defendants -- in other words, that all 28 emails had been opened in separate windows on the computer screen, and then minimized in such a way as to cause each to appear in succession when one was closed, and so as to make closing these windows without viewing the contents impossible. 

The technical mechanism or software which would cause this phenomenon remains unexplained, but, nevertheless, Defendants contend this was the means through which the emails were discovered, and that, therefore, any access by Defendants of Plaintiffs' email did not violate the Act.

Doe v. City of San Francisco, et al., supra. 

The judge did not agree:  He noted, first, that the defendants’ argument that viewing open windows – “or windows popping up onto a screen, after a web mail inbox has been left open” – relied on cases that were not applicable and that arose in federal district courts “not governed by the Ninth Circuit’s analytical framework,” which, as noted above, approaches the issue as a type of trespass.  Doe v. City of San Francisco, et al., supra. 

He also found that even if one accepted the premise of the defendants’ argument, it relied “entirely” on their version of the facts, which the plaintiffs “hotly” disputed and

against which there was substantial evidence presented. . . . Defendant[s] . . . contend, [they] did not open the emails . . . but were confronted by those emails, open on the screen, and could therefore not avoid viewing the contents. The testimony given by various witnesses at trial, however, did not clearly support -- and in some instances, strongly disputed -- this version of events. Moylan testified she had not left her emails open on the screen. . . . 

Dougherty provided testimony which seemed in many ways to contradict itself, first testifying that the emails were open on the screen, then testifying that clicking the `x’ in the corner of a window -- to close the email window -- somehow caused more email windows to open spontaneously. . . . Madsen . . . gave . . . a confusing account of how the emails came to be open, which contradicted her deposition testimony.

Doe v. City of San Francisco, et al., supra. 

He found this testimony “supported a version of the facts not acknowledged by Defendants”, i.e., that they “affirmatively opened” the emails and “sifted through” Moylan’s inbox.   Doe v. City of San Francisco, et al., supra.  So he denied their motion for judgment as a matter of law on this claim.  Doe v. City of San Francisco, et al., supra. 

He then addressed the invasion of privacy claim, noting that, under California law, the elements of such a claim are “(1) conduct invading privacy interests, (2) a reasonable expectation of privacy as to the interests invaded, (3) seriousness of the invasion and (4) a resultant injury, damage, loss or harm.”  Doe v. City of San Francisco, et al., supra.  In their motion for judgment as a matter of law, the defendants argued that there was no

reasonable expectation of privacy on the shared work computer, that, even if there was such an expectation, it was forfeited by leaving emails open on the screen, and, furthermore, that even if there was an invasion of privacy, it was not sufficiently serious to merit relief.

Doe v. City of San Francisco, et al., supra. 

They also argued that because the computer “was a workplace machine, the expectation of privacy is reduced”.  Doe v. City of San Francisco, et al., supra.  The judge  was not persuaded, noting that evidence was presented showing that the computer at issue was

shared, but designated specifically for personal use by employees. . . . [T]here was testimony that employees routinely used this terminal for private, personal activities such as accessing their personal web-based email, social networking websites, and even printing their pay stubs. . . . 

When a user would inadvertently leave their inbox open on the screen, it was routinely closed by the next user. . . . [I]t was understood . . .  to be a terminal on which employees were able to privately access their personal internet utilities and communications, without expectation of employer intrusion.

Doe v. City of San Francisco, et al., supra. 

He also rejected their argument that Moylan forfeited any privacy interest she may have had in the computer when she left her emails “open” on it, noting that the argument was “undermined by the evidence presented at trial that she did not, in fact, leave her email open on the computer.”  Doe v. City of San Francisco, et al., supra.  He denied the defendants’ motion for judgment on this claim because he found that, based on the evidence presented, a reasonable juror could find that Moylan “did, in fact, have an unforfeited privacy interest” in the computer.  Doe v. City of San Francisco, et al., supra. 

Finally, he rejected the defendants’ argument that “any invasion” of Moylan’s privacy “was not sufficiently serious so as to constitute an invasion of privacy.”  Doe v. City of San Francisco, et al., supra.  He found that evidence presented at trial which showed that “these communications consisted of an employee's complaints to a union steward regarding workplace conditions” and that “her email inbox was deliberately searched” was enough to justify a reasonable juror in finding that Moylan’s right to privacy had been violated.   Doe v. City of San Francisco, et al., supra.   

The judge therefore denied the defendants’ motion as to this claim, and as to the remaining claims.  Doe v. City of San Francisco, et al., supra.  

Wednesday, June 20, 2012

Authentication, Fabrication and the Blog Post

After Nicholas Rossi was charged with and convicted of one count of sexual imposition in violation of Ohio Revised Code § 2907.06(A)(1) and one count of public indecency in violation of Ohio Revised Code §2907.09(A)(1), he appealed.  State v. Rossi, 2012 WL 2061505 (Ohio Court of Appeals 2012).

While his appeal was pending, Rossi filed a motion for a new trial “based upon newly discovered evidence,” the basis of which we’ll get to in a moment.  State v. Rossi, supra.  The trial court denied the motion, on the grounds that it did not have jurisdiction because the case was on appeal. State v. Rossi, supra.  The Court of Appeals found that was error, i.e., found the trial court should have considered the merits of Rossi’s motion; the trial court then held a hearing on the matter and subsequently issued an order denying Rossi’s motion for a new trial.  State v. Rossi, supra.  In this opinion, the Court of Appeals is addressing Rossi’s appeal of that order.  State v. Rossi, supra. 

According to an opinion in the earlier appeal,

M.G. [the victim of Rossi’s alleged sexual imposition] and Rossi were both students at Sinclair [Community College]. They met on the internet, communicating on My Space. They arranged to have lunch together at the Sinclair cafeteria in late January, 2008, their first physical meeting.

Also present at this lunch were two male acquaintances of M.G., including an ex-boyfriend, and a girl from Rossi's French class. According to M.G., she told Rossi that she wanted to be friends, but did not indicate a romantic interest, or an interest in Rossi as a potential boyfriend. . . .

After lunch, Rossi asked M.G. if he could walk her to her next class, and she agreed. When they arrived a few minutes early, she allowed herself to be led down some stairs to a place that is not usually frequented by the public. There, Rossi kissed M .G. `aggressively.’ On cross-examination, M.G. acknowledged that at first she kissed Rossi back, `just to get him off me.’

State v. Rossi, 2009 WL 1124537 (Ohio Court of Appeals 2009).  M.G. also said Rossi “`kind of pushed me up against the back wall, started kind of dry humping me . . . and I'm still kind of like resisting,’” after which “`he masturbated on the wall’”.  State v. Rossi (2009), supra. 

At Rossi’s bench trial, he tried “to establish that the sexual encounter between he and M.G. was consensual,” but the trial judge did not buy his theory and so “found him guilty of sexual imposition and public indecency.” State v. Rossi, supra.    

Rossi argued that the trial judge erred when he denied his motion for a new trial because the judge found that Rossi had failed to

properly authenticate Defense Exhibit A–1, the blog post copied from the Myspace web address which Rossi alleges was written and posted by the victim, M.G., after his trial was concluded. . . . Rossi asserts that the blog post was newly discovered exculpatory evidence which established that M.G. fabricated her testimony at trial regarding the sexual assault.

State v. Rossi, supra.

The blog post in question read as follows:

`I can't forgive you for what you've done. I loved you so much and you'll never have any idea. I think it's weird because we've done so much stuff together. I can't believe I went so far by giving you everything you wanted. I wish I could lie on your chest and you would like it. I don't know what to do.’ 

`But I have done went so far by lying n [sic] getting some stranger to go to jail and in legal so you wouldn't think I would cheat on you even when I did slip because he was cute, but I didn't give in to my desire. Is that not enough?’

`I went so far to say I wanted to be with you. I went so far to do things with you all the time. I don't understand what else I can do because you're pressing your luck, mister. I even changed my career for you so that we could work together. I'm drunk right now, but maybe when I sober we can talk about it. Because I love you and that's reason enough. * * *’.

State v. Rossi, supra.

In his motion for a new trial, Rossi argued that M.G.’s blog post “constituted a recantation of her testimony at trial, to wit: M.G. engaged in a consensual sexual encounter with Rossi to get back at her boyfriend.”  State v. Rossi, supra.  As noted above, the trial judge denied his motion because the judge found Rossi had not properly authenticated the post.  State v. Rossi, supra.

In reviewing the trial judge’s decision, the Court of Appeals noted that

[t]rial courts have the inherent power necessary to grant a new trial based on newly-discovered evidence, pursuant to [Ohio Rule of Criminal Procedure] 33. See, e.g., State v. LaMar, 95 Ohio St.3d 181, 767 N.E.2d 166 [(Ohio Supreme Court 2002)]. The newly-discovered evidence must show a strong probability of changing the result if a new trial is granted. State v. Perdue, 2005–Ohio–2703 [(Ohio Court of Appeals 2005)]. The burden of establishing a strong probability of a different result rests on the petitioner.

State v. Rossi, supra.

The Court of Appeals explained that

`[o]n a motion for new trial based upon grounds of newly discovered evidence, the trial court, when considering the recantation of the prosecution's primary witness, must make two findings: (1) which of the contradictory testimonies of the recanting witness is credible and true, and if the recantation is believable; (2) would the recanted testimony have materially affected the outcome of the trial?’

State v. Rossi, supra (quoting City of Toledo v. Easterling, 26 Ohio App.3d 59, 498 N.E.2d 198 (Ohio Court of Appeals 1985)). 

As to the provenance of the blog post Rossi attributed to M.G., the prosecution presented the testimony of Detective Doug Roderick, “an expert in computer forensics” at the hearing on Rossi’s motion for a new trial.  State v. Rossi, supra.

(As to Roderick’s expertise, the opinion notes that he is a detective “employed by the Dayton Police Department” who was, at the time of the hearing on Rossi’s motion for a new trial, “on loan to the Federal Bureau of Investigations as a forensic examiner of computer digital evidence.” State v. Rossi, supra. He “he had been working as a computer forensic specialist since 2001” and was certified “as a forensic computer examiner by the International Association of Computer Investigator Specialists and the International Society of Forensic Computer Examiners.”  State v. Rossi, supra. Roderick also “received forensic computer training from the FBI and National White Collar Crime Center.”  State v. Rossi, supra.

At the hearing, Roderick testified that

someone either altered or completely fabricated the Myspace blog post before Rossi submitted the `new’ evidence to the trial court. . . . [He] based his testimony on the fact that the date on the blog post on Defense Exhibit A–1 stated `May 16, 2008, Monday.’ Roderick testified that this was an incorrect match of the date and the day of the week. In fact, the trial court took judicial notice that May 16, 2008, was actually a Friday.

Roderick testified that a computer system would never match a date with the incorrect day of the week. Thus, [he] concluded with ninety percent certainty that Defense Ex. A–1 was either altered or that it was completely fabricated and not a genuine Myspace blog post at all.

State v. Rossi, supra. 

Roderick also testified that anyone

familiar with the `cut,’ `copy,’ and `paste’ functions of a computer with access to basic computer programs would have the capability to easily alter or fabricate a document such as Defense Ex. A–1 in order to make it appear as if a blog post was authored by another individual or alter the text of an existing blog post to suit one's purposes and then print it.

Rossi testified that he knew how to `cut,’ `copy,’ and `paste’ from web pages, describing the process as `simple.’ Rossi also testified that he did not witness M.G. author the blog post, nor had she ever admitted to him that she did so.

In fact, M.G. testified unequivocally that she did not author the blog post. Moreover, M.G. testified that she had never seen Defense Ex. A–1 until after Rossi's criminal trial when he filed a civil suit against her using the blog post as an exhibit in that case.

State v. Rossi, supra. 

The Court of Appeals also noted that Rossi testified that

he never made any effort to trace the blog post through Myspace in order to discover where the post originated. Rossi testified that he did not trace the blog post even though he was aware that such action could be performed. Rossi gave no reason for his failure to request that the origin of the blog post be traced.

State v. Rossi, supra. 

The court then explained that

[i]n light of the evidence adduced at the hearing, the trial court found that Defense Ex. A–1 was `highly questionable, . . . not credible and true, and [did] not carry enough weight to create a strong probability of a different result’ if a new trial was granted. 

State v. Rossi, supra. 

The Court of Appeals therefore noted that,

[u]pon review, we cannot find that that the trial court abused its discretion when it rejected Rossi's Exhibit A–1 and his testimony as a basis upon which to grant his motion for a new trial. Accordingly, the trial court did not err when it overruled Rossi's motion for a new trial.

State v. Rossi, supra.  It therefore affirmed the trial court’s denial of Rossi’s motion for a new trial and his conviction.  State v. Rossi, supra.

Monday, June 18, 2012

Theft, the Computer and the Weight of the Evidence

When I hear someone refer to “computer theft,” I usually think they’re referring to someone who used a computer to obtain property or services.  Georgia Code § 16-9-93(a), for example, defines “computer theft” as (i) using a computer or computer network (ii) knowing the use is unauthorized and (iii) intending to take another’s property or use fraud to obtain another’s property.  Here, the computer is merely an instrument that is used to commit fraud.  Most state statutes that deal with computers and theft tend to take this approach. 

Rhode Island, though, has a statute that makes it a crime to, among other things, steal a computer or computer software.  General Laws of Rhode Island § 11-52-4.  The case this post examines deals with this type of computer theft, though it was not specifically prosecuted as “computer theft.”

Albert P. McLeod was charged with theft of property valued at more than $500 and less than $5,000, “a fifth degree felony,” in violation of Ohio Revised Code § 2913.02(A)(1), which makes it a crime “knowingly” and “with purpose to deprive the owner of property”, to obtain or exert control over . . . the property”.  State v. McLeod, 2012 WL 1929337 (Ohio Court of Appeals 2012). 

The case went to trial and the jury found him guilty; after the judge sentenced him to 25 days in jail, McLeod appealed. State v. McLeod, supra.  On appeal, McLeod argued that the state did not present sufficient evidence to sustain the conviction and/or that the conviction was “against the manifest weight of the evidence.”  State v. McLeod, supra. 

The only witnesses at the trial were Dean Holtsclaw, manager of a Wal-Mart, and McLeod.  State v. McLeod, supra.  He testified that, on January 1, 2007, he saw

[McLeod] select a computer and place it in a shopping cart. . . .  Shortly thereafter, Holtsclaw saw another man place another computer in a shopping cart. . . . The other man paid for his computer at the electronics checkout. . . . [McLeod], however, exited the store without purchasing anything. . . . [He] then came back into the store and retrieved the computer he had left in the cart. . . .

Holtsclaw observed [McLeod]  the entire time. . . . . [He] went to the front checkout and purchased one small item. . . . [McLeod]  then tried to leave the store through the grocery exit with the computer. . . . Holtsclaw stated that at no time did [McLeod] pay for the computer. . . .

[McLeod] presented the greeter with a receipt for a computer from the electronics checkout from 20 minutes prior. . . . Holtsclaw then called the police.

State v. McLeod, supra. 

Holtsclaw testified that “only one model” of the computer McLeod had in his possession “was legitimately sold in Wal–Mart that day”, and it “was purchased through the electronics checkout.”  State v. McLeod, supra.  He also testified as to what the Wal-Mart video surveillance system had recorded that day:

It showed [McLeod] entered Wal–Mart with the other man at 1:25 p.m. . . . At 1:28 p.m., [McLeod]  selected a computer and placed it in his cart. . . . At 1:29 p.m., the other man selected a computer. . . . At 1:33 p.m., [McLeod]  exited the store. . . . At 1:37 p.m., the other man paid for his computer. . . .

It was the only computer of that model sold on that day. . . . [McLeod]  was still outside of the store at this point. . . . At 1:45 p.m., the other man exited the store with his purchased computer. . . . At 1:50 p.m., [McLeod] re-entered the store. . . .

At 1:56 p.m., [McLeod] went through a front checkout with the computer and paid only for one item valued at $5.35. . . . At 1:57 p.m., [McLeod] attempted to leave the store with the computer.

State v. McLeod, supra. 

The receipt McLeod presented as proof he bought the computer was dated January 1, 2007, and listed the time of sale as 1:37 p.m. State v. McLeod, supra. As noted above, it came from the register in the electronics department. State v. McLeod, supra.  The value of the computer was $598. State v. McLeod, supra.  And, on cross-examination, Holtsclaw “admitted no one saw [McLeod] and the other man exchange any receipts or paperwork.”  State v. McLeod, supra. 

McLeod, on the other hand, testified that “on the day in question” he went to Wal-Mart to

buy a computer for his granddaughter. . . . He . . . was alone. . . .  [McLeod] testified that he realized he forgot his wallet and went back out to his car to retrieve it. . . . [He] then went back into the store where he purchased the computer. . . .

He next went to exit the store when he realized he forgot to buy something. . . . He . . . went back and bought a hair trimmer. . . . In the meantime, an employee asked to see his receipt, which he showed her. . . . He stated that she placed an `X’ on the receipt. . . .

Then as he went to exit the store with the computer and the hair trimmer, the security guard detained him. . . . [McLeod] stated that he had the computer with him from the time he purchased it until he tried to leave the store. . . .

He denied stealing the computer or working with anyone else to steal the computer. . . .

State v. McLeod, supra. 

McLeod’s first argument was that the evidence was not sufficient to support the verdict because “the state failed to prove that he acted `knowingly.’” “A person acts knowingly, regardless of his purpose, when he is aware that his conduct will probably cause a certain result or will probably be of a certain nature.” R.C. 2901 .22(B). The Court of Appeals noted that, under Ohio Revised Code § 2901.22(B), a person acts “knowingly” when “he is aware that his conduct will probably cause a certain result of will probably be of a certain nature.” 

The Court of Appeals then examined the evidence to “determine if it was sufficient to convict” McLeod of the crime charged.  State v. McLeod, supra.  It found that the evidence outlined above,

when viewed in a light most favorable to the prosecution, establishes that [McLeod], with the purpose to deprive Wal–Mart of the computer, knowingly exerted control over the computer without Wal–Mart's consent. Thus, [his] conviction is supported by sufficient evidence.

State v. McLeod, supra.  So, McLeod lost on his first argument.

His second argument, as noted above, was that the jury’s verdict was “against the manifest weight of the evidence.”  State v. McLeod, supra.  He based his

argument, in part, on the fact that there was no testimony that he physically removed the computer from Wal–Mart without paying for it. He also relie[d] on the fact that there was no video evidence that he conspired with the other man in an effort to steal the computer. And he relie[d] on his own testimony that he paid for the computer and showed a receipt to prove it.

State v. McLeod, supra. 

The Court of Appeals then outlined the standard for addressing an against the manifest weight of the evidence issue:

In determining whether a verdict is against the manifest weight of the evidence, an appellate court must review the entire record, weigh the evidence and all reasonable inferences and determine whether, in resolving conflicts in the evidence, the jury clearly lost its way and created such a manifest miscarriage of justice that the conviction must be reversed and a new trial ordered. [State v. Thompkins, 78 Ohio St. 3d 380, 678 N.E.2d 541 (Ohio Supreme Court 1997).]

`Weight of the evidence concerns “the inclination of the greater amount of credible evidence, offered in a trial, to support one side of the issue rather than the other.”’ [State v. Thompkins, supra (emphasis in the original.] In making its determination, a reviewing court is not required to view the evidence in a light most favorable to the prosecution but may consider and weigh all of the evidence produced at trial.

State v. McLeod, supra. 

The court also noted that “granting a new trial is only appropriate in extraordinary cases where the evidence weighs heavily against the conviction” because

determinations of witness credibility, conflicting testimony, and evidence weight are primarily for the trier of the facts who sits in the best position to judge the weight of the evidence and the witnesses' credibility by observing their gestures, voice inflections, and demeanor. 

State v. McLeod, supra.  In other words, the jury is the best judge of the evidence.

The Court of Appeals then explained that determining whether the verdict in this case was against the manifest weight of the evidence, it had to consider Holtsclaw's testimony and that of McLeod. State v. McLeod, supra.  It noted that

[t]his case turned on whose testimony the jury found to be more credible. Given their guilty verdict, the jury found Holtsclaw to be the more credible witness. Holtsclaw's testimony was supported by the video surveillance photos that showed where appellant and the other man were and at what times.

His testimony was further bolstered by the fact that the only model of the particular computer that [McLeod] tried to leave the store with that was sold at Wal–Mart that day was purchased when [McLeod] was not in the store and the computer he had selected sat in an unattended shopping cart.

State v. McLeod, supra. 

The Court of Appeals then found that

[i]n this case, the jury simply did not believe [McLeod’s] testimony that he paid for the computer. We will not second-guess the jury's credibility determination. The jury's verdict was not against the manifest weight of the evidence.

State v. McLeod, supra. 

It therefore affirmed McLeod’s conviction and sentence.  State v. McLeod, supra.