Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
CHAPTER 10: CRIMINAL LAW AND CYBER CRIME 19
• State v. Higgins, 2002 Me. 77, 796 A.2d 50 (2002) (“custodial interrogation,” for the purposes of de-
and (2) subject to interrogation).
• State v. Pender, 181 Or.App. 559, 47 P.3d 63 (2002) (a police officer’s question to a defendant, as he
was placing the defendant under arrest, but before giving the defendant the Miranda warnings, as to whether
E. CRIMINAL PROCESS
1. Arrest
2. Indictment or Information
Individuals must be formally charged before they can be brought to trial. This is by indictment if
3. Trial
At trial, guilt must be proved beyond a reasonable doubt. “Not guilty” does not mean “innocent”—it
means that the court had insufficient evidence to enter a “guilty” verdict.
VI. Cyber Crime
Computer crime is a violation of criminal law that involves knowledge of computer technology for its
perpetration, investigation, or prosecution. Cyber crimes are computer crimes that occur within the Internet
community.
A. CYBER FRAUD
Fraud (a misrepresentation knowingly made with the intent to deceive another and on which a
reasonable person relies to his or her detriment) that occurs online is cyber fraud.
1. Advance Fee and Online Auction Fraud
2. Consumer Protections
Some sites warn about devious sellers or offer insurance against fraud. It can be difficult to pinpoint
20 UNIT TWO: TORTS AND CRIMES
B. CYBER THEFT
1. Identity Theft
Identity theft occurs when a form of identification is stolen and used to access the victim’s financial
CASE SYNOPSIS—
Case 10.3: United States v. Warner
Mauricio Warner was indicted on charges of obtaining individuals’ identities and using those identities to
file over 5,000 false income tax returns, resulting in millions of dollars in refunds deposited in bank accounts
that Warner controlled. At trial, the court admitted into evidence spreadsheets of fraudulently submitted tax
returns, as business records. Convicted of the charges, Warner appealed, seeking a new trial on the ground
that the court abused its discretion by—
• Refusing to permit a polygraph examiner to testify to the results of a polygraph examination that he
had administered to Warner.
The U.S Court of Appeals for the Eleventh Circuit concluded that the lower court’s rulings at issue on
appeal were not an abuse of discretion and affirmed Warner’s convictions. Because Warner took the stand
and answered the same questions, the jury could determine his credibility without the polygraph expert’s
..................................................................................................................................................
Notes and Questions
A computer-generated summary of business records created solely for a trial is generally not
admissible. Why not? How were the spreadsheets in this case different? Computer-generated business
records are admissible if they were kept according to a routine procedure designed to assure their accuracy,
Is filing a false tax return to obtain a refund unethical? If so, is filing over 5,000 false returns more
22 UNIT TWO: TORTS AND CRIMES
ADDITIONAL BACKGROUND—
Identity Theft
Identity theft is a federal crime under 18 U.S.C. Section 1028. This statute was enacted in 1982 and has
been amended many times since to respond to changes in technology, increase the penalties for violations,
and give victims rights to work with creditors and credit bureaus to remove negative information from credit
reports, among other things. Following is the text of 18 U.S.C. Section 1028.
18 U.S.C. Section 1028
Fraud and related activity in connection with identification documents, authentication features, and
information
(a) Whoever, in a circumstance described in subsection (c) of this section—
(2) knowingly transfers an identification document, authentication feature, or a false identification document
knowing that such document or feature was stolen or produced without lawful authority,
(3) knowingly possesses with intent to use unlawfully or transfer unlawfully five or more identification
(4) knowingly possesses an identification document (other than one issued lawfully for the use of the
(5) knowingly produces, transfers, or possesses a document-making implement or authentication feature with
(6) knowingly possesses an identification document or authentication feature that is or appears to be an
identification document or authentication feature of the United States or a sponsoring entity of an event
CHAPTER 10: CRIMINAL LAW AND CYBER CRIME 23
(7) knowingly transfers, possesses, or uses, without lawful authority, a means of identification of another
(8) knowingly traffics in false or actual authentication features for use in false identification documents,
document-making implements, or means of identification;
(b) The punishment for an offense under subsection (a) of this section is—
(1) except as provided in paragraphs (3) and (4), a fine under this title or imprisonment for not more than 15
years, or both, if the offense is—
(A) the production or transfer of an identification document, authentication feature, or false identification
document that is or appears to be—
(B) the production or transfer of more than five identification documents, authentication features, or false
identification documents;
(C) an offense under paragraph (5) of such subsection; or
(2) except as provided in paragraphs (3) and (4), a fine under this title or imprisonment for not more than 5
years, or both, if the offense is—
(A) any other production, transfer, or use of a means of identification, an identification document,
(3) a fine under this title or imprisonment for not more than 20 years, or both, if the offense is committed--
(A) to facilitate a drug trafficking crime (as defined in section 929(a)(2));
CHAPTER 10: CRIMINAL LAW AND CYBER CRIME 25
(6) a fine under this title or imprisonment for not more than one year, or both, in any other case.
(c) The circumstance referred to in subsection (a) of this section is that—
(1) the identification document, authentication feature, or false identification document is or appears to be
(2) the offense is an offense under subsection (a) (4) of this section; or
(3) either—
(A) the production, transfer, possession, or use prohibited by this section is in or affects interstate or foreign
(d) In this section and section 1028A—
(1) the term “authentication feature” means any hologram, watermark, certification, symbol, code, image,
(2) the term “document-making implement” means any implement, impression, template, computer file,
(3) the term “identification document” means a document made or issued by or under the authority of the
United States Government, a State, political subdivision of a State, a sponsoring entity of an event designated
(4) the term “false identification document” means a document of a type intended or commonly accepted for
the purposes of identification of individuals that—
(A) is not issued by or under the authority of a governmental entity or was issued under the authority of a
26 UNIT TWO: TORTS AND CRIMES
governmental or quasi-governmental organization;
CHAPTER 10: CRIMINAL LAW AND CYBER CRIME 27
(A) is genuine in origin, but, without the authorization of the issuing authority, has been tampered with or
altered for purposes of deceit;
(B) is genuine, but has been distributed, or is intended for distribution, without the authorization of the issuing
(C) appears to be genuine, but is not;
(6) the term “issuing authority”—
(A) means any governmental entity or agency that is authorized to issue identification documents, means of
(7) the term “means of identification” means any name or number that may be used, alone or in conjunction
with any other information, to identify a specific individual, including any—
(A) name, social security number, date of birth, official State or government issued driver's license or
identification number, alien registration number, government passport number, employer or taxpayer
identification number;
(8) the term “personal identification card” means an identification document issued by a State or local
government solely for the purpose of identification;
(10) the term “transfer” includes selecting an identification document, false identification document, or
(11) the term “State” includes any State of the United States, the District of Columbia, the Commonwealth of
Puerto Rico, and any other commonwealth, possession, or territory of the United States; and
(12) the term “traffic” means—
(A) to transport, transfer, or otherwise dispose of, to another, as consideration for anything of value; or
(B) to make or obtain control of with intent to so transport, transfer, or otherwise dispose of.
(e) This section does not prohibit any lawfully authorized investigative, protective, or intelligence activity of a
28 UNIT TWO: TORTS AND CRIMES
law enforcement agency of the United States, a State, or a political subdivision of a State, or of an intelligence
agency of the United States, or any activity authorized under chapter 224 of this title.
(f) Attempt and conspiracy.—Any person who attempts or conspires to commit any offense under this
(g) Forfeiture procedures.—The forfeiture of property under this section, including any seizure and
Prevention and Control Act of 1970 (21 U.S.C. 853).
(h) Forfeiture; disposition.—In the circumstance in which any person is convicted of a violation of
(i) Rule of construction.—For purpose of subsection (a)(7), a single identification document or false
identification document that contains 1 or more means of identification shall be construed to be 1 means of
identification.
2. Password Theft
With a user’s personal information, and through unauthorized access to a database, a hacker can
3. Phishing
This occurs when a criminal posing as a legitimate business e-mails an unsuspecting individual to
update or confirm personal banking, credit, or other information.
C. HACKING
A hacker uses one computer to break into another, often without the knowledge of either computer’s
owner. A hacker might appropriate a number of computers by secretly installing a program on each to
operate as a robot, or bot, and forward a transmission to more computers, creating a botnet.
1. Malware
A bot program, or any software harmful to a computer or its user, is malware. Other examples
ENHANCING YOUR LECTURE—
CHAPTER 10: CRIMINAL LAW AND CYBER CRIME 29
EVEN SMARTPHONES ARE VULNERABLE
TO INTERNATIONAL CYBER ATTACKS
Recent statistics show that the yearly number of bank robberies is declining. Why? Because it is easier,
less risky, and more profitable to steal through the Internet. An entire relatively new criminal industry has
grown up with advancements in the speed and usage of the Internet.
WHO ARE THE CREATORS OF MALWARE?
While any smart teenager can buy prepackaged hacking software on the Internet, the malware that
FLAME MALWARE
The most sophisticated globally created and propagated malware has been labeled Flame. Flame was
discovered in 2012, although experts believe that it has been lying dormant in thousands of computers
worldwide for at least five years.
Flame can record screen shots, keyboard strokes, network traffic, and audio. It can also record Skype
conversations. It can turn infected computers into Bluetooth beacons. These beacons then attempt to
download contact information from nearby Bluetooth-enabled devices.
THE MALWARE CAN INFECT SMARTPHONES
Unbeknownst to many smartphone owners, their Apple, Nokia, and Microsoft Windows mobile phones
can be infected with Flame malware or variants of it. The information that is hacked from smartphones can
then be sent on to a series of command-and-control servers and ultimately to members of international
criminal gangs.
CRITICAL THINKING
What entities might pay “cyber mercenaries” to create some of the malware described in this
30 UNIT TWO: TORTS AND CRIMES
2. Service-Based Hacking
The business trend of software as a service (SAAS) has been adopted by hackers who rent their
3. Cyberterrorism
A cyberterrorist exploits a computer for a serious impact, such as a wholesale theft of data or the
D. PROSECUTING CYBER CRIME
1. Jurisdiction and Identification Challenges
Jurisdictional issues and the anonymous nature of technology can hamper the investigation and
2. The Computer Fraud and Abuse Act
The Counterfeit Access Device and Computer Fraud and Abuse Act of 1984 prohibits cyber theft.
ENHANCING YOUR LECTURE—
HOW CAN YOU PROTECT AGAINST CYBER CRIME?
In addition to protecting their physical property, business owners today also are concerned about
protecting their intangible property—such as computer data or files—from unauthorized access. U.S.
business firms lose millions of dollars to industrial espionage and sabotage every year. Once a computer
system has been corrupted, it can be difficult to recover. To prevent losses through computer systems, some
firms hire experts to improve the security of the systems.
COMPUTER SYSTEM SAFEGUARDS
Many sources of software offer security programs that can easily be used to protect computers that are
connected to an internal network or to the Internet. For example, most word processing programs include a
“password” function. To gain access to information within the program, a user must know the password. A
CHAPTER 10: CRIMINAL LAW AND CYBER CRIME 31
document that can be unlocked only with the password can be e-mailed as an attachment, providing some
security.
EMPLOYMENT POLICIES
Although outside hackers are a threat, employees, former employees, and other “insiders” are
responsible for most computer abuse, including breaches of information security. Generally, employees
should be given access only to information that they need to know. Additionally, employees and other
insiders should be instructed in what constitutes proper and improper use of your company’s computer
systems. They should also be told that any form of computer abuse is against company policy, is illegal, and
will be the basis for termination of employment.
CHECKLIST FOR THE BUSINESS OWNER
1. Consider protecting your computer security and documents through the use of passwords, encryption,
and firewalls.
TEACHING SUGGESTIONS
1. A good starting point might be to discuss the basis of criminal responsibility—the criminal act and the
criminal state of mind. Emphasize that criminal liability is not imposed for merely thinking about a crime (if it
32 UNIT TWO: TORTS AND CRIMES
2. The objectives of criminal law are: (1) to protect persons and property, (2) to deter criminal behavior, (3)
to punish criminal conduct, and (4) to rehabilitate criminals. Discuss these objectives with your students.
Protecting persons and property is often said to be the ultimate goal of all civilized societies, but what
3. It should be clear to your students by now that the law is not so frozen that there is no room for dis-
agreement. Attorneys, and even judges, often disagree with each other over the interpretation and
4. Encryption, hacking, and computer security issues are frequently in the news. Choose a contemporary
case or circumstance as a springboard for a discussion of the topics covered in this chapter.
5. Laws that may apply to crimes discussed in this chapter but which were not mentioned include the
Cyberlaw Link
Does the Fourth Amendment prevent the seizure, without cause, of email messages? Does the
propagator of a virus (at the time of this writing, “Melissa” is a famous virus) violate traditional
criminal laws?
DISCUSSION QUESTIONS
1. On what basis are misdemeanors and felonies distinguished? The punishment: Felonies are crimes
punishable by death or by imprisonment in a federal or state penitentiary for more than a year; misdemeanors are
CHAPTER 10: CRIMINAL LAW AND CYBER CRIME 33
3. Should evidence obtained through an illegal search be excluded from a criminal trial even if the
evidence clearly shows the guilt of the person charged? The Bill of Rights was enacted to protect all citizens’ civil
rights from the potential coercion of the government. The Constitution is the supreme law of the land and violations of
4. What are some important constitutional protections of individuals’ rights that apply in the area of
criminal law? Important constitutional protections of individuals’ rights in the area of criminal law include the Fourth
Amendment protection against unreasonable searches and seizures; the Fourth Amendment requirement of probable
cause before a warrant for a search or an arrest can be issued; the Fifth Amendment requirement that no one can be
5. Is the global reach of the Internet a reason in support of a court’s assertion of authority over activities
that occur in another jurisdiction? Discuss. One reason in favor of the assertion of such authority is the rationale
that supports the exercise of jurisdiction under long-arm statutes. If a party is violating the laws of a jurisdiction, and
6. Could probable cause exist to detain a suspect and conduct a search if the suspect has multiple e-
mail accounts, regularly uses the Internet, is sophisticated with computers, and knows how to protect access
to passwords and accounts? The Fourth Amendment provides protection against unreasonable searches and
seizures and requires that probable cause must exist before a search can be conducted or a warrant for a search can
34 UNIT TWO: TORTS AND CRIMES
7. Suppose that a foreign nation does not prosecute cyber criminals and does not cooperate with U.S.
authorities to investigate cyber crimes against U.S. citizens. What effect might this have on the deterrence or
proliferation of cyber crime? The most likely effect is that these circumstances would allow cyber crime to
increase. The Internet is not limited by political boundaries, and cyber crime similarly knows no bounds. An individual
8. The media has exposed Web sites that purported to sell tickets to certain concerts and would accept
credit and banking information from would-be buyers but did not deliver the tickets. What can consumers do
to avoid being duped by such fraud? A legitimate Web site that offers concert tickets to the public should have
several features that are likely to distinguish it from a bogus site. A legitimate seller, for example, would probably offer
9. Why will cyber crime always be a worldwide problem? Explain. The Internet expanded opportunities for
10. Considering the cyber crime discussed in this chapter, what are the greatest risks to an information
technology system or computer network in a business environment? The risks within such an information
technology system include the unauthorized access to data that can result in the destruction of the data or improper
ACTIVITY AND RESEARCH ASSIGNMENTS
1. Have students bring to the class current news articles about business-related events that involve crimes or
might ultimately involve criminal prosecutions. Ask them to identify possible crimes in the events and to discuss,
2. Ask your students to attend a criminal trial and report what they observe. Ask them to find out how long it
might be between an accused’s arrest and his or her indictment, how long between the indictment and arraignment,
3. Ask your students to discuss crimes or attempted crimes touched on in this chapter that they have personally
experienced. Nearly everyone has received a “Nigerian letter” or unsolicited commercial e-mail, for example. How
CHAPTER 10: CRIMINAL LAW AND CYBER CRIME 35
EXPLANATIONS OF SELECTED FOOTNOTES IN THE TEXT
Footnote 3: In the area of substantive criminal law, one of the most significant developments of the last
thirty years has been the completion of the Model Penal Code. There were a total of thirteen drafts, consisting of
proposed code sections and accompanying commentary, dating from 1953 to 1961. The Model Penal Code was
approved by the American Law Institute in 1962 and published that year. Beginning in 1980, the Model Penal Code
Footnote 17: M’Naghten’s Case involved the murder of the secretary of the prime minister of England.
Daniel M’Naghten lived in London and believed that the British Home Secretary, Sir Robert Peel, wanted to kill him.
(Peel was the founder of the British police, popularly known as “Bobbies.”) Acting under this delusion, M’Naghten
shot and killed Edward Drummond, Peel’s private secretary, whom he mistook for Peel. At his trial, the defense
argued that M’Naghten was insane at the time of the shooting and should not be held responsible because his
delusions caused him to act as he did. The jury agreed, and M’Naghten was found not guilty by reason of insanity.
The M’Naghten test has been adopted in many states to determine whether the defense of insanity is
justified. According to its critics, the principal fault of the M’Naghten test is its narrowness and restricted application to
only a small percentage of people who are mentally ill. Supporters argue that it is not a test of mental illness—it only
lists conditions under which those who are mentally ill will be relieved of criminal responsibility.
There are at least six other tests that fall under the rubric of the insanity defense and that are, or have been,
applied in U.S. courts. Whatever the test used to determine sanity, studies have shown that less than 1 percent of
Footnote 22: Angela Marcum, the drug court coordinator responsible for collecting money for the District
County Court of Pittsburg County, Oklahoma, was romantically involved with James Miller, an assistant district
attorney. The state charged Marcum with obstructing an investigation of suspected embezzlement and offered in
evidence text messages sent and received by her and Miller, and obtained pursuant to a warrant directed to Miller’s
phone company, U.S. Cellular. Marcum filed a motion to suppress the messages, which the court granted. The state
appealed.
36 UNIT TWO: TORTS AND CRIMES
In State of Oklahoma v. Marcum, a state intermediate appellate court reversed, holding that Marcum had no
reasonable expectation of privacy in U.S. Cellular’s records of her text messages from Miller’s account. “Once the
messages were both transmitted and received, the expectation of privacy was lost.” An individual has no reasonable
expectation of privacy in the text messages or cell phone account records of another person when the individual does
not have a possessory interest in the phone and the warrant is directed to a third party.
Suppose that a suspect has multiple e-mail accounts, regularly uses the Internet, is sophisticated
with computers, and knows how to protect access to passwords and accounts but denies having computer
expertise or owning the devices that he or she clearly possesses. Would probable cause exist to detain the
suspect and conduct a search of the devices? The Fourth Amendment provides protection against unreasonable
searches and seizures and requires that probable cause must exist before a search can be conducted or a warrant
