Category Archives: Cyberstalking

Cell Phone Spying Is Unlawful

Image result for mobile spy software

In State v. Novick, The WA Court of Appeals Division II held the Defendant committed Computer Trespass in the First Degree when he installed “Mobile Spy” software on the victim’s cell phone and sent commands to activate the recording feature of the program in order to intentionally record the victim’s private communications.

David Novick and Lisa Maunu began dating in December 2013. Novick bought her a new mobile phone on March 11, 2014, and set it up for her. Unbeknownst to Maunu, Novick installed an application called Mobile Spy on Maunu’s new phone. The application allowed a person to log onto the Mobile Spy website and monitor the phone on which the application was installed.

From the Mobile Spy website, a user could access all the information stored on the monitored phone, including text messages, call logs, and e-mails. The versions of Mobile Spy software also permitted a user to send commands to the targetted phone from a “live control panel” on the website. One such command allowed a user to activate the phone’s microphone and recording features and record audio into a file that could then be downloaded from the website.

Eventually, Novick was caught after his girlfriend Maunu became suspicious. In short, Maunu became concerned because Novick expressed specific knowledge about Maunu’s health conditions, medications, doctors’ appointments, and private conversations.

With the assistance of Novick’s employer, it was discovered that Novick had downloaded over 500 audio files from Mobile Spy, searched for GPS (global positioning system) locations, and searched for particular telephone numbers.

The State charged Novick with eight counts of Computer Trespass in the First degree and eight counts of Recording Private Communications based on Novick’s use of Mobile Spy to record Maunu’s conversations. At trial, Novick was convicted on all charges.

Novick appealed on arguments that (1) the State failed to provide sufficient evidence that he intentionally recorded a private communication, and (2) entry of eight convictions of each crime violated his right against double jeopardy because the correct unit of prosecution covers the entire course of conduct.

Ultimately, the Court of Appeals disagree with Novick and affirmed his convictions.

  1. THE PROSECUTION SHOWED SUFFICIENT EVIDENCE OF COMPUTER TRESPASS FIRST DEGREE.
First, the Court explained that Computer Trespass in the First Degree occurs when a person intentionally gains access without authorization to a computer system or electronic database of another and the access is made with the intent to commit another crime. The Court further reasoned that here, the underlying crime was Recording Private Communications. A person commits the crime of recording private communications when he intercepts or records private communications transmitted by any device designed to record and/or transmit said communications.
Second, the Court reasoned that a forensic review of Novick’s computer activity revealed that he intentionally logged into Mobile Spy’s webiste and sent commands from the website to Maunu’s phone. Also, Novick’s computer records showed that he visited the live control panel on Mobile Spy’s website, downloaded audio files collected from Maunu’s phone and intentionally recorded Maunu’s private communications.
Accordingly, the Court held that the State presented sufficient evidence that Novick committed the crime of Recording Private Communications, and with that, committed Computer Trespass First Degree.
2. NO EVIDENCE OF DOUBLE JEOPARDY.
Next, the Court rejected arguments that Novick’s multiple convictions for Computer Trespass and Recording Private Communications violated the prohibition against Double Jeopardy because the correct unit of prosecution for each crime covers the entire course of Novick’s conduct.
The Court began by saying the Fifth Amendment to the United States Constitution provides that no “person be subject for the same offense to be twice put in jeopardy of life or limb.” Similarly, article I, section 9 of the Washington Constitution says, “No person shall . . . be twice put in jeopardy for the same offense.” In short, explained the Court, these double jeopardy provisions prohibit multiple convictions for the same offense.
Furthermore, when a defendant is convicted for violating one statute multiple times, the proper inquiry is, “What unit of prosecution has the Legislature intended as the punishable act under the specific criminal statute?” The Court explained that in order to determine whether there is a double jeopardy violation, the question becomes “what act or course of conduct has the Legislature defined as the punishable act?” Consequently, the scope of the criminal act as defined by the legislature is considered the unit of prosecution.
The Court explained that the first step is to analyze the statute in question. If the statute does not plainly define the unit of prosecution, we next examine the legislative history to discern legislative intent. Finally, a factual analysis is conducted to determine if, under the facts of the specific case, more than one unit of prosecution is present.
Ultimately, the Court was not persuaded by Novick’s “plain language of the statute” argument the if the legislature intended a single unit of prosecution based on a course of conduct, it could have said so plainly.
“What matters is not what the legislature did not say, but what it did say,” said the Court. “The plain language of the statutes support the conclusion that the units of prosecution . . . are each separate unauthorized access and each recording of a conversation without consent.” The Court further reasoned that while Novick’s actions were somewhat repetitious, they were not continuous:
“On at least eight separate and distinct times, Novick logged onto Mobile Spy’s website, accessed Maunu’s phone by issuing a command through the live control panel, and downloaded at least eight different recordings of conversations between Maunu and various other people. Each access was separated by time and reflected a separate intent to record a separate conversation.”
The Court concluded that the State proved that Novick intentionally recorded eight private communications. Additionally, Novick’s actions constituted multiple units of prosecution, and therefore, his multiple convictions did not violate double jeopardy principles. Thus, the Court affirmed Novick’s convictions.
My opinion? On the one hand, it’s shocking that citizens can be convicted of felonies by accessing mainstream computer software. Shouldn’t the software itself be outlawed instead? On the other hand, I see how parents can legally using the same software to track their minor children’s whereabouts, conversations and activities. That type of activity os not illegal.
This case presents a very good example of an atypical computer crime. We see that Computer Trespass First Degree is very similar to standard Burglary charges in that the State must prove the Defendant intends to commit a crime once they gain access to the victim’s computer system or electronic database. Recording Private Communications is a crime.  Therefore, if a defendant records private communications after gaining access, they can be found guilty of Computer Trespass in the First Degree. Simple.
Computer crime cases require experts and/or lay witnesses who are competent in discussing these matters. Speaking for the defense, it’s usually best to hire experts familiar with computer forensics to determine if/when the said access was unlawful and/or intentional. Again, the State must prove intent.

State v. Kohonen: No Proof of Cyberstalking

In State v. Kohonen, Division I of the WA Court of Appeals decided the State failed to prove that a defendant’s tweets constituted “true threats” sufficient to support a conviction for Cyberstalking.

When the defendant J.K. was in eighth grade, a classmate, S.G., informed a teacher that another student was behaving oddly. As a result, the other student and J.K. were both suspended from school. J.K. and S.G. had no other interaction until the incident at the center of this case.

Two years later, when J.K. and S.G. were sophomores in high school, they shared a first period class. One morning, J.K. saw S.G. in class and was reminded of the incident two years before. She quickly posted two short messages, known as tweets, via the web site Twitter. The first read, “Tbh (to be honest), I still want to punch you in the throat even tho it was 2 years ago.” The second read, “#[S.G.]mustdie.”

Eventually, J.K. was taken from class to the school administration office, where she was confronted her with the tweets. J.K. immediately admitted that she had written and posted the tweets but stated that she had not intended for her actions to harm S.G. Later, J.K. also explained that she posted tweets frequently. She used Twitter as a “virtual diary,” posting her thoughts, reactions, feelings, and more. She testified that she sent the messages quickly and without thinking, as a fleeting expression of her agitation at the memory from middle school. Although she was aware that the posts were public, and that she had approximately 100 people who followed her, she testified that she did not consider the potential impact her tweets might have on S.G.

J.K. was charged with one count of Cyberstalking. After trial, the juvenile commissioner adjudicated J.K. guilty as charged, finding that J.K. had acted with the intent to embarrass, harass, and torment S.G. and that she was not credible on the question of whether she had considered the effect the tweets could have before posting them. The court also concluded that the tweets constituted a true threat. J.K. was sentenced to six months of probation and 30 hours of community service. The superior court denied J.K.’s motion to revise. Division I accepted her appeal.

The Court of Appeals held there was insufficient evidence that the tweets in question constituted “true threats,” as required by the federal and state constitutions.

The Court reasoned that due process clauses of the United States Constitution and WA Constitution require that the government prove every element of a crime beyond a reasonable doubt. The critical inquiry on review of the sufficiency of the evidence to support a criminal conviction must be to determine whether the evidence could reasonably support a finding of guilt beyond a reasonable doubt.  The relevant question is whether, after viewing the evidence in the light most favorable to the prosecution, any rational trier of fact could have found the essential elements of the crime beyond a reasonable doubt.

The Court further reasoned that in order to convict J.K. of Cyberstalking, the State was required to prove each of the following elements beyond a reasonable doubt: (1) that J.K. made an electronic communication to another person, (2) that, at the time J.K. made the electronic communication, she specifically intended to harass, intimidate, torment, or embarrass another person, and (3) that J.K. threatened to inflict injury on the person to whom the electronic communication was made.

Under the circumstances, the Tweets were not true threats:

“J.K.’s tweets bear the signs of—admittedly mean-spirited—hyperbolic expressions of frustration, and that is precisely how they were received. A reasonable person in J.K.’s position would not have anticipated a different reception. Therefore, insufficient evidence was presented that the tweets constituted true threats.”

On that, the Court of Appeals reversed the conviction and dismissed the case.

Good decision.