People v. Hawkins (2002)

Annotate this Case
[No. H021902. Sixth Dist. June 5, 2002.]

THE PEOPLE, Plaintiff and Respondent, v. DAVID WESLEY HAWKINS, Defendant and Appellant.

(Superior Court of Santa Clara County, No. 210319, Thomas Charles Hastings, Judge.)

(Opinion by Bamattre-Manoukian, Acting P. J., with Mihara and Rushing, JJ., concurring.)


Andrew Parnes and David Wesley Hawkins for Defendant and Appellant.

Bill Lockyer, Attorney General, Robert R. Anderson, Assistant Attorney General, Ronald A. Bass, Senior Assistant Attorney General, Ronald S. Matthias, Supervising Deputy Attorney General, and Herbert F. Wilkinson and Michele J. Swanson, Deputy Attorneys General, for Respondent. [98 Cal. App. 4th 1433]



After hearing testimony for six days, a jury acquitted defendant David Hawkins of a charge of misappropriating a trade secret (count 1; Pen. Code, § 499c) fn. 1 and convicted him of a relatively new computer crime, the felony of knowingly accessing and taking data from a computer system (count 2; § 502, subd. (c)(2)). The jury found not true that the property taken, source code, was valued at more than $2.5 million. (§ 12022.6, subd. (a)(4).)

The trial court denied defendant's motions for new trial and to reduce the offense to a misdemeanor. The court suspended imposition of sentence and placed defendant on formal probation for three years, on condition, among others, that he serve six months in jail.

On appeal defendant contends: his crime should not be a felony as the statute, section 502, subdivision (c)(2), lacks a mens rea requirement; the statute is unconstitutionally vague; the trial court erred in admitting evidence of prior misconduct by defendant and in admitting printouts of computer access times; the trial court should have given a unanimity instruction; the trial court should have granted his motion to reduce the offense to a misdemeanor. For the reasons stated below, we will affirm the judgment.


Our summary of the trial evidence will focus on the charge of which defendant was convicted, knowingly accessing and taking data from a [98 Cal. App. 4th 1434] computer system (§ 502, subd. (c)(2)). Defendant was charged with taking the source code of his former employer Network Translation Incorporated (NTI). Defendant did not testify at trial.

NTI was a company formed by John Mayes in January 1995 to market his product, Private Internet Exchange (PIX). PIX allowed a computer in a local computer network to access the Internet by virtue of assigning an Internet protocol address to the computer for the purpose of its Internet connection. PIX also functioned as a firewall, preventing people outside a company from accessing the company's computers over the Internet.

Mayes had the idea for PIX in March 1994. He hired Brantley Coile, the best programmer he knew, to write the original code. Coile wrote the source code from scratch. The first product was sold in December 1994. It received good reviews in the technical press. In early September 1995, Cisco indicated its interest in acquiring NTI.

NTI hired defendant as a sales engineer and technical support on October 4, 1995. At that time NTI was still a small company with five or six employees. Cisco acquired NTI by a stock exchange in late October 1995 for around $31 million. Mayes insisted that Cisco retain all NTI employees. After NTI was acquired by Cisco, NTI remained on the same business premises. The employees worked in close quarters.

As a technical support engineer, defendant had access to NTI's source code. In his job, he heard and answered customer complaints about PIX.

In December 1995 or January 1996, defendant began talking with his neighbor and friend Larry Coryell and Debbie Appler, a marketing person, about developing a product that would compete with and improve on PIX. Appler told defendant that he could not work for Cisco while developing a competing product. Defendant said he wanted to remain there until he earned some stock bonuses.

When defendant was hired by NTI, Andrew Foss was already working there. In March 1996 they together created a program to check stock quotes. In writing the program defendant had questions about strings library functions. In trying to answer the questions, defendant and Foss looked at an example in the Sun operating system source code version 4.1.3.

Foss was familiar with the Sun operating system because a prior employer of his had licensed it. It was highly controlled and his access to it was logged. The C. files had headers on them identifying them as copy-protected [98 Cal. App. 4th 1435] property of Sun Microsystems. It is a large code, probably involving millions of lines of programming.

Foss was surprised to see the Sun operating system on defendant's computer. He cautioned defendant that he should not use the code while doing Cisco business and should probably not even have it on Cisco's computer network. Defendant explained that he moved the code from his home directory when he stopped working for Sun. Foss had no reason to believe either that defendant had the code inadvertently or intentionally.

It is common for UNIX engineers to take their personal home directory computer files with them on leaving a job.

The Sun operating system was derived from Berkeley Software Distribution (BSD), but the two operating systems evolved to have different features. There is a free version of BSD available on the Internet for the taking. Foss was unaware to what extent there is an overlap between free BSD and Sun's operating system. He was unaware that any part of the Sun operating system 4.1.3 was released to the public.

Defendant acknowledged to Foss that what he had was the Sun operating system. He did not say to Foss it was free source code.

Beginning in April 1996, Coryell began writing code for defendant. Defendant gave Coryell hand-written block diagrams about how the product should work. After Coryell gave defendant code he had written, defendant sometimes asked for more features.

In about mid-July 1996, defendant told John Mayes that he was leaving NTI and Cisco. He said he was going to stay with a friend in Hawaii for three to six months and do nothing.

On August 12, 1996, defendant and Coryell networked three computers in Coryell's home. Coryell provided a Sun computer and defendant provided two PCs. They wanted to test the code that Coryell had written.

August 16, 1996, was defendant's last day at Cisco.

For health reasons Coryell stopped writing code for defendant in December 1996. Coryell knew defendant was working with other programmers. [98 Cal. App. 4th 1436]

The next time Mayes saw defendant was in May 1997 at a Las Vegas trade show called Interop. Mayes was part of Cisco's mergers and acquisitions team. In the start-up city area, he saw signs that looked like NTI signs at the Meridian booth. He walked to the booth wearing his Cisco badge. The people in the booth turned off all the computer screens. He turned and saw defendant. Mayes said the product, Aegis, looked a lot like PIX. Defendant said they were going after a different market.

Mayes reported this to Cisco and they obtained the Aegis product for evaluation. Johnson Wu, an original NTI employee, tested Aegis and wrote a message dated May 20, 1997, noting similarities between Aegis and PIX.

On August 8, 1997, San Jose police officers executed a search warrant for defendant's apartment. The search was coordinated by district attorney's investigator John Smith. Computer expert Gordon Galligher went along for technical assistance. His first job was to locate any Internet connection and disable it so no one could change defendant's computer from the outside while the search was in progress. Galligher observed that defendant had a local area network set up. It included two Sun workstations called Vette and Camaro. No monitor was attached to Vette. The network also included a PC Windows system and the build computer. Galligher unplugged the wireless Internet connection.

Smith made a backup tape to copy the contents of the Windows computer. Smith did not want to seize the computers and shut down defendant's business. Officers had to get the proper tape in order to back up the build computer.

Investigator Smith wanted to look at the Sun machines. Defendant said they were just his target machines, which meant they represented the outside world in testing a firewall feature. Defendant said they had nothing on them. Smith entered a computer command that provided a listing of the directories on the Camaro computer. Galligher noticed two directories, both labeled "D.W.H. S.R.C. N.T.I." One was "2 dot 7 dot 6," the other was "2 dot 6 dot one o two."

Up to this point, defendant had been joking with the officers. He mentioned how he liked his 20-second commute from his bedroom to his office. Defendant stopped joking when they saw these files and just glared at the officers. Smith looked inside these directories and saw a number of source code files labeled dot C and dot H. Looking at copyright notices for Network Translation, Galligher offered the opinion that they were source code files. At that point Smith decided to seize the two Sun workstations. [98 Cal. App. 4th 1437]

The Sun workstations were in evidence at trial. These files on the Camaro machine proved to be versions of NTI source code in existence about the time defendant stopped working for Cisco and NTI.

During the search, Smith asked defendant why those files were on his computer. Defendant said he always makes a backup of his home directory when he leaves a company to keep his standard start-up files. If he had copied Cisco source code, it was an accident. He denied using it to create his own product.

With the Camaro computer at the district attorney's office, investigator Smith used a UNIX file listing command that displayed and printed out the access times of all the files on the computer. There were several access dates to the PIX source code after August 16, 1996, when defendant stopped working for Cisco. UNIX only retains the last access time. Some source code files were accessed on December 5, 1996, other on May 15, 1997. So many files were accessed on December 5, 1996, that, in Galligher's opinion, it could have been the result of a global backup. The accesses on May 15, 1997, were more selective. The Ethernet driver file was accessed on May 15, 1997.

Galligher testified that when the source code files were accessed on the Camaro computer, it appeared the computer's clock was functioning properly.

Galligher acknowledged that the access times do not say who accessed the files and that various UNIX commands can access a file without a person actually looking at the contents of the file or knowing that he or she was accessing the file. Also, a systems administrator could change the time on a computer clock.

An evaluation of Aegis showed that Coryell wrote 21 of its files. What defendant wrote was low level driver code. In Galligher's opinion, Coryell was the principal developer of Aegis. Aegis and PIX had a common ancestry. He could not say Aegis was derived from PIX.


Section 502, subdivision (c)(2) defines as a public offense: "Knowingly accesses and without permission takes, copies, or makes use of any data from a computer, computer system, or computer network, or takes or copies any supporting documentation, whether existing or residing internal or external to a computer, computer system, or computer network." A violation [98 Cal. App. 4th 1438] of section 502, subdivision (c)(2) is punishable alternately as a felony or a misdemeanor. (§ 502, subd. (d)(1).) fn. 2

[1a] On appeal defendant contends that "[b]ecause section 502 (c)(2) contains no mens rea, it should not properly be punished as a felony." Defendant made the same argument in an unsuccessful motion for a new trial.

[2a] People v. Coria (1999) 21 Cal. 4th 868 explained: "Generally, ' "[t]he existence of a mens rea is the rule of, rather than the exception to, the principles of Anglo-American criminal jurisprudence." . . .' (People v. Simon (1995) 9 Cal. 4th 493, 519, citations omitted.) In other words, there must be a union of act and wrongful intent, or criminal negligence. (Pen. Code, § 20; People v. Vogel (1956) 46 Cal. 2d 798, 801.) 'So basic is this requirement that it is an invariable element of every crime unless excluded expressly or by necessary implication.' (People v. Vogel, supra, at p. 801, fn. omitted.) In addition, Penal Code section 26 provides that a person is incapable of committing a crime where an act is performed in ignorance or mistake of fact negating criminal intent; a crime cannot be committed by mere misfortune or accident. (People v. Lopez (1986) 188 Cal. App. 3d 592, 597.)" (Id. at p. 876.)

In re Jorge M. (2000) 23 Cal. 4th 866 stated, "the requirement that, for a criminal conviction, the prosecution prove some form of guilty intent, knowledge, or criminal negligence is of such long standing and so fundamental to our criminal law that penal statutes will often be construed to contain such an element despite their failure expressly to state it." (Id. at p. 872.)

[1b] Section 502, subdivision (c)(2) uses the word "knowingly," which identifies the mens rea involved in violating this subdivision. [2b] People v. McDaniel (1994) 22 Cal. App. 4th 278 explained: " ' "A requirement of knowledge is not a requirement that the act be done with any specific intent. . . . The word 'knowing' as used in a criminal statute imports only an awareness of the facts which bring the proscribed act within the terms of the statute. (Pen. Code, § 7, subd. 5.)" ' (People v. Lopez, supra, 188 Cal. App. 3d 592, 598; People v. Calban, supra, [98 Cal. App. 4th 1439] 65 Cal. App. 3d 578, 584.) CALJIC No. 1.21 defines 'knowingly' as 'with knowledge of the existence of the facts in question. . . .' This definition is consistent with that found in Webster's Third New International Dictionary Unabridged (1981), which defines 'knowing' as 'having or reflecting knowledge, information, or insight . . . ,' and 'knowingly' as 'in a knowing manner . . . with awareness, deliberateness, or intention . . . .' (At p. 1252.)" (Id. at p. 285.) fn. 3

[1c] Defendant contends that the word "knowingly" only modifies "accesses" and not the rest of the crime. "Thus, the strict liability part of the statute occurs after the computer is 'knowingly' accessed. Any copying of data, even accidental or inadvertent copying, becomes illegal at that point."

We disagree with defendant's reading of the statute. As stated above, "a crime cannot be committed by mere misfortune or accident." (People v. Coria, supra, 21 Cal.4th at p. 876.) Evidence of accidental copying would negate the mental element of section 502, subdivision (c)(2). We reject defendant's characterization of the statute as creating strict criminal liability.


[3a] On appeal defendant contends section 502 is unconstitutionally vague. He made the same argument in an unsuccessful motion for a new trial.

[4] Tobe v. City of Santa Ana (1995) 9 Cal. 4th 1069 explained: "A penal statute must define the offense with sufficient precision that 'ordinary people can understand what conduct is prohibited and in a manner that does not encourage arbitrary and discriminatory enforcement.' [Citations.] 'The constitutional interest implicated in questions of statutory vagueness is that no person be deprived of "life, liberty, or property without due process of law," as assured by both the federal Constitution (U.S. Const., Amends. V, XIV) and the California Constitution (Cal. Const., art. I, § 7).' [Citation.]

"To satisfy the constitutional command, a statute must meet two basic requirements: (1) The statute must be sufficiently definite to provide adequate notice of the conduct proscribed; and (2) the statute must provide sufficiently definite guidelines for the police in order to prevent arbitrary and discriminatory enforcement." (Id. at pp. 1106-1107.) [98 Cal. App. 4th 1440]

[3b] We review the statute with this in mind. Since section 502 is a long statute, we will summarize the pertinent parts, keeping in mind that defendant was charged with violating subdivision (c)(2) between November 1, 1995, and August 16, 1996. fn. 4 In overview, the statute describes a number of computer crimes in somewhat overlapping language and also creates several exemptions from prosecution.

Subdivision (a) states: "(a) It is the intent of the Legislature in enacting this section to expand the degree of protection afforded to individuals, businesses, and governmental agencies from tampering, interference, damage, and unauthorized access to lawfully created computer data and computer systems. The Legislature finds and declares that the proliferation of computer technology has resulted in a concomitant proliferation of computer crime and other forms of unauthorized access to computers, computer systems, and computer data.

"The Legislature further finds and declares that protection of the integrity of all types and forms of lawfully created computers, computer systems, and computer data is vital to the protection of the privacy of individuals as well as to the well-being of financial institutions, business concerns, governmental agencies, and others within this state that lawfully utilize those computers, computer systems, and data."

What the statute prohibited was contained in eight parts of subdivision (c). The jury was only instructed about the crime with which defendant was charged, a violation of subdivision (c)(2). That subdivision prohibited at the time of the charged offense, "except as provided in subdivision (i) . . . [¶] (2) Knowingly accesses and without permission takes, copies, or makes use of any data from a computer, computer system, or computer network, or takes or copies any supporting documentation, whether existing or residing internal or external to a computer, computer system, or computer network." (Stats. 1989, ch. 1357, § 1, p. 5725.) The jury was instructed with the relevant statutory definitions orally and in writing. fn. 5 [98 Cal. App. 4th 1441]

What defendant claims is vague is not the above-quoted definition of the crime, but the statute's description of an exception or exemption from prosecution. Former subdivision (i) created the following exceptions to the computer crimes defined in subdivision (c): "(1) Subdivision (c) does not apply to any person who accesses his or her employer's computer system, computer network, computer program, or data when acting within the scope of his or her lawful employment.

"(2) Paragraph (3) of subdivision (c) does not apply to any employee who accesses or uses his or her employer's computer system, computer network, computer program, or data when acting outside the scope of his or her lawful employment, so long as the employee's activities do not cause an injury, as defined in paragraph (8) of subdivision (b), to the employer or another, or so long as the value of supplies or computer services, as defined in paragraph (4) of subdivision (b), which are used does not exceed an accumulated total of one hundred dollars ($100)." (Stats. 1989, ch. 1357, § 1, p. 5727; current subd. (h) is similar, but not identical.)

Former subdivision (i)(2) thus created a specific exception to the crime defined in subdivision (c)(3), which is: "Knowingly and without permission uses or causes to be used computer services." Subdivision (c)(3) is a broad prohibition against unauthorized use of a computer.

By its own terms, former subdivision (i)(2) created an exception or exemption limited to the crime defined in subdivision (c)(3) and not the crime defined in subdivision (c)(2) as the unauthorized taking, copying, or using of computer data with which defendant was charged. However, this exemption in (i)(2) was expanded to other crimes in former subdivision (j) as follows. "No activity exempted from prosecution under paragraph (2) of subdivision (i) which incidentally violates paragraph (2), (4), or (7) of subdivision (c) shall be prosecuted under those paragraphs." (Stats. 1989, ch. 1357, § 1, p. 5727; this language is now found in subd. (i).)

It is this expanded exemption, applicable to (c)(2), that defendant argues to be unconstitutionally vague. He contends that there "exists no basis for a [98 Cal. App. 4th 1442] reasonable person to discern when his or her access to a computer or system 'incidentally violates' the statute. In addition, it provides no rational basis on which the prosecutor can make his or her decision to prosecute under the statute. The statute can easily be violated by an unwitting computer user -- by pushing the wrong button which causes information to be displayed, copied, or downloaded."

In former subdivision (i)(2), the Legislature deemed some violations of subdivision (c)(3) to be so trivial or de minimis as not to warrant criminal treatment, namely computer use, though outside the scope of employment, that either does not injure the employer or does not use $100 worth of supplies or services. Possible examples of this would be an employee who "surfs" the Internet when he or she has been told not to, or, as the prosecutor suggested, an employee who plays a computer game. In former subdivision (j), the Legislature extended this exemption from prosecution to the kind of trivial unauthorized computer use that is essentially a violation of (3), though it "incidentally violates" the more specific subdivisions (2), (4), or (7). fn. 6 More specifically, as applied to subdivision (c)(2), former subdivision (j) was designed to exempt from prosecution a person who is primarily engaged in de minimis unauthorized use of his or her employer's computer services if this use "incidentally" involved taking, copying, or using data from a computer.

The jury was instructed along these lines. "However, any employee who accesses or uses his or her employer's computer system, computer network, computer program or data when acting outside the scope of his or her lawful employment is not guilty of violating section 502 if the following elements are satisfied:

"One, such access or use without permission incidentally involves the taking, copying or making use of any data; [¶] two, the employee's activities do not cause an injury to the employer or another; and, [¶] three, the value of supplies and computer services which are used does not exceed an accumulated value of one hundred dollars."

Defendant complains that there is no precedent for determining what amounts to an incidental violation of another statute. In fact, this is a familiar concern of courts in determining whether a criminal defendant should be subject to multiple punishments under section 654. [5] "Whether a course of criminal conduct is divisible and therefore gives rise to more than one act within the meaning of section 654 depends on the intent and objective of the actor. If all of the offenses were incident to one objective, [98 Cal. App. 4th 1443] the defendant may be punished for any one of such offenses but not for more than one." (Neal v. State of California (1960) 55 Cal. 2d 11, 19.) The trial court must determine whether one offense "was merely incidental to the primary objective" of another offense. (Id. at p. 20.)

[3c] We conclude that the phrase "incidentally violates" in former subdivision (j), now subdivision (i), does not render the statute unconstitutionally vague. Section 502 is a complex statute. It defines several computer crimes and creates several exemptions from prosecution. The jury instruction in this case described the application of the exemption to the crime described in subdivision (c)(2). We conclude that the exemption in issue is sufficiently clear to avoid constitutional problems.


[6a] On appeal defendant contends that the trial court erred in admitting evidence of his prior misconduct in possessing apparent source code from Sun Microsystems.

At a pre-trial hearing, the prosecution offered to prove that defendant was in possession of "the source code to version 4.1.3 of the Sun operating system." The prosecution made an offer of proof based on the anticipated testimony of Andrew Foss, a coworker of defendant who did not testify at the hearing. The prosecutor acknowledged that it was common for programmers to copy their personal data from their work computer when they leave a job. However, when Foss saw Sun's source code on defendant's Cisco computer, defendant explained that he had inadvertently copied it along with his personal data. Defendant gave the same explanation later when asked why he had NTI source code on his home computer. The prosecution contended that this testimony would prove that defendant did not inadvertently take the PIX source code.

Defendant objected that the witness could not positively state that defendant had Sun source code. Also, defendant allegedly took the Sun code years earlier. The prosecutor should not be able to offer the evidence until defendant offered the defense of inadvertence.

The trial court asked, "Isn't that all just a matter of proof? The proponent has the burden of proof of these things. . . . [¶] Obviously, if I grant the request, that's his burden. He has to prove exactly what you said. He has to prove that, in fact, it was source code which was not readily available, was protected . . . . If he doesn't prove that, then you are right; there is no value [98 Cal. App. 4th 1444] whatsoever. It's not a prior act. . . . [¶] If it isn't said, then it has no relevancy. . . . [¶] . . . [¶] [U]nless you can prove it up, it has no value." The prosecutor asserted that he could call witnesses who would prove it up. The court ruled, "under 352 that it is admissible in the People's case in chief and it is relevant as it bears upon the issue as to intent, because it does negate the statement of inadvertence. The time frame is such where it is not too remote."

[7] The Attorney General contends that defendant waived his pretrial objection to Foss's testimony by failing to renew it at trial. People v. Crittenden (1994) 9 Cal. 4th 83, explained: "in People v. Morris, supra, 53 Cal. 3d 152, 189-190, we concluded that if a motion to exclude evidence is made raising a specific objection, directed to a particular, identifiable body of evidence, at the beginning of or during trial at a time when the trial judge can determine the evidentiary question in its appropriate context, the issue is preserved for appeal without the need for a further objection at the time the evidence is sought to be introduced." (Id. at p. 127.) Here the trial judge heard an extensive offer of proof before ruling at the pre-trial hearing "under 352 that it is admissible in the People's case in chief and it is relevant." Under these circumstances, we conclude that defendant was not required to renew his objection at trial.

[8] People v. Gibson (1976) 56 Cal. App. 3d 119, 127, explained, "It is an established principle of evidence law that evidence of other criminal acts or misconduct of a defendant may not be admitted at trial when the sole relevancy is to show defendant's criminal propensities or bad character as a means of creating an inference that defendant committed the charged offense. (Evid. Code, § 1101, subd. (a); People v. Sam (1969) 71 Cal. 2d 194.)" (Id. at p. 127.) Evidence Code section 1101, subdivision (b), authorizes admission of evidence of a defendant's other misconduct "when relevant to prove some fact (such as motive, opportunity, intent, preparation, plan, knowledge, identity, absence of mistake or accident, . . . ) other than his or her disposition to commit such an act." Upon appropriate objection, the trial court should consider whether evidence of the other misconduct is more prejudicial than probative. (Evid. Code, § 352.) fn. 7 As the jury was instructed, it is the prosecutor's burden at trial to prove a defendant's prior misconduct by a preponderance of the evidence. (CALJIC No. 2.50.1; People v. Carpenter (1997) 15 Cal. 4th 312, [98 Cal. App. 4th 1445] 381-382.) On appeal the question is whether the trial court abused its discretion in admitting evidence of other misconduct. (People v. Kipp (1998) 18 Cal. 4th 349, 369, 371.)

Evidence of uncharged offenses may be admitted, but, as explained by People v. Ewoldt (1994) 7 Cal. 4th 380 (Ewoldt): "Evidence of uncharged offenses 'is so prejudicial that its admission requires extremely careful analysis. [Citations.]' (People v. Smallwood (1986) 42 Cal. 3d 415, 428; see also People v. Thompson (1988) 45 Cal. 3d 86, 109.) 'Since "substantial prejudicial effect [is] inherent in [such] evidence," uncharged offenses are admissible only if they have substantial probative value.' (People v. Thompson (1980) 27 Cal. 3d 303, 318, italics in original, fn. omitted.)" (Id. at p. 404.)

Ewoldt, supra, 7 Cal. 4th 380, 399-401, overruled People v. Tassell (1984) 36 Cal. 3d 77 and revitalized the doctrine of using prior misconduct to prove a common design or plan. Ewoldt differentiated among the types of evidence needed to prove intent, a common design or plan, and identity. "The least degree of similarity (between the uncharged act and the charged offense) is required in order to prove intent. [Citation.] [T]he recurrence of a similar result . . . tends (increasingly with each instance) to negative accident or inadvertence or self-defense or good faith or other innocent mental state, and tends to establish (provisionally, at least, though not certainly) the presence of the normal, i.e., criminal, intent accompanying such an act . . . .' [Citation.] In order to be admissible to prove intent, the uncharged misconduct must be sufficiently similar to support the inference that the defendant ' "probably harbor[ed] the same intent in each instance." [Citation.]' " (Id. at p. 402.)

[6b] Defendant contends that "The prosecution produced no concrete evidence that the code seen by Mr. Foss was proprietary at the time he observed it in 1996." In fact, Andrew Foss testified as follows. When he and defendant were creating a stock quote program at Cisco, on defendant's work computer Foss saw "the source code for Sun Microsystems, Sun o. s. 413, I think it was." "The C. files all have headers on them, you know, 'property of Sun Microsystems' with their copyright and their confidentiality statement and 'do not copy' and all of that. It's pretty standard stuff in the code." He could not say how much overlap there was between free BSD and Sun's operating system, but "I can tell you what the header files say in Sun o. s., which is they certainly think they own it." Regarding Sun 413, "Sun very much considered everything [a former employer] used in that to be their [98 Cal. App. 4th 1446] proprietary information. And we had a license and an escrow account and all of the overhead that entails to use it." Foss's testimony is further summarized above (ante, at p. 3).

Even if Foss were not certain that defendant had Sun source code, it was relevant that defendant was cautioned in March 1996 about possessing source code. As the prosecutor argued to the jury, Foss's warning occurred "only four months before he leaves. So even if he had accidentally taken the Sun operating source code, the danger of accidents and inadvertence of something he shouldn't have had been freshly called to his mind. So he didn't take that inadvertently," referring to NTI source code.

Defendant also contends that the probative value of Foss's testimony was diminished because he remained a Cisco employee and owned about $4 million worth of Cisco stock. Ewoldt, supra, 7 Cal. 4th 380 stated: "The probative value of evidence of uncharged misconduct also is affected by the extent to which its source is independent of the evidence of the charged offense. For example, if a witness to the uncharged offense provided a detailed report of that incident without being aware of the circumstances of the charged offense, the risk that the witness's account may have been influenced by knowledge of the charged offense would be eliminated and the probative value of the evidence would be enhanced." (Id. at p. 404.) This factor is not dispositive, however. In Ewoldt, the Supreme Court found no abuse of discretion in the trial court's admission of evidence of uncharged child molestation even though the victim's sister's accusations followed the victim's accusations. (Id. at p. 405.)

Foss's financial interests were not before the court at the time of its pretrial ruling. Defendant was free to argue their significance to the jury and he did so. He argued that every witness was a current or former Cisco employee with substantial stock holdings. This new evidence does not demonstrate that the trial court abused its discretion in admitting Foss's testimony about defendant's prior misconduct. We conclude that the trial court did not err in this ruling.


[9] On appeal defendant contends that the trial court erred in admitting computer printouts of when computer files were last accessed.

At a pretrial hearing defendant objected "that the date and time on that is hearsay. It is a statement generated by the computer being admitted . . . for the truth of the matter asserted. It's the computer saying the last time I was [98 Cal. App. 4th 1447] accessed was this date. And that is hearsay." Defendant asserted there was no applicable hearsay exception.

The prosecutor responded that documents are admissible if properly authenticated. It is a document, not a business record. The prosecutor's computer expert checked the computer clock and it was accurate. To the extent the printout is hearsay, it amounts to an admission by defendant.

The trial court stated: "This is a very hypertechnical objection. Because if the date and time is offered for the truth of the matter asserted, it is hearsay. But the problem in this analysis is simply this. There is no declarant. The declarant is the computer. It's not a person. So when you are talking about hearsay, you are talking about an out-of-court statement by the declarant. And there is no declarant here. The computer made the date-and-time record.

"Now, if the computer is found to be functional, if the computer has been examined and it is found that the clock has not been tampered with, then it's just a question as to whether or not this is reliable evidence that the court can admit. But it's not, in my view, a statement made by anybody. It's a date and time left by a machine."

"And if, in fact, it can be established by a foundation that the computer was functioning appropriately, had not been tampered with, and the clock was accurate, in the court's view, especially in view of what's happening in our modern society with technology and computers and so on, in the court's view that would be credible, reliable evidence that the computer was working, the clock was accurate, it hadn't been tampered with, and this was the date and time the computer left with respect to when a file was accessed. If we couldn't do that, it would seem to the court that it would be impossible under most circumstances to have anything introduced by way of a computer record simply on the basis that it's hearsay. And the declarant is the computer. And the computer can't be cross-examined.

"So, my inclination would be that this is admissible. And I can't really tell you why, other than if the computer was working, it can be verified it was working, it can be verified it was functional and accurate; that that date and time left in a person's computer is admissible evidence. Now, I can't give you chapter and verse as to what it's called, why it's admissible, but simply in the court's view it would be because it's reliable and it's credible."

Defendant asked to have a continuing objection at trial and the court "so noted."

We have summarized above (ante, at p. 5) the testimony of computer expert Gordon Galligher about the computer file access times [98 Cal. App. 4th 1448] found on defendant's computer. After finding what appeared to be NTI source code on defendant's Camaro computer, he had investigator Smith use a UNIX command to display when the files had last been accessed. Several files were accessed after August 16, 1996, when defendant stopped working for NTI. A large number of files were accessed last on December 5, 1996, while a smaller number were accessed on May 15, 1997. As far as Galligher could tell, the computer clock was operating properly when the files were accessed.

Galligher acknowledged that the access times do not say who accessed the files and that various UNIX commands can access a file without a person actually looking at the contents of the file or knowing that he or she was accessing the file. Also, a systems administrator could change the time on a computer clock.

When the prosecutor offered the computer printouts into evidence, defendant counsel reminded the court there was a standing objection.

Defendant renews his hearsay objection on appeal. He contends that the computer printouts of the access dates do not qualify as business records under Evidence Code section 1271, which states: "Evidence of a writing made as a record of an act, condition, or event is not made inadmissible by the hearsay rule when offered to prove the act, condition, or event if:

"(a) The writing was made in the regular course of a business;

"(b) The writing was made at or near the time of the act, condition, or event;

"(c) The custodian or other qualified witness testifies to its identity and the mode of its preparation; and

"(d) The sources of information and method and time of preparation were such as to indicate its trustworthiness."

California cases have held computer printouts admissible when they fit within a hearsay exception as business records (People v. Lugashi (1988) 205 Cal. App. 3d 632, 641-642) or official records (People v. Martinez (2000) 22 Cal. 4th 106, 126-134). In Aguimatang v. California State Lottery (1991) 234 Cal. App. 3d 769, the court stated that if computer printouts are "offered for the truth, . . . they must qualify under some hearsay exception, such as business records under Evidence Code section[] 1271. . . . (Jefferson, [98 Cal. App. 4th 1449] Cal. Evidence Benchbook (2d ed. 1982) Vol. 1, § 4.3, pp. 236-237.)" (Id. at p. 797, fn. omitted.)

As defendant points out, these cases have not discriminated among the different types of information that computers can print out. A computer can be used to store documents and information entered by human operators. A computer can also be programmed to generate information on its own, such as a record of its internal operations. Some jurisdictions have recognized that the latter type of computer-generated information is not hearsay because it is not a statement by a person.

" 'Hearsay evidence' is evidence of a statement that was made other than by a witness while testifying at the hearing and that is offered to prove the truth of the matter stated." (Evid. Code, § 1200, subd. (a).) " 'Statement' means (a) oral or written verbal expression or (b) nonverbal conduct of a person intended by him as a substitute for oral or written verbal expression." (Evid. Code, § 225.) " 'Person' includes a natural person, firm, association, organization, partnership, business trust, corporation, limited liability company, or public entity." (Evid. Code, § 175.) The Evidence Code does not contemplate that a machine can make a statement.

The leading case of State v. Armstead (La.Ct.App. 1983) 432 So. 2d 837 explained: "The printout of the results of the computer's internal operations is not hearsay evidence. It does not represent the output of statements placed into the computer by out of court declarants. Nor can we say that this printout itself is a 'statement' constituting hearsay evidence. The underlying rationale of the hearsay rule is that such statements are made without an oath and their truth cannot be tested by cross-examination. [Citations.] Of concern is the possibility that a witness may consciously or unconsciously misrepresent what the declarant told him or that the declarant may consciously or unconsciously misrepresent a fact or occurrence. . . . [Citations.] With a machine, however, there is no possibility of a conscious misrepresentation, and the possibility of inaccurate or misleading data only materializes if the machine is not functioning properly." (Id. at p. 840; cf. Ly v. State (Tex.App. 1995) 908 S.W.2d 598, 600.) "The role that the hearsay rule plays in limiting the fact finder's consideration to reliable evidence received from witnesses who are under oath and subject to cross-examination has no application to the computer generated record in this case. Instead, the admissibility of the computer tracing system record should be measured by the reliability of the system, itself, relative to its proper functioning and accuracy." (State v. Meeks (Tenn. 1993) 867 S.W.2d 361, 376; cf. State v. Dunn (Miss. 1999) 7 S.W.3d 427, 431-432.)

We agree with this authority. As the trial judge in this case perceived, the true test for admissibility of a printout reflecting a computer's internal [98 Cal. App. 4th 1450] operations is not whether the printout was made in the regular course of business, but whether the computer was operating properly at the time of the printout. The trial court did not err in rejecting defendant's hearsay objection and admitting the printouts into evidence.

Evidence Code section 1552 (formerly section 1500.5) states: "(a) A printed representation of computer information or a computer program is presumed to be an accurate representation of the computer information or computer program that it purports to represent. This presumption is a presumption affecting the burden of producing evidence. If a party to an action introduces evidence that a printed representation of computer information or computer program is inaccurate or unreliable, the party introducing the printed representation into evidence has the burden of proving, by a preponderance of evidence, that the printed representation is an accurate representation of the existence and content of the computer information or computer program that it purports to represent."

This presumption operates to establish only that a computer's print function has worked properly. The presumption does not operate to establish the accuracy or reliability of the printed information. On that threshold issue, upon objection the proponent of the evidence must offer foundational evidence that the computer was operating properly.

On appeal defendant also contends that the prosecutor failed to establish the reliability of the information pertaining to the access times of the computer files. "[T]he testimony of Mr. Galligher made it clear that there were many ways in which the access date information could have been generated. . . . [I]n light of Mr. Galligher's testimony, the source, method and time of preparation were not such as to indicate trustworthiness."

In the trial court defendant objected that the printouts were hearsay, but not that they were unreliable. We note that the trustworthiness of a writing is one aspect that makes it admissible as a business record. But defendant did not specifically object in the trial court that the time and date were inaccurate. Accordingly, this objection is unavailable on appeal. (Evid. Code, § 353, subd. (a).)

Because defendant did not specifically object to reliability, the trial judge did not have much information on this topic at the time he ruled the printouts admissible. Based on the prosecutor's offer of proof that the computer clock was functioning properly, the trial court did not err in its ruling.

Defendant also contends that the trial evidence of the printouts was so unreliable as to deny his constitutional right to a fair trial. Defendant cites [98 Cal. App. 4th 1451] People v. Hernandez (1997) 55 Cal. App. 4th 225 in support. That case concluded that a defendant was prejudiced when a police department crime analyst testified about the results of her computer search of police records of sex crimes similar to those with which the defendant was charged. The appellate court concluded: "Under the circumstances of this case, where the outcome of the trial turned on the credibility of the two victims, whose descriptions of their attacker varied before and at trial and contained many inconsistencies and contradictions, we cannot say the trial court's error in admitting the analyst's testimony was harmless. (People v. Watson [(1956)] 46 Cal.2d [818] at p. 836.) The devastating effect on Hernandez's right to a fair trial by the admission of such 'pseudo-scientific' testimony, which basically elevated multiple layers of hearsay spit out by a computer system named Sherlock to truth, to bolster such credibility cannot be overstated." (Id. at pp. 243-244.) Hernandez found prejudice under a Watson standard, not the denial of a fair trial. It is factually dissimilar to our case. It involved computer-stored information, not computer-generated information.

Defendant suggests that this evidence of computer access times was so bad as to have compromised any chance of a fair trial. In our view, the jury was well aware of the limited value of this evidence. There was substantial testimony about how computer files could be accessed and whether access times could be manipulated.

The prosecutor's opening argument to the jury asserted in part: "[UNIX] records a great deal of information, but it doesn't record every access. We can only go by the last access. Something happened with these files on December 5th. And it didn't happen globally. It wasn't like he backed up every file in that system, because the files bear different access dates. He did something special with both the source code files on December 5th. In May 1997, he did something special with 2.6.102 file. He tagged every one that is actually a source code file. Headers and source code file, but not the others that are there in 2.6.102."

"And with 2.7.6, we have maybe the most striking evidence in the case. The area he accessed one file on that date, May 17th [sic] 1997, concerning the Ethernet card, the famous 3C509 or 590, and all of the files that were changed in the Aegis source code are related to Ethernet problems. That is proof positive that the source code file was accessed after he left and used."

In response defendant argued: "The access date argument is based on a clock. And there's been testimony regarding the clock and whether it's reliable. The testimony is that it can be changed by the user. It can be [98 Cal. App. 4th 1452] changed by modifying the clock. That anyone who has root access to a computer can change the access times." Anybody on that computer had root access. Also files can be accessed "by commands that don't imply actual human access." "There has been no evidence in this case whatsoever, zero, as to who did whatever was done that created those access times."

In closing argument, the prosecutor pointed out that the computer containing the source code was found in defendant's apartment.

The jury was informed that the computer printouts listing the access times of computer files only purported to show when files were last accessed, not how, why, or by whom. A computer expert explained to the jury how the time could be changed. Contrary to defendant's characterization, the expert's testimony did not establish "that the dates on the printouts were unreliable." These limits on the probative value of these printouts affected their weight, not their admissibility. (People v. Martinez, supra, 22 Cal.4th at p. 132.) We conclude that admission of this evidence was not error and it neither prejudiced defendant nor deprived him of a fair trial.


[10a] On appeal defendant contends that the trial court erred by failing to give a unanimity instruction sua sponte such as CALJIC No. 4.71.5. The jury should have been instructed that since defendant was charged with committing a crime between November 1, 1995, and August 16, 1996, the jury had to unanimously agree that the prosecutor had proved that defendant committed a specific act or acts constituting the crime within that time period.

[11] People v. Russo (2001) 25 Cal. 4th 1124 is instructive. "In a criminal case, a jury verdict must be unanimous. (People v. Collins (1976) 17 Cal. 3d 687, 693; see Cal. Const., art. I, § 16 [expressly stating that 'in a civil cause three-fourths of the jury may render a verdict' and thereby implying that in a criminal cause, only a unanimous jury may render a verdict].) . . . Additionally, the jury must agree unanimously the defendant is guilty of a specific crime. (People v. Diedrich (1982) 31 Cal. 3d 263, 281.) Therefore, cases have long held that when the evidence suggests more than one discrete crime, either the prosecution must elect among the crimes or the court must require the jury to agree on the same criminal act. (People v. Castro (1901) 133 Cal. 11, 13; People v. Williams (1901) 133 Cal. 165, 168; CALJIC No. 17.01; but see People v. Jones (1990) 51 Cal. 3d 294.) [98 Cal. App. 4th 1453]

"This requirement of unanimity as to the criminal act 'is intended to eliminate the danger that the defendant will be convicted even though there is no single offense which all the jurors agree the defendant committed.' (People v. Sutherland (1993) 17 Cal. App. 4th 602, 612.) For example, in People v. Diedrich, supra, 31 Cal. 3d 263, the defendant was convicted of a single count of bribery, but the evidence showed two discrete bribes. We found the absence of a unanimity instruction reversible error because without it, some of the jurors may have believed the defendant guilty of one of the acts of bribery while other jurors believed him guilty of the other, resulting in no unanimous verdict that he was guilty of any specific bribe. (Id. at pp. 280-283.) 'The [unanimity] instruction is designed in part to prevent the jury from amalgamating evidence of multiple offenses, no one of which has been proved beyond a reasonable doubt, in order to conclude beyond a reasonable doubt that a defendant must have done something sufficient to convict on one count.' (People v. Deletto (1983) 147 Cal. App. 3d 458, 472.)

"On the other hand, where the evidence shows only a single discrete crime but leaves room for disagreement as to exactly how that crime was committed or what the defendant's precise role was, the jury need not unanimously agree on the basis or, as the cases often put it, the 'theory' whereby the defendant is guilty. (See generally People v. Jenkins (2000) 22 Cal. 4th 900, 1024-1026.) The crime of burglary provides a good illustration of the difference between discrete crimes, which require a unanimity instruction, and theories of the case, which do not. Burglary requires an entry with a specified intent. (Pen. Code, § 459.) If the evidence showed two different entries with burglarious intent, for example, one of a house on Elm Street on Tuesday and another of a house on Maple Street on Wednesday, the jury would have to unanimously find the defendant guilty of at least one of those acts. If, however, the evidence showed a single entry, but possible uncertainty as to the exact burglarious intent, that uncertainty would involve only the theory of the case and not require the unanimity instruction. (People v. Failla (1966) 64 Cal. 2d 560, 567-569.) Other typical examples include the rule that, to convict a defendant of first degree murder, the jury must unanimously agree on guilt of a specific murder but need not agree on a theory of premeditation or felony murder (People v. Pride (1992) 3 Cal. 4th 195, 249-250), and the rule that the jury need not agree on whether the defendant was guilty as the direct perpetrator or as an aider and abettor as long as it agreed on a specific crime (People v. Santamaria (1994) 8 Cal. 4th 903, 918-919)." (Id. at pp. 1132-1133.)

[10b] Defendant contends that "the prosecutor pointed to two separate set[s] of facts in arguing that appellant was guilty of Count Two. The first [98 Cal. App. 4th 1454] was that the source code was found on appellant's personal computer. This, argued the prosecution was evidence that appellant intentionally copied the code and took it from Cisco. Next, the prosecution pointed to the UNIX dates as evidence that a year after leaving Cisco appellant accessed the source code and used the date to construct his own product. Each set of facts argued by the prosecution, if found true by the jury, could constitute a violation of section 502(c)(2). Yet these two acts occurred on different dates."

The Attorney General seemingly agrees, "some of the jurors in this case could have convicted appellant of violating section 502 on the theory that he copied the [PIX] source codes, while others convicted him on the theory that he simply made use of the source codes. Still others could have convicted him on the theory that he took the source codes with him when he left Cisco." The Attorney General contends that "these potential differences in theories of liability do not warrant an instruction on unanimity because the jury was ultimately unanimous that appellant committed a single violation of section 502 involving the [PIX] source code." "[E]ven if jurors in this case relied on different facts underlying the various theories of liability, they ultimately agreed that appellant committed a violation" of the statute.

Our review of the record shows that in argument to the jury the prosecutor elected what act amounted to the violation of section 502. Moreover, as the jury was instructed, defendant was charged with violating this statute between November 1, 1995 and August 16, 1996, while he was working for NTI. Evidence that someone accessed the source code on his home computer in May 1997 falls outside the charged crime.

In opening argument, the prosecutor said, "Despite the technical background of this case, this is actually a fairly easy case. It involves theft. Two kinds of theft. One of trade secrets. Actually, it's the same theft charged two different ways: one of a trade secret; one of a simple copying." The second count is "what I call the easy count." The prosecutor read the definition of the crime and argued: "I have no problem with [']knowingly accesses.['] [Defendant] knew of the network, knew of the system. He knows when he's making the copy that he's making the copy. And that's what -- actually, there is a definition of [']accesses,['] and you'll find that's exactly what it means.

"And there is no real problem [']without permission.['] That source code was never intended to leave Cisco." "[']Takes, copies, or makes use of['] it. He took it. He made a copy of it. He made use of it." The prosecutor argued that if defendant had taken it inadvertently, he would not have accessed it later. [98 Cal. App. 4th 1455]

"So let me summarize that as the easy count, other than that one. All we have to do is show that he copied and he copied with the specific intent knowing he was copying, knowing that he was taking. We don't have to show what he did with it afterwards. Just that he took it, knowing that he was taking it with the specific intent to take, copy or make use of data."

Later in opening argument, the prosecutor stated, "Count two, the illicit copy, all we have to do is show that he took that data knowing he was taking it."

In closing argument, the prosecutor stated, "Count two is almost like count one, with one element missing. He copied the access, knowingly accessed the Cisco computer and without permission took, copied that data, copied and moved it to his own computer, thereby completing a crime. And it wasn't inadvertent. It wasn't an accident. He did it on purpose, because he needed it. That's our case."

This was not a case where the prosecutor asked the jurors to select from among several discrete acts by defendant in order to convict him of violating section 502, subdivision (c)(2). Rather, the prosecutor repeatedly asserted in argument to the jury that the crime was completed when defendant copied his employer's source code files and took them home for installation on his home computer. The prosecutor did not rely on defendant's alleged later use of the source code as a separate violation of subdivision (c)(2). While defendant's conduct may be characterized as copying or taking, in fact his conduct amounted to both. Under the evidence offered, no juror could have found that defendant took the source code without copying it. Because the prosecutor's opening argument elected what conduct by defendant amounted to the crime charged, we conclude that no unanimity instruction was required. (People v. Diaz (1987) 195 Cal. App. 3d 1375, 1383.)

In light of this conclusion, we need not consider whether defendant was involved in a continuous course of conduct or whether defendant was prejudiced by the lack of a unanimity instruction.


[12] As noted above, a violation of section 502, subdivision (c)(2) is punishable alternately as a felony or a misdemeanor. (§ 502, subd. (d)(1).) After trial, defendant made a motion to reduce his conviction to a misdemeanor under section 17, subdivision (b). Defendant's motion was based on the statute's alleged vagueness and lack of a mens rea requirement. We have rejected both arguments above. [98 Cal. App. 4th 1456]

On appeal defendant contends that the trial judge might have relied on impermissible considerations in denying his motion to reduce the offense. This contention depends on the following facts.

In connection with defendant's sentencing, he submitted a 43-page typed document entitled "My Side Of The Story." The prosecutor responded to this document, writing that it demonstrated no remorse. "The defendant, who presented no defense and submits his statement ex parte, without exposing himself to cross-examination, has no inhibitions about casting aspersions on the credibility of everyone who did testify.1" In footnote 1, the prosecutor wrote, "Had the defendant submitted no statement, the People would have remained silent on this point. However, since he chose to do so, and to do so in a manner that circumvents any challenge by cross-examination, comment on his methods is fair. The contrast between the extensive, time consuming examination he imposed upon all prosecution witnesses and his own reluctance to be tested in the same manner, is striking."

At the hearing on defendant's motion, his attorney stated, "I was quite taken aback at Mr. Berry's response to our motion for a new trial in the degree to which he seems to take umbrage with Mr. Hawkins exercising his constitutional right to remain silent, his constitutional right to cross-examine witnesses, his constitutional right to allocute and submit a sentencing statement." The district attorney was attacking defendant "for exercising those constitutional rights."

The prosecutor essentially reiterated his response. Defense counsel asserted that defendant had acknowledged that he would change his conduct.

The court ruled as follows. "I'm not going to make a lot of comments, but I didn't glean that from his statement remorse for what he did. I gleaned more remorse for the fact that he found himself in a situation he didn't want to be in for conduct that he felt was not really culpable."

After denying the new trial motion, the court stated, "The motion to reduce pursuant to Penal Code section 17 is denied in the exercise of the court's discretion. I don't feel it's an appropriate case for a reduction for Penal Code section 17." The judge agreed with the jury based on the evidence that "it wasn't accidental. It wasn't inadvertent." When the police executed the search warrant, defendant "knew that the source code from Cisco would be on his computer. And he reacted in a fashion which indicated to the court and to the jury, I'm sure, a consciousness of guilt; that he'd been caught. He did exactly what he was charged with doing. He left Cisco, and at the time he left he had accessed the computer at Cisco. And [98 Cal. App. 4th 1457] when he downloaded his information, he took with him the source code. And he knew exactly what he was doing. And I think the jury found that. So, there is no question but that he's culpable.

"His statement to me through the probation department as to what happened is something he could have told the jury. He had an absolute right to remain silent and not testify, and that's a choice and decision he made. He's not going to be penalized for that. But, on the other hand, I'm not going to sit here now as a judge and say, well, if he had said this to the jury, they would have done something differently. The jury decided the case based on what they had, and I believe the evidence is more than sufficient to support the finding." What defendant did is prohibited by the statute.

"So for that reason, again, the motion under 17 was denied and the motion for new trial was denied, because I think the statute is, in fact, clear as to what the prescribed conduct is as to probation versus prison."

Defendant suggests that the trial court "improperly consider[ed] [defendant's] silence at trial in denying" his motion. (Capitalization omitted.) We see no evidence that the trial court did not mean what it said about not penalizing defendant for remaining silent. Defendant also contends that the trial court erred by ignoring defendant's allocution. In fact, the court expressly discussed whether defendant's written statement exhibited remorse.

Trial courts have broad authority in ruling on motions under section 17 to reduce a crime to a misdemeanor. (People v. Superior Court (Alvarez) (1997) 14 Cal. 4th 968, 977.) We conclude that defendant has not demonstrated that the trial court abused its discretion in denying his motion.


The judgment is affirmed.

Mihara, J., and Rushing, J., concurred.

FN 1. Unspecified section references are to the Penal Code.

FN 2. Section 502, subdivision (d)(1) states: "1) Any person who violates any of the provisions of paragraph (1), (2), (4), or (5) of subdivision (c) is punishable by a fine not exceeding ten thousand dollars ($10,000), or by imprisonment in the state prison for 16 months, or two or three years, or by both that fine and imprisonment, or by a fine not exceeding five thousand dollars ($5,000), or by imprisonment in a county jail not exceeding one year, or by both that fine and imprisonment."

FN 3. The jury here was erroneously instructed that a violation of section 502, subdivision (b)(2) involves the "specific intent to take, copy or make use of data without permission." Defendant does not complain of this error, which could only have benefited him.

FN 4. Subdivision references in this part are to section 502.

FN 5. In pertinent part, subdivision (b) states: "(1) 'Access' means to gain entry to, instruct, or communicate with the logical, arithmetical, or memory function resources of a computer, computer system, or computer network.

"(2) 'Computer network' means any system that provides communications between one or more computer systems and input/output devices including, but not limited to, display terminals and printers connected by telecommunication facilities. [¶] . . .[¶]

"(4) 'Computer services' includes, but is not limited to, computer time, data processing, or storage functions, or other uses of a computer, computer system, or computer network.

"(5) 'Computer system' means a device or collection of devices, including support devices and excluding calculators that are not programmable and capable of being used in conjunction with external files, one or more of which contain computer programs, electronic instructions, input data, and output data, that performs functions including, but not limited to, logic, arithmetic, data storage and retrieval, communication, and control.

"(6) 'Data' means a representation of information, knowledge, facts, concepts, computer software, computer programs or instructions. Data may be in any form, in storage media, or as stored in the memory of the computer or in transit or presented on a display device. [¶] . . . [¶]

"(8) 'Injury' means any alteration, deletion, damage, or destruction of a computer system, computer network, computer program, or data caused by the access, or the denial of access to legitimate users of a computer system, network, or program."

FN 6. We neither quote nor discuss subdivisions (c)(4) and (7).

FN 7. Section 352 states: "The court in its discretion may exclude evidence if its probative value is substantially outweighed by the probability that its admission will (a) necessitate undue consumption of time or (b) create substantial danger of undue prejudice, of confusing the issues, or of misleading the jury."

Some case metadata and case summaries were written with the help of AI, which can produce inaccuracies. You should read the full case before relying on it for legal research purposes.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.