Appeals Court: Just Because Someone Used An Email Account To Send Threats Doesn't Make It An 'Interstate' Crime

from the is-that-a-federal-charge-in-your-pocket-or-are-you-just-happy-to-see-me dept

If you want to turn a local crime federal, all you need is the internet. This has been the federal government's M.O. for years: bring federal charges as often as you can because everyone uses the internet to communicate. A plethora of content servers located around the United States makes this easy for prosecutors to use and abuse. Almost every communication -- IM, email, or comment -- passes through a number of servers located miles away from the person now accused of violating federal law.

Taking a local crime federal means enhanced charges and longer sentences, often prompting accused citizens to sign plea deals that will keep them from paying a trial tax that now includes federal sentences for local actions.

A successful challenge to "well, now it's federal" assumptions about internet use has been raised by Michael Golightley -- a man accused of violating federal law for allegedly hacking and threatening his local broadband provider. Golightley, a Lenora, Kansas resident, decided to fight back when his internet service provider (Nex-Tech) removed his online sales listing for supposedly violating the intellectual property rights of unnamed third parties.

Golightley got mad. And got even. Incoherent threats were made. From the Tenth Circuit Appeals Court decision [PDF]:

take my ad down again when my description doesnt violate copy right, i will violate this site by bringing it offline, fix the ad. if u make me upset, i will retaliate, your choice, and im not making a threat im very capable of bringing down this website.

Seems harmless enough, especially considering Nex-Tech still held almost all the power in this relationship. His follow-up "threat" was no more comprehensible.

ip address 24.225.8.90 will be submitted at exostress.in for 24 hours if my demands are not met with in 12 hours, your choice, and remember, you have been warned..

Nex-Tech deactivated the accounts linked to these mostly incoherent threats. However, following a help desk call from yet another account Nex-Tech believed was linked to the earlier threats, Nex-Tech's classified ad service was taken down by a DDoS attack. This went on for the next few days, with DDoS attacks interrupting various Nex-Tech services.

Law enforcement traced the accounts back to Golightley. He was charged with a handful of computer crimes, but the feds made it their business by making claims about "interstate commerce." These charges were brought even though Golightley, a Kansas resident, allegedly targeted a Kansas internet service provider.

The court says the federal prosecutor's assumptions are wrong. There's nothing in this case that indicates any "interstate" communications took place.

Threatening to damage a protected computer in violation of § 1030(a)(7)(A) requires the government to prove, among other elements, that Golightley transmitted at least one of his two threats “in interstate or foreign commerce.” § 1030(a)(7). But Golightley argues that the government failed to present evidence that would allow the jury to reasonably infer that he transmitted any threat in interstate commerce. Instead, he argues, the government merely showed that he transmitted his threats over the internet, which is insufficient to prove the interstate-commerce element.

The government conceded that using the internet is not enough -- by itself -- to support allegations of interstate commerce violations. But that didn't stop the government from arguing the evidence it had actually supported these claims. The court sets it straight, benchslapping it for unjustified assumptions about evidence it didn't actually possess.

The government contends that Golightley sent these messages from his personal email address, ntcsucks@mail.com. Exhibit 5 shows automated correspondence from mail.com to Golightley that Golightley received after creating his ntcsucks@mail.com email address. At the bottom of the email from mail.com is the following trademark notice: Supp. R. 62.

[If you can't see the embed, a copyright notice at the bottom of the mail.com footer says Mail & Media is located in Pennsylvania and the "mail.com" trademark belongs to it.]

The government first suggests Exhibit 4A establishes that Golightley transmitted the threats via his personal mail.com email address. Next, the government suggests that the jury could infer, based on the trademark notice in Exhibit 5, that mail.com’s servers are located in Pennsylvania, or “in a [s]tate nearer Chesterbrook, Pennsylvania.” Lastly, the government builds on this inference, concluding the jury could infer that when Golightley transmitted his emails from his mail.com account, the emails traveled in interstate commerce via mail.com’s out-of-state servers.

There are a lot of government assumptions in play here -- most of them wrong. The Tenth Circuit continues its excoriation:

First, as Golightley correctly points out, the government assumes that the messages in Exhibit 4A came from his personal mail.com email address. But Exhibit 4A does not support the government’s assumption. The messages show that the sender used a form available on Nex-Tech Classified’s online help desk. This form is completed by the user and submitted to Nex-Tech directly from its website. Both threats sent by grass_is_green show that they were sent from the email address “info@nextechclassifieds.com.” And Golightley’s personal email address, ntcsucks@mail.com, appears only as the “Contact Email." As Golightley further notes, given that the sender’s email address is info@nextechclassifieds.com, the threatening messages appear to have originated from Nex-Tech’s own website— meaning that, as Golightley explains, he transmitted the threats by completing an online form on Nex-Tech’s website, and not by emailing Nex-Tech via his personal mail.com email address.

The fact that this communication did not originate from "out of the state" (and that's taking the government's word that a trademark registration from Pennsylvania is "evidence" of interstate commerce) is fatal to the government's arguments -- arguments contradicted by the government's own witness.

Further, the government’s expert witness—a federal forensics examiner who reviewed the digital evidence in this case—testified that someone using Golightley’s cell phone contacted Nex-Tech’s help desk at the time the threats were sent by visiting “the contact portion of the help page for Nex-Tech Classifieds.”

The court says the government needs facts to prove this argument. And it has brought none that support its "interstate commerce" conjecture.

Even when this evidence is viewed in the light most favorable to the government, no rational trier of fact could conclude that it shows Golightley sent the threats from his mail.com email address. And yet, the basic premise of the government’s argument is that the jury could infer the use of interstate commerce because of the use of the mail.com address. Given that this inference assumes facts not in evidence, the government did not produce sufficient evidence to show that Golightley transmitted his threats in interstate commerce.

An assignment of intellectual property rights is not the same thing as establishing originating location, much less a circuitous path through allegedly out-of-state email servers.

The government bases this inference on Exhibit 5’s automated trademark notice stating that the corporate owner of the mail.com trademark is located in Pennsylvania. But the government offers no explanation tethering the location of the corporate trademark owner to the location of its servers.

And there goes one of the feds' charges -- kicked to the curb by its deliberate (and convenient) ignorance about the nature of internet communications.

Because no reasonable juror could have determined that Golightley transmitted his threats in interstate commerce, we vacate his conviction for threatening to damage a protected computer.

And, because the prosecution's closing arguments led to jury instructions that misled jurors as to the nature of the alleged criminal activity and Golitghtley's supposed culpability under federal law, the Appeals Court says the multiple felony convictions can no longer stand. At best, they're misdemeanors. And the district court needs to reconsider and resentence.

Because the instructions did not require the jury to find that Golightley engaged in a course of conduct affecting one or more other computers, we are left with “substantial doubt that the jury was fairly guided” in reaching its verdict Gorrell, 922 F.3d at 1121–22 (quoting Little, 829 F.3d at 1181). We therefore vacate these seven convictions and remand to the district court with instructions to reclassify them as misdemeanors and to resentence Golightley accordingly.

What used to be several felonies is now several lesser crimes. The federal government overstepped, with its prosecutors believing they could lead a court into accepting felony charges just because the alleged criminal acts happened on the internet. They were wrong, which is good news for others facing trumped-up charges just because they did something dumb on the internet, a communication perhaps best known for the sheer quantity of dumb stuff it has enabled. That shouldn't be enough to convert misdemeanors into baseless felonies. And it's good to see a federal court reject the feds' opportunistic thinking.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: doj, email, federal crime, internet, interstate threat, michael golightley


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Flakbait (profile), 7 Jan 2021 @ 4:43am

    Not the first time the Feds have held the law up to the light at just the right angle, squinted at it, and found a reason to get involved in a case. In 2012 an Amish-on-Amish 'crime' was committed in Holmes County, Ohio, where the members of a sect cut off the beards of other members of the same sect in an internecine dispute. This all happened in Ohio, in Holmes County and all parties involved lived within a short distance of each other - a buggy-ride distance.

    The Feds got involved in the 'hate crimes' case because - get this - the scissors used to cut the beards were made in New York and used in Ohio. Seriously.

    https://www.washingtonpost.com/national/on-faith/hate-crimes-law-used-to-prosecute-amish- beard-attacks/2012/03/21/gIQATSq9RS_story.html

    link to this | view in chronology ]

  • identicon
    Mike, 7 Jan 2021 @ 4:46am

    It's a weird argument here

    Unless the DDoS infrastructure was located in Kansas, it required an interstate collaboration to assault a Kansas business.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 7 Jan 2021 @ 9:52am

      Re: It's a weird argument here

      It's good to see judges pushing back against bullshit "interstate commerce" claims, but yeah, the guy did threaten to use an Indian service for the DDoS. That doesn't make the threat "interstate", but I'd think he could be prosecuted federally for the DDoS itself if he really did use that service.

      link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
    icon
    daviddell (profile), 7 Jan 2021 @ 5:33am

    use vpn to secure your emails

    This is not new thing that happen all of these thing happened a lot in past but we have option to use vpn for security purposes so I thing that we should use Circuit Vpn it is good for our data security and save us from threaten mails.

    link to this | view in chronology ]

  • icon
    Flakbait (profile), 7 Jan 2021 @ 6:01am

    If they could have tracked the e-mail path and found that it bounced off a satellite in geosynchronous orbit, do you think they could have brought in NASA and US Space Force?

    link to this | view in chronology ]

  • icon
    crade (profile), 7 Jan 2021 @ 6:32am

    When completely irrelevant random happenstance like what machines internet traffic happened to be optimized through is your deciding factor, your laws might need to be looked at.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 7 Jan 2021 @ 8:39am

      Re:

      The problem isn't so much the laws but the arbitrary and misinterpretive enforcement of the laws. American law enforcement has degraded to the point of being complete bullshit and in desperate need of revolution or replacement.

      link to this | view in chronology ]

      • identicon
        Annonymouse, 7 Jan 2021 @ 8:43am

        Re: Re:

        To top it off there is zero accountability for their actions.
        So they will try it again and again until such time as a judge has the cojones to hit them hard enough that it hurts them.

        link to this | view in chronology ]

      • icon
        crade (profile), 7 Jan 2021 @ 9:37am

        Re: Re:

        Arbitrary enforcement isn't really as issue here, if it was enforced this same way uniformly the way it is interpreted here it wouldn't help you any.

        Interpretation could be an issue, maybe that wasn't how the law was meant, but I see that as it being unclear enough that it can be misinterpreted (in a significant enough way to cause you problems) and to correct that you should clarify.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 7 Jan 2021 @ 11:13am

          Re: Re: Re:

          Nope it's the law itself.

          Taken to the next extreme, it would be an international crime if the email bounced through Canada due to a route failure.

          (Of course, not that the ICC or Canada would ever be able to have a say in that case...)

          link to this | view in chronology ]

  • icon
    Uriel-238 (profile), 7 Jan 2021 @ 2:18pm

    Feds just like to step in when they feel it.

    This looks to me like a new tool in the toolbox. The FBI would move in on a local case at the pleasure of Hoover, and finding a justification was only a formality (even when the county didn't want federal intervention).

    These days, the FBI's mission is no longer Law Enforcement but National Security (I believe because that justifies a larger budget. Comey did that.) though unofficially they also serve as a ]secret police](https://en.wikipedia.org/wiki/Secret_police) serving to hunt down enemies of and threats to the current administration. (Such as whistleblowers.)

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.