Fifth Circuit reverses acquittal in child pornography possession case

In United States v. Smith, the Fifth Circuit reversed the acquittal of a man convicted of possession of child pornography. (No. 12-60988 (5th Cir. 2014).) The district could had determined that "the evidence was insufficient to sustain the verdict," but the appeals court found that the conviction should stand.

Twenty-six videos of child pornography had been found on the defendant's computer, and the three suspects were roommates. The prosecution showed that one roommate could not have download the files because she was not using the computer at the time of the download. A second roommate testified at the defendant's trial and denied having downloaded the images. The defendant did not testify. The Fifth Circuit found that "these facts appear to implicate [him]."

However, it was shown that the second roommate did use the computer often. He also had no alibi for the download dates. The defendant had, however, offered an alibi through the testimony of three witnesses, and documents were presented to support the alibi. There were some discrepancies in this testimony, and the documentation was not fully supportive of the testimony.

The district court had acquitted the defendant on the basis that "it is just as likely that [the second roommate] downloaded the child pornography onto the computer as [the defendant] did." That, the Fifth Circuit held, is not the proper inquiry.

But the question is not whether, in terms of metaphysical probability, it is "equally likely" that [the second roommate] downloaded the files. The question is whether this evidence, taken in the light most favorable to the verdict, offers "nearly equal circumstantial support" for competing explanations.

The appeals court found that it did not and reversed the acquittal, holding that the jury simply chose to believe the roommate's testimony, and "[i]t is well within their discretion to do so."

Read More

Featured Paper: “Let’s Have a Look, Shall We?” A Model for Evaluating Suspicionless Border Searches of Portable Electronic Devices

From the December 2013 issue of the UCLA Law Review: Sid Nadkarni, “Let’s Have a Look, Shall We?” A Model for Evaluating Suspicionless Border Searches of Portable Electronic Devices, 61 UCLA L. Rev. 148 (2013).

The article has an in-depth discussion of United States v. Cotterman, the border search case out of the 9th Circuit (en banc).

Abstract:

The Fourth Amendment’s border search doctrine has historically given the U.S.
government the right to search, without individualized suspicion, the belongings of
any individual crossing the U.S.border. Courts have traditionally justified this power
by citing the government’s paramount interest in preventing the smuggling of dutiable
goods and contraband such as illegal drugs. In the twenty-first century, the government
has controversially used this power to search and detain travelers’ portable electronic
devices, such as laptop computers, without suspicion to inspect for the transport of
prohibited materials like child pornography, terrorist communications, and pirated
software. 

In March 2013, the Ninth Circuit in United States v. Cotterman became the first federal
circuit court to rule that a particular border search of an electronic device had to be
preceded by a finding of reasonable suspicion that the individual had committed a crime.
Nonetheless, divergent rulings from the Fourth Circuit and a Massachusetts federal
district court leave the future of digital border searches shrouded in legal uncertainty.
Furthermore, the Department of Homeland Security’s recent reaffirmation of its view
that no suspicion at all is required for such searches puts the government on a legal
collision course with the Ninth Circuit and any other jurisdiction that adopts a similar
position. 

This Comment argues that digital border searches merit greater scrutiny than
conventional border searches because they are more likely to harm individuals’ Fourth
Amendment interests. The executive and legislative branches have been unwilling
and unable, respectively, to cabin the government’s power to search people’s electronic
devices without suspicion. Consequently, this Comment proposes that courts add
guidance, consistency, and greater Fourth Amendment protection to the laws governing
suspicionless digital searches at the border by adopting a special needs–style balancing
test that weighs the government’s interests against the individual’s and provides that the
most intrusive searches are impermissible without reasonable suspicion.

Read More

Miss. Supreme Court reverses CP conviction after trial court denied indigent defendant money for expert witness

In Lowe v. State, 2011-CT-00762-SCT (Miss. 2013), the Mississippi Supreme Court reversed and remanded for a new trial the conviction of a man for child pornography crimes because the trial court had denied the defendant's request for funds to hire an expert to help refute the testimony of the state's expert.

The defendant was convicted of five counts of exploitation of a child after child pornography was discovered on his computer. He had been found to be indigent, and the trial court appointed him counsel.

At trial, the state planned to use a computer forensics expert to testify as to his examination of the defendant's computer. The defendant sought funding for his own expert to also examine the computer, suggesting that testimony about the computers user accounts would help in his defense. The trial court ultimately denied his request.

Trial testimony indicated that there were other users on the computer, but the government expert concluded that it was not likely that anyone other than the defendant had downloaded the images.

The state Supreme Court reversed, finding that "the circuit court deprived Lowe of a fundamentally fair trial by denying him the assistance of a computer forensics expert when the State relied exclusively on its own expert to identify Lowe as the perpetrator of the offenses charged."

Read More

CFAA amendments, new criminal statute proposed in Senator Leahy’s bill

On Wednesday, Senator Patrick Leahy (D-Vt.) introduced the Personal Data Privacy and Security Act of 2014. Senator Leahy’s bill, first introduced back in 2005, intends to "better protect[] Americans from the growing threats of data breaches and identity theft,” according to a press release issued by the Senator.

Included within the bill are amendments to the Computer Fraud and Abuse Act (18 U.S.C. § 1030). Senator Leahy stated that the bill “includes the Obama administration’s proposal [full text] to update the Computer Fraud and Abuse Act, so that attempted computer hacking and conspiracy to commit computer hacking offenses are subject to the same criminal penalties, as the underlying offenses.” The bulk of Senator Leahy’s amendments to the CFAA occur in Title I: Enhancing Punishment for Identity Theft and Other Violations of Data Privacy and Security (Sections 101 through 110). These changes would include adding the CFAA under the Racketeer Influenced and Corrupt Organizations (RICO) Act (Section 101),  maximizing penalties under the CFAA (Section 103), and clarifying that both "conspiracy" and "attempt" to commit a computer hacking offense are subject to the same penalties as completed, substantive offenses (Section 105), just to name a few.

Also added within the bill would be a new criminal statute: 18 U.S.C. § 1041 Concealment of security breaches involving sensitive personally identifiable information. According to Senator Leahy, the new statute would provide "tough criminal penalties for anyone who would intentionally and willfully conceal the fact that a data breach has occurred when the breach causes economic damage to consumers.” According to the section-by-section summary, the new statute would

makes it a crime for a person who knows of a security breach which requires notice to individuals under Title II of this Act, and who is under obligation to provide such notice, to intentionally and willfully conceal the fact of, or information related to, that security breach.

So in addition to adding a strict security breach notification law (Section 211 - 221), Senator Leahy's bill would create criminal penalties for intentionally and willfully concealing the security breach or "information realted to" that breach.

Overall, the bill contains a number of amendments that would be of interest to anyone in the information privacy or security field. Senator Leahy has made a section-by-section outline of the bill available, as well as the bill's full text.

Read More

Featured Paper (citing Andrew's note): Confidentiality and the Problem of Third Parties: Protecting Reader Privacy in the Age of Intermediaries

A forthcoming article in the Yale Journal of Law and Technology (Winter 2013 issue) is worth the read: Confidentiality and the Problem of Third Parties: Protecting Reader Privacy in the Age of Intermediaries, written by BJ Ard - a Postdoctoral Associate in Law and Thomson Reuters Fellow at the Yale Law School Information Society Project. The abstract is in italics, below.

In addition to being a well-written article, Ard's piece also cites to Andrew's law review note which was published last year in the Indiana Law Journal. I believe this is the first cite to Andrew's note, so congratulations are definitely in order. I know from personal experience how exciting it is to get that first cite after tirelessly working on a law review note and wondering if anyone other than those who are forced to read it will actually do so.

Andrew's article can be found here: Andrew A. Proia, Note, A New Approach to Digital Reader Privacy: State Regulations and Their Protection of Digital Book Data, 88 Ind. L.J. 1593 (2013).

Abstract of Ard's article:

We often regulate actors as a proxy for protecting categories of information. Rather than directly protect reading records, for example, we target actors like libraries who are likely to possess them. This approach has proven increasingly untenable in the digital age, where the relevant actors are difficult to identify and constantly shifting. Unanticipated third parties now insert themselves as intermediaries or eavesdroppers in all manner of transactions, even in protected spaces like libraries. Where this happens, actor-defined regimes fail to vindicate their privacy commitments even within the institutions for which they were designed. 

Libraries provide a clear example of this problem. Private reading historically has been protected through a regime that restricts libraries’ ability to exploit reading records. Yet this regime now fails to protect reading records even in libraries because it does not bind third parties who provide library services digitally. Illustrating the point, Amazon facilitates e-book lending for a number of public and academic libraries. Although Amazon collects detailed reading records from patrons utilizing these services, the library confidentiality regime does not restrict what it can do with the records. These patrons accordingly confront the risks to intellectual privacy the library regime was meant to counter. 

This Article proposes a content-defined approach whereby confidentiality obligations would attach to particular types of information regardless of which actors possessed it. Such an approach would not only save extant confidentiality regimes from obsolescence, but also provide a vehicle for extending privacy commitments to future data practices that implicated the same types of sensitive records.

Read More

Federal judge expresses frustration over CP defendant's motions

I recently found a case where a federal district court judge decided to express his frustration over a defendant's series of motions and appeals in his written decision. The defendant had been convicted of possession of child pornography and sentenced to 44 months in prison.

Judge Charles Kornmann from the District of South Dakota divided into four parts his decision to deny the motion to vacate over an ineffective assistance of counsel argument, concluding:

IV. Observation.
As one of my Irish uncles told me long ago in jest: "he would complain if he were hung with a new rope."

 What are your thoughts on judges including commentary like this in decisions?

#sassyjudges

Read More

Looking back on an exciting 2013 at Cybercrime Review

It's been a great year for Cybercrime Review and for many of our authors. Jeffery's posts appeared in a number of law review articles, including the Journal of Criminal Law and Criminology and the University of Pennsylvania Journal of Constitutional Law. Even more impressive was Jeffery's cite in the North Dakota Supreme Court case, In re D.O.

In addition to authoring a number of amazing articles, Justin appeared on a number of television segments discussing the the Target black friday hack and a recent Wisconsin Supreme Court decision on cellphone tracking.

This year I was also fortunate enough to join a stellar group of contributors who have a real passion for understanding cybercrime and the rapidly converging areas of technology and the law. 2013 was an exciting year and I'm looking forward to great things to come in 2014!  

Here is a look back at some of our more popular 2013 posts:

March 4, 2013, CFAA read narrowly by another court; misuse by employee is not "unauthorized access"

April 3, 2013, Hacking Back: Why security is important, even for hackers committing felonies (from XyliBox)

April 25, 2013, Wisconsin federal court forbids forced production of decrypted data on Fifth Amendment grounds

May 1, 2013, Forensic Fraud: Now Available on Daytime TV - A frank discussion about the admissibility of photo and video enhancement testimony

May 7, 2013, Defendant argues WI child porn law unconstitutional; if you're texted CP and open it, are you guilty of possessing CP?

May 21, 2013, 1st Circuit holds that cell phone searches incident to arrest violate the 4th Amendment

June 7, 2013, The Verizon FISA Court Order, the PRISM Program, And a Whirlwind Of Commentary: A Look Back At An Eventful Two Days

August 21, 2013, New CFAA Complaints - Civil employee disloyalty cases dominate, reinforcing shift away statute's anti-hacking genesis

August 30, 2013, Professor Danielle Keats Citron on the criminalization of “revenge porn” and a cyber civil rights agenda

September 9, 2013, Attorney writes Facebook post complaining about state AG's office, leading state to file Motion to Seal

October 6, 2013, Federal Ct. in web scraping case: accusations of "hacking" and "theft" could be defamatory, but privileged under facts

October 7, 2013, Court dismisses most of teen's suit for use of bikini-clad photo from Facebook in high school "Internet Safety" class

November 1, 2013, Exiting CTO who copied source code and company files wins dismissal of CFAA claim; Thoughts on the CFAA post-Nosal

November 13, 2013, Fed Ct: A cell phone is not a container (i.e. conventional wardrobe), but Narnia (the magical wardrobe); police need a warrant to enter the portal

Happy New Year!

Read More