The “do something” resulting from the Enron scandal was Sarbanes-Oxley. To date, the law has done very little to curb corporate fraud — its intended target. But it has become a handy tool for prosecutors looking to stack charges against defendants far removed from the financial world.
We’ve discussed this at length before. One of the stipulations of Sarbanes-Oxley is the preservation of evidence. Failing to do so, or purposefully destroying records, can result in felony criminal charges. This, unfortunately, doesn’t even have to be willful destruction. The law forbids the destruction of evidence, regardless of personal knowledge of ongoing investigations, or even if no investigation has even commenced.
In a hypothetical posed recently (containing a real-world example), finding yourself in possession of child pornography poses a serious dilemma. Possession is a crime, but so is destruction of evidence. Sarbanes-Oxley demands the preservation of evidence in “foreseeable” investigations, and child porn possession is one of those crimes no law enforcement agency ignores.
This aspect of Sarbanes-Oxley is being used again, this time in relation to the Boston Marathon bombing. A cab driver who was friends with the Tsarnaev brothers is now facing multiple charges, including lying to investigators about his relationship with the Tsarnaevs, as well as destruction of records under Sarbanes-Oxley, the latter of which carries a 20-year prison sentence of its own.
Khairullozhon Matanov is a 24-year-old former cab driver from Quincy, Massachusetts. The night of the Boston Marathon bombings, he ate dinner with Tamerlan and Dhzokhar Tsarnaev at a kebob restaurant in Somerville. Four days later Matanov saw photographs of his friends listed as suspects in the bombings on the CNN and FBI websites. Later that day he went to the local police. He told them that he knew the Tsarnaev brothers and that they’d had dinner together that week, but he lied about whose idea it was to have dinner, lied about when exactly he had looked at the Tsarnaevs’ photos on the Internet, lied about whether Tamerlan lived with his wife and daughter, and lied about when he and Tamerlan had last prayed together. Matanov likely lied to distance himself from the brothers or to cover up his own jihadist sympathies—or maybe he was just confused.
Then Matanov went home and cleared his Internet browser history.
The last sentence is a criminal act, despite being something millions of people do every day. Some even utilize built-in options in their browsers that dump history and/or clear the cache upon exit. And yet, the law states that this is illegal, should a person ever end up under investigation for anything. That’s how broadly the law is written.
It was used to bring additional charges against David Kernell, who hacked into Sarah Palin’s email account. The actual hacking resulted in misdemeanor charges. The cleanup processes deployed by Kernell (clearing browser cache, running a disk defragmenter, deleting downloaded photos) were treated as felony obstruction of justice under Sarbanes-Oxley. When these actions occurred, Kernell wasn’t under investigation. At best, it could only be assumed that an investigation would result once the hacking attempt was discovered.
Some may feel this interpretation of the law is perfectly acceptable. People who engage in questionable and/or illegal activity shouldn’t be allowed to “cover up” their actions in this fashion. But this defense of Sarbanes-Oxley’s abused data retention stipulations suggests something very unpleasant about the government’s view of who serves who.
Hanni Fakhoury, a senior staff attorney at the Electronic Frontier Foundation, says the feds’ broad interpretation of Sarbanes-Oxley in the digital age is part of a wider trend: federal agents’ feeling “entitled” to digital data.
Under this law — and given the prevailing law enforcement/prosecutorial mindset — US citizens are almost expected to hold onto everything, just in case. The government feels it has the right to dig into your hard drive, browser history, etc. at whatever point it opens an investigation. And if you’ve “destroyed” any data prior to the examination of your electronic devices, you could face felony charges for performing simple computer maintenance.
As more and more data are stored online, the government wants and believes it deserves access to that data for policing purposes. But Fakhoury disagrees.
“The idea that you have to create a record of where you’ve gone or open all your cupboards all the time and leave your front door unlocked and available for law enforcement inspection at any time is not the country we have established for ourselves more than 200 years ago.”
This law has been on the books for thirteen years now. It hasn’t managed to rein in corporate malfeasance, but it’s proving to be having a negative effect on citizens who’ve never scammed a shareholder in their lives.