Answered step by step
Verified Expert Solution
Question
1 Approved Answer
Can you brief the following casing using the following form? Title and Citation Facts of the Case Procedural History Issues Holding(s)RationaleSeparare OpinionsConclusion Briggs v. Maryland
Can you brief the following casing using the following form? Title and Citation Facts of the Case Procedural History Issues Holding(s)RationaleSeparare OpinionsConclusion Briggs v. Maryland 704 A. 2D 904 (Md. Ct. App. 1998) Terry Dewain Briggs appeals his conviction for the crime of unauthorized access to computers, in violation of Maryland Code. ... The primary issue raised in this case is the meaning of the statutory requirement of access "without autho-rization" as used in 146. The question we must answer is whether an employee who is entitled to use an employer's computer system in connection with employment duties, but who exceeds the scope of that authorization, is acting in a manner proscribed by Article 27, 146. Briggs contends that his conduct did not come within the prohibition of the statute. We agree, and accordingly, shall reverse. In November, 1994, the Scarborough Group, Inc. (Scarborough), a medium-sized securities investment company, hired Terry Briggs as a computer programmer and system administrator. Briggs, a twenty-three-year-old computer special-ist, was hired to program and design software to maintain the company computer system. As part of his job responsibilities, he entered data in the computer system and placed passwords on the files to secure the data. The management of the entire computer system was entrusted to Briggs. Following a dispute on July 24, 1995, about the terms of his employment contract, Briggs resigned as an employee of the company. Shortly after Briggs left the company, Scarborough realized that some of its computer files were secured with passwords known only to Briggs. Scarborough and Briggs were unable to resolve the situation. Scarborough filed a civil suit against Briggs, and also contacted the Anne Arundel County police. The State charged Briggs in a two-count criminal information: count one, theft of computers, in violation of Article 27, 342(a) (1) and, count two, unauthorized access to computers, in violation of Article 27, 146(c) (2). At trial, Scarborough contended that Briggs changed the passwords two days before the meeting about Brigg's employment contract, and put them in a subdirectory named "ha-ha he-he," dated July 22, 1995 by the computer. Scarborough maintained that Briggs never had permission to place the company files in a directory and to protect the file with passwords, without anyone else in the company having access to the passwords. Although he denied any knowledge about "ha-ha he-he," Briggs admitted that he placed passwords on company files months earlier as part of his job in securing files, but that he had difficulty remembering the passwords because so much time had passed. Briggs suggested that Scarborough filed criminal charges against him in order to discredit him as a government witness in a Securities and Exchange Commission investigation that Briggs had initiated alleging that certain activities at Scarborough violated federal security regulations. Briggs maintained that the computer date on the password subdirectory had been changed to incriminate him. The State alleged that Briggs intentionally and willfully and without authorization accessed a computer system to interrupt the operation of the computer system and computer services. In his motion for judgement of acquittal, Briggs argued that he was not guilty as a matter of law (that the statute did not apply to his activities) and as a matter of fact (that he was fulfilling his employment responsibilities). Briggs reasoned that Article 27, 146 was not intended to apply to authorized computer users who, arguably, used their positions to cause harm to their employers by misusing the computer. The State argued that Briggs was guilty of unauthorized access, because although Briggs was authorized to access the computer system, he was not authorized to access the system in such a way as to interrupt the operation of the computer services of the system. The trial court denied Briggs's motion for judgement of acquittal, and the jury found Briggs guilty of unauthorized access to computers in violation of Article 27, 146(c)(2)(i). The court sentenced Briggs to one year incarcera. tion, with all but two days suspended, two years supervised probation, 150 hours of community ser-vice, and a fine of $500. The court also ordered him to cooperate with Scarborough and required him to release any remaining password information and client files. Briggs noted a timely appeal to the Court of Special Appeals. We granted certiorari on our own motion before consideration by that court. Appellant argues before this Court that Article 27, 146 criminalizes the conduct of an individual who intentionally and willfully accesses a computer without authorization and is inapplicable to conduct that can be characterized as only exceeding authorized access. He concludes that the statute is inapplicable on its face because, as part of his employment, he was authorized to access the computer system. The purpose of the statute, Appellant continues, was to deter unauthor ized users from breaking into computer systems, i.e., to prevent "hackers" from gaining unauthorized access. Briggs distinguishes operating a computer system without authorization from exceeding authorized access by using the computer in an improper manner. He concludes that application of this statute to his conduct is contrary to legislative intent. The State contends that even though access for other activities may have been authorized, a person, whether he is an employee, "hacker." or otherwise, violates the statute when that person "intentionally, willfully, and without authorization" accesses a computer system or any part of a computer system to cause the malfunction or interrupt the operations of the computer system or any part of that system. The State maintains that there was sufficient evidence to support the verdict because Briggs did not have authority to place passwords on the files without anyone else in the company having those passwords, and that he did so with the intent of interrupting the operation of the computer system. . . We need not address Appellant's factual argument that he was authorized to place passwords on Scarborough's computer system, because we find the second element dispositive and hold that Appellant's access to the computer was not "without authorization" within the meaning of the statute. When faced with a question of statutory construction, we look first to the plain meaning of the words of the statute, with the goal to ascertain and effectuate legislative intent. We give the words of the statute their ordinary and natural meaning. If the language of the statute is plain and clear and expresses a meaning consistent with the statute's apparent purpose, no further analysis is ordinarily required. On the other hand, if the language of the statute is ambiguous or unclear, "we must consider 'not only the literal or usual meaning of the words but their meaning and effect in light of the setting, the objectives and purpose of the enact-ment, in our attempt to discern the construction that will best further the legislative objectives or goals." The statute prohibits unauthorized access of a computer, computer network, or computer systems. "Access" is defined in the statute "to instruct, communicate with, store data in, retrieve data from, or otherwise make use of equipment including . . computers." $ 146 (a) (9). "Without authorization" modifies the word "access." Therefore, the unlawful act is unauthorized access. "Authorization" is not defined in the statute. Turning to dictionary definitions of "authorize," we find that Black's Law Dictionary 133-34 (6th ed. 1990) defines "authorize" lo mean "Ito empower; to give a right or authority to act. To endow with authority or effective legal power, warrant, or right. To permit a thing to be done in the future." (Citation omitted.) Similarly, Webster's New International Dictionary, Unabridged 186 (2d ed. 1950) defines "authorize" to mean "to clothe with authority or legal power; to give right to act; to make legal; to legalize; to give authoritative permission to or for; to justify." The testimony at trial that Briggs had authority to enter data in the computer and to place passwords on the files to secure the data establishes that he was authorized, under the statute, to "instruct, communicate with, store data in, retrieve data from and to make use of computer data equipment and other data processing equipment." ... The plain language of the statute suggests that if an employee were initially permitted to "instruct," "communicate with," "store data in," or "retrieve data from" the computer system, then that employee's access would be authorized. The statute makes no reference to authorized users who exceed the scope of their authority. If the Legislature intended the statute to cover employees who exceeded the scope of their authority or who misused their authority, it could have done so explicitly. We conclude that the intent of the General Assembly was to criminalize the misuse of computers or computer networks by those whose initial access was unauthorized. [Judgement of conviction reversed.]
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started