United States v. Golightley
| Decision Date | 29 December 2020 |
| Docket Number | No. 19-3135,19-3135 |
| Parties | UNITED STATES OF AMERICA, Plaintiff - Appellee, v. MICHAEL D. GOLIGHTLEY, Defendant - Appellant. |
| Court | U.S. Court of Appeals — Tenth Circuit |
(D. Kan.)
ORDER AND JUDGMENT*Before HOLMES, SEYMOUR, and MORITZ, Circuit Judges.
After Michael Golightley followed through on his threats to take down a website called Nex-Tech Classified, the government apprehended Golightley and charged him with seven counts of damaging a protected computer in violation of 18 U.S.C. § 1030(a)(5)(A) and one count of threatening to damage a protected computer in violation of 18 U.S.C. § 1030(a)(7). A jury convicted Golightley on all counts. At sentencing, the district court classified the seven counts for damaging a protected computer as felonies. It then sentenced Golightley to eight concurrent sentences of 27 months' imprisonment followed by two years of supervised release. Golightleyappeals aspects of his convictions and sentence. For the reasons below, we affirm in part, reverse in part, and remand for resentencing.
The government presented the following evidence at trial. Nex-Tech, a broadband and technology company headquartered in Lenora, Kansas, provides telecommunication services such as internet, phone service, cable TV, and advertising services. Its advertising services include a classified-ad website—Nex-Tech Classified—where users can buy and sell items online. Before using Nex-Tech Classified, an individual must become a registered user by providing a username, password, location, and email address. Customers can contact the help desk by phone, email, or through a form on the website.
On March 26, 2017, an individual created a Nex-Tech account under the username grass_is_green, identifying the user's location as Larned, Kansas, and providing the email address ntcsucks@mail.com. The user submitted listings seeking to sell several electronic items and a motorcycle and invited buyers to call or text an offer using a phone number ending in 1011. Nex-Tech removed the electronics listing because the description of the electronics suggested that the user had violated third-party intellectual-property rights, which in turn violated Nex-Tech's terms of service.
The following day, Nex-Tech's help desk received two threatening messages from grass_is_green, with a contact email address of ntcsucks@mail.com. The first message, at 10:24 p.m., stated:
take my ad down again when my description doesnt violate copy right, i will violate this site by bringing it offline, fix the ad. if u make me upset, i will retaliate, your choice, and im not making a threat im very capable of bringing down this website.
Supp. R. 34 (). The second message, sent eight minutes later, said:
ip address 24.225.8.90 will be submitted at exostress.in for 24 hours if my demands are not met with in 12 hours, your choice, and remember, you have been warned...
Id. at 35 ().
Following these threats, Nex-Tech deactivated grass_is_green's account and notified grass_is_green via email of the deactivation.
Several days later, the help desk received a call from someone who identified himself as the Wichita-based user water_is_blue. Nex-Tech had removed that user's electronics listing because it was essentially identical to grass_is_green's listing and therefore violated Nex-Tech's terms of service. During the call, Nex-Tech Classified went offline because of a distributed-denial-of-service, or DDoS, attack.1 Over the next few days, a total of seven individual DDoS attacks overwhelmed Nex-Tech's and Nex-Tech Classified's websites and internal corporate systems. Nex-Tech employees recorded their time spent responding to these attacks, resulting in total labor costs to Nex-Tech of $16,978.19.
During its subsequent investigation, law enforcement analyzed Nex-Tech's internal records and determined that the user grass_is_green shared a location and phone number with another user, larned_seller. And the account for larned_seller provided a street address in Larned, Kansas, as well as the email address ninjagolightley@gmail.com. Law enforcement then determined that the street address for larned_seller was located within 200 yards of the IP addresses that communicated messages from grass_is_green to Nex-Tech. Accordingly, officers executed a search warrant at that address, and when the officers arrived, Golightley was the only person present. The search uncovered a computer, cell phone, and other items that connected Golightley to the accounts for grass_is_green and water_is_blue, the removed ads, and the threatening messages. Law enforcement also discovered that Golightley had accessed a service called DDoS City—a website that launches DDoS attacks—around the times of the attacks on Nex-Tech. The government charged Golightley with seven counts of damaging a protected computer and one count of threatening to damage a protected computer; the jury convicted him on all counts.
At sentencing, the district court classified the seven counts for damaging a protected computer as felonies, rather than misdemeanors, because the aggregate damage to the computers totaled more than $5,000. It then sentenced Golightley to eight concurrent sentences of 27 months' imprisonment, followed by two years of supervised release. As part of Golightley's supervised release, the district court imposed two relevant special conditions. One condition empowers Golightley's probation officer to determine whether Golightley must inform certain third partiesthat he poses a risk to them, and the other requires Golightley to take prescribed medication. Golightley appeals.
Golightley raises four issues. He argues that the district court erred by (1) determining that the government produced sufficient evidence on the interstate-commerce element in the threat conviction; (2) classifying the seven counts for damaging a protected computer as felonies; (3) imposing a special condition of release empowering Golightley's probation officer to determine whether Golightley must inform third parties that he poses a threat; and (4) imposing a special condition of release requiring Golightley to take prescription medication. We address each issue in turn.
Golightley first contends that the district court improperly denied his motion for acquittal with respect to his conviction for threatening to damage a protected computer. Specifically, he argues that the government's evidence at trial was insufficient to show that he transmitted a threat in interstate commerce.
We review challenges to the sufficiency of the evidence de novo. United States v. Delgado-Uribe, 363 F.3d 1077, 1081 (10th Cir. 2004). In doing so, we consider the evidence in the light most favorable to the government, asking whether a reasonablejuror could conclude that the evidence "establish[ed] each element of the crime."2 Id (quoting United States v. Vallo, 238 F.3d 1242, 1247 (10th Cir. 2001)).
Threatening to damage a protected computer in violation of § 1030(a)(7)(A) requires the government to prove, among other elements, that Golightley transmitted at least one of his two threats "in interstate or foreign commerce." § 1030(a)(7). But Golightley argues that the government failed to present evidence that would allow the jury to reasonably infer that he transmitted any threat in interstate commerce. Instead, he argues, the government merely showed that he transmitted his threats over the internet, which is insufficient to prove the interstate-commerce element.
The government concedes that Golightley's use of the internet alone does not establish the interstate-commerce element. See United States v. Kieffer, 681 F.3d 1143, 1153 (10th Cir. 2012) (). Likewise, theparties agree that Nex-Tech and its servers are located in Kansas and that Golightley transmitted his two threats from Kansas. Thus, the resolution of this issue depends on whether a reasonable jury could infer that one of Golightley's threats traveled through an out-of-state server.
The government points to two trial exhibits—Exhibits 4A and 5—as evidence that Golightley's threats traveled in interstate commerce via out-of-state servers. Exhibit 4A contains the two messages Golightley sent to Nex-Tech threatening to bring its website offline. The government contends that Golightley sent these messages from his personal email address, ntcsucks@mail.com. Exhibit 5 shows automated correspondence from mail.com to Golightley that Golightley received after creating his ntcsucks@mail.com email address. At the bottom of the email from mail.com is the following trademark notice:
The government first suggests Exhibit 4A establishes that Golightley transmitted the threats via his personal mail.com email address. Next, the government suggests that the jury could infer, based on the trademark notice in Exhibit 5, that mail.com's servers are located in Pennsylvania, or "in a [s]tate nearer Chesterbrook, Pennsylvania." Aplee. Br. 25. Lastly, the government builds on this inference, concluding the jury could infer that when Golightley transmitted his emails from hismail.com account, the emails traveled in interstate commerce via mail.com's out-of-state servers.
But as we discuss below, the government's argument is fatally flawed because it assumes facts not in evidence. And even if we assumed such facts, the government's argument adopts inferences not permitted by that evidence.
First, as Golightley correctly points out, the government assumes that the messages in Exhibit 4A came from his personal mail.com email address. But Exhibit 4A does not support the government's...
To continue reading
Request your trial