April 18, 2021

Appeals Court: Just Because Someone Used An Email Account To Send Threats Doesn’t Make It An ‘Interstate’ Crime

By Tim Cushing

If you want to turn a local crime federal, all you need is the internet. This has been the federal government’s M.O. for years: bring federal charges as often as you can because everyone uses the internet to communicate. A plethora of content servers located around the United States makes this easy for prosecutors to use and abuse. Almost every communication — IM, email, or comment — passes through a number of servers located miles away from the person now accused of violating federal law.

Taking a local crime federal means enhanced charges and longer sentences, often prompting accused citizens to sign plea deals that will keep them from paying a trial tax that now includes federal sentences for local actions.

A successful challenge to “well, now it’s federal” assumptions about internet use has been raised by Michael Golightley — a man accused of violating federal law for allegedly hacking and threatening his local broadband provider. Golightley, a Lenora, Kansas resident, decided to fight back when his internet service provider (Nex-Tech) removed his online sales listing for supposedly violating the intellectual property rights of unnamed third parties.

Golightley got mad. And got even. Incoherent threats were made. From the Tenth Circuit Appeals Court decision [PDF]:

take my ad down again when my description doesnt violate copy right, i will violate this site by bringing it offline, fix the ad. if u make me upset, i will retaliate, your choice, and im not making a threat im very capable of bringing down this website.

Seems harmless enough, especially considering Nex-Tech still held almost all the power in this relationship. His follow-up “threat” was no more comprehensible.

ip address 24.225.8.90 will be submitted at exostress.in for 24 hours if my demands are not met with in 12 hours, your choice, and remember, you have been warned..

Nex-Tech deactivated the accounts linked to these mostly incoherent threats. However, following a help desk call from yet another account Nex-Tech believed was linked to the earlier threats, Nex-Tech’s classified ad service was taken down by a DDoS attack. This went on for the next few days, with DDoS attacks interrupting various Nex-Tech services.

Law enforcement traced the accounts back to Golightley. He was charged with a handful of computer crimes, but the feds made it their business by making claims about “interstate commerce.” These charges were brought even though Golightley, a Kansas resident, allegedly targeted a Kansas internet service provider.

The court says the federal prosecutor’s assumptions are wrong. There’s nothing in this case that indicates any “interstate” communications took place.

Threatening to damage a protected computer in violation of § 1030(a)(7)(A) requires the government to prove, among other elements, that Golightley transmitted at least one of his two threats “in interstate or foreign commerce.” § 1030(a)(7). But Golightley argues that the government failed to present evidence that would allow the jury to reasonably infer that he transmitted any threat in interstate commerce. Instead, he argues, the government merely showed that he transmitted his threats over the internet, which is insufficient to prove the interstate-commerce element.

The government conceded that using the internet is not enough — by itself — to support allegations of interstate commerce violations. But that didn’t stop the government from arguing the evidence it had actually supported these claims. The court sets it straight, benchslapping it for unjustified assumptions about evidence it didn’t actually possess.

The government contends that Golightley sent these messages from his personal email address, [email protected] Exhibit 5 shows automated correspondence from mail.com to Golightley that Golightley received after creating his [email protected] email address. At the bottom of the email from mail.com is the following trademark notice: Supp. R. 62.

[If you can’t see the embed, a copyright notice at the bottom of the mail.com footer says Mail & Media is located in Pennsylvania and the “mail.com” trademark belongs to it.]

The government first suggests Exhibit 4A establishes that Golightley transmitted the threats via his personal mail.com email address. Next, the government suggests that the jury could infer, based on the trademark notice in Exhibit 5, that mail.com’s servers are located in Pennsylvania, or “in a [s]tate nearer Chesterbrook, Pennsylvania.” Lastly, the government builds on this inference, concluding the jury could infer that when Golightley transmitted his emails from his mail.com account, the emails traveled in interstate commerce via mail.com’s out-of-state servers.

There are a lot of government assumptions in play here — most of them wrong. The Tenth Circuit continues its excoriation:

First, as Golightley correctly points out, the government assumes that the messages in Exhibit 4A came from his personal mail.com email address. But Exhibit 4A does not support the government’s assumption. The messages show that the sender used a form available on Nex-Tech Classified’s online help desk. This form is completed by the user and submitted to Nex-Tech directly from its website. Both threats sent by grass_is_green show that they were sent from the email address “[email protected]” And Golightley’s personal email address, [email protected], appears only as the “Contact Email.” As Golightley further notes, given that the sender’s email address is [email protected], the threatening messages appear to have originated from Nex-Tech’s own website— meaning that, as Golightley explains, he transmitted the threats by completing an online form on Nex-Tech’s website, and not by emailing Nex-Tech via his personal mail.com email address.

The fact that this communication did not originate from “out of the state” (and that’s taking the government’s word that a trademark registration from Pennsylvania is “evidence” of interstate commerce) is fatal to the government’s arguments — arguments contradicted by the government’s own witness.

Further, the government’s expert witness—a federal forensics examiner who reviewed the digital evidence in this case—testified that someone using Golightley’s cell phone contacted Nex-Tech’s help desk at the time the threats were sent by visiting “the contact portion of the help page for Nex-Tech Classifieds.”

The court says the government needs facts to prove this argument. And it has brought none that support its “interstate commerce” conjecture.

Even when this evidence is viewed in the light most favorable to the government, no rational trier of fact could conclude that it shows Golightley sent the threats from his mail.com email address. And yet, the basic premise of the government’s argument is that the jury could infer the use of interstate commerce because of the use of the mail.com address. Given that this inference assumes facts not in evidence, the government did not produce sufficient evidence to show that Golightley transmitted his threats in interstate commerce.

An assignment of intellectual property rights is not the same thing as establishing originating location, much less a circuitous path through allegedly out-of-state email servers.

The government bases this inference on Exhibit 5’s automated trademark notice stating that the corporate owner of the mail.com trademark is located in Pennsylvania. But the government offers no explanation tethering the location of the corporate trademark owner to the location of its servers.

And there goes one of the feds’ charges — kicked to the curb by its deliberate (and convenient) ignorance about the nature of internet communications.

Because no reasonable juror could have determined that Golightley transmitted his threats in interstate commerce, we vacate his conviction for threatening to damage a protected computer.

And, because the prosecution’s closing arguments led to jury instructions that misled jurors as to the nature of the alleged criminal activity and Golitghtley’s supposed culpability under federal law, the Appeals Court says the multiple felony convictions can no longer stand. At best, they’re misdemeanors. And the district court needs to reconsider and resentence.

Because the instructions did not require the jury to find that Golightley engaged in a course of conduct affecting one or more other computers, we are left with “substantial doubt that the jury was fairly guided” in reaching its verdict Gorrell, 922 F.3d at 1121–22 (quoting Little, 829 F.3d at 1181). We therefore vacate these seven convictions and remand to the district court with instructions to reclassify them as misdemeanors and to resentence Golightley accordingly.

What used to be several felonies is now several lesser crimes. The federal government overstepped, with its prosecutors believing they could lead a court into accepting felony charges just because the alleged criminal acts happened on the internet. They were wrong, which is good news for others facing trumped-up charges just because they did something dumb on the internet, a communication perhaps best known for the sheer quantity of dumb stuff it has enabled. That shouldn’t be enough to convert misdemeanors into baseless felonies. And it’s good to see a federal court reject the feds’ opportunistic thinking.

Source:: https://www.techdirt.com/articles/20210103/12525245987/appeals-court-just-because-someone-used-email-account-to-send-threats-doesnt-make-it-interstate-crime.shtml