The McAfee Cryptocurrency Fraud Case

Tech celebrity John McAfee and his former bodyguard and business associate Jimmy Watson, Jr. were indicted last week on fraud and money laundering charges. The indictment alleges that in 2018 the two engaged in a series of fraudulent schemes related to investments in cryptocurrencies, taking in more than $13 million. The charges highlight the ability of alleged fraudsters to adapt old-school techniques to new technologies. As the McAfee fraud case demonstrates, when it comes to fraudulent schemes, the classics never grow old.

John McAfee
John McAfee

The Defendants

John D. McAfee is a 75-year-old American citizen who was born in the U.K. He is best known for creating the computer antivirus software and company that still bear his name. Since selling his company, McAfee has been a popular figure at tech industry conferences and on various media platforms such as YouTube and CNBC. He has cultivated an image as an expert in cryptocurrency and cybersecurity. Of particular relevance to the criminal case, at the time of his alleged crimes his official McAfee Twitter account had more than 750,000 followers.   

The co-defendant Jimmy G. Watson Jr. is forty years old and a former Navy Seal. At the end of 2017 he began working for McAfee as a private security guard, and later became his “Executive Advisor.” McAfee had a team of people working for him on cryptocurrency investments, and Watson ultimately became a leading member of that team.

Cryptocurrency: Bitcoin and Beyond

Cryptocurrencies, or digital currencies, are electronic representations of value that operate like traditional coin or paper currencies. They can be used as a medium of exchange to make purchases or investments, and may be traded back and forth among individuals. The issuance and exchanges of cryptocurrencies are tracked in digital ledgers known as blockchains. Unlike more traditional currencies, cryptocurrencies are not issued by, or backed by, any government. Ultimately they depend for their value on the agreement and faith among those who use them.

The best-known cryptocurrency is bitcoin, which has been extremely volatile and, for many of its investors, extremely lucrative. It has undergone a number of boom and bust cycles, but the overall trend is hard to ignore: a single bitcoin that was worth less than a dime in 2010 is worth more than $54,000 at this writing (of course, by the time you read this, it could be worth twice that – or half).

Returns like that inevitably attract attention. Many companies and individuals have launched their own cryptocurrencies, with varying degrees of success, and several thousand are now available on the market. Cryptocurrencies other than bitcoin are often referred to as “altcoins.” Startup companies use an “initial coin offering” or “ICO” – similar to an initial public offering or IPO – to raise funds by issuing and selling the digital tokens in their new altcoins.

Returns like that also inevitably attract the interest of government regulators and law enforcement. The government alleges in the indictment that certain uses and aspects of digital currencies qualify them as commodities under federal law, making trading in them subject to regulation by the Commodity Futures Trading Commission. The indictment also alleges that in some cases cryptocurrencies qualify as securities subject to federal securities law and regulation by the Securities Exchange Commission. More broadly, just last October the Attorney General’s Cyber-Digital Task Force released a detailed report, “Cryptocurrency Enforcement Framework,” analyzing multiple law enforcement issues related to the rise of cryptocurrencies.

McAfee Indictment

The Fraud Schemes

The indictment charges that McAfee, with the help of Watson and other unnamed co-conspirators, engaged in two different types of fraud schemes involving altcoins. The first was what is known as a “pump and dump” or “scalping” scheme. McAfee would direct his team members to purchase large quantities of a particular altcoin, either in his name or on his behalf. After the purchases, McAfee would endorse that altcoin on his official Twitter account and encourage others to invest in it (the “pump”) without disclosing that he owned large amounts of it himself. When the price rose based on the interest and activity created by his endorsements, McAfee and his team members would sell their holdings (the “dump”). This often left those who invested based on his recommendations holding the bag, as the value of the altcoin would drop significantly over time once McAfee stopped endorsing it.

McAfee allegedly pumped and dumped a number of altcoins this way, using his Twitter account to promote a “coin of the day” or “coin of the week”. McAfee’s Tweets allegedly contained false and misleading statements about the investments and did not disclose his true reason for the endorsement: to run up the price so he could sell. He also allegedly repeatedly lied when asked on Twitter and elsewhere whether he was pursuing his personal financial interests, and denied owning the altcoins he was promoting.

The indictment charges that in December 2017 and January 2018, the defendants and other McAfee team members earned more than $2 million through pump and dump schemes involving twelve different publicly-traded altcoins.

The indictment also charges a second, more lucrative scheme, the “IPO touting scheme.” It alleges that over about a three-month period in late 2017 and early 2018 the defendants and other McAfee team members promoted at least seven ICOs on Twitter. As compensation for these promotions, the McAfee team received more than $11 million worth of bitcoin and other cryptocurrencies from the ICO offerors. In each case, McAfee allegedly failed to disclose to the ICO investors that a substantial portion of the funds raised by the ICO he was promoting would be paid to McAfee. The indictment also alleges that the defendants took active steps to conceal their compensation arrangements from the ICO investors.

Criminal Charges in the McAfee Fraud Case

The indictment uses several different theories to charge the two schemes:

  • Count 1: Conspiracy to commit commodities and securities fraud (pump and dump scheme)
  • Count 2: Conspiracy to commit wire fraud (pump and dump)
  • Count 3: Wire fraud (pump and dump)
  • Count 4: Conspiracy to commit securities fraud (touting scheme)
  • Count 5: Conspiracy to commit wire fraud (touting)
  • Count 6: Wire fraud (touting).

Finally, Count 7 charges conspiracy to commit money laundering under 18 U.S.C. § 1957. Unlike money laundering charges under the more commonly charged section 1956, section 1957 does not require proof of any intent to disguise or conceal the nature and source of the funds or any other specific purpose for the laundering transaction. It may be violated simply by taking criminal proceeds and depositing them in the bank, so long as the transaction exceeds $10,000. The indictment alleges that the defendants did this with the proceeds of the touting wire fraud alleged in Count 6.

Most of the criminal charges carry a maximum penalty of 20 years in prison. The conspiracy charges in counts 1 and 5 carry a maximum penalty of 5 years, and the money laundering count carries a maximum penalty of 10 years.

The indictment also seeks forfeiture of the money earned through the schemes or of any assets whose purchase can be traced to those proceeds.

Possible Defenses

As in many white collar cases, it appears the facts of the case will be largely undisputed. There will be a substantial paper trail to prove the investments that McAfee and his team made, their Twitter endorsements, what was and was not disclosed, what they earned, and what they did with the money. So any defense likely will be not “we didn’t do it” but rather “it wasn’t a crime.”

A key legal issue will be whether these transactions were in fact subject to federal securities or commodities regulation. Watson’s attorney hinted at this kind of defense when the indictment was announced, suggesting there would be a dispute over whether cryptocurrencies are securities, commodities, or something else. If the court determines they do not legally qualify as securities or commodities, the criminal charges would fail.

The cryptocurrency craze erupted relatively quickly over the past decade and there has been considerable uncertainty over the regulatory status. Cryptocurrency markets have had a “wild west” feel to them and the government has been slow to respond. SEC leaders have said in recent speeches that they do not consider bitcoin itself to be a security. But the SEC has not been reluctant to pursue civil actions related to ICOs in new cryptocurrencies under specific factual circumstances. Suffice it to say that the legal status of cryptocurrencies is still somewhat up in the air, and that status may depend a great deal on the facts of a particular offering or transaction.

The McAfee indictment is full of hedges in this regard. It says that “certain uses and aspects of digital currencies qualify them as commodities” and that “in certain circumstances, digital assets can also qualify as securities.” Although the indictment confidently asserts that these particular transactions were subject to federal jurisdiction, the language of the indictment itself appears to recognize this is a gray area. This case may lead to a judicial determination concerning the status of cryptocurrencies that could have much wider implications.

Twitter logo

Twitter Cryptocurrency Fraud: Old Wine in New Bottles

At the press conference announcing the indictment, FBI Assistant Director William F. Sweeney, Jr. said the case involved an “age old pump-and-dump scheme.” It’s true that, despite the glitzy new technologies involved, the alleged schemes in the McAfee fraud case involve old, tried-and-true fraud techniques. And there are several characteristics of the cryptocurrency markets that make them prime candidates for these kinds of classic schemes.

The first is the complex and confusing nature of the product. Many, if not most, people probably don’t have a clear understanding of what exactly a cryptocurrency is, how it works, or why it has any value at all. That makes the area ripe for fraud. One hundred years ago, when pioneering the type of fraud scheme that still bears his name, Charles Ponzi relied on obscure instruments known as postal reply coupons and claims about international variations in currency and postal rates – difficult things for the typical 1920s investor to understand or verify. If an investment is difficult to understand, it makes it easier for potential fraudsters to deceive people about that investment.

Related to the obscure nature of the investment is the ability of a celebrity or other well-known figure to attract investors – or in this case, victims. Many watching the frenzy in cryptocurrencies likely wanted to get in on the action but felt uncertain about which altcoins might be good investments. If a tech leader with McAfee’s stature throws his name behind a particular coin, that will attract many who feel unqualified to evaluate the investment for themselves. That, of course, is why some of the IPO issuers were willing to pay McAfee such huge sums of money for his endorsement.

Another “high tech” feature that makes this case interesting is the role of Twitter. Virtually all of McAfee’s promotions and endorsements in furtherance of the alleged schemes took place on Twitter. We’ve seen how that social media platform transformed political communications in the hands of former president Trump and other users with large numbers of followers. The same characteristics that make it so easy to spread “fake news” when it comes to politics also make it easier to tout fraudulent investments. Twitter has a massive reach but is largely unregulated, making it easy to spread phony information to millions.

Something like a pump-and-dump scheme operates much more efficiently in the age of Twitter. In the days before digital communications, those engaging in such a scheme might have to print a newsletter or other document touting the stock in question and deliver it by mail. That involves printing and postage expenses and takes much more time.  In the digital age a potential fraudster can reach hundreds of thousands of people in an instant. Technology makes everyone’s job easier – including criminals’.

The final characteristic of cryptocurrencies that McAfee apparently was able to exploit is the investment frenzy surrounding them. When people see the astounding returns in something like bitcoin they want to get in before they miss out – and that can cause people to let down their guard. Some have compared the frenzy surrounding bitcoin to the famous Dutch tulip mania in the 1700s, the first great investment bubble. If you read some of the online commentary about altcoins on sites like Reddit or Twitter, much of it has almost an evangelical tone. This is not only a warning sign of a potential bubble – it also creates an environment where criminals can prey on those caught up in the frenzy.

What to Watch

McAfee is currently in custody in Spain, awaiting extradition. He was arrested there several months ago on federal tax evasion charges filed in a separate case in Tennessee.  In the meantime, he continues to take to Twitter, now to defend his conduct and attack the government’s case.

McAfee Tweet

Watson has been arrested on the criminal charges. In addition to the criminal indictment, both men are also facing civil charges from the CFTC and SEC.

The McAfee fraud case should be a cautionary tale for investors eager to jump on the latest hot bandwagon based on celebrity endorsements. And it could be a sign of things to come as the federal government, under the Biden administration, seeks to flex its muscles when it comes to policing the cryptocurrency markets.

Like this post? Click here to join the Sidebars mailing list

Supreme Court Poised to Limit Computer Fraud Statute

Suppose your employer prohibits using the company computer system for personal purposes. You’re aware of the policy but you’re also a little behind on your Christmas shopping, so while logged in at work you spend some time on Amazon buying gifts. If your boss found out you might expect to be reprimanded, maybe even fired. You probably wouldn’t think you were potentially subject to federal prosecution. But under a legal theory advanced by the government before the U.S. Supreme Court last week in Van Buren v. United States, your holiday shopping could indeed be a crime. Fortunately, the Court seems poised to reject the government’s approach.

computer hacker

The Computer Fraud and Abuse Act

The criminal law in question is called the Computer Fraud and Abuse Act, or CFAA, 18 U.S.C. §1030.  The CFAA is the primary federal statute used to prosecute computer-related crime. It’s a complicated statute with a number of different sections. But in general, the CFAA prohibits breaking into a computer to harm that computer or steal information, commonly known as hacking. It prohibits sending malicious code or viruses that damage a computer or that allow the sender to obtain information without authorization — including “phishing” schemes. The CFAA also prohibits trafficking in computer passwords and extortion by threats to harm a computer or the information it contains.

A high-profile recent case involving the CFAA was the July, 2018 indictment brought by special counsel Robert Mueller of twelve Russian intelligence officers for computer hacking related to the 2016 presidential election. The indictment charges that the Russian agents hacked into computers and email accounts used by scores of individuals and organizations associated with the Hillary Clinton campaign and other Democratic organizations. The lead charge in that indictment: conspiracy to violate various provisions of the CFAA.

Van Buren v. United States

The Van Buren case argued before the Court last week involves a particular subsection of the CFAA, 18 U.S.C. §1030(a)(2)(C). Under that subsection, a person commits a crime whenever he “accesses a computer without authorization or exceeds authorized access, and thereby obtains information” from that computer. The term “exceeds authorized access” is further defined to mean, “to access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter.” §1030(e)(6). The issue in Van Buren is the proper interpretation of the term, “exceeds authorized access.”

The defendant, Nathan Van Buren, was a police officer in Cumming, Georgia.  As part of an FBI sting, he ended up accepting several thousand dollars from Andrew Albo, an informant cooperating with the FBI. In exchange, Van Buren agreed to search a police database for a vehicle license plate number Albo gave him. (Albo told Van Buren the car belonged to a woman he had met at a strip club and he wanted to be sure she was not an undercover police officer.) Van Buren performed the search for Albo in the Georgia Crime Information Center database. He had been trained on the use of that database and knew he was allowed to use it only for legitimate law enforcement purpose.

Van Buren was convicted for violating section 1030(a)(2). There was no question he was authorized to access the police database. But the government argued Van Buren had exceeded his authorized access, and thereby obtained the license plate information, by performing the search for an improper purpose – namely, in exchange for a bribe. 

Image of US Supreme Court, which decided the Bob McDonnell case
United States Supreme Court

Van Buren’s Position

In their briefs to the Court, Van Buren and those amici who support him argued that Section 1030 is, at heart, a computer hacking statute. It is primarily aimed at conduct that is the electronic equivalent of breaking and entering. According to Van Buren, the prohibition against exceeding authorized access therefore criminalizes obtaining information only when a person has no right at all to access that information. An example would be a Pentagon employee who is authorized to use the Department of Defense computer system for limited purposes related to her job, but then uses a stolen password to gain access to a different part of that system she is not authorized to view.

Van Buren unquestionably had the right to enter the database and access license plate data. In this instance he did so for an improper reason: because he had been bribed. That might subject him to job discipline or some other legal sanction, but it does not, Van Buren argued, violate the CFAA.  “Exceeding authorized  access” does not apply to obtaining otherwise accessible information for an improper reason. It applies, he argued, only when the defendant had no right to access the information under any circumstances.

Van Buren cited a number of examples of the potential consequences of the government’s position. Suppose workplace policy prohibits an employee from using the company’s computer system for social media, but she uses that system to log onto Facebook. Or an employee has a work-provided Zoom account that is to be used only for business but uses it for a group family chat on the weekend. Or someone uses a dating website but, in violation of the site’s terms of services, lies in his profile about how tall he is or about his age and then obtains information about potential partners.

 In each of these examples, the person has the right to access the information that was obtained, but did it in ways or for reasons that were not authorized. That is Van Buren’s situation as well. If the government is correct, he argued, then all of the people in those examples are criminals: they exceeded their authorized access by violating workplace policies or website terms of service.

Computer law expert Professor Orin Kerr, who filed an amicus brief, agreed with Van Buren and framed it this way: the CFAA prohibits someone circumventing technological barriers, such as a password requirement, to obtain information the person is not otherwise authorized to obtain. It does not apply to someone who merely ignores verbal or written barriers, such as instructions from an employer or requirements in a website’s terms of service. Here Van Buren violated police department policy, but he did not breach any technological barriers to obtain the information. Accordingly, the CFAA should not apply.

US Dept of Justice
U.S. Department of Justice

The Government’s  Response

The government responded that Van Buren’s argument ignores the plain text of the statute, and that the text is enough to decide this case. The statute prohibits exceeding authorized access and thereby obtaining information “that the accesser is not entitled so to obtain.” The key, the government argued, is the word  “so.” If Van Buren is right, that “so” is unnecessary. Congress would have just written “that the accesser is not entitled to obtain,” and Van Buren would be in the clear. But the word “so” in the phrase “so to obtain” means that the manner or circumstances of obtaining the information matters: “so” means that the defendant was not entitled to obtain the information under the circumstances in which he did, even if he could have properly obtained it under other circumstances. The statute therefore governs insiders who have some limited authority to access the relevant computer information but exceed those limits.

As for Van Buren’s hypotheticals about everyday computer users suddenly becoming criminals, the government argued those concerns are wildly exaggerated. Such cases are not being prosecuted, and Van Buren has not identified any such cases in the past that led to a sustained conviction. Potential cases involving people using Facebook at work are just a fantasy. They would never be brought in the real world.

The government also suggested that the hypothetical cases posed by Van Buren might not violate the statute because of other statutory terms. For example, the government argued that the term “authorization” means a user has been granted specific, affirmative, individualized permission to use the system. It might not apply to websites such as Facebook that simply take all comers who are willing to open an account.

The  Oral Argument – Reviewing the Parade of Horribles

During the oral arguments on November 30, several of the Justices appeared skeptical of the government’s arguments and concerned about the potential breadth of the statute.

The Court spent a good deal of time discussing Van Buren’s “parade of horribles,” the hypotheticals about all those who might be ensnared by the government’s interpretation. Justice Thomas wondered whether the parade was real, asking whether there were any real-world examples of the types of cases Van Buren was warning against. Jeffrey Fisher, counsel for Van Buren, admitted there were no recent examples. But he pointed out that the Court has repeatedly held it can’t approve a sweeping interpretation of a criminal statute based on the government’s promise that it will enforce it benevolently.

Chief Justice Roberts and others raised the idea of a different parade of horribles: bad actors who could NOT be prosecuted if Van Buren’s interpretation is adopted.  What about a bank employee, for example, who has legitimate access to computer files containing customer social security numbers but then accesses those files to steal the numbers and sell them? Fisher responded that other criminal laws would cover most such misconduct. Justices Gorsuch and Sotomayor appeared to agree that, given the number of federal and state criminal laws available, any such misconduct not covered by the CFAA could likely still be prosecuted.

Justice Sotomayor and others pressed the Assistant Solicitor General Eric Feigin on his suggestion that other terms, such as the definition of “authorization,” could control the sweep of the CFAA. She said the government was relying on narrower definitions that did not appear in the statute itself. Fisher also had noted in his briefs that there was no precedent for those narrower interpretations and that the government was merely raising them as hypotheticals, not committing to follow them.

Justice Kagan pressed both attorneys on the role of the word “so.”  She noted it requires an antecedent and asked each side what they thought “so” referred back to. Fisher replied that “so to obtain” merely refers to using a computer to obtain the information. That means it would not be a defense for an employee who hacked into a portion of the office computer to argue that he could have gotten the same information by some other means anyway. Even if that were true, he was not entitled “so” to obtain it – in other words, by hacking the computer.

Feigin argued that “so” referred back to the circumstances under which the defendant was obtaining the information. Van Buren was not authorized “so to obtain” the license information because the way he obtained it violated the workplace restrictions covering his use of the database.

Justice  Neil Gorsuch
Justice Neil Gorsuch

A Pattern of Government Overreach

I think the Court is likely to rule in Van Buren’s favor and reject the government’s sweeping interpretation of the CFAA. The battles over the significance of the word “so” are fascinating (at least to legal nerds), but in the end I don’t think they yield a clear winner. In light of that, the Court is likely to adopt the reading that avoids vastly increasing the scope of federal criminal law.

During his questioning of Feigin, Justice Gorsuch raised what I think is a key point. He noted there has been a string of cases in recent years where prosecutors have sought to expand the scope of federal criminal law in pretty sweeping ways. In each case, the Court has rejected the government’s position. I wrote about that trend in this post: White Collar Crime, Prosecutorial Discretion, and the Supreme Court. It stems both from the Court’s approach to federal criminal law in general and from a characteristic of white collar statutes like the CFAA in particular.

In general, the Court is reluctant to read federal criminal laws expansively, at least absent a clear sign of Congressional intent. In McNally v. United States in 1987, where the Court first rejected the theory of honest services fraud, part of its rationale was a concern that the government’s interpretation would dramatically increase the scope of federal criminal law. Just last year in Kelly v. United States, the Court reaffirmed that  principle when it unanimously rejected the government’s attempt to use federal fraud statutes to prosecute the defendants in the Bridgegate scandal. The Court noted that the defendants’ behavior was deplorable, but that not every instance of political misconduct amounts to a federal fraud.

White collar statutes in particular often raise concerns about their potential scope. They are written broadly to avoid loopholes that may be exploited by clever criminals. They deal not with clear crimes like assault or robbery but with fuzzier concepts such as fraud and corruption whose parameters are less well-defined. As a result, they often sweep within their terms conduct that most would agree does not merit  a federal prosecution.

For example, if I call in sick and lie to my employer so I can go to the ball game, that fits all the legal requirements for federal wire fraud. Fortunately, we don’t see cases of such truant employees clogging the federal courts. That’s because of prosecutorial discretion: prosecutors exercising good judgment about which cases are actually worth bringing and which should not be pursued even if they technically violate the statute.

But that discretion must be exercised wisely. In cases raising concerns about the scope of federal criminal statutes, the government’s response often has been, essentially: “Trust us. You should interpret the statute broadly, to allow us flexibility to pursue the appropriate cases. We’d never bring the trivial or outrageous cases that the defendant is claiming would result.”

That’s also what the government is saying in Van Buren: trust us, we’d never prosecute the employee who does holiday shopping at work. But in recent years the Court has been increasingly unwilling to take the government at its word. Instead, it has narrowed the statutes in question to limit prosecutors’ discretion.

Consider, for example, the Court’s 2016 decision in McDonnell v. United States, the corruption prosecution of the former governor of Virginia. McDonnell and his allies presented their own parade of horribles to the Court. They argued that if the government’s sweeping interpretation of “official act” in bribery law were adopted, federal officials would be at the mercy of prosecutors who might charge bribery based on politicians engaging in routine political courtesies. Part of the government’s response was, essentially, “we won’t bring those kinds of cases and never have.” That wasn’t enough for the Court: it unanimously rejected the government’s argument, threw out McDonnell’s conviction, and drastically narrowed the scope of bribery law.

To explain this Supreme Court trend, at least in part, the Justice Department need only look in the mirror. These are often self-inflicted wounds. The “trust us” argument becomes harder when the case that lands before the Court seems to involve a poor exercise of prosecutorial discretion.  This was true, for example, Yates v. United States, where prosecutors used an obstruction of justice statute with a twenty-year penalty to prosecute a captain who threw undersized fish overboard to avoid a civil fine. Or Bond v. United States, where a woman put Drano on the doorknob and mailbox of her romantic rival, causing a minor skin irritation, and was charged with a chemical weapons offense carrying up to life in prison.

When such cases make it to the Supreme Court, it becomes harder for the government to argue the Court should entrust prosecutors with criminal statutes that sweep as broadly as possible. That’s what led Justice Gorsuch to remark during the Van Buren argument that the Solicitor General’s office should not act as a mere “rubber stamp” when questionable cases stretching the boundaries of federal criminal law are brought by U.S. Attorneys.   

In this case Van Buren’s conduct does seem worthy of prosecution. But it also seems clear there were other ways  to punish him, either with other federal statutes (he was also charged with honest services fraud, but that charge may face a McDonnell issue) or with a Georgia state prosecution for bribery or other crimes. There is no need for the Court to stretch the boundaries of the CFAA based a concern that there is otherwise no way to punish someone like Van Buren.

In Van Buren’s case, the Court is likely to continue the trend identified by Justice Gorsuch. It will likely reject an expansive interpretation of the CFAA that turns almost all ordinary Americans into potential criminals. In this case, that’s the right result.

You may now return to your Amazon shopping.

Like this post? Click here to join the Sidebars mailing list