(213) 723-2337Free Consultation

Cyber Crimes Defense · State & Federal

Los Angeles Cyber Crimes Attorney

Cyber cases turn on forensic evidence — IP logs, device images, metadata, and cloud records. Every fact the prosecution builds from digital evidence can be attacked at its source with the right expert.

Search Warrant or Subpoena?

Do not touch the devices. Call (213) 723-2337 immediately.

Forensic litigation. Suppression motions. Federal CFAA defense.

Daniel S. Rubin Los Angeles cyber crimes defense attorney

Daniel S. RubinCyber Crimes Defense Attorney

01 — Quick Facts

Cyber Crimes — At a Glance

California Statute
Federal Statute
18 U.S.C. §1030 — CFAA (opens in new tab)
Identity Theft
PC §530.5 — wobbler
Max State Prison
3 YEARS under PC §502 felony
Max Federal Prison
10–20 yrs on CFAA felonies
Digital Forensics
Metadata, hashes, and chain-of-custody critical
Restitution
Mandatory in most CFAA/§502 cases

02 — The Law

State & Federal Cyber Crime Framework

California's Comprehensive Computer Data Access and Fraud Act (PC §502 (opens in new tab)) criminalizes unauthorized access, data disruption, and information theft. Companion statutes cover identity theft (PC §530.5), online impersonation (PC §528.5), and unauthorized recording (PC §632).

Federally, the Computer Fraud and Abuse Act (18 U.S.C. §1030 (opens in new tab)) governs unauthorized access to protected computers. Post-Van Buren (2021), "exceeds authorized access" is narrowly defined, creating suppression and dismissal opportunities in cases previously charged aggressively. Related federal cases often overlap with wire fraud and identity-theft statutes.

03 — Penalties

Cyber Crime Penalties — State and Federal Exposure

California charges most computer crimes under PC §502 — a wobbler that carries county jail as a misdemeanor and up to 3 years state prison as a felony. Federal CFAA prosecutions (18 U.S.C. §1030) run much higher, especially when loss exceeds $5,000 or the target is a government or financial-institution computer. Federal identity-theft counts add a mandatory 2-year consecutive term.
OffenseStatuteStatutory MaxRestitutionSupervised Release / ProbationLoss-Driven?
Unauthorized Access — MisdemeanorPC §502(c)1 year county jail; $5,000MandatoryUp to 3 yrs summaryNo
Unauthorized Access — FelonyPC §502(c)16 mo, 2, or 3 yrs prison; $10,000MandatoryRarelyLoss-tiered
Identity TheftPC §530.53 yrs prison (felony)Mandatory3 yrs summary/formalYes
Aggravated Identity TheftPC §530.5(c)5 yrs prisonMandatoryNoYes
CFAA — Basic Access18 U.S.C. §1030(a)(2)5 yrs federal prisonMandatory1–3 yrs sup. rel.No
CFAA — Damage / Loss18 U.S.C. §1030(a)(5)10 yrs (loss); 20 yrs (bodily injury); life (death)Mandatory3–5 yrs sup. rel.USSG §2B1.1
Aggravated ID Theft18 U.S.C. §1028A+2 yrs mandatory consecutiveNo

Federal guideline exposure is driven by USSG §2B1.1 — every dollar of loss adds offense levels. A $500,000 wire-fraud loss adds 14 levels on top of the base offense.

Additional Consequences Beyond the Courtroom

  • Mandatory restitution to victims and financial institutions
  • Asset forfeiture of proceeds and instrumentalities (18 U.S.C. §982)
  • Federal immigration consequences — fraud >$10,000 is an aggravated felony
  • Loss of security clearance and government-contracting eligibility
  • Computer-use restrictions and monitoring during probation / supervised release
  • Professional-license discipline (bar, CPA, healthcare IT)
  • Civil liability under CFAA §1030(g) and California UCL
  • Employment background check exposure — federal felony visible for life

04 — Defense Strategies

How We Defend Cyber Cases

Attribution Challenge

IP, MAC, and device attribution is not identity attribution.

  • Shared networks, VPNs, and spoofing produce reasonable doubt on who did what.
Identity

Authorization Defense

Post-Van Buren, 'exceeds authorized access' is narrow.

  • Many former-employee and dual-use cases now fail on the authorization element.
Van Buren

Forensic Suppression

Overbroad warrants, plain-view breaches, and chain-of-custody failures produce suppression of device images.

PC §1538.5Learn more

Loss & Damage Attack

CFAA and §502 felony treatment depends on loss/damage thresholds.

  • Litigating remediation costs strips exposure.
$5K Threshold

No Intent to Defraud

Cyber statutes require specific intent.

  • Curiosity, security research, and mistake defeat the mens rea element.
Mens Rea

Restitution Structuring

Voluntary restitution and remediation prior to charging can produce declination, misdemeanor filing, or diversion.

18 U.S.C. §3663ALearn more

05 — Charge Types

Cyber Charges We Defend

Unauthorized Access

PC §502(c)(1)–(7)

Accessing computers, networks, or data without permission — including former-employee cases.

Learn more

Identity Theft

PC §530.5

Willful use of another's personal identifying information for unlawful purposes.

Learn more

CFAA Violations

18 U.S.C. §1030

Federal protected-computer access; damage, fraud, and threat theories.

Learn more

Data Breach / Exfiltration

PC §502(c)(2)

Copying or taking data from a computer system without permission.

Learn more

Online Impersonation

PC §528.5

Creating fake profiles to harass, intimidate, or defraud another person.

Learn more

Phishing & Credential Fraud

PC §484g / §530.5

Card-not-present fraud, credential harvesting, and account takeover.

Learn more

06 — Possible Outcomes

Possible Outcomes in a Cyber Crime Case

Every case is different. Outcomes turn on the specific evidence, the courthouse, the client's record, and the quality of the defense. Here is the range we work to achieve, from best to worst.

Case Dismissed or Not Filed

The best possible outcome — no conviction, no record.

  • Suppression of digital evidence seized on an overbroad warrant
  • Attribution failures — IP address alone is not identity
  • Prefile rejection where forensic images were not preserved

Reduced Charges

  • PC §502 felony reduced to misdemeanor via §17(b)
  • Federal referral declined in favor of state misdemeanor filing
  • Restitution-based resolution replacing fraud enhancements

Minimized Sentence

If a conviction cannot be avoided, we fight for the lowest possible exposure.

  • Probation with computer-use conditions instead of custody
  • Restitution schedules that avoid immigration consequences
  • No-contact orders narrowed to victims only

Diversion & Deferred Entry

  • Mental-health diversion under PC §1001.36
  • Judicial diversion under PC §1001.95 for eligible misdemeanors
  • Pretrial diversion in federal cases under 18 USC §3154

07 — Collateral Consequences

Beyond Prison

  • Restitution to individual victims and businesses
  • Computer-use restrictions during probation and supervised release
  • Professional license discipline (IT, security, finance)
  • Federal contracting and clearance disqualification
  • Immigration: crimes involving moral turpitude on many theories
  • Civil liability under the CFAA private cause of action
  • Public reputational impact from indictment publicity
  • Loss of security-clearance eligibility indefinitely

08 — FAQs

Cyber Crimes Questions — Los Angeles

Can I be prosecuted just for accessing an account without permission?

Yes. Both PC §502 and 18 U.S.C. §1030 (CFAA) criminalize unauthorized access itself, even without downstream harm. However, post-Van Buren (2021), the federal 'exceeds authorized access' theory is narrower than before — creating strong defense opportunities in dual-use and former-employee cases.

What is the Van Buren defense?

In Van Buren v. United States (2021), the Supreme Court held that the CFAA's 'exceeds authorized access' clause applies only to accessing files or areas the user cannot access at all — not to misusing information the user can access. The decision narrowed CFAA prosecutions substantially.

Are cyber crimes felonies or misdemeanors?

Most cyber statutes are wobblers. California PC §502 and PC §530.5 can be filed as either a misdemeanor or a felony based on loss amount and intent. Federal CFAA charges are felonies if loss exceeds $5,000 or damage thresholds are met.

Can I face state and federal charges for the same conduct?

Yes. The dual-sovereignty doctrine permits both. State and federal prosecutors coordinate but often reach different filing decisions on the same facts. Effective early defense advocates for consolidation and single-forum resolution.

How is 'loss' calculated in a cyber case?

In CFAA cases, loss under 18 U.S.C. §1030(e)(11) includes response costs, damage assessment, remediation, and lost revenue. Prosecutors often over-count. Independent forensic evaluation typically produces significant loss-amount reductions.

Can restitution avoid criminal charges?

In prefile matters and appropriate cases, yes. Voluntary remediation and restitution before charges are filed can produce DA rejection, reduced filing, or civil resolution. Timing must be coordinated with counsel to avoid admissions.

Will law enforcement seize all my devices?

Typically yes on execution of a search warrant. Devices are imaged and analyzed; return of hardware often takes months or years. Suppression motions and preservation orders limit the scope of what the government can use.

Can a cyber conviction be expunged?

Most probation-eligible cyber convictions are expungeable under PC §1203.4 after successful probation. Federal convictions cannot be expunged but may be eligible for post-conviction relief in narrow circumstances.