477 F3d 215 United States v. Phillips
477 F.3d 215
UNITED STATES of America, Plaintiff-Appellee,
Christopher Andrew PHILLIPS, Defendant-Appellant.
United States Court of Appeals, Fifth Circuit.
January 24, 2007.
Joseph H. Gay, Jr., Asst. U.S. Atty., Mark Twain Roomberg (argued), San Antonio, TX, for Plaintiff-Appellee.
Terrence W. Kirk (argued), Austin, TX, for Defendant-Appellant.
Appeal from the United States District Court for the Western District of Texas.
Before JONES, Chief Judge, and SMITH and STEWART, Circuit Judges.
EDITH H. JONES, Chief Judge:
Christopher Andrew Phillips ("Phillips") appeals his conviction for intentionally accessing a protected computer without authorization and recklessly causing damage in excess of $5,000, pursuant to the Computer Fraud and Abuse Act ("CFAA"), 18 U.S.C. §§ 1030(a)(5)(A)(ii) and (B)(i). Phillips alleges that (1) insufficient evidence was presented at trial to support his conviction under § 1030(a)(5)(A)(ii); (2) the district court's jury charge constructively amended the indictment; (3) the district court's failure to include a lesser-included offense instruction in the jury charge was error; and (4) the district court's award of over $170,000 in restitution under 18 U.S.C. § 3663A was erroneous. Finding no reversible error, we AFFIRM.
Phillips entered the University of Texas at Austin ("UT") in 2001 and was admitted to the Department of Computer Sciences in 2003. Like all incoming UT students, Phillips signed UT's "acceptable use" computer policy, in which he agreed not to perform port scans using his university computer account.1 Nonetheless, only a few weeks after matriculating, Phillips began using various programs designed to scan computer networks and steal encrypted data and passwords. He succeeded in infiltrating hundreds of computers, including machines belonging to other UT students, private businesses, U.S. Government agencies, and the British Armed Services webserver. In a matter of months, Phillips amassed a veritable informational goldmine by stealing and cataloguing a wide variety of personal and proprietary data, such as credit card numbers, bank account information, student financial aid statements, birth records, passwords, and Social Security numbers.
The scans, however, were soon discovered by UT's Information Security Office ("ISO"), which informed Phillips on three separate occasions that his computer had been detected portscanning hundreds of thousands of external computers for vulnerabilities. Despite several instructions to stop, Phillips continued to scan and infiltrate computers within and without the UT system, daily adding to his database of stolen information.
At around the time ISO issued its first warning in early 2002, Phillips designed a computer program expressly for the purpose of hacking into the UT system via a portal known as the "TXClass Learning Central: A Complete Training Resource for UT Faculty and Staff." TXClass was a "secure" server operated by UT and used by faculty and staff as a resource for enrollment in professional education courses. Authorized users gained access to their TXClass accounts by typing their Social Security numbers in a field on the TXClass website's log-on page. Phillips exploited the vulnerability inherent in this log-on protocol by transmitting a "brute-force attack" program,2 which automatically transmitted to the website as many as six Social Security numbers per second, at least some of which would correspond to those of authorized TXClass users.
Initially, Phillips selected ranges of Social Security numbers for individuals born in Texas, but he refined the brute-force attack to include only numbers assigned to the ten most populous Texas counties. When the program hit a valid Social Security number and obtained access to TXClass, it automatically extracted personal information corresponding to that number from the TXClass database and, in effect, provided Phillips a "back door" into UT's main server and unified database. Over a fourteen-month period, Phillips thus gained access to a mother lode of data about more than 45,000 current and prospective students, donors, and alumni.
Phillips's actions hurt the UT computer system. The brute-force attack program proved so invasive — increasing the usual monthly number of unique requests received by TXClass from approximately 20,000 to as many as 1,200,000 — that it caused the UT computer system to crash several times in early 2003. Hundreds of UT web applications became temporarily inaccessible, including the university's online library, payroll, accounting, admissions, and medical records. UT spent over $122,000 to assess the damage and $60,000 to notify victims that their personal information and Social Security numbers had been illicitly obtained.
After discovering the incursions, UT contacted the Secret Service, and the investigation led to Phillips. Phillips admitted that he designed the brute-force attack program to obtain data about individuals from the UT system, but he disavowed that he intended to use or sell the information.
Phillips was indicted and convicted after a jury trial on one count of computer fraud pursuant to 18 U.S.C. § 1030(a)(5)(A)(ii) and (B)(i), and one count of possession of an identification document containing stolen Social Security numbers pursuant to 18 U.S.C. § 1028(a)(6). Phillips timely filed a motion for judgment of acquittal challenging, unsuccessfully, the sufficiency of the evidence regarding the loss amount used to support the computer fraud conviction, and asserting, correctly, that his conviction under § 1028(a)(6) violated the Ex Post Facto Clause.3 He was sentenced to five years' probation, five hundred hours of community service, and restitution of $170,056. Phillips appealed.
A. Sufficiency of the Evidence
Phillips asserts that the Government failed to produce sufficient evidence that he "intentionally access[ed] a protected computer without authorization" under § 1030(a)(5)(A)(ii).
Although Phillips timely filed a motion for judgment of acquittal, see FED. R.CRIM.P. 29, the motion raised only the narrow issue whether the loss or damage caused by his online exploits exceeded $5,000.00. See § 1030(a)(5)(B)(i). Both the Government's opposition memorandum and the district court's ruling on the motion addressed this one issue. Accordingly, "[w]here, as here, a defendant asserts specific grounds for a specific element of a specific count for a Rule 29 motion, he waives all others for that specific count." United States v. Herrera, 313 F.3d 882, 884 (5th Cir.2002) (en banc), cert. denied, 537 U.S. 1242, 123 S.Ct. 1375, 155 L.Ed.2d 213 (2003) (emphasis in original). We thus review his newly raised claim that there was insufficient evidence of the statutorily required mens rea under § 1030(a)(5)(A)(ii) only for a "manifest miscarriage of justice." United States v. Green, 293 F.3d 886, 895 (5th Cir.2002) (internal quotation marks omitted). Under this exacting standard of review, a claim of evidentiary insufficiency will be rejected unless "the record is devoid of evidence pointing to guilt" or if the evidence is "so tenuous that a conviction is shocking." United States v. Avants, 367 F.3d 433, 449 (5th Cir.2004).
Phillips's insufficiency argument takes two parts: that the Government failed to prove (1) he gained access to the TXClass website without authorization and (2) he did so intentionally.
With regard to his authorization, the CFAA does not define the term, but it does clearly differentiate between unauthorized users and those who "exceed authorized access." See § 1030(e)(6) (defining "exceeding authorized access" as "access[ing] a computer with authorization and ... us[ing] such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter ..."); see also §§ 1030(a)(1), (a)(2), (a)(4). Several subsections of the CFAA apply exclusively to users who lack access authorization altogether. See, e.g., §§ 1030(a)(3), (5)(A)(i), (5)(A)(ii), (5)(A)(iii). In conditioning the nature of the intrusion in part on the level of authorization a computer user possesses, Congress distinguished between "insiders, who are authorized to access a computer," and "outside hackers who break into a computer." See S.REP. No. 104-357, at 11 (1996); see also S.REP. No. 99-432, at 10, as reprinted in 1986 U.S.C.C.A.N. 2479, at 2488 (1986) (stating that §§ 1030(a)(3) and (a)(5) "will be aimed at `outsiders'").
Courts have therefore typically analyzed the scope of a user's authorization to access a protected computer on the basis of the expected norms of intended use or the nature of the relationship established between the computer owner and the user. Applying such an intended-use analysis, in United States v. Morris, 928 F.2d 504 (2d Cir.1991), a case involving an invasive procedure that prefigured modern portscanning, the Second Circuit held that transmission of an internet worm designed "to demonstrate the inadequacies of current security measures on computer networks by exploiting ... security defects" was sufficient to permit a jury to find unauthorized access within the meaning of § 1030(a)(5)(A). Morris, 928 F.2d at 505. The Morris court determined that conduct, like "password guessing" or finding "holes in . . . programs," that uses computer systems not "in any way related to their intended function" amounts to obtaining unauthorized access. Id. at 510; see also Creative Computing v. Getloaded.com LLC, 386 F.3d 930 (9th Cir.2004) (internet site administrator's misappropriation of login names and passwords to obtain access to competitor's website violated CFAA); Theofel v. Farey-Jones, 359 F.3d 1066, 1074 (9th Cir.), cert. denied, 543 U.S. 813, 125 S.Ct. 48, 160 L.Ed.2d 17 (2004) (use of an authorized third-party's password by an outside hacker to gain access to a mail server fell within "the paradigm of what [Congress] sought to prohibit [under the Stored Communications Act]"); EF Cultural Travel BV v. Explorica, Inc., 274 F.3d 577, 582 n. 10 (1st Cir.2001) (mentioning in dicta the district court's observation of a "default rule" that conduct is unauthorized for § 1030 purposes "if it is not in line with reasonable expectations of the website owner and its users") (internal quotation marks omitted).
Phillips's brute-force attack program was not an intended use of the UT network within the understanding of any reasonable computer user and constitutes a method of obtaining unauthorized access to computerized data that he was not permitted to view or use. During cross-examination, Phillips admitted that TXClass's normal hourly hit volume did not exceed a few hundred requests, but that his brute-force attack created as many as 40,000. He also monitored the UT system during the multiple crashes his program caused, and backed up the numerical ranges of the Social Security numbers after the crashes so as not to omit any potential matches. Phillips intentionally and meticulously executed both his intrusion into TXClass and the extraction of a sizable quantity of confidential personal data. There was no lack of evidence to find him guilty of intentional unauthorized access.
Phillips makes a subsidiary argument that because the TXClass website was a public application, he, like any internet user, was a de facto authorized user. In essence, Phillips contends that his theft of other people's data from TXClass merely exceeded the preexisting generic authorization that he maintained as a user of the World Wide Web, and he cannot be considered an unauthorized user under § 1030(a)(5)(A)(ii).
This argument misconstrues the nature of obtaining "access" to an internet application and the CFAA's use of the term "authorization." While it is true that any internet user can insert the appropriate URL into a web browser and thereby view the "TXClass Administrative Training System" log-in web page, a user cannot gain access to the TXClass application itself without a valid Social Security number password to which UT has affirmatively granted authorization.4 Neither Phillips, nor members of the public, obtain such authorization from UT merely by viewing a log-in page, or clicking a hypertext link. Instead, courts have recognized that authorized access typically arises only out of a contractual or agency relationship.5 While Phillips was authorized to use his UT email account and engage in other activities defined by UT's acceptable computer use policy, he was never authorized to access TXClass. The method of access he used makes this fact even more plain. In short, the government produced sufficient evidence at trial to support Phillips's conviction under § 1030(a)(5)(A)(ii).
B. Constructive Amendment of the Indictment
For the first time on appeal, Phillips alleges as error that the district court constructively amended his indictment in its jury instructions. The district court charged the jury based on the Government's proposed instruction and a modified version of the Eleventh Circuit's Criminal Pattern Jury Instruction 42.3 that adopts language from §§ 1030(a)(5)(A)(i) and (B)(i). Subsection (i) punishes an individual who "knowingly causes the transmission of a program . . . to a protected computer." Phillips was indicted, however, not for knowingly transmitting a program under § 1030(a)(5)(A)(i), but for intentionally accessing a protected computer under § 1030(a)(5)(A)(ii). As Phillips did not object to the instruction at trial, we review this disparity between the indictment and jury charge for plain error. United States v. Bieganowski, 313 F.3d 264, 287 (5th Cir.2002) (constructive amendment claims raised for the first time on appeal reviewed for plain error).
Phillips asserts that the deviation between the terms of the charged offense and the language of the jury instruction was plain and adversely affected his substantial rights in two ways. First, the jury instruction impermissibly reduced the Government's burden of proof by not requiring the jury to find that he intentionally accessed TXClass without authorization, but instead only that he transmitted a program without authorization. Second, Phillips claims that while § 1030(a)(5)(A)(ii) requires the Government to prove that he "intentionally" accessed a protected computer without authorization, the instruction required the jury to find only that Phillips "knowingly" caused the transmission of a program, not that he knowingly did so without authorization. Put otherwise, Phillips argues that since § 1030(a)(5)(A)(ii)'s scienter element applies to both the phrase "causes the transmission" and "without authorization," the district court erred in submitting an instruction in which the scienter element applied only to the act of transmitting a program.
Constructive amendment of an indictment occurs when the trial court "through its instructions and facts it permits in evidence, allows proof of an essential element of the crime on an alternative basis provided by the statute but not charged in the indictment." United States v. Slovacek, 867 F.2d 842, 847 (5th Cir.), cert. denied, 490 U.S. 1094, 109 S.Ct. 2441, 104 L.Ed.2d 997 (1989) (citing Stirone v. United States, 361 U.S. 212, 215-19, 80 S.Ct. 270, 272-74, 4 L.Ed.2d 252 (1960)). In evaluating whether constructive amendment has occurred, we consider "whether the jury instruction, taken as a whole, is a correct statement of the law and whether it clearly instructs jurors as to the principles of law applicable to the factual issues confronting them." United States v. Guidry, 406 F.3d 314, 321 (5th Cir.2005) (internal quotation marks omitted).
With respect to Phillips's first argument, the district court's instruction plainly modified an essential element of the charged offense by supporting the act of accessing a protected computer under subsection (ii) on the basis of transmitting a program under subsection (i). See, e.g., United States v. Reyes, 102 F.3d 1361 (5th Cir. 1996) (jury instruction permitting conviction based on proof of conspiracy to possess with the intent to distribute marijuana constructively amended indictment that charged not conspiracy, but the substantive offense itself). This was a classic constructive amendment. Why the Government overlooked the inconsistency between the statutory provision cited in the indictment and the provision described in the jury charge is a mystery.
We nonetheless find no reversible plain error with respect to the transmission/access discrepancy. Phillips gained access to TXClass by the act of transmitting the brute-force attack program. The factual predicates for Phillips's particular conviction under the jury charge and the indictment — knowingly transmitting a program and intentionally accessing a protected computer — are identical. There is no conceivable basis upon which the jury could have concluded that Phillips transmitted the program and obtained information from UT's database without having also accessed a protected computer. The instruction on this element of the charged offense, although incorrect, was immaterial.
Phillips's second argument is that the indictment charged him with "intentionally access[ing] a protected computer without authorization," while the jury instruction only required that he "knowingly" transmitted the program.
We agree that the plain language of the statute, tracked in the indictment, indicates that the actus reus was the intentional unauthorized access of a protected computer. In fact, the 1986 amendment to § 1030(a)(5) changed the scienter requirement from "knowingly" to "intentionally" because of Congress's concern that the "knowingly" standard "might be inappropriate for cases involving computer technology."6 See S.REP. No. 99-432, at 5, as reprinted in 1986 U.S.C.C.A.N. 2479, 2483 (1986); Morris, 928 F.2d at 507.7
The district court instructed the jury that to convict, it must find that Phillips "knowingly caused the transmission of a program" and that he "so acted without the authorization" of appropriate persons or entities. This instruction, as Phillips contends, does not fully convey that the jury must find that Phillips intentionally acted without authorization. However, as discussed above in the context of his sufficiency claim, the evidence leaves no doubt that Phillips knew he was unauthorized to transmit an invasive computer program designed to gain access to the TXClass system and to steal thousands of Social Security numbers. It beggars belief that, having transmitted such a program, Phillips did not intend to access a protected computer and that he access be unauthorized.8 To the extent the jury instructions were wrong, the errors did not affect Phillips's substantial rights. See Bieganowski, supra.
C. Lesser-Included Offense Instruction
Phillips next contends that the district court improperly failed to instruct the jury on a lesser-included offense under § 1030(a)(5)(A)(iii), which is a misdemeanor.9 Phillips's counsel actually raised this issue at trial, and the judge invited him to submit relevant authority, but he did not pursue the claim further or submit a proposed charge, and he failed to object to the jury charge. That defense counsel remained aware of the distinction between the mens rea requirements in the charged offense and the lower standard of conduct and damage betokened in the misdemeanor offense is clear from his closing argument; he observed that Phillips must be shown to have acted "recklessly" rather than with negligence.
We construe this train of events as a waiver of the argument Phillips now urges. Waiver is an "affirmative choice by the defendant to forego any remedy available to him, presumably for real or perceived benefits." United States v. Dodson, 288 F.3d 153, 160 (5th Cir.2002); see also United States v. Olano, 507 U.S. 725, 113 S.Ct. 1770, 123 L.Ed.2d 508 (1993) (waiver is the intentional relinquishment of a known right). The known right here was the at least arguable right to obtain a lesser-included offense instruction for a misdemeanor. The perceived benefit lay in counsel's strategic decision to pursue full acquittal if he could persuade the jury that Phillips hadn't recklessly caused damage. The judicial system can self-correct only if counsel voices an objection clearly at the proper time in the proceedings. Dropping hints as to a trial court's error, and awaiting the trial outcome to pursue the objection further, is inconsistent with counsel's duty of candor and clarity. This objection was waived. See United States v. Salerno, 108 F.3d 730, 740 (7th Cir.1997) (defendant's "lack of request for such an instruction coupled with his affirmative acceptance of the court's final jury instructions demonstrates that he intentionally relinquished his known right").
D. Restitution Award
Finally, Phillips contends that the district court erred in its award of restitution for costs incurred by UT in conducting a computer damage and systems evaluation and contacting individuals whose biographical information and Social Security numbers were stolen. Since Phillips raises this issue for the first time on appeal, we review the award for plain error. United States v. Garza, 429 F.3d 165, 169 (5th Cir.2005). There is no error at all.
A defendant sentenced under provisions of the Mandatory Restitution to Victims Act ("MRVA"), 18 U.S.C. § 3663A, is responsible for providing restitution only to victims who were directly and proximately harmed by the conduct underlying the offense for which he was convicted. See 18 U.S.C. § 3663A(a)(2); United States v. Griffin, 324 F.3d 330, 368 (5th Cir.2003). The MRVA applies to cases in which an identifiable victim has suffered "pecuniary loss," see 18 U.S.C. § 3663A(c)(1)(B), and expressly permits reimbursement of victims for "expenses incurred during participation in the investigation or prosecution" of the predicate offense. See § 3663A(b)(4).
Relying on United States v. Schinnell, 80 F.3d 1064 (5th Cir.1996), Phillips asserts that restitution of money spent by UT in contacting the victims of his electronic intrusions is barred by § 3663A(b)(1), a provision that precludes an award of "consequential damages." Schinnell, 80 F.3d at 1070-71;10 see also United States v. Onyiego, 286 F.3d 249, 256 (5th Cir.2002) (district court award of restitution for legal fees victim incurred in defending collection actions caused by defendant's crime barred by § 3663A(b)(1)).
Schinnell's reasoning is inapplicable to the instant case. First, Schinnell involved a separate restitutionary provision, while § 3663A(b)(4), applicable here, explicitly authorizes restitution of expenses "incurred during participation in the investigation or prosecution of the offense." UT was a victim, and it collaborated with the investigation and incurred costs to notify other victims of Phillips's data theft in order to determine whether they had suffered further damage.
Second, Schinnell involved a violation of § 1343, the federal wire fraud statute, not § 1030(a)(5)(ii). The CFAA, unlike § 1343, precisely defines the nature of the loss resulting from unauthorized access of a protected computer that Congress sought to remedy: [T]he term "loss" means any reasonable cost to any victim, including the cost of responding to an offense, conducting a damage assessment, and restoring the data, program, system, or information to its condition prior to the offense, and any revenue lost, cost incurred, or other consequential damages incurred because of interruption of service . . . .
§ 1030(e)(11); see also S.REP. No. 99-432, at 11, as reprinted in 1986 U.S.C.C.A.N. 2479, 2488-89 (1986). Schinnell is based on a wholly distinguishable statutory framework.
For the foregoing reasons, the conviction and sentence are AFFIRMED.
Port scanning is a technique used by computer hackers by which an individual sends requests via a worm or other program to various networked computer ports in an effort to ascertain whether particular machines have vulnerabilities that would leave them susceptible to external intrusion. Often used as an initial step in launching an attack on another computer or transmitting a virus, port scanning is a relatively unsophisticated, but highly effective, reconnaissance method, likened at trial by UT's information technology chief as the electronic equivalent of "rattling doorknobs" to see if easy access can be gained to a room
"Brute-force attack" is term of art in computer science used to describe a program designed to decode encrypted data by generating a large number of passwords
Section 1023(a)(6) was amended on April 30, 2003, by adding the phrase "knowingly possesses an authentication feature of the United States which is stolen." Because the last act Phillips committed that would qualify for punishment under this provision occurred on March 2, 2003, the district court correctly dismissed the conviction under this count as violative of the Ex Post Facto clause, U.S. CONST. art. I, § 9
Phillips's contention that an individual's ability to view TXClass's log-in webpage amounts to a general grant of authorized access to the public-at-large is unsupported by various judicial interpretations of what constitutes obtaining access to a protected computerSee, e.g., State v. Allen, 260 Kan. 107, 917 P.2d 848 (1996) (under Kansas computer crime statute, until a computer user proceeds beyond introductory banners and log-in screens by use of a password, he has not accessed the program); State v. Riley, 121 Wash.2d 22, 846 P.2d 1365 (1993) (en banc) (attempted entry into computer using randomly generated passwords is not access until a successful password is found allowing entry); see also Role Models, Inc. v. Jones, 305 F.Supp.2d 564 (D.Md.2004) (mere receipt of information from a protected computer is not equivalent to obtaining access under CFAA).
See, e.g., Int'l Airport Ctrs. LLC v. Citrin, 440 F.3d 418 (7th Cir.2006) (authorized access to company computer terminated when employee violated employment contract); EF Cultural Travel BV v. Explorica, Inc., 274 F.3d 577 (1st Cir.2001) (confidentiality agreement defined authorized access to travel company's computerized pricing information); United States v. Czubinski, 106 F.3d 1069 (1st Cir. 1997) (employer assignment of a confidential password created authorization); Pac. Aerospace & Elecs., Inc. v. Taylor, 295 F.Supp.2d 1188 (E.D.Wash.2003) (former employees' unauthorized access in violation of confidentiality and employment agreements merited imposition of preliminary injunction); Shurgard Storage Ctrs., Inc. v. Safeguard Self-Storage, Inc., 119 F.Supp.2d 1121 (W.D.Wash. 2000) (employees not authorized to obtain proprietary information from former employer because agency relationship had terminated); YourNetDating, Inc. v. Mitchell, 88 F.Supp.2d 870 (N.D.Ill.2000) (programmer's hacking of former employer's dating service website that redirected users to a pornographic website was unauthorized access and merited temporary restraining order).
Discussion of the changes to the scienter elements of § 1030 in the Senate report focused on § 1030(a)(2), but the same alteration of "knowingly" to "intentionally" was made to § 1030(a)(5)(A)(ii) and the report explicitly states that "[t]he `intentional' standard [in new subsection § 1030(a)(5)] is the same as that employed in Section 2(a)(1) and 2(b)(1) of the bill." S.REP. No. 99-432, at 10 (1986),as reprinted in 1986 U.S.C.C.A.N. 2479, 2488 (1986).
Compare §§ 1030(a)(5)(A)(i) and (ii), with § 1030(a)(1), which criminalizes the act of knowingly "exceed[ing] authorized access," without a requirement of intentional conduct.
We note that, in any event, the district court rectified its error in misstating the scienter requirement as applied to Phillips's access. The court instructed the jury that "knowingly" means "that the act was done voluntarily and intentionally, not because of mistake or accident."
Section 1030(a)(5)(A)(ii) applies to whoever "intentionally accesses a protected computer without authorization, and as a result of such conduct recklessly causes damage...." In contrast, § 1030(a)(5)(A)(iii) does not contain a scienter element with respect to causing damage following unauthorized access, but applies to anyone who "intentionally accesses a protected computer without authorization, and as the result of such conduct, causes damage" irrespective of mens rea and of any minimum damage requirement
The differing degrees of culpability envisioned by Congress for the two subsections are reflected in the punishments Congress allotted to their violation. According to § 1030(c)(2)(A), violation of subsection (a)(5)(A)(iii), i.e., intentional unauthorized access and subsequent damage however caused, is a Class A misdemeanor punishable by a fine or imprisonment not exceeding one year, or both. See 18 U.S.C. § 3559(a)(6). Subsection (a)(5)(A)(ii), however, is a Class E felony, see 18 U.S.C. § 3559(a)(5), punishable by fine, imprisonment not exceeding five years, or both. § 1030(c)(4)(B).
Section 3663A(b)(1) applies to "offense[s] resulting in damage to or loss or destruction of property" and limits restitution to either the return of the property, or if return is impossible, impracticable, or inadequate, to the greater of the value of the property on the date of the loss or its value at sentencingSchinnell involved interpretation of § 3663(b)(1) of the Victim and Witness Protection Act, 18 U.S.C. § 3663, which is identical to the MRVA's § 3663A(b)(1). See Schinnell, 80 F.3d at 1070.