Ex-Uber CISO Requests a New, 'Fair' Trial
Attorneys for Joseph Sullivan argue the jury didn't hear essential facts of the case during the original trial and that his conviction must be overturned.
October 8, 2024
Former Uber CISO Joseph Sullivan, convicted in 2023 of trying to cover up a data breach, is seeking a new trial, citing procedures omissions from his original trial that his lawyers said tainted the verdict.
Sullivan was initially convicted on charges related to Uber's 2016 data breach and was sentenced to three years of probation for his role in the subsequent coverup.
Sullivan was also ordered to pay a $50,000 fine and perform 200 hours of community service. These penalties were considered too soft by the prosecution, which argued that a 15-month prison term would have been more beneficial in deterring other executives in similar situations.
Now, Sullivan's defense attorneys argued that the jury was not informed of two "key limitations" in the nexus requirement, when Sullivan was initially tried. To convict a defendant under section 1505, the government must prove there was an agency proceeding; that the defendant was aware of that proceeding; and that the defendant intentionally tried to corruptly influence, obstruct, or impede that proceeding. According to the defense, these requirements weren't part of the jury's instructions, which undermined the entire conviction and called for a reversal.
"But at a minimum, each of these errors infects one of the government's core theories of guilt and require a new trial," Sullivan's attorneys argued during this week's hearing.
The prosecution countered that any potential errors in jury instruction were harmless and, ultimately, Sullivan's actions of falsifying documents and authorizing hush money in the form of bug bounties were a clear obstruction of justice.
The court made no decision today, but CISOs, boards of directors, and legal scholars will be watching the ruling, given how Sullivan's conviction has led to more legal scrutiny of and charges against CXOs, especially where compliance with data-handling laws is concerned.
About the Author
You May Also Like
Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024