Saturday, December 02, 2006

Case o' The Week: Righting Romm(s), Kuchinski's Cache

Judge Fernandez is forgiven for an opinion that reads like a Scrabble tournament, when he uses his SAT vocabulary to bring a little reality back to child porn sentencing. See United States v. Kuchinski, __ F.3d __, No. 05-03607, Slip op. at 18789 (9th Cir. Nov. 27, 2006), opinion available here. Although the case has a disappointing and unpersuasive endorsement of the despised "conditional plea" procedure in Rule 11, it does recognize that images in the internet cache are not readily available to most users.

Players: Fernandez neatly parries the government’s allonge. Slip op. at 18797.

Facts: Kuchinski pleaded guilty to possession of child porn. He attempted to enter a conditional plea to an additional count of receipt of child porn, but the government refused to permit it. Id. at 18795. Between fifteen to nineteen thousand images of child porn were on his computer. Under 1,500 files were downloaded on his computer, in the recycle bin, or were active temporary internet files. Id. at 18794. Between thirteen to seventeen thousand images were “Deleted Temporary Internet Files,” aka, in the “cache.” Id. at 18794. Over defense objection, the district court calculated attributed a number of images that produced a seventy month sentence. Id. at 18796.

Issue(s): Of many issues, these two are of greatest interest:

1. Conditional pleas: “Kuchinski complain[s] that Federal Rule of Criminal Procedure 11(a)(2) was an unconstitutional violation of the separation of powers doctrine because permitting a conditional plea was an issue that should be left to the courts alone.” Id. at 18797-98.

2. Counting child porn images: “Did Kuchinski knowingly receive and possess the images in [the internet cache], or, rather, does the evidence support a determination that he did?” Id. at 18804.


1. Conditional pleas:
“[Kuchinski] is wrong.” Id. at 18798. “We perceive no danger that a ‘commingling of functions,’ if commingling it be, will result in an encroachment on one branch or an improper aggrandizement of another branch.” Id. at 18799.

2. Counting child porn:There is no question that the child pornography images were found on the computer’s hard drive and that Kuchinski possessed the computer itself. Also, there is no doubt that he had accessed the web page that had those images somewhere upon it, whether he actually saw the images or not. What is in question is whether it makes a difference that, as far as this record shows, Kuchinski had no knowledge of the images that were simply in the cache files. It does.” Id. at 18805. “Where a defendant lacks knowledge about the cache files, and concomitantly lacks access to and control over those files, it is not proper to charge him with possession and control of the child pornography images located in those files, without some other indication of dominion and control over the images. To do so turns abysmal ignorance into knowledge and a less than valetudinarian grasp into dominion and control.” Id. at 18806.

Of Note: In Kuchinski, the Ninth thankfully limits its sloppy Romm decision from earlier this year. See Romm blog here. In Romm, Judge Bea upheld a conviction when child porn was discovered in the internet cache – despite a compelling counter-argument from Kleinfeld in Gourde. See United States v. Romm, 455 F.3d 990, 1001 (9th Cir. 2006). In Kuchinski, Judge Fernandez requires evidence that the user actually accessed and used files in the internet cache – not likely for the average child porn consumer.

Forensically speaking, Kuchinski will be a much more common scenario than Romm – users sophisticated enough to be rummaging through the internet cache will probably have other, more clever ways to store images.

How to Use: Give Kuchinski to your forensic expert, and ask him or her to determine if internet cache images have been accessed and/or stored outside of normal browser usage. If not, cut those images out of the guideline calcs.

For Further Reading: Here’s a glossary for this Fernandez decision:

Gallied: “Hurried, vexed, over-fatigued, perhaps like a galley slave.” See definition here; (Slip Op. at 18799).

Allonge: “In fencing, an allonge is a thrust or pass at the enemy.” See definition here; (Slip. op. at 18797).

Valetudinarian: 1. A weak or sickly person, especially one morbidly concerned with his or her health. adjective: 1. Sickly; weak; infirm. 2. Morbidly concerned with one's health. See definition here; (Slip. op. at 18806)

Steven Kalar, Senior Litigator N.D. Cal. FPD. Website at



Anonymous Anonymous said...

You forgot "delope" a term used in dueling to designate an intentional forfeiture by firing into the air.

And just for the record, as appellate counsel for Romm, neither I nor Romm ever conceded knowledge of automatic internet caching.

Monday, December 04, 2006 12:08:00 PM  
Anonymous Anonymous said...

No question that the child porn images were found on the cache? How do they know that the images were of real children, and not photo shopped? If I'm wrong on this maybe someone can let me know, but my understanding is that even an expert can't always tell.

Thursday, December 07, 2006 9:36:00 PM  
Blogger Unknown said...

I don't seems to me you could argue that cached images (even if you don't know of their existence) are still evidence of past possession (though not present possession). If the key issue is that of control, couldn't you find that a defendant had control over the images for the short time they were sitting in the RAM (which the browser uses to display the image)? To illustrate how the images in RAM could be seen as sufficient possession, consider what happens if the website that provided the images suddenly removed them from their site. The images don't just dissapear from all the browsers that are currently accessing them. That's because they have already been loaded into that computer's RAM (random access memory). If the defendant had wanted to, he could have transferred a copy from RAM to his hard drive even at that point. It really shouldn't matter whether the images have been loaded only into RAM or rather into some non-volatile memory medium like a hard drive. Once loaded into the RAM (via the browser), image files can only be removed by some further action of the individual operating the browser -- such as closing the browser. That sounds a lot like possession. The originating source of the image (the website) may delete the image, but a copy will remain on the defendant's computer. As for emailing it, printing it, modifying it, etc, is it not possible for software to be written into a browser so as to enable these actions to be taken on images stored only in RAM? Maybe some of the already have. I don't know if this defense is going to be available long-term.

Sunday, March 11, 2007 5:42:00 PM  

Post a Comment

<< Home