In the Supreme Court of the United States

Similar documents
No IN THE SUPREME COURT OF THE UNITED STATES ALBERTA CAPINE, Petitioner. UNITED STATES, Respondent.

No In The SUPREME COURT OF THE UNITED STATES ALBERTA CAPINE, Petitioner, UNITED STATES OF AMERICA, Respondent.

Supreme Court of the United States

VIRTUAL CERTAINTY IN A DIGITAL WORLD: THE SIXTH CIRCUIT S APPLICATION OF THE PRIVATE SEARCH DOCTRINE TO DIGITAL STORAGE DEVICES IN UNITED STATES

Digitizing the Private Search Doctrine: Is a Computer a Container?

The Private Search Doctrine and the Evolution of Fourth Amendment Jurisprudence in the Face of New Technology: A Broad or Narrow Exception?

SUPREME COURT OF THE UNITED STATES OF AMERICA

Testimony of Kevin S. Bankston, Policy Director of New America s Open Technology Institute

Petitioner, Respondent.

No IN THE SUPREME COURT OF THE UNITED STATES. ELIZABETH JENNINGS, Petitioner, UNITED STATES OF AMERICA, Respondents.

United States District Court

Case No In the SUPREME COURT OF THE UNITED STATES SPRING TERM, 2018 ELIZABETH JENNINGS, Petitioner, UNITED STATES OF AMERICA, Respondent.

Supreme Court of The United States

STATE OF MICHIGAN COURT OF APPEALS

The Burger Court Opinion Writing Database

NOS ; IN THE UNITED STATES COURT OF APPEALS FOR THE NINTH CIRCUIT UNITED STATES OF AMERICA, PLAINTIFF-APPELLEE,

UNITED STATES AIR FORCE COURT OF CRIMINAL APPEALS

In the Supreme Court of the United States

I. Introduction. fact that most people carry a cell phone, there has been relatively little litigation deciding

In The SUPREME COURT OF THE UNITED STATES. October Term, Docket No Albert Greene, United States,

Supreme Court of the United States

CASE NO. 1D James T. Miller, and Laura Nezami, Jacksonville, for Appellant.

No IN THE DAVID LEON RILEY, On Petition for a Writ of Certiorari to the California Court of Appeal, Fourth District

No. 1D On appeal from the Circuit Court for Clay County. John H. Skinner, Judge. September 14, 2018

PLAIN VIEW. Priscilla M. Grantham

Testimony of Orin S. Kerr Professor, George Washington University Law School

By Jane Lynch and Jared Wagner

Case 1:16-cr WHP Document 125 Filed 07/18/17 Page 1 of 8

IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF OREGON ADAM MATOT, v. OPINION AND ORDER. CH et al., Defendants.

THE SUPREME COURT OF NEW HAMPSHIRE THE STATE OF NEW HAMPSHIRE JONATHAN BALL. Argued: June 13, 2012 Opinion Issued: September 28, 2012

No IN THE SUPREME COURT OF THE UNITED STATES. Elizabeth Jennings, Petitioner. United States of America, Respondent.

Calif. Privacy Act Will Increase Data Breach Liability

IN THE SUPREME COURT OF THE STATE OF NEW MEXICO

THE ABANDONMENT DOCTRINE AND UNITED STATES V. SPARKS I. INTRODUCTION

United States Court of Appeals

1 See, e.g., Zurcher v. Stanford Daily, 436 U.S. 547, 559 (1978) ( The Fourth Amendment has

In the Supreme Court of the United States

Supreme Court of The United States

SUPREME COURT OF THE UNITED STATES ORDER GRANTING WRIT OF CERTIORARI. Petitioner, Respondent.

No In The Supreme Court of the United States. Gerrard Leomund, Petitioner, v. United States of America, Respondent.

1 IN THE SUPREME COURT OF THE STATE OF NEW MEXICO. 2 Opinion Number: 3 Filing Date: June 2, NO. S-1-SC STATE OF NEW MEXICO,

traditional exceptions to warrant requirement

United States Court of Appeals

REPORTED IN THE COURT OF SPECIAL APPEALS OF MARYLAND. No September Term, 1998 DONNA L. SAMPSON STATE OF MARYLAND

The Private Search Doctrine After Jones Andrew MacKie-Mason

MINNESOTA v. DICKERSON 113 S.Ct (1993) United States Supreme Court

Case 6:13-cr EFM Document 102 Filed 10/30/17 Page 1 of 15 IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF KANSAS

Case 5:16-cr XR Document 52 Filed 08/30/17 Page 1 of 10

UNITED STATES DISTRICT COURT FOR THE SOUTHERN DISTRICT OF STETSON. v. CASE NO.: 15:16-CR CHR-ESW

No IN THE SUPREME COURT OF THE UNITED STATES. JAMES T. OLIVER, Petitioner, STATE OF CLINTONIA, Respondent,

Know Your Rights ELECTRONIC FRONTIER FOUNDATION. Protecting Rights and Defending Freedom on the Electronic Frontier eff.org

Three Threshold Questions Every Attorney Must Answer before Filing a Computer Fraud Claim

Case 3:16-mc RS Document 84 Filed 08/14/17 Page 1 of 9 UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF CALIFORNIA I.

357 (1967)) U.S. 752 (1969). 4 Id. at 763. In Chimel, the Supreme Court held that a search of the arrestee s entire house

SUPREME COURT OF THE UNITED STATES

Case 2:15-cv PA-AJW Document 1 Filed 01/02/15 Page 1 of 11 Page ID #:1 UNITED STATES DISTRICT COURT CENTRAL DISTRICT OF CALIFORNIA. Deadline.

CASE COMMENT ELECTRONIC SURVEILLANCE: NATIONAL SECURITY AND THE PRESERVATION OF THE RIGHTS GUARANTEED BY THE FOURTH AMENDMENT

Court of Appeals of Ohio

NOTE. Unpacking Digital Containers: Extending Riley s Reasoning to Digital Files and Subfolders. Michael Mestitz*

Follow this and additional works at: Part of the Law Commons

Briefing from Carpenter v. United States

Indiana Association of Professional Investigators November 16, 2017 Stephanie C. Courter

Case 2:10-cv WBS-KJM Document 21 Filed 04/29/2010 Page 1 of 16 UNITED STATES DISTRICT COURT EASTERN DISTRICT OF CALIFORNIA.

UNITED STATES AIR FORCE COURT OF CRIMINAL APPEALS

United States Court of Appeals

SUPREME COURT OF THE UNITED STATES

No IN THE SUPREME COURT OF THE UNITED STATES CASSANDRA ANNE KASOWSKI, PETITIONER UNITED STATES OF AMERICA

IN THE COURT OF COMMON PLEAS OF CARBON COUNTY, PENNSYLVANIA CRIMINAL DIVISION

Case 1:17-cr MJG Document 94 Filed 03/12/18 Page 1 of 11 * CRIMINAL NO. MJG * * * * * * * * * DECISION REGARDING PROOF OF WILLFULNESS

CONTRABAND CONTROL AND SEARCHES

Supreme Court of the United States

IN THE UNITED STATES DISTRICT COURT FOR THE SOUTHERN DISTRICT OF MISSISSIPPI EASTERN DIVISION. RYAN GALEY and REGINA GALEY

1 SB By Senators Orr and Holley. 4 RFD: Governmental Affairs. 5 First Read: 13-FEB-18. Page 0

9th Circ.'s Expansive Standard For Standing In Breach Case

NOT FOR PUBLICATION UNITED STATES COURT OF APPEALS FOR THE NINTH CIRCUIT

In the Supreme Court of the United States

TYSON KENNETH CURLEY OPINION BY v. Record No ELIZABETH A. McCLANAHAN July 26, 2018 COMMONWEALTH OF VIRGINIA


1 HB By Representative Williams (P) 4 RFD: Technology and Research. 5 First Read: 13-FEB-18. Page 0

IN THE COURT OF CRIMINAL APPEALS OF TENNESSEE AT NASHVILLE December 13, 2000 Session

Divided Supreme Court Requires Warrants for Cell Phone Location Data

DEFINING THE LIMITS OF THE PRIVATE- SEARCH DOCTRINE IN AN EXPANDING DIGITAL LANDSCAPE

1 SB By Senators Orr and Holley. 4 RFD: Governmental Affairs. 5 First Read: 13-FEB-18. Page 0

NOT FOR PUBLICATION WITHOUT THE APPROVAL OF THE APPELLATE DIVISION

New Jersey v. T.L.O. 469 U.S. 325 United States Supreme Court January 15, JUSTICE WHITE delivered the opinion of the Court.

UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF TEXAS DALLAS DIVISION

DISTRICT COURT OF APPEAL OF THE STATE OF FLORIDA FOURTH DISTRICT

NOT FOR PUBLICATION WITHOUT THE APPROVAL OF THE APPELLATE DIVISION

STATE V. GUTIERREZ, 2004-NMCA-081, 136 N.M. 18, 94 P.3d 18 STATE OF NEW MEXICO, Plaintiff-Appellee, v. DEMETRIO DANIEL GUTIERREZ, Defendant-Appellant.

Security Breach Notification Chart

Constitutional Law - Search and Seizure - Hot Pursuit

v. CIVIL ACTION NO. H

v. Record No OPINION BY JUSTICE BARBARA MILANO KEENAN November 1, 2002 COMMONWEALTH OF VIRGINIA FROM THE COURT OF APPEALS OF VIRGINIA

UNITED STATES OF AMERICA, PETITIONER DAVID NOSAL, RESPONDENT. No BRIEF FOR PETITIONER

IN THE SUPREME COURT OF GUAM. PEOPLE OF GUAM, Plaintiff-Appellant, ZACHARY RICHARD ULLOA CAMACHO, Defendant-Appellee. OPINION. Filed: May 7, 2004

IN THE UNITED STATES DISTRICT COURT FOR THE NORTHERN DISTRICT OF OKLAHOMA

DEFENDING DATA PRIVACY AND BEHAVIORAL ADVERTISING PUTATIVE CLASS ACTION SUITS

UNITED STATES COURT OF APPEALS FOR THE NINTH CIRCUIT

Don t Get Burned: Proper Implementation of the Litigation Hold Process is Your Best SPF (Spoliation Protection Factor)

Plain View & Consent. Other Search and Seizure Issues Likely to Arise in Digital Child Pornography Cases. Objectives

Transcription:

No. 10-1011 In the Supreme Court of the United States ALBERTA CAPINE v. Petitioner, UNITED STATES OF AMERICA Respondent. ON WRIT OF CERTIORARI TO THE UNITED STATES COURT OF APPEALS FOR THE TWELFTH CIRCUIT BRIEF FOR PETITIONER Team 3 Attorneys for Petitioner

TABLE OF CONTENTS TABLE OF CONTENTS... i TABLE OF AUTHORITIES... ii QUESTIONS PRESENTED FOR REVIEW...1 OPINIONS BELOW...1 CONSTITUTIONAL PROVISIONS AND RULES...1 INTRODUCTION...2 Summary of Argument...2 Standard of Review...3 STATEMENT OF THE CASE...4 ARGUMENT...6 I. PETITIONER S FOURTH AMENDMENT RIGHTS WERE VIOLATED BECAUSE OFFICER MILLER LACKED VIRTUAL CERTAINTY WHEN HE EXCEEDED THE SCOPE OF THE PRIVATE SEARCH WITHOUT A WARRANT AND THE PETITIONER MAINTAINED A REASONABLE EXPECTATION OF PRIVACY IN HER LAPTOP...6 A. An Officer That Knowingly Exceeds The Scope Of A Private Search Without Virtual Certainty Violates The Fourth Amendment....6 B. A Citizen Has A Reasonable Expectation Of Privacy Beyond The Scope Of A Private Search When She Takes Steps To Preserve Her Privacy...11 II. PETITIONER IS NOT CRIMINALLY CULPABLE UNDER THE COMPUTER FRAUD AND ABUSE ACT BECAUSE SHE DID NOT EXCEED HER AUTHORIZED ACCESS BY POSSESSING WORK FILES ON HER LAPTOP...17 A. The Computer Fraud And Abuse Act Applies To Unauthorized Access Of A Computer, Not Unauthorized Use...18 B. A Narrowly Interpreted Computer Fraud And Abuse Act Advances Public Policy Against Individual Employers Determining Criminal Liability While Encouraging Overall Fairness...25 CONCLUSION...28 i

TABLE OF AUTHORITIES United States Supreme Court Asgrow Seed v. Winterboer, 513 U.S. 179 (1995)...18 Chevron, U.S.A., Inc. v. Nat. Res. Def. Council, Inc., 467 U.S. 837 (1984)...19 Connally v. General Constr. Co., 269 U.S. 385 (1926)...26 Coolidge v. New Hampshire, 403 U.S. 443 (1971)...6 Crandon v. United States, 494 U.S. 152 (1990)...23 Cuyler v. Sullivan, 466 U.S. 345 (1980)...3 Katz v. United States, 389 U.S. 347 (1967)...11 Kyllo v. United States, 533 U.S. 27 (2001)...11 Musacchio v. United States, No. 14-1095, 2016 WL 280757 (U.S. Jan. 25, 2016)...18 Riley v. California, 134 S. Ct. 2473 (2014)...12, 27 Patton v. Yount, 467 U.S. 1025 (1984)...3 United States v. Jacobsen, 466 U.S. 109 (1984)... passim United States v. Jones, 132 S.Ct. 945 (2012)...14 United States v. Lanier, 520 U.S. 259 (1997)...23 ii

United States v. Stevens, 559 U.S. 460 (2010)...27 United States v. Universal C.I.T. Credit Corp., 344 U.S. 218 (1952)...23 Walter v. United States, 447 U.S. 649 (1980)...6, 7 Wright v. West, 505 U.S. 277 (1992)...3 Circuit Courts Barton v. Adang, 162 F.3d 1140 (Fed. Cir. 1998)...3 DSI Assocs. LLC v. United States, 496 F.3d 175 (2d Cir. 2007)...3 E.F. Cultural Travel v. Explorica, 274 F.3d 577 (1st Cir. 2001)...19, 21 Int l Airport Ctrs., L.L.C. v. Citrin 440 F.3d 418 (7th Cir. 2006)...19, 21 LVRC Holdings LLC v. Brekka, 551 F.3d 1127 (9th Cir. 2009)...21 Rann v. Atchison, 689 F.3d 832 (7th Cir. 2012)... passim United States v. Carr, 513 F.3d 1164 (9th Cir. 2008)...21 United States v. Gifford, 17 F.3d 462 (1st Cir. 1994)...3 United States v. John, 597 F.3d 263 (5th Cir. 2010)...19, 21, 22 United States v. Lichtenberger, 786 F.3d 478 (6th Cir. 2015)... passim United States v. Nosal, 676 F.3d 854 (9th Cir. 2012)...19, 25, 26, 27 iii

United States v. Oliver, 630 F.3d 397 (5th Cir. 2011)...11, 12, 14 United States v. Rodriguez, 628 F.3d 1258 (11th Cir. 2010)...19, 21, 22 United States v. Runyan, 275 F.3d 449 (5th Cir. 2001)...7, 12, 14, 15 United States v. Starr, 533 F.3d 985 (8th Cir. 2008)...7 United States v. Teague, 646 F.3d 1119 (8th Cir. 2011)...19, 21, 22 United States v. Valle, 807 F.3d 508 (2d Cir. 2015)...19 United States v. Walser, 275 F.3d 981 (10th Cir. 2001)...14 WEC Carolina Energy Sol. LLC v. Miller, 687 F.3d 199 (4th Cir. 2012)...19, 20 District Courts Advanced Fluid Sys., Inc. v. Huber, 28 F. Supp. 3d 306 (M.D. Pa. 2014)...19 Czech v. Wall Street on Demand, Inc., 674 F. Supp. 2d 1102 (D. Minn. 2009)...27 Diamond Power Int l, Inc. v. Davidson, 540 F. Supp. 2d 1322 (N.D. Ga. 2007)...18 Dresser-Rand Co. v. Jones, 957 F. Supp. 2d 1322 (E.D. Pa. 2013)...19, 21 Lewis-Burke Assoc., LLC v. Widder, 725 F. Supp. 2d 187 (D.D.C. 2010)...20 Sebrite Agency, Inc. v. Platt, 884 F. Supp. 2d 912 (D. Minn. 2012)... 19-20 United States v. Drew, 259 F.R.D. 449 (C.D. Ca. 2009)...22, 25, 26, 27 iv

Legislative Materials H.R. REP. 98-894 (1984) reprinted in 1978 U.S.C.C.A.N. 3689...20 S.1030, 114th Cong. 2 (2015)...20 S. REP. 99-432 (1986), reprinted in 1986 U.S.C.C.A.N. 2479...22 Other Authorities Benjamin Holley, Digitizing the Fourth Amendment: Limiting the Private Search Exception in Computer Investigations, 96 Va. L. Rev. 677 (2010)...13 BLACK S LAW DICTIONARY (10th ed. 2014)...18 FACEBOOK, Statement of Rights and Responsibilities, Safety, https://www.facebook.com/legal/ terms (last updated Jan. 30, 2015)...26 Federal Student Aid, http://www.nslds.ed.gov/npas/index.htm (last visited Feb. 4, 2016)...22 GLOBAL WORKPLACE ANALYTICS, Latest Telecommuting Statistics, http://globalworkplaceanalytics.com/telecommuting-statistics (last updated Sept. 29, 2015)... 26-27 Orin S. Kerr, Foreword: Accounting for Technological Change, 36 Harv. J.L. & Pub. Pol'y 403 (2013)...13 Ryan E. Dosh, The Computer Fraud and Abuse Act: As Conflict Rages On, The United States v. Nosal Ruling Provides Employers Clear Guidance, Loy. L.A. L. Rev. 902 (2014)...19 VIKTOR MAYER-SCHÖNBERGER, BIG DATA: A REVOLUTION THAT WILL TRANSFORM HOW WE LIVE, WORK, AND THINK (Kenneth Cukier ed., 2013)...13 YOUTUBE, Terms of Service, http://www.youtube.com/t/terms (last updated June 9, 2010)...25 v

QUESTIONS PRESENTED FOR REVIEW I. Under the Fourth Amendment, government agents may not recreate a search by a private individual exceeding the scope of that private search without a warrant. Ester Sundon, a private individual, searched three separate files on Petitioner s laptop. Sundon showed Officer Miller the three files she had searched. Subsequently, Officer Miller opened twenty-nine additional files before obtaining a warrant. Did Officer Miller violate Petitioner s Fourth Amendment rights by searching more computer files than the private party? II. An individual exceeds authorized access when obtaining information in which they are not entitled to access. Petitioner had access to her employer s computers. In addition, Petitioner had control over employee s access to customer financial information in the form of Word documents on her laptop. The Word documents were saved from a database in which Petitioner was authorized to access. Did Petitioner exceed her authorized access by saving the Word documents onto her laptop? OPINIONS BELOW The United States Court of Appeals for the Twelfth Circuit issued its opinion on April 11, 2013. The opinion appears on pages 2 12 of the record. The opinion was reported at 913 F.3d 1131. CONSTITUTIONAL PROVISIONS AND RULES This case involves the Fourth Amendment: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. 1

U.S. Const. amend. IV. Additionally, this case involves the Computer Fraud and Abuse Act, in pertinent part: (a) Whoever (2) intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains (A) Information contained in a financial record of a financial institution, or of a card issuer as defined in section 1602(n) of title 15, or contained in a file of a consumer reporting agency on a consumer, as such terms are defined in the Fair Credit Reporting Act (15 U.S.C. 1681 et seq.); (B) information from any department or agency of the United States; or (C) information from any protected computer; 18 U.S.C. 1030(a)(2)(C)(emphasis added). INTRODUCTION Summary Of Argument: I. When Officer Miller knowingly searched more files on Petitioner s laptop than the private party, he exceeded the scope of the private search in violation of the Fourth Amendment. Additionally, Petitioner had enabled a password on her laptop and informed her roommate she could not use her laptop. Because Petitioner took these affirmative steps to keep her laptop safe from prying eyes, Petitioner maintained a reasonable expectation of privacy in the files not searched by the private party. Petitioner s laptop, unlike a traditional closed container, has the capacity to contain millions of pages of text and pictures. Consequently, the closed container doctrine should be limited to individual documents/files searched by a private party, instead of an entire computer or folder. Therefore, Officer Miller s methodical search of the twenty-nine files not searched by the private party was a profound violation of Petitioner s reasonable expectation of privacy. 2

II. Congress intended the Computer Fraud and Abuse Act ( CFAA ) to apply only to unauthorized access by outside hackers. Overlooking this intent, some courts have improperly expanded the CFAA to include employees who use information in conflict with either their employer s best interests or a company policy and/or confidentiality agreement. Realizing the policy implications in allowing private employers to dictate criminal conduct, a majority of courts follow Congressional intent finding an individual exceeds authorized access when she bypasses authorization given to them by their employer. Because there exists a split of authority regarding the application of the CFAA, the rule of lenity encourages this Court to apply the least restrictive application of the statute, which in this case is the majority view. Here, Petitioner was authorized to access the Word documents on her laptop and never obtained information outside the authorization given to her by her employer. Therefore, Petitioner did not exceed authorized access under the CFAA. Standard Of Review: In reviewing the Twelfth Circuits order to deny the suppression of evidence, this Court considers conclusions of law and application of the law to the facts de novo. See Wright v. West, 505 U.S. 277, 297-98 (1992); Patton v. Yount, 467 U.S. 1025, 1038 (1984); Cuyler v. Sullivan, 466 U.S. 345, 342 (1980). Furthermore, because an interpretation of a statute or regulation presents a purely legal question, this Court considers the interpretation of the Computer Fraud and Abuse Act de novo. See DSI Assocs. LLC v. United States, 496 F.3d 175, 183 (2d Cir. 2007); Barton v. Adang, 162 F.3d 1140, 1144 (Fed. Cir. 1998); United States v. Gifford, 17 F.3d 462, 472 (1st Cir. 1994). 3

STATEMENT OF CASE Alberta Capine ( Petitioner ) was a small claims supervisor at Find Funds, Inc. ( FFI ), a local debt collections agency. (R. at 2). Petitioner had significant responsibilities over both the computers at the agency and the employees access to financial information databases, including a database named Sureinf.com. (R. at 2). FFI did not authorize employees to use computer resources for personal purposes. (R. at 2). Petitioner lived and worked with Ester Sundon ( Sundon ). (R. at 2). On September 23, after Sundon s laptop broke down, she asked Petitioner if she could use her laptop and Petitioner refused. (R. at 2). Despite Petitioner s refusal, Sundon later accessed Petitioner s laptop by using her password, which she discovered after observing Petitioner log in on a previous date. (R. at 2). After Sundon logged in, she saw a folder labeled transaction history, which contained a list of sixteen Word documents and sixteen Excel spreadsheets, for a total of thirty-two files. (R. at 2). The Word documents and Excel spreadsheets appeared to be in pairs sharing a common name with each corresponding file. (R. at 2). For example, some Excel spreadsheets read: LitlAl.xlsx, BigJim.xlsx, JoeBro.xlsx, etc. (R. at 2). Whereas, some of the Word documents read: LitlAl.pdf, BigJim.pdf, JoeBro.pdf, etc. (R. at 2-3). Sundon clicked on the first Excel spreadsheet within the folder. (R. at 2). The spreadsheet included a chart which appeared to show a series of transactions involving controlled substances. (R. at 3). Each transaction included dates, dollar amounts, and quantities of marijuana, methamphetamine, and various controlled substances. (R. at 3). Sundon clicked on two more Excel spreadsheets and found similar charts showing the same content. (R. at 3). Sundon viewed only three Excel spreadsheets out of the sixteen. (R. at 3). Without viewing the thirteen 4

remaining Excel spreadsheets or any of the sixteen Word documents, Sundon called the police. (R. at 3). Officer Miller arrived at the scene. (R. at 3). Once there, Officer Miller asked Sundon to show him the three Excel spreadsheets she had opened; Sundon complied. (R. at 3). Subsequently, Officer Miller accessed Petitioner s laptop himself and made copies of all thirtytwo files within the folder and saved them to a flash drive. (R. at 3). After saving the files, Officer Miller methodically went through each spreadsheet and each document. (R. at 3). All sixteen Excel spreadsheets contained apparent dealings in illicit substances. (R. at 3). In contrast, the Word documents contained private data of customers from FFI, including names, addresses, social security numbers, dates of birth, telephone numbers, family connections, employment and credit information (including bank accounts and credit accounts). (R. at 3). This information was saved from a database (Surinf.com), which was used by both Petitioner and Petitioner s employer. (R. at 2, 3). After viewing all thirty-two files within the folder, Officer Miller confiscated the laptop and obtained a warrant. (R. at 3). During the subsequent investigation, law enforcement discovered the Word documents had been accessed using Petitioner s employee username and password given to her by FFI. (R. at 3). Petitioner was convicted of multiple counts of drug trafficking, attempted identity theft, and violation of 18 U.S.C. 1030(a)(2)(C) of the Computer Fraud and Abuse Act. (R. at 3). Prior to her trial in the United States District Court for the District of Origania, Petitioner moved on Fourth Amendment grounds to exclude all Excel spreadsheets and Word documents her roommate had not viewed. (R. at 3). The District Court denied Petitioner s motion based on the private search doctrine and all the Excel spreadsheets and Word documents were admitted as evidence. (R. at 3). 5

Petitioner was subsequently convicted on all counts and appealed her case to the United States Court of Appeals for the Twelfth Circuit. (R. at 3). The Twelfth Circuit affirmed the denial of Petitioner s pre-trial motion to exclude evidence. (R. at 8). This Court granted certiorari. (R. at 1). ARGUMENT I. PETITIONER S FOURTH AMENDMENT RIGHTS WERE VIOLATED BECAUSE OFFICER MILLER LACKED VIRTUAL CERTAINTY WHEN HE EXCEEDED THE SCOPE OF THE PRIVATE SEARCH WITHOUT A WARRANT AND THE PETITIONER MAINTAINED A REASONABLE EXPECTATION OF PRIVACY IN HER LAPTOP. Technology is moving fast and the law has not caught up. This case exemplifies why the current state of the private search and container doctrines are ill suited for the technological age. A. An Officer That Knowingly Exceeds The Scope Of A Private Search Without Virtual Certainty Violates The Fourth Amendment. The Fourth Amendment provides, the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, and no warrant shall issue but upon probable cause by Oath or affirmation.... U.S. Const. amend. IV. Warrantless searches are per se unreasonable under the Fourth Amendment subject only to a few specifically established and well-delineated exceptions. Coolidge v. New Hampshire, 403 U.S. 443, 481 (1971). While the Fourth Amendment protects individuals from unreasonable governmental intrusion, this Court has, consistently found the Fourth Amendment is, 'wholly inapplicable to a search or seizure... effected by a private individual not acting as an agent of the government or with the participation or knowledge of any governmental official. United States v. Jacobsen, 466 U.S. 109, 113 (1984) (quoting Walter v. United States, 447 U.S. 649, 662 (1980)). 6

When a private party conducts a search with no government influence and reveals to the government the incriminating contents of their search, the government may only look at what the private party viewed without a warrant. See Jacobsen, 466 U.S. at 114; Walter, 447 U.S. at 657. The only time the government may exceed a private search is when, it has a right to make an independent search. Walter, 447 U.S. at 657; see also United States v. Starr, 533 F.3d 985, 995 (8th Cir. 2008). The closed container doctrine allows the government to view more contents in a physical container than the previous private search without enacting a defendant s Fourth Amendment rights. See United States v. Runyan, 275 F.3d 449, 464 (5th Cir. 2001). For the closed container doctrine to apply, the government must be able to, demonstrate to a reviewing court that an exception to the exclusionary rule is warranted because they were [virtually] certain of the contents of the container before they opened it. Runyan, 275 F.3d at 464; see also Jacobsen, 466 U.S. at 119. The virtual certainty requirement ensures the government does not violate more of an individual s expectation of privacy, than did the private search. See Runyan, 275 F.3d at 463. In determining whether the government is virtually certain contents beyond the private search will reveal contraband, courts consider: [1] the statements of the private searchers, [2] [government s] replication of the private search, and [3] their expertise. Runyan, 275 F.3d at 463; see also United States v. Lichtenberger, 786 F.3d 478, 489 (6th Cir. 2015); Rann v. Atchison, 689 F.3d 832, 836-37 (7th Cir. 2012). This Court considered the scope of the private search doctrine in 1981, when a Federal Express ( FedEx ) employee looked at a package damaged by a forklift. See Jacobsen, 466 U.S. at 111. The container was a cardboard box. Id. When the FedEx employee opened the box he 7

saw crumpled newspaper covering a tube about ten inches long wrapped in duct tape. Id. The FedEx employee cut open one of the tubes and found four Ziploc bags. Id. The outermost bag contained the other three bags and the innermost bag contained approximately six and a half ounces of white powder. Id. The employee notified the Drug Enforcement Administration ( DEA ) and put the Ziploc bags back in the tube and the tube back into the box. Id. The employees never opened any of the Ziploc bags. Id. When the DEA agents arrived, they inspected the tube searched by the FedEx employee. Id. The agents used the end of a knife, cut through the Ziploc bags and conducted a field test of the white powdery substance. Id. The field test revealed the substance was cocaine. Id. Although the DEA s search went beyond the scope of the private search, this Court held under those circumstances, the package could no longer support any expectation of privacy and was therefore not a search within the meaning of the Fourth Amendment. Id. at 120. This Court stated, the removal of the plastic bags from the tube and the agent s visual inspection of their contents enabled the agent to learn nothing that had not previously been learned during the private search. Id. at 120. The Court further explained, [t]he agents had already learned a great deal about the contents of the package from the [FedEx] employees, all of which was consistent with what they could see. Id. at 121. Lastly, the Court reasoned, the suspicious nature of the material made it virtually certain that the substance... was in fact contraband. Id. at 124. Over thirty years later the Sixth Circuit considered the scope of a private search involving a laptop computer. See Lichtenberger, 786 F.3d at 478. In Lichtenberger, defendant was arrested for failing to register as a sex offender. Id. at 480. Later that day, defendant s girlfriend accessed defendant s password protected laptop by hacking into it. Id. Once on the laptop, defendant s 8

girlfriend viewed approximately one hundred images of child pornography in several subfolders titled, private. Id. Upon arrival, the police asked the girlfriend to show them what she had discovered. Id. She opened several folders and began clicking random images. Id. At trial, defendant s girlfriend stated she showed the officers some images she was not sure were among her original search. Id. The girlfriend further stated the defendant, would never let [her] use [his laptop] or be near him when he was using it. Id. In its analysis, the Sixth Circuit declared the officer needed to obtain a warrant reasoning, the need to confirm the laptop s contents on-site was not immediate... [and] the laptop presented no cognizable, immediate threat to [the officer s]. Id. at 491. The court further made a distinction when dealing with electronic media, considering the extent of the information that can be stored on a laptop computer... the virtual certainty threshold in Jacobsen requires more when dealing with a laptop. Id. at 488. The court held, in light of the information available at the time the search was conducted, the strong privacy interests at stake, and the absence of a threat to government interests the warrantless review of the laptop unconstitutionally exceeded the scope of the private search. Id. Here, Officer Miller lacked virtual certainty the files not searched by Petitioner s roommate, Ester Sundon, would contain evidence of dealings in illicit substances. The record is silent as to whether Sundon had ever previously been on Petitioner s laptop or was at all familiar with it. After logging onto Petitioner s laptop, presumably for the first time, Sundon only clicked on three separate Excel spreadsheets and saw, what appeared to [be] a series of transactions involving controlled substances. (R. at 3)(emphasis added). Sundon never clicked on any of the remaining twenty-nine files in the folder. 9

Unlike Jacobsen, Officer Miller could not have been virtually certain about the contents of the twenty-nine remaining files on Petitioner s laptop. The only information Officer Miller received prior to looking at the files was from Sundon, who he knew had not looked at the remaining twenty-nine files. (R. at 3). Further, there is no indication in the record Officer Miller questioned Sundon about previously accessing Petitioner s laptop. Sundon was never questioned about noticing anything suspicious about Petitioner suggesting she was selling or using drugs. Lastly, there is no indication Sundon was questioned regarding whether Petitioner associated with suspicious individuals. In contrast to Jacobsen, illicit substances written onto an Excel spreadsheet with names and dollar amounts are not indicative of illegal contraband the same way a white powdery substance in a Ziploc bag is. Anyone with access to Petitioner s laptop for a matter of minutes could transcribe a list of apparent transactions in illicit substances. Such content, with other incriminating evidence, may be indicative of a crime, but it is far from constituting virtual certainty the remaining twenty-nine files will contain the same content. Officer Miller s lack of virtual certainty is further exemplified after he methodically reviewed all thirty-two files beyond the three spreadsheets reviewed by Sundon. (R. at 3)(emphasis added). In doing so, Officer Miller discovered the files did not all contain the same material. The Word documents contained private data from apparent customers and not any apparent transactions of illicit substances. (R. at 3). Furthermore, and similar to Lichtenberger, the need to confirm the content in the remaining twenty-nine unopened files was not immediate and Petitioner s laptop presented no reasonable identifiable threat to Officer Miller or his investigation. Officer Miller had already made copies of the thirty-two documents and was told by Sundon which files she specifically searched. (R. at 10

3). Overall, there was no need for Officer Miller to continue the search of Petitioner s laptop without a warrant. Officer Miller lacked virtual certainty when he examined the remaining twenty-nine files not searched by Sundon. Furthermore, Officer Miller knowingly viewed more files on Petitioner s laptop than Sundon s private search, thereby exceeding the scope of the private search and infringing on Petitioner s Fourth Amendment rights. As a result, the contents of the twenty-nine files not searched by Sundon should be suppressed as the fruits of a warrantless search. B. A Citizen Has A Reasonable Expectation Of Privacy Beyond The Scope Of A Private Search When She Takes Steps To Preserve Her Privacy. One way a Fourth Amendment search occurs is when the government intrudes on a legitimate expectation of privacy. See Jacobsen, 466 U.S. at 113. It is long established that a violation of an individual s reasonable expectation of privacy occurs when a warrantless search is conducted and an individual: (1) subjectively exhibits an expectation of privacy in the places, containers, or effects searched; and (2) society objectively recognizes that expectation of privacy as reasonable. See Kyllo v. United States, 533 U.S. 27, 34 (2001); see also Katz v. United States, 389 U.S. 347, 361 (1967). The reasonableness of an invasion of a citizen s privacy, must be appraised on the basis of the facts as they existed at the time that invasion occurred. Jacobsen, 466 U.S. at 115. The Fifth and Seventh Circuits have indicated an individual can maintain a reasonable expectation of privacy in an area or container even after a private search. See United States v. Oliver, 630 F.3d 397, 407 (5th Cir. 2011) cert. denied, 132 S.Ct. 758 (2011); Atchison, 689 F.3d at 836-37. Both courts noted, [a] defendant s expectation of privacy with respect to an item unopened by the private searcher is preserved... unless the defendant s expectation of privacy in the contents of the container has already been frustrated because the contents were rendered 11

[virtually certain] by the private search. Oliver, 630 F.3d at 406; see also Runyan, 275 F.3d at 464-65. In determining if a defendant s reasonable expectation of privacy can survive a private search, consideration must be given to whether the activities of the home s occupants or the circumstances within the home at the time of the private search created a risk of intrusion by the private party that was reasonably foreseeable. Oliver, 630 F.3d at 406 (citations omitted) (emphasis in original). If a private party s initial intrusion was not reasonably foreseeable, the occupant s reasonable expectation of privacy will survive, and the subsequent police search will indeed activate the Fourth Amendment. Id. at 406-07. Any additional invasion of [Petitioner s] privacy by the government agent must be tested by the degree to which [the government] exceeded the scope of the private search. Jacobson, 466 U.S. at 115. In examining a reasonable expectation of privacy in present times, one cannot forgo discussing the emergence and vast expansion of data storage in modern technology, specifically personal computers or laptops. In regards to cell phones, this Court recently noted: [An] intrusion on privacy is not physically limited in the same way when it comes to cell phones. The current top-selling smart phone has a standard capacity of 16 gigabytes (and is available with up to 64 gigabytes). Sixteen gigabytes translates to millions of pages of text, thousands of pictures or hundreds of videos. Riley v. California, 134 S. Ct. 2473, 2489 (2014). This Court further elaborated, many [cell phones] are in fact minicomputers... They could just as easily be called cameras, video players, rolodexes, calendars, tape recorders, libraries, diaries, albums, televisions, maps, or newspapers. Id.; see also Lichtenberger, 786 F.3d at 488 (a computer is a device with even greater capacity than the cell phones at issue in Riley ). 12

Just as cellphones have evolved into minicomputers, computers themselves have also evolved. In 1986, only three years after Jacobsen, around 40 percent of the world s general purpose computing power took the form of pocket calculators, which represented more processing power than all personal computers at the time. VIKTOR MAYER-SCHÖNBERGER, BIG DATA: A REVOLUTION THAT WILL TRANSFORM HOW WE LIVE, WORK, AND THINK, 9 (Kenneth Cukier ed., 2013). From 1986 to present day, the processing power and storage capacity of personal computers have vastly increased: As recently as the year 2000, only a quarter of the stored information in the world was digital. The other three quarters were on paper, film, vinyl LP records, magnetic cassette tapes and the like... [In] 2013 the amount of stored information in the world [was] estimated to be around 1,200 exabytes, of which less than 2 percent [was] non-digital... [If this] were all printed in books, they would cover the entire surface of the United States 52 layers thick. If it were placed on CD-ROMs and stacked up, they would stretch to the moon in 5 separate piles... Things are really speeding up. The amount of stored information grows four times faster than the world economy, while the processing power of computers grows nine times faster. Id. The record does not indicate what kind of laptop Petitioner owned. However, the storage capacity of modern personal computers in 2010, six years ago, [was] equal to approximately eighty million pages of text, with capacity doubling approximately every two years. Benjamin Holley, Digitizing the Fourth Amendment: Limiting the Private Search Exception in Computer Investigations, 96 Va. L. Rev. 677, 682 (2010)(emphasis added). Imagine how computer technologies will work in five, ten, or fifty years. Over time, advancing technology will cause the digital to seem more and more different from the physical. The need for different rules governing digital devices eventually will seem obvious. Orin S. Kerr, Foreword: Accounting for Technological Change, 36 Harv. J.L. & Pub. Pol'y 403, 407-08 (2013). 13

The idea computers are different than traditional physical closed containers is not a new concept in American jurisprudence. Fifteen years ago, the Tenth Circuit noted: [There are] particular Fourth Amendment issues surrounding the search and seizure of computer equipment. The advent of the electronic age... the development of desktop computers that are able to hold the equivalent of a library's worth of information, go beyond the established categories of constitutional doctrine. Analogies to other physical objects, such as dressers or file cabinets, do not often inform the situations we now face as judges when applying search and seizure law. United States v. Walser, 275 F.3d 981, 986 (10th Cir. 2001); see also United States v. Jones, 132 S.Ct. 945, 954 (2012)(Sotomayor, J., concurring)( [it] may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties. This approach is ill suited to the digital age ); Lichtenberger, 786 F.3d at 488 ( [t]he search of a laptop is far more intrusive than the search of a container because the two objects are not alike... [g]iven the amount of a data a laptop can hold ). Currently, the circuit courts are split on how a reasonable expectation of privacy and the closed container doctrine applies to computers and other electronic data. See Lichtenberger, 786 F.3d at 491; Contra Runyan, 275 F.3d at 465; Atchison, 689 F.3d at 837; see also Oliver, 630 F.3d at 407 (the initial private search was reasonably foreseeable and the searcher s act of voluntarily giving the authorities the box containing a laptop, maintained no reasonable expectation of privacy and rendered the subsequent police search permissible). In Runyan, defendant s estranged wife broke into his home and retrieved several computer disks. 275 F.3d at 453. Defendant s wife and her friends discovered the disks contained images of child pornography, contacted the police, and turned over the disks. Id. In the following weeks, defendant s wife provided additional disks to the police. Id. During the ensuing investigation, the police copied all the materials they received onto blank CDs and then examined several images from each disk, including disks neither defendant s wife nor her friends 14

had viewed. Id. Relying on this information, the police obtained two search warrants, one to search all the disks for illicit images and one to search defendants house for any computer devices. Id. The Fifth Circuit applied the closed container analogy regarding the individual disks as the relevant containers. Id. at 461. The court determined, the police do not exceed the scope of a prior private search when they examine the same materials that were examined by the private searchers, but they examine these materials more thoroughly than did the private parties. Id. at 464. The court went on to state, in the context of a closed container search, this means that the police do not exceed the private search when they examine more items within a closed container than did the private searchers. Id. The court held government searches of the disks the wife had viewed were acceptable, while searches of disks she had not viewed were not acceptable. Id. In Atchison, defendant s daughter, who was fifteen-years-old, reported to the police she had been sexually assaulted by defendant and he had taken pornographic pictures of her. 689 F.3d at 834. Following a police interview, the daughter returned home and, under no instruction from the police, retrieved a digital camera memory card on top of a television in defendant s room; she then took the memory card to the police. Id. Later, the victim s mother compiled a zip drive and brought it to the police. Id. Images downloaded from the memory card and zip drive depicted defendant sexually assaulting his daughter. Id. Defendant contended when the police searched the digital storage devices and viewed the images on them, they exceeded the scope of the private search. Id. at 836. Relying on Runyan, the Seventh Circuit noted, if the police more thoroughly searched the digital media devices than [the victim] and her mother did and viewed the images [the victim] or her mother had not viewed... the police search did not exceed or expand the scope of 15

the initial private searches. Id. at 838. The court reasoned, because [the victim] and her mother knew the contents of the digital media devices when they delivered them to the police, the police were [virtually] certain the devices contained child pornography. Id. Here, unlike Runyan and Atchison, the private search involved an entire laptop computer capable of containing a libraries worth of information, not a CD or memory card. The storage capacity differences between a memory card and CD versus an entire laptop are significant. The Runyan and Atchison courts reasoned the police simply examined the memory card or CD more thoroughly than did the private party. If this applied to laptop computers, a private searcher could click on one document on a person s computer and supply the government with an astronomical amount of data unrelated to their search. Furthermore, in Atchison, the victim grabbed the memory card off a television set. The defendant had taken zero precautions to hide the memory card from prying eyes; also the victim s mother knew exactly what was on the zip drive she later gave to the police because she compiled it herself. Here, Petitioner verbally told Sundon she could not use her laptop and also took extra precautions to protect her laptop from prying eyes by enabling a password. (R. at 2). Because of these precautionary steps taken by Petitioner, Sundon s intrusion onto Petitioner s laptop was not reasonably foreseeable. Therefore, Petitioner maintained a reasonable expectation of privacy in all files on her laptop not searched by Sundon. This violation of Petitioner s expectation of privacy was made worse because Sundon showed and told Officer Miller she viewed only three files. (R. at 3). When Officer Miller viewed the remaining twenty-nine files he was fully aware Sundon had not looked at those files. Given the vast storage capacity and types of content modern computers contain, it was 16

impossible for Officer Miller to be virtually certain of what he would find on the remaining twenty-nine files. It is undisputed computer technology is increasing at a rapid pace, making computers categorically distinct from a traditional physical container. Similar to the automobile exception, and more recently the warrant requirement to search a cell phone incident to arrest, new technologies require specific legal rules. Limiting the container doctrine to individual documents within a computer searched by the private party effectively upholds the fundamental tenants of Fourth Amendment protections, while allowing the government to investigate and prosecute crime. The warrant requirement of the Fourth Amendment is an important working part of our philosophy and government and is not meant to be an inconvenience, but rather a protection of individual freedoms. Here, Petitioner s reasonable expectation of privacy was violated when Officer Miller looked at twenty-nine files on her laptop computer, capable of containing every private detail of her life, without a warrant. II. PETITIONER IS NOT CRIMINALLY CULPABLE UNDER THE COMPUTER FRAUD AND ABUSE ACT BECAUSE SHE DID NOT EXCEED HER AUTHORIZED ACCESS BY POSSESSING WORK FILES ON HER LAPTOP. Congress established the Computer Fraud and Abuse Act ( CFAA ) to combat unauthorized access by hackers, not unauthorized use by employees. Courts were established to interpret legislation, not to legislate themselves. Many courts have failed to understand this fundamental purpose by improperly expanding the CFAA to try and remedy other issues unrelated to the statute s purpose. 17

A. The Computer Fraud And Abuse Act Applies To Unauthorized Access Of A Computer, Not Unauthorized Use. Under the CFAA, it is a federal crime for an individual to either, intentionally access a computer without authorization or to exceed authorized access, and thereby obtains information from any protected computer. 18 U.S.C. 1030(a)(2)(C); see also Musacchio v. United States, No. 14-1095, 2016 WL 280757, at *1 (U.S. Jan. 25, 2016) (This Court finds a violation of the CFAA to include two separate crimes). The CFAA states, the term exceeds authorized access means to access a computer with authorization and to use such access to obtain or alter information in the computer that the accessor is not entitled... to obtain or alter. 18 U.S.C. 1030(e)(6). 1 Although the phrase, exceeds authorized access is defined within the statute, the term authorization is undefined giving many courts issues with the statute s scope. Because the term authorization is not defined within the CFAA, this Court gives such phrases their ordinary meaning as defined by a standard dictionary. See Asgrow Seed v. Winterboer, 513 U.S. 179, 187 (1995). Authorization is defined as the, official permission to do something. BLACK S LAW DICTIONARY 159 (10th ed. 2014). Applying this definition, courts have explained, a violation [of the statute] does not depend upon the defendant s unauthorized use of information, but rather upon the defendant s unauthorized use of access. Diamond Power Int l, Inc. v. Davidson, 540 F. Supp. 2d 1322, 1343 (N.D. Ga. 2007)(emphasis in original). Because there is ambiguity surrounding this phrase, courts have applied three different approaches to define exceeds authorized access: (1) agency-based authorization; (2) contract- 1 The call of the question is limited to whether Petitioner exceeded authorized computer access in violation of 18 U.S.C. 1030(a)(2)(C) of the Computer Fraud and Abuse Act. (R. at 1). Therefore, the discussion is limited to whether Petitioner exceeded her authorized access, not to whether she accessed the information without authorization. 18

based authorization; and (3) code-based authorization. See Dresser-Rand Co. v. Jones, 957 F. Supp. 2d 610, 616 (E.D. Pa. 2013). First, agency-based authorization states an employee, exceeds authorized access by misusing information adverse to their employer s interests. See Int l Airport Ctrs., LLC v. Citrin, 440 F.3d 418, 420-21 (7th Cir. 2006). This terminates the agency relationship and the authorization given to the employee by the employer Id. Second, contract-based authorization states an individual, exceeds authorized access if there existed either a company policy and/or a confidentiality agreement which barred the use of the information in question. See United States v. Teague, 646 F.3d 1119, 1122 (8th Cir. 2011); United States v. John, 597 F.3d 263, 272 (5th Cir. 2010); United States. v. Rodriguez, 628 F.3d 1258, 1263 (11th Cir. 2010); EF Cultural Travel Bv v. Explorica, 274 F.3d 577, 583 (1st Cir. 2001). Thirdly, code-based authorization finds an individual criminally culpable if she accesses information she is not authorized to access. See WEC Carolina Energy Sol., LLC v. Miller, 687 F.3d 199, 206 (4th Cir. 2012); United States. v. Nosal, 676 F.3d 854, 863-64 (9th Cir. 2012). Academics have referred to the agency and contract-based approaches as the broad view, whereas the code-based approach is commonly known as the narrow view. See Ryan E. Dosh, The Computer Fraud and Abuse Act: As Conflict Rages On, The United States v. Nosal Ruling Provides Employers Clear Guidance, Loy. L.A. L. Rev. 901, 902 (2014). As of today, a majority of courts have applied the narrow view because it adheres more to the legislative intent of Congress. See United States v. Valle, 807 F.3d 508, 528 (2d Cir. 2015); Advanced Fluid Sys., Inc. v. Huber, 28 F. Supp. 3d 306, 329 (M.D. Pa. 2014); Sebrite Agency, Inc. v. Platt, 884 F. 19

Supp. 2d 912, 917-18 (D. Minn. 2012); Lewis-Burke Assoc., LLC v. Widder, 725 F. Supp. 2d 187, 193 (D.D.C. 2010); et al. This Court should follow Congressional intent and apply the narrow view. See Chevron, U.S.A., Inc. v. Nat. Res. Def. Council, Inc., 467 U.S. 837, 842-43 (1984). The CFAA was originally intended to give the government greater ability to prosecute computer crimes against hackers who accessed and stole information from other computers. See H.R. REP. 98-894, at 10 (1984) reprinted in 1978 U.S.C.C.A.N. 3689, 3695. The 1984 House Committee found criminally culpable conduct under the CFAA is comparable to, that of breaking and entering. Id. at 20. Currently, Congress is amending the CFAA to apply the narrow view. See S.1030, 114th Cong. 2 (2015) 2. The proposed amendment would strike out the phrase, exceeds authorized access and replace it with the phrase, access without authorization. Id. Furthermore, the proposed amendment would define, access without authorization as, obtain[ing] information on a protected computer; that the accesser lacks authorization to obtain; and by knowingly circumventing one or more technological or physical measures that are designed to exclude or prevent unauthorized individuals from obtaining that information. Id. Applying Congressional intent, the Fourth Circuit applied the narrow view to the CFAA. See Miller, 687 F.3d at 199 (4th Cir. 2012). In Miller, before resigning, defendant downloaded confidential information from WEC s database and proceeded to give it to his new employer. Id. at 201. WEC had a policy prohibiting employees from downloading confidential information to a personal computer. Id. at 202. The court chose to find the defendant not criminally culpable 2 Full name of proposed bill is Clarifying that Access Without Authorization Under Section 1030 of Title 18, United States Code, Means Circumvention of Technological Barriers in Order to Gain Unauthorized Access. 20

under the CFAA, even though the employer had policies prohibiting defendant s use of the information. Id. at 207. The court applied the narrow view because other civil remedies were made available to employers whose policies were violated. Id. The court concluded while defendants may have misappropriated information, they did not exceed their authorized access. Id. Alternatively, the broad view, or agency theory of authorization, expands the scope of the CFAA to include unauthorized use. Although the Seventh Circuit has applied the agency theory of authorization, all other courts have rejected this theory. See Citrin, 440 F.3d at 420-21; see also Dresser-Rand, 957 F. Supp. 2d at 619. This Court should follow suit and reject the agency theory of authorization because no employee would know a breach of fiduciary duty to an employer would constitute a federal crime under the CFAA. See LVRC Holdings LLC, v. Brekka, 581 F.3d 1127, 1135 (9th Cir. 2009) (citing United States v. Carr, 513 F.3d 1164, 1168 (9th Cir. 2008)). In contrast, four circuits have adopted the broad view, or contract-based theory of authorization, by applying the CFAA to employer use policies and confidentiality agreements. See Teague, 646 F.3d at 1122; Rodriguez, 628 F.3d at 1260; EF Cultural Travel BV, 274 F.3d at 581-82 (employees exceed authorized access when they use information in violation of either an employer policy or a confidentiality agreement); John, 597 F.3d at 271-72 (use of authorized information to commit a crime is prohibited under the CFAA). Within these four circuits, the First, Eighth, and Eleventh Circuits focused on whether there existed either company policies or confidentiality agreements prohibiting certain use by an employee. See Teague, 646 F.3d at 1122; Rodriguez, 628 F.3d at 1263; EF Cultural Travel BV, 274 F.3d at 582. 21

The First Circuit concluded because EF Cultural a private company enacted a broad confidentiality agreement, which covered defendant s actions, there was no need to consider the meaning behind the phrase, exceeds authorized access. See EF Cultural Travel BV, 274 F.3d at 579, 581-82. Here, the issue revolves around the meaning of exceeds authorized access. Therefore, the First Circuit s holding should be deemed unpersuasive by this Court. The Eighth and Eleventh Circuits found criminal culpability when an employee in violation of government policies used government data for personal use. See Teague, 646 F.3d at 1122; Rodriguez, 628 F.3d at 1263. This is distinguishable from EF Cultural because both employees were accessing information through government databases, not from a private company. See Teague, 646 F.3d at 1121; Rodriguez, 628 F.3d at 1260; S. REP. 99-432, at 3 (1986), reprinted in 1986 U.S.C.C.A.N. 2479, 2481 (The CFAA was originally directed at protecting classified information on government computers). In addition, employers in both Teague and Rodriguez, gave their employees actual notice about the possibility of criminal penalties through the unauthorized use of information. See Teague, 646 F.3d at 1121 3 ; Rodriguez, 628 F.3d at 1260; United States v. Drew, 259 F.R.D. 449, 464 (C.D. Ca. 2009) (notice of criminal culpability is required under the CFAA because, while ordinary people might expect to be exposed to civil liabilities for violating a contractual provision, they would not expect criminal penalties ). In the Fifth Circuit, the government showed the defendant s employer not only had an official policy barring use of information, but also showed defendant attended training programs reiterating this same policy. See John, 597 F.3d at 272. Further, the government was able to 3 Teague had access to the National Student Loan Data System (NSLDS). On the NSLDS website, it states, This is a U.S. Federal Government owned computer system for the use by authorized users only. Unauthorized access violates Title 18, U.S. Code Section 1030. Federal Student Aid, http://www.nslds.ed.gov/npas/index.htm (last visited Feb. 4, 2016). 22

sufficiently link the accessed information to the fraud against its customers. Id. Therefore, the Fifth Circuit concluded a defendant exceeded authorized access when she used confidential information to perpetuate a crime. Id. Even if this Court determines the phrase, exceeds authorized access is ambiguous, the rule of lenity supports the application of the narrow view. The rule of lenity provides, when ambiguity exists within a criminal statute any ambiguity goes against the government and instead favors the defendant. See Crandon v. United States, 494 U.S. 152, 168 (1990). Under the rule of lenity, this Court should still find the phrase, exceeds authorized access applies to unauthorized access, not unauthorized use. This Court has reiterated Congress sets the boundaries of criminal conduct, not the courts. Id. at 158. When a choice has to be made between two interpretations of what Congress has made a crime, it is imperative for the courts to apply the least severe punishment and require Congress to speak clearly on criminal conduct. See United States v. Universal C.I.T. Credit Corp., 344 U.S. 218, 221-22 (1952). Without the rule of lenity, Due Process would be frustrated because individuals would be wrongly prosecuted for crimes they did not know existed. See United States v. Lanier, 520 U.S. 259, 266 (1997) ( [D]ue [P]rocess bars courts from applying a novel construction of a criminal statute to conduct that neither the statute nor any prior judicial decision has fairly disclosed to be within its scope ). By applying the rule of lenity, the narrow view is appropriate. Here, Petitioner did not exceed authorization given to her by her employer. Although Find Funds, Inc. ( FFI ), a private employer, prohibited employees from using its computers for personal purposes, the record is silent as to whether Petitioner was put on notice of this policy. Disregarding this fact, the Twelfth Circuit applied the Seventh s Circuit s agency theory of authorization finding Petitioner culpable 23

2024 © lawsdocbox.com Privacy Policy | Terms of Service | Feedback