People v. Rodriguez-Morelos

Annotate this Case
Justia Opinion Summary

In 2015, Jesus Rodriguez-Morelos began offering Certified Nursing Assistant (CNA) classes, falsely claiming they were affiliated with the nonprofit organization United with Migrants. He charged students for these classes, which were not state-approved, and used the nonprofit's name and tax-exempt document without authorization. Complaints about the classes led to an investigation by the Colorado Department of Regulatory Agencies (DORA), revealing that Rodriguez-Morelos was unlawfully receiving money for the unapproved classes.

Rodriguez-Morelos was charged with several crimes, including identity theft under section 18-5-902(1)(a), C.R.S. (2024). A jury convicted him on all charges. On appeal, the Colorado Court of Appeals affirmed the theft and criminal impersonation convictions but vacated the identity theft conviction. The court concluded that the identity theft statute's definition of "personal identifying information" pertains to individuals, not organizations, and thus did not apply to Rodriguez-Morelos's use of the nonprofit's name and document.

The Supreme Court of Colorado reviewed the case and affirmed the Court of Appeals' decision. The court held that the identity theft statute's reference to "personal identifying information" applies only to information concerning single, identified human beings, not organizations. Therefore, Rodriguez-Morelos's actions did not constitute identity theft under the statute.

1

2025 CO 2

The People of the State of Colorado, Petitioner
v.
Jesus Rodriguez-Morelos. Respondent

No. 22SC982

Supreme Court of Colorado, En Banc

January 21, 2025


2

Certiorari to the Colorado Court of Appeals Court of Appeals Case No. 19CA915

Attorneys for Petitioner: Philip J. Weiser, Attorney General Wendy J. Ritz, First Assistant Attorney General Caitlin E. Grant, Assistant Attorney General Denver, Colorado

Attorneys for Respondent: Megan A. Ring, Public Defender Kira L. Suyeishi, Deputy Public Defender Denver, Colorado

3

JUSTICE HART delivered the Opinion of the Court, in which CHIEF JUSTICE MÁRQUEZ, JUSTICE BOATRIGHT, JUSTICE HOOD, JUSTICE GABRIEL, JUSTICE SAMOUR, and JUSTICE BERKENKOTTER joined. JUSTICE HOOD, joined by JUSTICE BOATRIGHT, specially concurred in the judgment.

4

OPINION

HART, JUSTICE

¶1 In 2015, Jesus Rodriguez-Morelos started running Certified Nursing Assistant ("CNA") classes, falsely telling prospective students that the classes were affiliated with the nonprofit organization United with Migrants. After receiving complaints about the classes, including that Rodriguez-Morelos was unlawfully receiving money for classes the state had not approved, the Colorado Department of Regulatory Agencies ("DORA") investigated.

¶2 The People charged Rodriguez-Morelos with several crimes, including identity theft in violation of section 18-5-902(1)(a), C.R.S. (2024), which prohibits the knowing use of "the personal identifying information ... of another" to obtain a financial benefit. The statute defines "[p]ersonal identifying information" as certain documents and information that can be used to identify "a specific individual." § 18-5-901(13), C.R.S. (2024). Given the statutory language, Rodriguez-Morelos argues that he could not be found guilty of identity theft under this provision because the classes he offered were associated with a nonprofit organization and not a specific individual.[1]

5

¶3 We agree. The provision of the identity-theft statute that references personal identifying information applies only to information concerning single, identified human beings. We therefore affirm the judgment of the court of appeals.

I. Facts and Procedural History

¶4 In 2015, Rodriguez-Morelos, who had previously worked as a volunteer for United with Migrants and other organizations providing aid to the migrant community, began offering CNA classes in that community. Without United with Migrants's authorization, he told prospective students the classes were affiliated with the nonprofit and held himself out as the group's "Director of Education" - a position that did not exist. Without the nonprofit's knowledge, he gave some students a tax-exempt document bearing United with Migrants's name. Each student enrolled in these classes paid $63 to Rodriguez-Morelos. Over time, he added other programs related to the medical profession at additional cost, also without the nonprofit's authorization.

¶5 Eventually, problems with these classes came to light: they were overcrowded; students felt that they were not learning the requisite skills; and Rodriguez-Morelos refused to provide students with receipts for their payments. Reverend Carol Meredith, who worked at an Aurora-based church where Rodriguez-Morelos volunteered, filed a report about the classes with DORA,

6

complaining about Rodriguez-Morelos's practices. DORA investigated and found that the CNA classes were not state approved, which meant Rodriguez-Morelos could not legally receive money for them.

¶6 The People charged Rodriguez-Morelos with three counts of theft, one count of criminal impersonation, and one count of identity theft. A jury convicted Rodriquez-Morelos as charged, and he appealed.

¶7 A division of the court of appeals affirmed the judgment of conviction for the theft and criminal impersonation charges but vacated the conviction for identity theft. People v. Rodriguez-Morelos, 2022 COA 107M, ¶ 1, 522 P.3d 213, 217. The division concluded that Rodriguez-Morelos's use of the nonprofit organization's name and tax-exempt document was not the use of personal identifying information under the id entity-theft statute because the statute defines "personal identifying information" as information pertaining to an individual, not an organization. Id. at ¶ 26, 522 P.3d at 220. The People petitioned for certiorari review, arguing that a nonprofit organization could also have statutorily covered personal identifying information. We granted the petition and now affirm the division's judgment.

IL Analysis

¶8 This matter presents a straightforward question of statutory interpretation, which we review de novo. See McCoy v. People, 2019 CO 44, ¶ 37,442 P.3d 379,389.

7

When we interpret statutes, we read the General Assembly's chosen language in context and construe it "according to the rules of grammar and common usage." Id. We avoid interpretations that would render any words or phrases superfluous. Id. at ¶ 38, 442 P.3d at 389; People v. Rojas, 2019 CO 86M, ¶¶ 11-12, 450 P.3d 719, 721.

¶9 Examining section 18-5-902(1) (a) with these precepts in mind, we conclude that Rodriguez-Morelos's use of United with Migrants's name and tax-exempt document did not constitute the use of personal identifying information under the statute.

¶10 Colorado's identity-theft statute provides that a person commits identity theft if that person: "[k]nowingly uses the personal identifying information, financial identifying information, or financial device of another without permission or lawful authority with the intent to obtain cash, credit, property, services, or any other thing of value or to make a financial payment. . . ." § 18-5-902(1) (a).

¶11 "Personal identifying information," "financial identifying information," and "financial device" are each statutorily defined. Neither the language in the definition of "financial identifying information," see § 18-5-901(7), nor the language in the definition of "financial device," see § 18-5-901(6), tether this type of information only to human beings -or generally to the identity of the

8

information holder. Instead, both definitions focus on different tools that can be used "to obtain cash, credit, property, services, or any other thing of value or to make a financial payment." § 18-5-901(7). The principal difference between the two definitions is that subsection 901(6) covers physical instruments or devices -such as checks or credit cards -and subsection 901(7) includes the type of information appurtenant to those devices - such as checking account or credit card numbers. § 18-5-901(6)-(7).

¶12 In contrast, the definition of "personal identifying information" in section 18-5-901(13) has a different focus.

"Personal identifying information" means information that may be used, alone or in conjunction with any other information, to identify a specific individual, including but not limited to a name; a date of birth; a social security number; a password; a pass code; an official, government-issued driver's license or identification card number; a government passport number; biometric data; or an employer, student, or military identification number.

§ 18-5-901(13) (emphasis added).

¶13 Notably, only human beings can possess most of the types of information listed in this definition of "personal identifying information." An organization does not have a social security number, a date of birth, a government-issued driver's license or identification card number, a passport number, biometric data, or a student or military identification number.

9

¶14 The People argue, however, that organizations do or could have some of the identifying information included within the definition - such as a name, which is what Rodriguez-Morelos used in this case to lend credibility to his classes - or a password or pass code. They further note that the definition of "personal identifying information" is not exclusive and that there might be other personal identifying information that an organization could hold.

¶15 These are both legitimate points. But we cannot ignore the fact that most of the identifying information included in this definition is exclusive to human beings, and we must read the definition in that light. Moreover, the General Assembly further indicated its intent to apply this aspect of the identity-theft statute to humans and not to organizations through the limitation of "personal identifying information" to what is used to identify "a specific individual." See id.

¶16 The statute does not define the term "specific individual," but dictionary definitions and common usage point in only one direction. We agree with the division's cogent analysis of the best way to read the dictionary definitions of these words when they are used together. Rodriguez-Morelos, ¶ 25, 522 P.3d at 219. "Specific" means "constituting or falling into a specifiable category." Specific, Merriam-Webster Dictionary, https://www.merriam-webster.com/dictionary/ specific [https://perma.cc/M8US-E47Q]. "Individual" is defined as "a particular being or thing as distinguished from a class, species, or collection: such as (1) a

10

single human being as contrasted with a social group or institution" or "a particular person." Individual, Merriam-Webster Dictionary, https:// www.merriam-webster.com/dictionary/individual [https://perma.ee/JJ3V-W3AG], As the division concluded, the best reading of these definitions together is that an "individual" means "a single human being as contrasted with a social group or institution." Rodriguez-Morelos, ¶ 25,522 P.3d at 219. This reading "gives voice to both the noun and the adjective" without rendering the adjective "specific" superfluous. Id.

¶17 The People's final argument is that the class of victims contemplated by the statute includes organizations as well as individuals and that the division's reading of the statute ignores that legislative intent. In particular, they observe that section 18-5-902(1)(a) prohibits the use of the "personal identifying information, financial identifying information, or financial device of another" and that "another" includes both individuals and organizations. (Emphasis added.) Therefore, they argue, personal identifying information must include information of organizations.

¶18 We agree that the phrase "of another" defines the class of victims under the statute. And organizations are included in that class of victims. See § 18-5-901(11) (defining "another" to include both "a natural person" and "a business entity"). But reading personal identifying information as pertaining only to human beings

11

does not render this phrase superfluous. Organizations are within the class of victims protected by the statute because a defendant can be convicted of identity theft by using the financial identifying information or financial device of an organization. As we have explained, however, the definition of personal identifying information within the statutory scheme is focused on specific individuals and does not apply to organizations. For that particular type of identity theft, a defendant can only be convicted when the crime is committed against a specific human person.

¶19 Therefore, based on the plain language of the statute, Rodriguez-Morelos did not commit identity theft against United with Migrants when he used the nonprofit's name and distributed the tax-exempt document without permission. Neither act constitutes the use of (1) personal identifying information as contemplated in the statute; (2) financial identifying information; or (3) the financial device of the organization.

III. Conclusion

¶20 Colorado's identity-theft statute provides that personal identifying information concerns only single, identified human beings and not nonprofit organizations. We therefore affirm the judgment of the court of appeals.

JUSTICE HOOD, joined by JUSTICE BOATRIGHT, specially concurred in the judgment.

12

JUSTICE HOOD, joined by JUSTICE BOATRIGHT, specially concurring.

¶21 While the majority reaches the right conclusion under our rules of statutory interpretation, I believe that Colorado's identity theft statute is ambiguous, and the legislature might have intended a different result. So, I join the majority's opinion, but I write separately to urge the General Assembly to clarify its intent.

I. Analysis

¶22 Under Colorado law, a person commits identity theft if he "[k]nowingly uses the personal identifying information, financial identifying information, or financial device of another without permission or lawful authority with the intent to obtain cash, credit, property, services, or any other thing of value or to make a financial payment." § 18-5-902(1)(a), C.R.S. (2024) (emphases added).

¶23 On the one hand, the term "of another" defines the class of victims as both "a natural person" and "a business entity." § 18-5-901(11), C.R.S. (2024); see also Maj. op. ¶ 18 (acknowledging that "'another' includes both individuals and organizations"). Moreover, the definitions of "financial identifying information" and "financial device" contain terms that apply to a victim who is a natural person or that is an entity. § 18-5-901 (6)-(7); see also Maj. op. ¶ 11. On the other hand, the definition of "personal identifying information" mostly contains terms that would apply to a natural person. § 18-5-901(13); see also Maj. op. ¶ 13.

13

¶24 The key to the present dispute is whether entities can be victims of identity theft involving the use of personal information and not just involving the use of financial identifying information and the use of a financial device. § 18-5-902(1)(a). Did the General Assembly intend that an entity -such as United with Migrants -could be the victim of identity theft when the defendant's conduct involves the use of the items or information included in the definition of personal identifying information?

A. Statutory Interpretation

¶25 In interpreting a statute, our primary purpose is to effectuate the intent of the General Assembly. McCoy v. People, 2019 CO 44, ¶ 37, 442 P.3d 379, 389. We first look to the plain language of the statute, giving "words and phrases their plain and ordinary meanings." Id. "[W]e must avoid constructions that would render any words or phrases superfluous or lead to illogical or absurd results." Id. at ¶ 38, 442 P.3d at 389.

¶26 A statute is ambiguous if it is reasonably susceptible to multiple interpretations. Id. If the meaning of the statute is unambiguous, we need not employ other interpretive tools. Id. If it is ambiguous, "then we may consider other aids," such as employing tools of statutory construction, considering the statute's legislative history, and considering "the end to be achieved by the statute." Id.; see also St. Vrain Valley Sch. Dist. RE-1J v. A.R.E. ex rel. Loveland, 2014 CO 33, ¶ 11, 325 P.3d 1014, 1019; § 2-4-203(1), C.R.S. (2024)

14

("If a statute is ambiguous, the court, in determining the intention of the general assembly, may consider among other matters: (a) The object sought to be attained ....").

B. Both Interpretations Are Reasonable

¶27 The statute is ambiguous because both the majority's and the Attorney General's interpretations of the statute are reasonable.

¶28 As noted above, the identity theft statute prohibits wrongful use of three types of information "of another" - personal identifying information, financial identifying information, and a financial device. § 18-5-902(1)(a). The term "of another" means both "a natural person" or "a business entity." § 18-5-901(11).

¶29 But the statute also defines "personal identifying information" as:

information that may be used, alone or in conjunction with any other information, to identify a specific individual, including but not limited to a name; a date of birth; a social security number; a password; a pass code; an official, government-issued driver's license or identification card number; a government passport number; biometric data; or an employer, student, or military identification number.

§ 18-5-901(13) (emphasis added). Unfortunately, the statute doesn't tell us what "specific individual" means.

¶30 The majority reasons that because most items listed in the definition apply only to natural persons, this type of identity theft can only be inflicted on victims who are natural persons. The majority's analysis implicitly (and soundly) rests on the "well-worn canon of statutory construction, noscitur a sociis, 'a word may be

15

known by the company it keeps.'" St. Vrain Valley Sch. Dist., ¶ 22, 325 P.3d at 1021-22 (quoting Graham Cnty. Soil &Water Conservation Dist. v. United States ex rel. Wilson, 559 U.S. 280, 287 (2010)). According to the canon, because terms such as "date of birth," "social security number," "driver's license," "passport number," and "biometric data" can only belong to a natural person, the remainder of the terms should be similarly limited. This canon also helps clarify "employer, student, or military identification number," suggesting that the General Assembly may have intended "employer identification number" to mean a number that an employer assigns an employee (rather than one assigned to an entity employer).

¶31 The majority also reasonably relies on dictionary definitions and common usage analysis of "specific individual" that indicate that the term means "a single human being as contrasted with a social group or institution." Maj. op. ¶ 16 (quoting Individual, Merriam-Webster Dictionary, https://www.merriam-webster.com/dictionary/individual [https://perma.cc/JJ3V-W3AG]).

¶32 Conversely, the Attorney General reasonably asserts that the General Assembly's definition of the term "of another," which includes entities, seems designed to encompass all three types of identity theft. Likewise, section 2-4-401(8), C.R.S. (2024), states: "The following definitions apply to every statute, unless the context otherwise requires: . . . 'Person' means any individual, corporation, government or governmental subdivision or agency, business trust, estate, trust,

16

limited liability company, partnership, association, or other legal entity." This definition suggests that "personal information" could include the information of an entity.

¶33 The Attorney General also notes that the General Assembly could have used "natural person" instead of "specific individual" if it wished to constrain the definition of personal identifying information to that one class of victims. The General Assembly also doesn't explain why it would limit identity theft involving personal identifying information to natural persons when the other forms of identity theft are more expansive.

¶34 Lastly, the Attorney General asserts that the legislative history points toward the General Assembly's intent that entities can be victims of all three types of identity theft. The Attorney General notes that one witness before the House Judiciary Committee, who was introduced to explain the "technicalities" of the bill, stated that it was important that the definition of the term "of another" includes entities. Hearing on H.B. 1326 before the H. Judiciary Comm., 65th Gen. Assemb., 2d Sess. (Feb. 23, 2006).

¶35 The Attorney General's interpretation of the text is sufficiently compelling to render the statute ambiguous. This ambiguity permits us to consider the legislative history. However, I'm not persuaded that the legislative history is helpful in resolving that ambiguity. In the House Judiciary Committee, one bill

17

sponsor briefly mentioned the cost of identity theft to businesses along with the toll it takes on citizens. Id. But those testifying in favor of the bill before both the House and Senate Judiciary Committees, including the witness cited by the Attorney General, shared stories in which the victims were exclusively natural persons. Id.; Hearing on H.B. 1326 before the S. Judiciary Comm., 65th Gen. Assemb., 2d Sess. (Apr. 24, 2006). And when the House Judiciary Committee voted to strike an instance of "a person" and replace it with "another" in the description of the crime, the bill sponsor emphasized that "another" encompasses both living and dead persons and later, before the whole House of Representatives, described the impact of identity theft on the families of deceased victims, with no mention of entities. Hearing on H.B. 1326 before the H. Judiciary Comm., 65th Gen. Assemb., 2d Sess. (Feb. 23, 2006); Second Reading of H.B. 1326 before the House, 65th Gen. Assemb., 2d Sess. (Apr. 11, 2006).

¶36 Even though the legislative history is cryptic, we may also consider the object that the General Assembly wished to attain. The identity theft statute's use and definition of the term "of another" suggest that the General Assembly's goal was to protect natural persons and entities in Colorado from being victimized by identity theft. Given this overarching purpose, it seems odd to conclude that the General Assembly nonetheless meant to exclude entities from the protection afforded to those whose personal identifying information is stolen (particularly

18

the entity's name). Yet, the majority's reasoning wins the day under the law governing statutory interpretation.

¶37 Because the definition of "personal identifying information" is reasonably susceptible to multiple interpretations, its meaning is ambiguous. Although the majority's analysis is reasonable, it seems the legislature might have intended a different result. I therefore respectfully urge the General Assembly to clarify its intent.

---------

Notes:

[1] We granted certiorari to review the following issue:

1. Whether the court of appeals erred in holding that the crime of identity theft does not apply to a business entity's personal identifying information and applies only to information concerning single, identified human beings.

---------

Some case metadata and case summaries were written with the help of AI, which can produce inaccuracies. You should read the full case before relying on it for legal research purposes.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.