Roy v New Zealand Police HC Wellington CRI 2008 485 38
[2008] NZHC 2524
•25 August 2008
IN THE HIGH COURT OF NEW ZEALAND WELLINGTON REGISTRY
CRI 2008 485 38
KEVIN DOUGLAS LE ROY
Appellant
v
NEW ZEALAND POLICE
Respondent
Hearing: 19 August 2008
Counsel: D A Ewen for appellant
F S Moraes for respondent
Judgment: 25 August 2008
RESERVED JUDGMENT OF DOBSON J
[1] This matter has had a protracted history. In February 2006, the appellant was charged with an offence against s 249(1)(a) of the Crimes Act 1961, in that, between
26 September 2004 and 26 August 2005, he:
…dishonestly, and without claim of right, accessed a computer system for the purpose of obtaining a benefit, namely access to the electronic mail messages and password for Sarah Anderson’s e-mail account stored on Telstra Clear’s computer system.
[2] District Court Judge Behrens QC determined that the reference to a “benefit”
was confined to benefits of a financial nature. There being none present, he was inclined to dismiss the information. An appeal by way of Case Stated was pursued
LE ROY V NEW ZEALAND POLICE HC WN CRI 2008 485 38 25 August 2008
on behalf of the Police, and was the subject of a reserved judgment delivered by Gendall J on 12 October 2006. That decided that the word “benefit” where it appears in the section is not confined to benefit of a financial or pecuniary nature. Gendall J’s judgment also answered “yes” to the question:
Whether in all the circumstances of the case the information as worded and set out above in paragraph 1 of this Case Stated discloses an offence pursuant to section 249(1)(a) of the Crimes Act 1961?
[3] That judgment directed that the information be remitted back to the District
Court for a rehearing in light of the answers provided in the Case Stated.
[4] In an oral judgment on 12 July 2007, District Court Judge Broadmore found the charge proven. In September 2007 the Judge found that grounds were made out under s 107 of the Sentencing Act 2002 to discharge without conviction and that outcome was ordered under s 106 of that Act. In the exchanges leading to that outcome, Mr Ewen in submissions had apparently requested that, to preserve an entitlement to appeal, a discharge on those terms be accompanied by an order that the defendant pay a nominal amount in costs, so as to give this Court “unquestioned jurisdiction on appeal”.
[5] In April 2008, the Judge obliged, by ordering that the defendant was to pay costs of $5. The Police did not accept that that order did create jurisdiction, and the jurisdiction to bring the present appeal was the subject of a separate argument before MacKenzie J on 29 July this year, resulting in a reserved judgment on 31 July 2008 confirming that an appeal does lie in these present circumstances.
The facts
[6] The appellant and the complainant had previously been married, having separated in 2001, and subsequently divorced. The complainant obtained a temporary protection order against the appellant in December 2001 and that was made permanent in June 2002. During the course of their marriage, the couple had operated a joint email account and the arrangements made on separation included that the email account would be transferred to the complainant. Sometime after their
separation, the appellant became an employee of Telstra Clear in a position which gave him access to email addresses maintained via the internet service provider, Paradise, which by that time had been taken over by Telstra Clear. In the period starting in September 2004 and continuing to August 2005, the appellant accessed the formerly joint email account which had been transferred to the complainant in
2001.
[7] The agreed summary of facts relied upon at the original hearing included a statement that the appellant had accessed the account (“obsidian- [email protected]”) some 36 times. At the subsequent hearing before District Court Judge Broadmore where contested evidence was heard, a former Telstra Clear employee produced a business record which purported to record in the period between September 2004 and August 2005 that the obsidian-jaguar email account had been accessed some 36 times by Mr Le Roy, as well as there being 14 other entries recording occasions on which some eight other Telstra Clear employees had access to that email account. That business record had been produced without objection, but there was a subsequent dispute as to what it established. The witness who produced it was unable to confirm from his personal knowledge the significance of the entries recorded in it.
[8] Perhaps for that reason, or perhaps because of a measure of confusion as to what was involved in accessing the email account, and how it was achieved, focus at the last District Court hearing centred upon the admission by the appellant that he had gone into that email account on between two and four occasions in the relevant period, and that he had done so to check for any emails addressed to him.
[9] The appeal raised two issues. First, whether the prosecution had established that the appellant obtained a benefit from accessing the email account, and secondly whether the District Court Judge was correct in rejecting a defence of claim of right.
Establishing a benefit
[10] There seemed to be two aspects to the appellant’s argument on this first issue. First, that the information transposed the element of the offence that required
dishonesty, and secondly that the Judge erred in treating the Case Stated decision of Gendall J as establishing that a benefit had been obtained, whereas all that the Case Stated established was that a benefit might be made out without establishing a financial advantage, and that it remained for the Police to establish that on evidence whereas the learned District Court Judge did not require the Police to prove this element of the charge at the second hearing.
[11] I consider the first argument to be an unsustainably narrow approach to the interpretation of s 249(1)(a). That section provides:
249 Accessing computer system for dishonest purpose
(1) Every one is liable to imprisonment for a term not exceeding 7 years who, directly or indirectly, accesses any computer system and thereby, dishonestly or by deception, and without claim of right,—
(a)obtains any property, privilege, service, pecuniary advantage, benefit, or valuable consideration; or …
[12] The linking of access to the obtaining of, inter alia, a benefit, using the word “thereby” cannot require a separate element to be proved that the benefit was obtained dishonestly. I accept the submission for the Police that the phrase “and thereby, dishonestly or by deception, and without claim of right,” relates to the conduct in obtaining access to a computer system and achieving some measure of success in the sense of accessing data or information to constitute an outcome that will render the conduct an offence in terms of s 249(1). There is no justification, either as a matter of interpretation, or in terms of the evident policy behind the introduction of the offence created by s 249, to require the establishment of a separate requirement attributing dishonesty to the obtaining of the benefit.
[13] Mr Ewen’s argument was to the effect that the terms of the information required proof of a dishonest mode of gaining access to the electronic mail messages, and that this had not been made out. “Dishonestly” is defined in s 217 of the Crimes Act as:
In relation to any act or omission, means done or omitted without a belief that there was express or implied consent to, or authority for, the act or omission from a person entitled to give such consent or authority.
[14] Here, it was clear that access for personal purposes was certainly beyond the permitted circumstances in which Telstra Clear recognised any entitlement to exploit the power its position gave to employees, by virtue of being a provider of the internet service. More particularly, common sense strongly supports the Judge’s finding that the circumstances of separation from the complainant meant that the appellant could not thereafter access the email account, without the consent or authority of the complainant, which he clearly did not have. After a lapse of three years, he sought to exploit surreptitious access to it, by misusing a power available to him by his employment.
[15] Accordingly, this challenge to the requirement to establish an element of dishonest conduct cannot succeed.
[16] On the second aspect of this ground, the District Court Judge did treat the issue of whether the appellant received a benefit as being resolved by the decision of Gendall J:
The appeal was on the question of whether it could be said that Mr Le Roy had received a benefit, the High Court holding that he had. That is now, therefore, not an issue between the parties. ([9])
[17] Mr Ewen now argues that was not the position, inviting an analysis of paragraphs [21] and [29] of the decision of Gendall J as going no further than recognising that a non-financial or non-pecuniary benefit would be sufficient. His Honour said:
…access to any computer system may be for an infinite variety of reasons or purposes not all of which are to obtain pecuniary advantages. Access may afford the accessing party information to which the wrongdoer is not entitled. Of course, there must be a dishonest intent in obtaining such access. ([21])
[18] A clear indication on the way the matter had been argued up to that point is also disclosed in a later comment in the judgment where the wording of the information was being considered:
But the respondent was not prejudiced by this, and nor was his counsel, given that the matter proceeded by consent on the basis of agreed facts with counsel accepting that the charge would be proven if the interpretation of “benefit” relied upon by the prosecution was correct. ([29])
[19] The tenor of District Court Judge Broadmore’s decision now subject to appeal is consistent with the view that a requisite benefit had been obtained. However, Mr Ewen is correct that, given the stance indicated in paragraph [9] of the judgment quoted above, the existence of some form of non-pecuniary benefit accruing to the appellant was not the subject of a specific finding.
[20] Mr Ewen went on to argue that there was no benefit made out by reference to the definition of that notion in Gendall J’s decision, recognising that the absence of a specific finding on the point by Judge Broadmore is not the end of the matter. Given the protracted history, and the basis on which various defences appear to have been run at the successive hearings of the matter, I do consider it appropriate to go on and evaluate whether the evidence established a benefit, or whether Mr Ewen’s submission is correct that none is made out.
[21] Accessing the email account that he had agreed, some three years earlier, was to become the separate and private property of his former partner, gave the appellant access to the history of both inwards and outwards electronic mail through that particular email address. In the context of this relationship, and the existence of a protection order enforcing the absence of contact, accessing the email account gave the appellant a meaningful benefit, irrespective of the extent to which he opened particular emails, or even considered the sender and the subject line indicating the nature of the content of individual emails.
[22] Here, the appellant exploited a means of getting access that was not properly available to him, without the knowledge or consent of his former partner whose separate property the account had become.
[23] Mr Ewen’s argument depended on the proposition that the prosecution could not make out any requisite “benefit” unless it established that the defendant had opened a particular email, or learned particular information which was of benefit to him. There was no evidence as to whether it is possible to electronically reconstruct whether particular emails have been opened and, if so, by whom. However, I take the view that the terms of s 249 cannot impose any such evidentiary obligation. The notion of obtaining any property, privilege, service, pecuniary advantage, benefit or
valuable consideration is sufficiently established once the prosecution makes out that access has been gained to a computer system, the contents of which are such as to confer an advantage. Mr Ewen argued that this must be insufficient, otherwise the section does not have any additional element beyond the somewhat simpler charge under s 252 of accessing a computer system without authorisation. However, the additional element that constitutes the benefit in the present circumstances is the access it afforded to the electronic property of his former partner, from which he was excluded both by agreement, and arguably also by the terms of the protection order in place.
[24] Although the judgment under appeal does not arrive at this conclusion by reasoning along these lines, the approach is consistent: once the definition of “benefit” extending to non-pecuniary advantage is applied, the appellant’s admission of accessing the email account makes it a non-issue. Accordingly, the first ground of the appeal cannot be made out.
Was the defence of claim of right made out?
[25] It appears this may have been argued somewhat differently on behalf of the appellant, in the District Court. Judge Broadmore began his reasoning on the claimed defence in the following terms:
As to the defence of claim of right, Mr Le Roy’s explanation is that he thought he was entitled to access the account because he had set it up initially and remained associated with it as a registered user. I reject that explanation as a recent construct… ([24])
[26] On appeal, this argument was cast rather as a claim that Mr Le Roy believed he was entitled to access it because emails might have been sent to him there, so he could go into it for the purposes of checking his own emails. I do not consider this makes a material difference to the factual finding which was, in essence, that the appellant did not genuinely believe he had authority or the necessary consent to surreptitiously access this email account, without it being cleared, by some means, with the complainant in advance. It is relevant that he apparently had not made any attempt to check the emails that might have come to him on that account for a period of three years, and that he only sought to do so, in essence by stealth, when the
opportunity presented itself as a power that would not have been available but for his employment with the company operating the email server.
[27] The Supreme Court decision in R v Hayes [2008] 2 NZLR 321 emphasised that the claim of right needs to relate to a belief in respect of the specific conduct in question. If the appellant considered he had some moral entitlement to get at his emails, that does not constitute a claim of right to repeatedly and secretively access the user account. Conceptually, the point is that if he did consider he had a right to access his own emails, he ought nonetheless to recognise he had no right to access the other information that would necessarily be available to him, if he secretly accessed the email account. Pursuing anything that he believed to be his right by a means that enabled him, should he choose to, to access information to which he did not have a right, would deprive him of being able to assert that he had a claim of right to proceed as he did.
[28] For all these reasons, the second argument on the appeal must also fail and accordingly the appeal is dismissed.
Dobson J
Solicitors:
D A Ewen, Wellington for appellant
Crown Solicitor’s Office, Wellington for respondent
0
0
0