In United States v. Kernell, the Sixth Circuit held that by deleting evidence of defendant's hacking activities, he violated 18 U.S.C. § 1519 of the Sarbanes-Oxley Act. 667 F.3d 746 (6th Cir. 2012). The defendant used the forgotten password feature to obtain access to then-Governor Sarah Palin's personal e-mail account. Kernell was charged with, among other counts, violating § 1519, and he appealed that conviction.
After Kernell obtained access to the account, he publicly posted the login information to 4chan. Soon thereafter, he took several steps to cover his tracks, including deleting his temporary internet files, removing his browser, and defragmenting his hard drive. The FBI claimed these acts violated § 1519 which reads:
Whoever knowingly alters, destroys, mutilates, conceals ... with the intent to impede, obstruct, or influence the investigation ... of any department or agency of the United States ... shall be fined [or imprisoned].The issue was whether Kernell was aware of the investigation and knew he had a duty to keep the records. The Sixth Circuit found that Kernell's acts were "done in contemplation of an investigation that might occur." Further, he had even publicly acknowledged the possibility of such an investigation. "[Kernell] deleted the information on his computer out of a fear that the FBI would find it, plainly showing that he took his actions with the intent to hinder an investigation."
Courts have applied § 1519 in other cybercrime cases:
- United States v. Wortman, 488 F.3d 752 (7th Cir. 2007) (defendant who destroyed her boyfriend's CDs containing child pornography violated the statute because she knew of the investigation)
- United States v. Hicks, 438 Fed. Appx. 216 (4th Cir. 2011) (defendant destroyed hard drive upon learning agents wanted to speak with him)
- United States v. Keith, 440 Fed. Appx. 503 (7th Cir. 2011) (defendant deleted images of child pornography from a flash drive upon seeing police approach his house)