Military jurisprudence concerning the proper victim to charge in an electronic theft case was cumbersome after CAAF’s 2014 decision in United States v. Cimball Sharpton, 73 M.J. 299 (CAAFlog case page).* In that case, the Court held that Cimball Sharpton had stolen from the Air Force when she misused her government purchase card – she had not stolen from the card-issuing bank or the vendors where the card had been illicitly used.

In its June 2016 decision, United States v. Williams, 75 M.J. 129 [Update: link corrected] (2016) (CAAFlog case page), CAAF lamented its “unfortunate choice of language in Cimball Sharpton” (75 M.J. at 134) and set about clarifying the applicable standard:

We reiterate, in the usual case of a credit card or debit card larceny, the “person” who should be alleged in the specification is a person from whom something was obtained, whether it is goods or money.

75 M.J. at 132 (emphasis added). Under the “usual” standard, Williams, who stole his buddy’s credit card information and used it to buy pizza and access to an adult website, received an appellate acquittal. CAAF held that Williams had stolen from the pizza and porn vendors, not, as the government had charged, from his buddy. 75 M.J. at 134. CAAF’s explanation for why Williams was a “usual” case, while Cimball Sharpton was not, had to do with contracts: In Cimball Sharpton, the card account holder (the Air Force) had a contract with the card-issuing bank (U.S. Bank) establishing that the bank would be held harmless for fraudulent charges made by the account holder’s agents (Cimball Sharpton). Id. That contractual dynamic, CAAF held, made Cimball Sharpton unusual.

After acquitting Williams, CAAF took the time to write footnote 2, reminding practitioners of a concern that is even more fundamental than alleging the correct victim: Article 121, being derived from the common law, was only ever intended to punish the theft of things which are “tangible and capable of being possessed.” 75 M.J. 130, n.2. Williams’ theft of access to an adult website did not involve taking anything tangible. Therefore, charging that theft under Article 121 was problematic – it was a problem that was moot given the acquittal on other grounds, but the fact that CAAF took the time to address the principle despite the fact that it was moot only makes the point more salient.

It is against that backdrop – the complexities under Article 121 of selecting the right victim and charging only tangible thefts – that Colonel James A. Young, USAF (Ret.), wrote his July 2016 article in The Army Lawyer – Larceny in Credit, Debit, and Electronic Transactions, 2016 Army Law 26. Readers should note that Colonel Young is the Senior Legal Adviser to CAAF Judge Scott W. Stucky.  In his Article, Colonel Young advises:

There is a better way to charge these types of offenses without having to determine the identity of the victim. Charge the accused with violating Article 134, UCMJ, based on the federal statute proscribing the use of unauthorized access devices.

Id. at 26. Specifically, Colonel Young notes that 18 U.S.C. § 1029 “covers a wide range of fraudulent activity with respect to credit, debit, and electronic transactions without requiring identification of the victim of a loss. Instead, the focus is on the accused’s use of a particular unauthorized access device.” Id. at 27. Colonel Young posits that, if the accused stole “anything of value aggregating $1000 or more,” then those thefts, whether of intangibles or not, can be punished under Article 134(3) by incorporating 18 U.S.C § 1029(a)(2). If the thefts do not aggregate to $1000 or more, then a violation of Article 134(1) or Article 134(2) can be charged instead.

The potential catch to Colonel Young’s recommendation is the preemption doctrine. He addresses that concern by arguing that Article 121 does not preempt his proposed charging scheme because Congress never intended Article 121 to cover anything other than the methods of thievery known at common law. While potentially correct, that theory seems at odds with CAAF’s precedent. Specifically, CAAF seems pretty comfortable with the idea that electronic theft of tangible property and money is chargeable under Article 121. If that is correct, then the preemption doctrine would seem to preclude charging the theft of tangibles under Article 134, whether the theft is committed by electronic means or not. Still, Colonel Young’s suggestions are useful for cases where the property stolen is intangible. Given footnote 2 in Williams, that sort of theft appears to be outside the reach of Article 121, which leaves Article 134 as the only means for punishing that species of offense.

* Disclosure: I represented Cimball Sharpton on appeal before the CCA and CAAF.

22 Responses to “Scholarship Saturday: Punishing the cyber thief”

  1. Vulture says:

    Someone said, about last weeks Scholarship Saturday, that the Supreme Court considers all kinds of cases.  It brings into question whether the matter is just one of the CAAF operating outside its area of expertise.  That seems like a cop out because they are supposed to be a common law court.  Equally, the members operating in the military courts are supposed to have the requisite knowledge and a duty of candor to properly argue the law.  This is an instance when the Government has vastly greater capacity to undertake an exploration of the question.

  2. Zachary D Spilman says:

    This issue really just isn’t that complicated. As I explained here, a debit card or credit card (including just the number) is a credential. It is a form of identification. It’s how the purchaser proves their identity to the merchant in order to establish a means of payment. Realize that, and everything else makes perfect sense.

    Cimball Sharpton stole from the Government (the party obligated by the use of the card), and not from the merchant or the issuing bank, because the purpose of the card she used was to identify herself and that’s exactly what she used it to do. As far as the merchant and the bank were concerned, Cimball Sharpton’s use of the card was entirely proper. That use, however, violated her agency relationship with the Government, which is why the Government was the victim. It’s entirely different when the credential is stolen and used by someone who isn’t authorized to use it.

    The conclusion that “CAAF seems pretty comfortable with the idea that electronic theft of tangible property and money is chargeable under Article 121” flows from the flawed premise that one can electronically take tangible items. The real world doesn’t work that way. Rather, electronic means can be used to fraudulently induce a person to provide tangible property, which is a common law larceny by false pretenses (and properly charged under Article 121). 

  3. Isaac Kennen says:

    [A] debit card or credit card (including just the number) is a credential. It is a form of identification. It’s how the purchaser proves their identity to the merchant in order to establish a means of payment.
     

    Zachary D Spilman’s characterization of what debit/credit cards are jives with the statutory definition of what Congress calls “access devices” – see 18 U.S.C. § 1029.  That statute, at (e)(1) provides:
     

    [T]he term ‘‘access device’’ means any card, plate, code, account number, electronic serial number, mobile identification number, personal identification number, or other telecommunications service, equipment, or instrument identifier, or other means of account access that can be used, alone or in conjunction with another access device, to obtain money, goods, services, or any other thing of value, or that can be used to initiate a transfer of funds (other than a transfer originated solely by paper instrument)[.]
     

    Under that statutory definition, a credit or debit card is, in my view, like a key to a bank’s vault – i.e., a “means of account access.” 
    Consider this hypothetical:  Bobby took his buddy’s USAA credit/debit card without permission, took that card to Dunkin’ Donuts, used the card to buy a cup of coffee, but then left without receiving that cup of coffee because Dunkin’ Donuts employee forgot to fill the order.   
    Bobby’s still a thief – his crime was complete once the Dunkin’ Donuts cashier used the purloined card to obtain funds from USAA.  At that point, Bobby, lacking authorization to take funds from USAA, “caused an act to be done which if directly performed by him would be punishable[.]” Art 77(2). But, can he be charged under Art 121?  Was anything tangible and capable of being possessed taken?

  4. Zachary D Spilman says:

    Was anything tangible and capable of being possessed taken?

    The card.

  5. Vulture says:

    You are right.  This is hypothetical.  The cops at Dunkin Donuts would immediately apprehend Bobby, forget to read him his rights, charge him with breaking into a fenced area, and take the card by equitable sharing.

  6. stewie says:

    Or we could just separate 121 from the common law background and rewrite it to make it simpler so that any kind of theft from any kind of victim can be charged under it.
     
    But Congress is so fixed on the sex assault branch of the tree that some of the other leaves that could use some pruning/shaping are left alone.

  7. peanut gallery says:

    it’s amazing to me how spun up you guys get about this nonsense

  8. John O'Connor says:

    I agree with Stewie.  The idea that courts-martial, which are designed to be expeditionary and to promote good order and discipline, should have a larceny conviction overturned where the theft clearly occurred, because some knucklehead pleaded the wrong victim, is, to use a complex legal term, dumb. 

  9. Zachary D Spilman says:

    You’re blaming the system, John O’Connor, when you really should be looking at its leaders. 

  10. John O'Connor says:

    I was blaming anybody who contributes to the absurd state of affairs. Not sure how I would “blame” an inanimate system. 

  11. Isaac Kennen says:

    I was blaming anybody who contributes to the absurd state of affairs.

    Just Robert clear: The people “who contribute[d] to the absurd state of affairs” are: the Founders who gave Congress the responsibility of provide for the discipline of the armed forces through law, the Congress that created laws fulfilling their Constitutional obligation, the executive branch officers who fulfill their constitutional oath to enforce that Congressional law, and the voters who don’t bother to express their displeasure with their Congresspersons.  In other words, we, all of us, are those people.

  12. Isaac Kennen says:

    Robert = “to be” … stupid autocorrect 

  13. Zachary D Spilman says:

    I took your comment, John O’Connor, as a reference to:

    The idea that courts-martial, which are designed to be expeditionary and to promote good order and discipline. . .

    The military justice system was certainly designed with certain expediencies in mind, but it’s hardly an intuitive or obvious system of law. Rather, it’s a highly-specialized system.

    Way back in 2002 the President amended the MCM to explain that under Article 121:

    Wrongfully engaging in a credit, debit, or electronic transaction to obtain goods or money is an obtaining-type larceny by false pretense. Such use to obtain goods is usually a larceny of those goods from the merchant offering them.

    Executive Order 13262 of April 11, 2002, 67 Fed. Reg. 18773; MCM pt. IV, para. 46.c.(1)(h)(vi). This may seem unnecessarily complicated to the casual observer strolling by on a break from their civilian practice (because in their local courts things are done differently) but it’s imminently straightforward for anyone familiar with military justice; a group that should include every field grade judge advocate who works within earshot of a military courtroom. 

    The military justice system doesn’t lose its character by the proper application of the UCMJ. It loses its character when it lets the good idea fairy take control. 

  14. Scott says:

    Robert or not Robert, that is the question. 

  15. Vulture says:

    This is not a opinion that is in a vacuum either.  This discussion reminds me if the issue in Blouin.  http://www.armfor.uscourts.gov/newcaaf/opinions/2014SepTerm/140656.pdf  There a child pornography case was overturned due to errors in the plea.  Baker dissented with, “It should not be this hard to plead guilty to possessing child pornography.” What seems like a simple matter really isn’t.  Loss of the 32 procedures has already diminished the rights of the Accused.  Arraignments used to be a fundamental protection that are not as important.  (See Baker’s dissent in Moss).  So simple getting of the charge correct isn’t a small thing.
    Its not enough to say “he done a bad thing.”  TC/SJAs have the checklist for making it simple: https://www.loc.gov/rr/frd/Military_Law/pdf/Deploying-Justice-Handbook.pdf.  So with the steamlining and lack of encumberance that the UCMJ has, deployability, witness production, ect. ect.  they should have to get it right before sticking someone with a conviction.
     
     

  16. John O'Connor says:

    This may seem unnecessarily complicated to the casual observer strolling by on a break from their civilian practice (because in their local courts things are done differently) but it’s imminently straightforward for anyone familiar with military justice; a group that should include every field grade judge advocate who works within earshot of a military courtroom. 
    The military justice system doesn’t lose its character by the proper application of the UCMJ. It loses its character when it lets the good idea fairy take control. 

     

     So simple getting of the charge correct isn’t a small thing. Its not enough to say “he done a bad thing.”  TC/SJAs have the checklist for making it simple: https://www.loc.gov/rr/frd/Military_Law/pdf/Deploying-Justice-Handbook.pdf.  So with the steamlining and lack of encumberance that the UCMJ has, deployability, witness production, ect. ect.  they should have to get it right before sticking someone with a conviction.

     
    To me, it’s overly simplistic to say that if the law is “[em]inently clear,” trial counsel and military judges should apply it.  Of course they should.  The harder question is what to do if they make a mistake, and the correct identification of the victim in a credit card larceny case strikes me as the quintessential case where if the trial counsel charges the wrong victim by mistake it has no real effect on the trial in most cases.  Nobody is confused as to what happened, and the validity of a conviction should not rise and fall on whether the TC picked out the technically correct “victim” from among the various entities involved in the transaction — even if picking out the proper victim is “easy.”  That just strikes me as the wrong type of error on which to reverse a conviction. 
     

  17. Zachary D Spilman says:

    Eminently indeed. 

    But if identification of the actual victim (or, more fundamentally, the actual crime) isn’t that important, then is it also not important if the prosecution proves the elements (see, for example, United States v. Paul, 73 M.J. 274 (C.A.A.F. May 29, 2014) (CAAFlog case page)), or if the accused understands how the law relates to his factual admissions (see, for example, United States v. Blouin, 74 M.J. 247 (C.A.A.F. Jun. 25, 2015) (CAAFlog case page)), or if probable cause is based on actual facts (see, for example, United States v. Hoffmann, 75 M.J. 120 (C.A.A.F. Feb. 18, 2016) (CAAFlog case page)), or should we just apply the nobody is confused as to what happened rule and keep the chow line moving?

  18. Tami a/k/a Princess Leia says:

    The link for the Williams case is incorrect.  When I click on the citation, I get the Air Force Williams rape case in which CAAF considered whether Government extended the 60-day deadline for filing certificate of review by requesting reconsideration from AFCCA.

  19. Zachary D Spilman says:

    Stick with the CAAFlog case page, bud.

  20. Vulture says:

    Sure, this is where all my friends are.  I think.

  21. Edward Durant says:

    thank you for the summary.  Enjoyed reading it.