Yesterday in United States v. Shawn Sayer, the First Circuit ruled that that a portion of the federal cyberstalking statute, 18 U.S.C. Section 2261A (2) (A), is constitutional as applied to defendant Sayer's actions and is not facially overbroad. The Court held that Sayer waived his void for vagueness challenge. The facts were undisputed and the case involved a multi-year effort by Sayer to harass his ex-lover by, among other things, posting their intimate sex tapes on pornographic web sites and inviting male strangers to contact her for sexual activity. The Court also approved the trial court's upward variance/departure.
Tag: computer crimes
-
The Ninth Circuit en banc issued an opinion in the case of United States v. Nosal (Download US v Nosal 9th Cir 2012-04-10). It is not often that we see opinions that interpret section 1030, the Computer Fraud and Abuse Act. But it is also likely that this will be a hot area of the law as Hon. Kozinski, who authored the opinion in this case, begins with the line "[c]omputers have become an indispensable part of our daily lives."
The government charged the defendant with violations of 18 U.S.C.s 1030(a)(4) for allegedly "aiding and abetting" a companies employees "in 'exceed[ing their] authorized access' with intent to defraud." The trial court dismissed certain counts and the government appealed. In affirming the trial court's dismissal, the 9th Circuit states, "[b]asing criminal liability on violations of private computer use polices can transform whole categories of otherwise innocuous behavior into federal crimes simply because a computer is involved." The court finds that "[t]herefore, we hold that 'exceeds authorized access' in the CFAA is limited to violations of restrictions on access to information, and not restrictions on its use."
The Ninth Circuit makes a point of noting the jurisdictional split that exists with respect to this issue. The court states,
"[w]e therefore respectfully decline to follow our sister circuits and urge them to reconsider instead. For our part, we continue to follow in the path blazed by Brekka, 581 F.3d 1127, and the growing number of courts that have reached the same conclusion. These courts recognize that the plain language of the CFAA 'target[s] the unauthorized procurement or alteration of information, not its misuse or misappropriation.'"
The decision uses the Rule of Lenity and sends word to Congress that if it "wants to incorporate misappropriation liability into the CFAA, it must speak more clearly."
The court rejects an argument we often hear from the government – trust us – we won't prosecute cases that should not be prosecuted. The court noted that most individuals are unaware of the terms of service agreements of internet providers including one major company that until recently "forbade minors from using its services." The court stated, "we shouldn’t have to live at the mercy of our local prosecutor. . . And it’s not clear we can trust the government when a tempting target comes along."(citations omitted).
(esp)(hat tip to Evan Jenness)
-
For many, this week starts the first week of classes. So it seems appropriate to remind everyone that hi-tech grade changing schemes can land students with criminal convictions and prison time.
The Eleventh Circuit upheld the conviction and sentence of an undergraduate student at Florida A & M University (FAMU) who had received a sentence of 84 months and was appealing. (U.S. v. Barrington) This student, along with two co-defendants, "all undergraduate students at Florida A&M University ("FAMU"), were indicted and charged in a five count indictment with conspiracy to commit wire fraud using a protected computer in violation of 18 U.S.C. §§ 371 and 1349; fraud using a protected computer in violation of 18 U.S.C. §§1030(a)(4) and (c)(3)(A) and 2; and three counts of aggravated identity theft in violation of 18 U.S.C. §§ 1028A and 2." Two of the students "pleaded guilty pursuant to plea agreements, received substantial assistance departures pursuant to U.S.S.G. § 5K1.1, and were each sentenced to 22 months in prison and 3 year terms of supervised release."
In this case it started with using "blank grade change slips." But it then moved to installing "keylogger software on various University computers, including an office computer used by a Registrar employee and four terminals placed in the University's grand ballroom during registration." They captured the Registrar's usernames and passwords which allowed them access to the system so that they could change grades. They even went so far as to change "the residencies of several non-resident students to qualify them for in-state tuition." The court noted that an investigation "revealed that in excess of 650 unauthorized grade changes had been made, involving at least 90 students."
The 11th Circuit rejected the appealing defendant's legal error claims and also claims that the sentence was improper.
(esp)
MattBray.net 