In Surprising Twist Second Circuit Rules That Software Theft Is Not Covered by Federal Criminal Law

by Mike Mintz on April 23, 2012 · 0 comments

in Intellectual Property

The Second Circuit recently ruled that a software engineer at Goldman Sachs could not be prosecuted under Federal criminal law for his theft of encrypted software, overturning his criminal conviction which had sentenced him to eight years in prison, followed by a three-year supervised release and fines totalling $12,500.

The engineer in question, Sergey Aleynikov, just before leaving Goldman Sachs for a job at Chicago start-up Teza Technologies, uploaded encrypted source code from Goldman Sachs’s High Frequency Trading (“HFT”) system to a server located in Germany. An HFT system  provides for large volumes of trades in securities and commodities in fractions of a second.  The trades are based on mathematical calculations and past trading history.  Aleynikov later downloaded the source code to his home computer which was located in New Jersey.

The lower court convicted Aleynikov under the National Stolen Property Act (“NSPA”), 18 U.S.C. § 2314, and the Economic Espionage Act (“EEA”), 18 U.S.C. § 1832.  The Second Circuit ruled that neither statute applied to Aleynikov’s actions.

The NSPA makes it a crime to transmit stolen physical goods, wares or merchandise.  The statute was not relevant to the instant matter because the prosecution never alleged that Aleynikov physically took anything tangible from Goldman Sachs, such as a compact disc or a flash drive containing the HFT.  Hence, there was no physical theft.  The court noted that Aleynikov subsequently transported parts of the source code to Chicago via his laptop and flash drive. However, the NSPA is not violated unless the physical good being transported (in this case via computer) was a physical object at the time it was stolen.  The statute’s wording “contemplate[s] a physical identity between the items unlawfully obtained and those eventually transported.” Dowling, 473 U.S. at 216. If intangible property is stolen and later stored on a physical medium, it does not transform the intangible property into a stolen good.  Aleynikov did not “assume physical control” over anything when he took the source code from Goldman Sachs, and because he did not thereby “deprive [Goldman Sachs] of its use,” Aleynikov did not violate the NSPA. The court declined to “stretch or update statutory words of plain and ordinary meaning in order to better accommodate the digital age.”  The court indicated that this was a job for Congress, not the judiciary.

The EEA also did not apply because that statute only applies to products produced for or placed in interstate commerce.  Goldman Sachs intended to keep the source code a secret and had no intentions to sell or license it. As the court noted, the enormous profits the system yielded for Goldman Sachs depended on no one else having it. Because the HFT system was not designed to be placed in commerce, or to make something that does, Aleynikov’s theft of the encrypted source code was not a violation of the EEA. At most, the court opined, the EEA is facially ambiguous. Any ambiguities in criminal statutes are resolved in favor of the criminal defendant. Ambiguity concerning the ambit of criminal statutes should be resolved in favor of leniency. Rewis v. United States, 401 U.S. 808, 812 (1971).   “When choice has to be made between two readings of what conduct Congress has made a crime, it is appropriate, before we choose the harsher alternative, to require that Congress should have spoken in language that is clear and definite.”

Judge Calabresi, in a concurring opinion, urged Congress to revisit the statutes and craft language that would cover specifically this situation.

So where does this leave firms like Goldman Sachs that create valuable proprietary code? For starters, they have to take much stronger precautions to prevent theft from outsiders as well as from their own employees.  Second, they better be lining up their Washington lobbyists (if they have not already done so) to convince Congressional members to have the NSPA and EEA amended to close this gaping loophole.  Only then will the statutes have the “teeth” necessary to deal with theft of intangible property in the digital age.

Add a Comment

Asterisks (*) indicate required fields.

Use of and participation in this website are subject to Terms & Conditions