Filed 6/28/16
                            CERTIFIED FOR PUBLICATION

                COURT OF APPEAL, FOURTH APPELLATE DISTRICT

                                     DIVISION ONE

                                STATE OF CALIFORNIA



THE PEOPLE,                                       D067863

        Plaintiff and Respondent,

        v.                                        (Super. Ct. No. SCD252338)

KEVIN CHRISTOPHER BOLLAERT,

        Defendant and Appellant.


        APPEAL from a judgment of the Superior Court of San Diego County, David M.

Gill, Judge. Affirmed.

        Patrick J. Hennessey, Jr., under appointment by the Court of Appeal, for

Defendant and Appellant.

        Kamala D. Harris, Attorney General, Gerald A. Engler and Julie L. Garland,

Assistant Attorneys General, Eric A. Swenson, Junichi P. Semitsu, Garrett A. Gorlitsky,

Deputy Attorneys General, and Steven Taylor Oetting, Deputy Solicitor General, for

Plaintiff and Respondent.
       A jury convicted Kevin Christopher Bollaert of extortion (Pen. Code,1 § 520;

counts 3, 16, 18, 21, 27, 29) and the unlawful use of personal identifying information

(§ 530.5, subd. (a); counts 2, 4-15, 17, 19, 20, 22-24, 26, 28), stemming from his

operation of Web sites, "UGotPosted.com," through which users posted private, intimate

photographs of others along with that person's name, location and social media profile

links, and "ChangeMyReputation.com," through which victims could pay to have the

information removed. As to some of the victims, the jury unanimously found that

Bollaert committed the unlawful act of an invasion of privacy by disclosure of private

facts. The trial court declared a mistrial as to one of the identity theft charges (count 25)

and a conspiracy charge (count 1). It sentenced Bollaert to a split sentence of 18 years:

eight years of local confinement followed by 10 years of mandatory supervision.2

       Bollaert contends his convictions under section 530.5, subdivision (a) must be

reversed for insufficient evidence because (1) he is immunized from liability under

section 530.5, subdivision (f) as an "interactive computer service" or "access software

provider" within the meaning of the Communications Decency Act (the CDA; 47 U.S.C.




1      Statutory references are to the Penal Code unless otherwise specified.

2       The court had initially sentenced Bollaert to 18 years in county jail, consisting of
the three-year midterm on count 3, consecutive eight-month terms (one-third the
midterm) on counts 4-15, 17, 19, 20, 22-26 and 28, and consecutive one-year terms (one-
third the midterm) on counts 16, 18, 21, 27 and 29. The court imposed but stayed under
section 654 a two-year midterm on count 2. It later recalled Bollaert's sentence and in
September 2015 imposed the split sentence set forth above.

                                              2
§ 230(c)(1));3 (2) he did not take action to develop or create the content of his Web site,

and therefore was not liable as an "information content provider" as defined by the CDA;

and (3) he did not willfully obtain the personal identifying information for an unlawful

purpose. Bollaert further contends there is insufficient evidence supporting his extortion

convictions because he did not directly or implicitly threaten any of the victims to expose

any secret; the alleged secrets—the photographs—were already in the public domain; and

he merely engaged in a business practice whereby legally posted information could be

removed. Finally, Bollaert contends the trial court erred by giving the jury instructions

on civil liability—CACI Nos. 1800 and 1801—regarding intrusion into private affairs

and public disclosure of private facts.

       We conclude the evidence is sufficient to support Bollaert's convictions for

unlawful use of personal identifying information as well as extortion, and that the jury's

rejection of CDA immunity is likewise supported by evidence that Bollaert developed, at

least in part, the offensive content on his Web site by requiring users to input private and

personal information as a condition of posting the victims' pictures, making him an

information content provider within the meaning of the CDA. We further conclude

Bollaert invited the claimed instructional error, but hold in any event that he has not

shown error in the instructions as a whole. We affirm the judgment.




3      References to title 47 United States Code section 230 will at times be referred to
as section 230.
                                              3
                 FACTUAL AND PROCEDURAL BACKGROUND4

      In 2012, 2013 and 2014, a number of individuals discovered that photographs of

themselves, including nude photographs, as well as their names, hometowns, and social

media addresses, had been posted without their permission on a Web site,

UGotPosted.com. Most of the pictures were taken by or for former significant others or

friends.5 Some of the pictures the victims had taken on their own phones or placed on

personal webpages for private viewing by themselves or select others. Some had been

taken while the victim was drugged and in a compromised state or otherwise unaware of

the photographing. Victims received harassing and vulgar messages from strangers.

Many of the victims contacted the Web site administrator at UGotPosted.com to try to get

their photographs and information removed without success. One of the victims testified

that when she tried to communicate with the UGotPosted contact, she reached a person

named "James Smith," not realizing it was Bollaert, who told her that to remove her

photos she would have to provide two forms of identification and show an unspecified

sign. The UGotPosted Web site contained a link to another Web site,

ChangeMyReputation.com, where victims were told that for payment of a specified

amount of money, their pictures and information would be taken down. Six of the



4      Some of the factual background is taken from a surreptitiously taped interview of
Bollaert by special agents with the Department of Justice, which was played to the jury at
trial.

5      One witness testified she unwillingly sent the pictures via text to a boy who
harassed, stalked and threatened her for the photographs. Two other victims had sent the
photographs to another person in connection with a dating application.
                                            4
victims paid money to an account on ChangeMyReputation.com to have their pictures

removed from the Web site.

       Bollaert was the administrator and registered owner of the UGotPosted Web site.

He created it with another person, Eric Chanson, who eventually declined to participate

and transferred his interest to Bollaert. Bollaert was in control of the Web site, and he

managed and maintained it; changed, added and deleted content; and updated software

that operated the site. He designed the Web site so that he had to review the content

before it was posted, and it had "required fields" by which a user who wanted to post

pictures of another person had to input that other person's full name, age, location ("city,

state, country") and Facebook link. Bollaert had the only user account on the computer;

he looked at every single post that came through the Web site and decided what would

get posted on it, placed watermarks on each photograph to discourage others from

stealing the pictures, and accessed the site remotely. He kept a spreadsheet recording

every single post. Bollaert would not post pictures that he deemed "garbage," including

pictures that did not include nude persons. He removed pictures of minors and some

other content depending on the nature of the request. He moderated and approved the

comments that were posted on the Web site, and edited the contents of the posts. At

some point, Bollaert received about $800 or $900 in monthly income from advertising off

the site. Bollaert felt the Web site was "kinda fun and entertaining" at the beginning, but

he later took it down because it was causing him stress and "ruining his life."

       Bollaert also set up and managed the Web site ChangeMyReputation.com, to

which individuals who had pictures posted on the UGotPosted site would be directed and

                                              5
told they could pay money to have the information removed. A Department of Justice

forensic auditor determined that victims paid a total of $30,147.73, which eventually was

forwarded to Bollaert's personal PayPal account. Law enforcement later used Bollaert's

site to contact victims. At one point, a legal analyst with the Attorney General's office

created a user account and attempted to post pictures of her pet cats on the Web site, but

they never appeared.

       At trial, the People proceeded on the charges of unlawful use of personal

identifying information (§ 530.5, subd. (a)) under three theories: That Bollaert, without

authorization, willfully obtained the victims' personal identifying information via the

design, maintenance and operation of the Web site UGotPosted.com for the unlawful

purpose of annoying or harassing via electronic communication device under section

653m, subdivision (a).6 Or, that Bollaert, without authorization, willfully obtained the

victims' personal identifying information for the unlawful purpose of an invasion of

privacy either via public disclosure of private facts, or intrusion into private affairs.

Bollaert defended in part on grounds his Web site was an interactive computer service or

access software provider expressly immunized under subdivision (f) of section 530.5


6      Section 653m, subdivision (a), provides: "Every person who, with intent to annoy,
telephones or makes contact by means of an electronic communication device with
another and addresses to or about the other person any obscene language or addresses to
the other person any threat to inflict injury to the person or property of the person
addressed or any member of his or her family, is guilty of a misdemeanor. Nothing in
this subdivision shall apply to telephone calls or electronic contacts made in good faith."
" 'The purpose of section 653m is to deter people from making harassing telephone calls
with the intent to annoy and thus, to secure an individual's right to privacy against
unwanted intrusion.' " (People v. Powers (2011) 193 Cal.App.4th 158, 164.)

                                               6
because there was no evidence of intent to defraud, and was also protected under the

CDA. The court instructed the jury on these theories and Bollaert's defense at Bollaert's

request.7

                                      DISCUSSION

     I. Convictions for Unlawful Use of Personal Identifying Information (§ 530.5)

       Bollaert contends the evidence is insufficient to support his convictions under

section 530.5 under any of the prosecution's theories. He continues to maintain that his

Web site is an interactive computer service or access software provider subject to

immunity under the CDA and section 530.5, subdivision (f), and that the People

presented no evidence he possessed any personal information with the intent to defraud.

He further argues that he cannot be an information content provider under the CDA

(§ 230, subd. (f)) because in operating the Web site, he "took no action that amounted to

developing or creating the content," similar to the defendants who were held immune

from tort liability in Zeran v. America Online, Inc. (4th Cir. 1997) 129 F.3d 327 (Zeran),



7       In addition to CALCRIM No. 2040 as to unauthorized use of personal identifying
information, the court instructed the jury with special instruction No. 1 at Bollaert's
request. That special instruction reads in part as follows: "The defendant has been
prosecuted for the unauthorized use of personal identifying information under three
separate theories: (i) violation of Penal Code section 653m; (ii) public disclosure of
private facts; and (iii) intrusion into private affairs. Each theory has different
requirements as set forth in these instructions. [¶] You may not find the defendant guilty
of unauthorized use of personal identifying information unless all of you agree that the
People have proved that the defendant committed that crime under at least one of these
theories. You do not all need to agree on the same theory." The court also specified the
three unlawful purposes required for the unauthorized use of personal identifying
information via special instruction No. 2 (violation of section 653m), CACI No. 1800
(intrusion into private affairs) and CACI No. 1801 (public disclosure of private facts).
                                             7
Carafano v. Metrosplash.com Inc. (9th Cir. 2003) 339 F.3d 1119 (Carafano), and Jones

v. Dirty World Entertainment Recordings LLC (6th Cir. 2014) 755 F.3d 398 (Jones).) He

additionally argues that with regard to actions not protected by the CDA, there is no

evidence he willfully obtained someone else's personal identifying information without

that person's consent and used it for an unlawful purpose.

A. Standard of Review

       The principles governing sufficiency of the evidence claims are "clear and well

settled." (People v. Abilez (2007) 41 Cal.4th 472, 504.) " 'The proper test . . . is whether,

on the entire record, a rational trier of fact could find the defendant guilty beyond a

reasonable doubt. [Citations.] On appeal, we must view the evidence in the light most

favorable to the People and must presume in support of the judgment the existence of

every fact the trier could reasonably deduce from the evidence.' " (People v. Perez

(2010) 50 Cal.4th 222, 229; People v. Rangel (2016) 62 Cal.4th 1192, 1212-1213

[relevant question is " ' "whether, after viewing the evidence in the light most favorable to

the prosecution, any rational trier of fact could have found the essential elements of the

crime beyond a reasonable doubt" ' "].) " ' " 'Circumstantial evidence may be sufficient to

connect a defendant with the crime and to prove his guilt beyond a reasonable doubt.' " ' "

(People v. Abilez, at p. 504.) "If the circumstances reasonably justify the trier of fact's

findings, reversal of the judgment is not warranted simply because the circumstances

might also reasonably be reconciled with a contrary finding." (People v. Lindberg (2008)

45 Cal.4th 1, 27.) We may reverse for lack of substantial evidence only if " ' "upon no



                                              8
hypothesis whatever is there sufficient substantial evidence to support" ' the jury's

verdict." (People v. Zamudio (2008) 43 Cal.4th 327, 357.)

B. Section 530.5 and CDA Immunity

       Section 530.5, subdivision (a), proscribes the unauthorized use of personal

identifying information (conduct often referred to as "identity theft"). (People v. Barba

(2012) 211 Cal.App.4th 214, 226; People v. Hagedorn (2005) 127 Cal.App.4th 734, 743-

744.) It provides: "Every person who willfully obtains personal identifying information,

as defined in subdivision (b) of Section 530.55, of another person, and uses that

information for any unlawful purpose . . . is guilty of a public offense . . . . " (§ 530.5,

subd. (a).) Personal identifying information includes "any name, address [and] . . . date

of birth" as well as "unique electronic data including information identification number

assigned to the person, address or routing code . . . ." (§ 530.55, subd. (b).) "The

elements of the crime defined by the language of the statute may be summarized as

follows: (1) that the person willfully obtain personal identifying information belonging

to someone else; (2) that the person use that information for any unlawful purpose; and

(3) that the person who uses the personal identifying information do so without the

consent of the person whose personal identifying information is being used." (People v.

Barba, at p. 223; see also People v. Tillotson (2007) 157 Cal.App.4th 517, 533.)




                                               9
       Subdivision (f) of section 530.5 provides: "An interactive computer service or

access software provider as defined in subsection (f) of [the CDA]8 shall not be liable

under this section unless the service or provider acquires, transfers, sells, conveys, or

retains possession of personal information with the intent to defraud."

       In the CDA, Congress declared that "[n]o provider or user of an interactive

computer service shall be treated as the publisher or speaker of any information provided

by another information content provider." (§ 230, subd. (c)(1).) The CDA further states:

"No cause of action may be brought and no liability may be imposed under any State or

local law that is inconsistent with this section." (§ 230, subd. (e)(3).) These provisions

have been held to confer broad immunity against defamation and other civil liability for

those who use the Internet to publish information originating from another source. (See

Barrett v. Rosenthal (2006) 40 Cal.4th 33, 39; Doe II v. MySpace Inc. (2009) 175

Cal.App.4th 561, 568; Fair Housing Counsel of San Fernando Valley v. Roommates.com,

LLC (9th Cir. 2008) 521 F.3d 1157, 1162 (Roommates) (en banc); Carafano, supra, 339




8      Under the CDA, an interactive computer service includes an access software
provider, though it defines the two separately. The CDA defines an interactive computer
service as "any information service, system, or access software provider that provides or
enables computer access by multiple users to a computer server, including specifically a
service or system that provides access to the Internet and such systems operated or
services offered by libraries or educational institutions." (§ 230, subd. (f)(2).) It defines
an access software provider as "a provider of software (including client or server
software), or enabling tools that do any one or more of the following: [¶] (A) filter,
screen, allow, or disallow content; [¶] (B) pick, choose, analyze, or digest content; or
[¶] (C) transmit, receive, display, forward, cache, search, subset, organize, reorganize, or
translate content." (§ 230, subd. (f)(4).) The People do not dispute that the Web site
UGotPosted.com is an interactive computer service.
                                             10
F.3d at p. 1122; Batzel v. Smith (9th Cir. 2003) 333 F.3d 1018, 1026; Zeran, supra, 129

F.3d at pp. 330-331.)

           Section 530.5, subdivision (f) sets forth an exemption for interactive computer

services or access software providers within the meaning of the CDA, but the California

Legislature limited that exemption to interactive computer services that do not act with

the intent to defraud. Thus, if an interactive computer service acquires or retains personal

identifying information with the intent to defraud, it will be criminally liable under the

statute. Under the CDA, however, an interactive computer service likewise loses its

immunity if it also functions as an "information content provider" for the portion of the

statement or publication at issue. (Roommates, supra, 521 F.3d at p. 1162; Carafano,

supra, 339 F.3d at pp. 1123, 1125; Doe II v. MySpace Inc., supra, 175 Cal.App.4th at

p. 568.) The CDA defines an information content provider as "any person or entity that

is responsible, in whole or in part, for the creation or development of information

provided through the Internet or any other interactive computer service." (§ 230, subd.

(f)(3).)

C. The Evidence Demonstrates Bollaert Willfully Obtained the Victims' Personal

Identifying Information and Used It for an Unlawful Purpose

           Before we reach the question of CDA immunity, we address Bollaert's challenge

to the evidence supporting the elements of section 530.5 liability. He first argues the

evidence does not support a finding that he willfully obtained any personal identifying

information of the alleged victims. He points out it was the third parties—ex-boyfriends

or personal enemies—who submitted the personal information and maintains he only

                                                11
"provided the opportunity for third parties to post the information of their choice."

According to Bollaert, imposing liability for his conduct would "criminalize the business

practice of merely hosting a website." Bollaert further contends there is no evidence he

used the identifying information for an unlawful purpose. As we explain, the contentions

are meritless.

       1. Willful Conduct

       " 'The word "willfully," when applied to the intent with which an act is done or

omitted, implies simply a purpose or willingness to commit the act, or make the omission

referred to.' In other words, '[t]he word "willfully" as generally used in the law is a

synonym for "intentionally," ' [citation], and ' ". . . implies no evil intent; ' "it implies

that the person knows what he is doing, intends to do what he is doing and is a free

agent." ' " ' " (In re Rolando S. (2011) 197 Cal.App.4th 936, 941.) In Rolando S., the

Court of Appeal upheld a petition finding a minor willfully obtained personal identifying

information of another in violation of section 530.5—the victim's e-mail account

password—even though the minor had received the password in an unsolicited text

message, and then accessed the victim's Facebook page to write "sexually explicit and

vulgar comments on the victims' [sic] friends' walls, accessible by the victims' [sic]

friends and acquaintances," thereby "clearly expos[ing] the victim to hatred, contempt,

ridicule and obloquy . . . ." (Id. at p. 947.) The court held the minor willfully obtained

the password when he chose to remember it and affirmatively used it to gain access to the

victim's electronic accounts: "Appellant freely accepted the password information

provided in the text message" and "no evidence suggests [he] was forced to remember the

                                               12
password or otherwise keep a record of it so that he could use it later, as he admitted to

doing. . . . [A]ppellant willfully obtained the password information from the text

message, knowing that he was continuing to possess the password, intending to do so,

and was a free agent when securing the password for his future use." (Id. at pp. 941.)

       Here, the evidence shows Bollaert designed the UGotPosted Web site for the

specific purpose of eliciting nude photographs and private information of other persons;

the information was not provided to him by the victims depicted in the photographs

whose names and locations were used. Because Bollaert "freely accepted" all of the

victims' personal information, intended to continue to possess it, and used it for his own

purposes, i.e., for display on his Web site and receipt of advertising income as well as

payments from ChangeMyReputation.com, Bollaert willfully obtained the information

for purposes of section 530.5. (In re Rolando S., supra, 197 Cal.App.4th at p. 941.)

       2. Unlawful Purpose

       We further conclude substantial evidence demonstrates Bollaert obtained and

retained the information for an unlawful purpose, namely, to invade the victims' privacy.

In In re Rolando S., the court was faced with the minor's claim that he did not use the

victim's information for an unlawful purpose, because at most he " 'possibly defamed' the

victim" and such civil torts did not meet that standard. (In re Rolando S., supra, 197

Cal.App.4th at p. 942.) In addressing that contention, the court examined the legislative

history of section 530.5, specifically the 1998 amendment to the statute that added the

phrase "any unlawful purpose" (Stats. 1998, ch. 488, § 1, p. 3531) and observed that the

Legislature "clearly intended to greatly expand the scope of unlawful conduct underlying

                                             13
the identity theft offense." (Rolando S., at pp. 944-945.) The court applied the California

Supreme Court's definition of "unlawful," stating: "Our Supreme Court has defined the

term 'unlawful' to include wrongful conduct which is not criminal. In determining the

scope of the term, it held that an act is 'unlawful . . . if it is proscribed by some

constitutional, statutory, regulatory, common law, or other determinable legal standard.

[Citations.]' [Citation.] Under this definition, unlawful conduct includes acts prohibited

by the common law or nonpenal statutes, such as intentional civil torts." (Rolando S., at

p. 946, citing Korea Supply Co. v. Lockheed Martin Corp. (2003) 29 Cal.4th 1134, 1159

& fn. 11; see also Edwards v. Arthur Andersen, LLP (2008) 44 Cal.4th 937, 944.)

       Thus, the term "unlawful" as used in section 530.5 includes intentional civil torts,

including those relied upon by the People here: invasion of privacy by means of intrusion

into private affairs and public disclosure of private facts. (See Shulman v. Group W

Productions, Inc. (1998) 18 Cal.4th 200, 214, 231 (Shulman) [discussing elements of

both causes of action].) Bollaert does not, in his opening brief, separately address the

torts, but rather sets out only the elements of the intrusion tort as the elements of

"invasions of privacy." Because he does not address the public disclosure tort or its

elements—(1) public disclosure (2) of a private fact (3) that would be offensive and

objectionable to the reasonable person and (4) which is not of legitimate public concern

(Shulman, at p. 214)—on the public disclosure tort theory of unlawful use alone we may

affirm Bollaert's 530.5 convictions.

       Nevertheless, we conclude substantial evidence supports the jury's verdicts on a

theory of invasion of privacy based on intrusion into private affairs. "A privacy violation

                                               14
based on the common law tort of intrusion has two elements. First, the defendant must

intentionally intrude into a place, conversation, or matter as to which the plaintiff has a

reasonable expectation of privacy. Second, the intrusion must occur in a manner highly

offensive to a reasonable person." (Hernandez v. Hillsides, Inc. (2009) 47 Cal.4th 272,

286; see Shulman, supra, 18 Cal.4th at p. 231 [" '[o]ne who intentionally intrudes,

physically or otherwise, upon the solitude or seclusion of another or his private affairs or

concerns, is subject to liability to the other for invasion of his privacy, if the intrusion

would be highly offensive to a reasonable person' "].) "To prove actionable intrusion, the

plaintiff must show the defendant penetrated some zone of physical or sensory privacy

surrounding, or obtained unwanted access to data about, the plaintiff." (Shulman, at

p. 232, italics added.)

       Bollaert suggests that liability for this tort would attach only to the third parties

who "of their own free will" posted the offensive content without the victim's permission;

that he is not responsible because he "could not tell from the submissions whether the

people submitting the photos were submitting photos of themselves or other people

without their permission." Interpreting this challenge as directed to the intent element,

we reject it. As the People point out, the tort is proven where the defendant obtains

unwanted access to private data about the plaintiff (Shulman, supra, 18 Cal.4th at

p. 232), and evidence of Bollaert's willful receipt of the intimate photographs from others

without the victims' consent meets that standard. Additionally, the evidence contradicts

Bollaert's assertions concerning his lack of knowledge, as the evidence shows he required

users to post both their own e-mail address, as well as the full name of the victim and the

                                               15
victim's Facebook link. The People's forensic computer expert testified that Bollaert

viewed the Facebook pages of victims on 2,300 occasions, permitting the jury to

conclude that Bollaert indeed sought to verify the identity of the persons in the

photographs.

       Bollaert further suggests the plaintiffs did not have an objectively reasonable

expectation of privacy in their photographs, because "[m]ost, if not all of the alleged

victims admitted they knowingly took or allowed to be taken the photos which they then

in turn shared with other people." He maintains "there was no evidence the victims

retained their right to the images once they willingly distributed them over the Internet or

gave them to third parties." These arguments ignore evidence that two of the victims did

not knowingly permit the pictures to be taken but were photographed unbeknownst to

them or while they were in a compromised state. It also ignores evidence that Bollaert

required users of his site to also post other private information in conjunction with the

photos: the victims' full name and location together, information that many persons would

reasonably expect to remain private and not exposed on a public Internet Web site.

       As for the victims' photographs themselves, the People correctly point out that

complete confidentiality or privacy is not required. The California Supreme Court has

recognized limited privacy interests in private communications to others that the press

had intercepted for wider dissemination, and its holdings by extension compel the

conclusion in this case that the victims' acts of sharing their intimate photographs with a

limited number of persons did not extinguish their expectation of privacy as to the

Internet or the outside world in general. (See Sanders v. American Broadcasting

                                             16
Companies (1999) 20 Cal.4th 907, 911 [an intrusion cause of action "is not defeated as a

matter of law simply because the events or conversations upon which the defendant

allegedly intruded were not completely private from all other eyes and ears"]; Hernandez

v. Hillsides, Inc., supra, 47 Cal.4th at p. 289.) In Hernandez, the court, summarizing and

quoting its holding in Sanders, stated that "privacy expectations can be reasonable even if

they are not absolute. '[P]rivacy, for purposes of the intrusion tort, is not a binary, all-or-

nothing characteristic. There are degrees and nuances to societal recognition of our

expectations of privacy: the fact that the privacy one expects in a given setting is not

complete or absolute does not render the expectation unreasonable as a matter of law.' "

(Hernandez, at p. 289.) Thus, in Sanders, where a reporter secretly videotaped and

recorded a plaintiff's interactions with other persons in an area that was closed to the

public but where coworkers could be seen and heard nearby, the court held the plaintiff

could nevertheless have a cause of action for invasion of privacy by intrusion based on

the reporter's covert videotaping. (Sanders, 20 Cal.4th at pp. 914, 917-918, 923.)

"Defendants' claim, that a 'complete expectation of privacy' is necessary to recover for

intrusion, . . . fails as inconsistent with case law as well as with the common

understanding of privacy. Privacy, for purposes of the intrusion tort must be evaluated

with respect to the identity of the alleged intruder and the nature of the intrusion. . . .

[A]n employee may, under some circumstances, have a reasonable expectation of visual

or aural privacy against electronic intrusion by a stranger to the workplace, despite the

possibility that the conversations and interactions at issue could be witnessed by

coworkers or the employer." (Id. at pp. 917-918; see also id. at p. 923 ["the possibility of

                                              17
being overheard by coworkers does not, as a matter of law, render unreasonable an

employee's expectation that his or her interactions within a nonpublic workplace will not

be videotaped in secret by a journalist"].)

       In this case, there is no question based on the evidence concerning the inherently

personal nature of the images, the testimony of the victims who sent their images only to

another person or select others, the victims' generally shocked and horrified reaction to

the display of those images on Bollaert's Web site, and their attempts to get them

removed, that the jury could conclude each of those victims reasonably expected his or

her images to be private as to that person or persons to whom they were sent.

       Given the foregoing conclusions, we need not decide whether the evidence is

likewise sufficient to support Bollaert's section 530.5 conviction on the theory he acted

with the unlawful purpose to annoy or harass the victims by means of an electronic

communication device in violation of section 653m, subdivision (a). Even if we were to

assume arguendo the People's theory of unlawful purpose under section 653m,

subdivision (a) was unsupported by the evidence, we may uphold Bollaert's convictions

on the other two theories. This court has stated: "[I]f a jury is presented with multiple

theories supporting conviction on a single charge and on review one theory is found

unsupported by sufficient evidence, reversal is not required if sufficient evidence

supports the alternate theory and there is no affirmative basis for concluding the jury

relied on the factually unsupported theory because it is presumed jurors would not rely on

a factually deficient theory." (People v. Llamas (1997) 51 Cal.App.4th 1729, 1740, citing

People v. Guiton (1993) 4 Cal.4th 1116, 1128-1129.) The California Supreme Court in

                                              18
Guiton explained that "[i]f the inadequacy of proof is purely factual, of a kind the jury is

fully equipped to detect, reversal is not required whenever a valid ground for the verdict

remains, absent an affirmative indication in the record that the verdict actually did rest on

the inadequate ground." (Guiton, 4 Cal.4th at p. 1129.) Bollaert has not pointed to any

such affirmative indication in the record, and we find none.

D. The Evidence Is Sufficient to Support Bollaert's Convictions Under 530.5 Regardless

of CDA Immunity Because There Is Evidence from Which the Jury Could Reasonably

Find Bollaert Retained or Acquired Personal Information with the Intent to Defraud

       Bollaert contends the People presented no evidence supporting their claim that he

possessed personal information with the intent to defraud by operating the

ChangeMyReputation Web site so as to deceive victims into thinking they were paying

money to a Web site unconnected with UGotPosted. Bollaert points out that his

UGotPosted Web site contained a link to ChangeMyReputation.com, showing he was not

hiding the connection between the sites, and that one victim testified it was "obvious" to

her that the same person was behind both sites. He maintains the victims paid money

because they wanted their pictures removed, not because they were deceived.

       "An intent to defraud is an intent to deceive another person for the purpose of

gaining a material advantage over that person or to induce that person to part with

property or alter that person's position by some false statement or false representation of

fact, wrongful concealment or suppression of the truth or by any artifice or act designed

to deceive." (People v. Pugh (2002) 104 Cal.App.4th 66, 72, citing People v. Booth

(1996) 48 Cal.App.4th 1247, 1253.) In Booth, the court further explained: " ' "Intent to

                                             19
defraud is an intent to commit a fraud." [Citation.] " 'Fraud' and 'dishonesty' are closely

synonymous. Fraud is defined as 'a dishonest stratagem.' [Citation.] It 'may consist in

the misrepresentation or the concealment of material facts' [citation], or a statement of

fact made with 'conscious[ness] of [its] falsity.' " ' " (Booth, at p. 1253.) This court has

recently held that to "defraud" means " 'to injure someone in their pecuniary or property

rights.' " (People v. Isom (2015) 240 Cal.App.4th 1146, 1150, quoting Lewis v. Superior

Court (1990) 217 Cal.App.3d 379, 393-394.)

       Specific intent to defraud is often proven by circumstantial evidence; it is thus

typically inferred from all of the facts and circumstances. (People v. Williams (2013) 218

Cal.App.4th 1038, 1066, citing People v. Abilez, supra, 41 Cal.4th at p. 508; People v.

Smith (1998) 64 Cal.App.4th 1458, 1469; People v. Wilkins (1972) 27 Cal.App.3d 763,

773; People v. Hambleton (1963) 218 Cal.App.2d 479, 482 ["The intent to defraud can be

inferred from all the facts and need not be proved by direct evidence"].) Furthermore,

"[p]roof of a false factual representation need not be by words alone; it may be implied

from conduct; it may be made either expressly or by implication; the form of the words in

which the pretense is couched is immaterial; if the words or conduct are intended to

create the impression that defendant is making a representation as to a present fact, the

pretense is within the statute." (People v. Brady (1969) 275 Cal.App.2d 984, 996; see

also People v. Reed (1961) 190 Cal.App.2d 344, 353.)

       Here, the evidence showed that when many of the victims e-mailed the webmaster

contact at UGotPosted.com and pleaded to have their personal information removed, they

received no response. For at least one victim, Bollaert used a false name when he acted

                                             20
as the UGotPosted contact person. But victims who contacted and paid

ChangeMyReputation.com were successful in their efforts. One victim, Brian,

communicated with the e-mail associated with ChangeMyReputation.com to remove his

photos and asked whether he could submit payment after his photographs were removed;

he received a response telling him, "[W]e can't remove it until you pay." When he

expressed his suspicion that the Web sites involved "most likely the same people," the

only response he received was a message telling him, "Once it is removed it will not be

reposted or we will remove it again." His information was removed after he made his

payment. Another victim testified that after receiving no response to her e-mails to

UGotPosted, she sent an e-mail to ChangeMyReputation.com and "within minutes"

received a response containing payment instructions. Her photographs were removed

minutes after she submitted payment. According to another victim,

ChangeMyReputation.com purported to remove content from all Web sites, not just

UGotPosted.com. She testified she and her ex-boyfriend made two separate payments to

ChangeMyReputation.com; after he made the first payment, her photographs appeared

again on other Web sites and she then paid an additional amount to have those

photographs removed.

       We conclude based on all of these facts, that the circumstantial evidence was

sufficient for a jury to find Bollaert acquired and retained all of the victims' personal

identifying information with the intent to defraud. That is, Bollaert purposely set up

UGotPosted.com so that it directed victims to an entirely separate Web site where they

could remove the content for a fee; he named the Web sites differently and used different

                                              21
e-mail addresses, suggesting he intended to conceal the fact the Web sites were operated

by the same person and induce victims to believe they were making the payment to a

different entity; he at times used a pseudonym and never disclosed the Web sites were

operated by the same person despite at least one victim expressing his suspicion that such

was the case; and he thereby duped the victims into paying money to him, the very same

operator of the UGotPosted Web site, unbeknownst to them. It was only after payment

that he would remove the offensive content. It is of no moment that one victim was not

fooled, but believed correctly that the Web sites were operated by the same person, as the

evidence must demonstrate only Bollaert's fraudulent intent, not actual success in his

efforts. (People v. Reed, supra, 190 Cal.App.2d at p. 353 [intent to defraud does not

require reliance by the person intended to be defrauded as does actual fraud].) The fact

there is evidence from which a finder of fact could decide to the contrary does not require

a different result on our review for substantial evidence.

       Under section 530.5, subdivision (f), Bollaert's status as an interactive computer

service or access software provider is irrelevant if Bollaert acted with the intent to

defraud. Thus, the jury's finding that Bollaert acted with the intent to defraud renders it

unnecessary for us to proceed to the question of CDA immunity, including to decide

whether Bollaert's actions make him an information content provider, taking him outside

CDA immunity. We in any event address that question under this unique set of facts, the

resolution of which requires us to uphold the jury's verdicts on Bollaert's section 530.5

convictions.



                                             22
E. The Evidence Is Sufficient to Support the Jury's Finding That Bollaert Is an

Information Content Provider Not Immunized by the CDA

       At both parties' request, the court instructed the jury that section 530.5,

subdivision (f) would not apply to Bollaert if he were also an information content

provider. The jury was additionally instructed at Bollaert's request that "[a]n interactive

computer service or access software provider can become an 'information content

provider' to the extent a website is designed to require users to post illegal or actionable

content as a condition of use." Also at Bollaert's request the jury was told that certain

actions—"[c]hoosing which third party submissions to publish or not publish on a

website," "[e]diting third party submissions," "[a]dopting or ratifying third party

submissions," or "[e]ncouraging defamatory or actionable third party submissions"—

would not by themselves make a person an information content provider. Bollaert

concedes on appeal that an information content provider does not receive CDA

immunity.9

       In arguing he cannot be an information content provider subject to liability,

Bollaert compares his conduct to that of the defendants in Zeran, supra, 129 F.3d 327,

Carafano, supra, 339 F.3d 1119 and Jones, supra, 755 F.3d 398, who were held to fall


9      Given Bollaert's concession below that an information content provider is not an
interactive computer service, rendering it subject to liability for unlawful use of personal
identifying information under section 530.5, we have no occasion to address whether the
California Legislature intended to incorporate "information content provider" liability
within section 530.5 regardless of the existence of evidence of the defendant's intent to
defraud.
                                             23
within the scope of CDA immunity. As we explain, we reject these comparisons, and

hold that Bollaert's design and operation of UGotPosted.com—which required users who

wished to use the Web site to provide content that violated other persons' privacy—does

not entitle him to statutory immunity under the CDA. We base our conclusion on the

reasoning of the Ninth Circuit Court of Appeals in Roommates, supra, 521 F.3d 1157,

which Bollaert mentions but does not discuss in any detail in his opening brief.

       In Roommates, supra, 521 F.3d 1157, the defendant Web site, Roommate.com

(Roommate), matched potential landlords and renters, while collecting a profit from

advertisers and subscribers. (Id. at p. 1161.) As the Ninth Circuit en banc majority

described it: "Before subscribers can search listings or post housing opportunities on

Roommate's website, they must create profiles, a process that requires them to answer a

series of questions. In addition to requesting basic information—such as name, location

and e-mail address—Roommate requires each subscriber to disclose his sex, sexual

orientation and whether he would bring children to a household. Each subscriber must

also describe his preferences in roommates with respect to the same three criteria: sex,

sexual orientation and whether they will bring children to the household. The site also

encourages subscribers to provide 'Additional Comments' describing themselves and their

desired roommate in an open-ended essay. After a new subscriber completes the

application, Roommate assembles his answers into a 'profile page.' The profile page

displays the subscriber's pseudonym, his description and his preferences, as divulged

through answers to Roommate's questions." (Id. at p. 1161.) The plaintiff sued

defendant for violations of the Fair Housing Act (FHA) and California's fair housing laws

                                            24
prohibiting discrimination on the basis of race, familial status or national origin (see Doe

II v. MySpace, Inc., supra, 175 Cal.App.4th at p. 574), but the district court dismissed the

federal claims on summary judgment, ruling the defendant was immune under section

230(c) of the CDA. (Roommates, 521 F.3d at pp. 1161-1162 & fn. 1.)

       On appeal, the plaintiff argued that the defendant violated the FHA and analogous

California law by posing illegal questions during the registration process, and also by

requiring the subscribers to answer the questions as a condition of using defendant's

services. (Roommates, supra, 521 F.3d at pp. 1164, 1165.) The Ninth Circuit agreed that

Roommate was an "information content provider" within the meaning of the CDA as to

the questions it posed: the defendant "created the questions and choice of answers, and

designed its website registration process around them" and thus could not claim CDA

immunity for posting the questions on its Web site or for forcing subscribers to answer

them as a condition of using its services. (Id. at p. 1164.) The court pointed out that a

party responsible for putting information online may be subject to liability even if the

information originated with a user. (Id. at p. 1165, citing Batzel v. Smith, supra, 333 F.3d

at p. 1033.) It explained, "By requiring subscribers to provide the information as a

condition of accessing its service, and by providing a limited set of pre-populated

answers, Roommate becomes much more than a passive transmitter of information

provided by others; it becomes the developer, at least in part, of that information. And

section 230 provides immunity only if the interactive computer service does not 'creat[e]




                                             25
or develop[]' the information 'in whole or in part.' " (Roommates, at p. 1166.)10 It held

the defendant was "sufficiently involved with the design and operation of the search and

e-mails systems—which are engineered to limit access to housing on the basis of the

protected characteristics elicited by the registration process—so as to forfeit any

immunity to which it was otherwise entitled under section 230." (Id. at p. 1170.)

       In reaching its conclusions, the Ninth Circuit majority declined to read the

statutory term "development" so narrowly as to apply only to content that originated

entirely with the Web site. (Roommates, supra, 521 F.3d at p. 1167.) "We believe that

both the immunity for passive conduits and the exception for co-developers must be

given their proper scope and, to that end, we interpret the term 'development' as referring

not merely to augmenting the content generally, but to materially contributing to its

alleged unlawfulness. In other words, a Web site helps to develop unlawful content, and

thus falls within the exception to section 230, if it contributes materially to the alleged

illegality of the conduct." (Id. at pp. 1167-1168, italics added.)

       It also clarified its reasoning in Carafano, supra, 339 F.3d 1119, which Bollaert

sees as analogous. In Carafano, the question was whether the defendant dating service

Web site was statutorily immune under the CDA for false content in a dating profile


10     The Ninth Circuit majority rejected the dissent's view that defendant merely
provided a " 'form with options for standardized answers' " and thus did not develop the
information: "[Defendant] does much more than provide options. . . . [I]t asks
discriminatory questions that . . . are not entitled to CDA immunity. . . . The FHA makes
it unlawful to ask certain discriminatory questions for a very good reason: Unlawful
questions solicit (a.k.a. 'develop') unlawful answers. Not only does [defendant] ask these
questions, [it] makes answering the discriminatory questions a condition of doing
business." (Roommates, supra, 521 F.3d at p. 1166.)
                                              26
provided by someone posing as the celebrity plaintiff. (Id. at p. 1120.) The dating Web

site gave users a "detailed questionnaire" that included multiple-choice questions wherein

"members select answers . . . from menus providing between four and nineteen options,"

including some sexually suggestive answers. (Id. at p. 1121.)11 The profile at issue

included the plaintiff's home address and telephone number, causing the plaintiff to

receive sexually explicit and threatening messages and calls. (Id. at pp. 1120-1121.)

       The Ninth Circuit in Carafano held the defendant could not be considered an

information content provider and thus was immune under the CDA. (Carafano, supra,

339 F.3d at pp. 1124-1125.) The court pointed out that the CDA immunized an

electronic newsletter operator even though the operator selected for publishing a

defamatory e-mail under the CDA (id. at p. 1123, discussing Batzel v. Smith, supra, 333

F.3d at pp. 1030-1032), and "so long as a third party willingly provides the essential

published content, the interactive service provider receives full immunity regardless of

the specific editing or selection process." (Carafano, at p. 1124.) As to the dating

service defendant in Carafano, "[t]he fact that some of the content was formulated in

response to [defendant's] questionnaire does not alter this conclusion. Doubtless, the

questionnaire facilitated the expression of information by individual users. However, the

selection of the content was left exclusively to the user. The actual profile 'information'

consisted of the particular options chosen and the additional essay answers provided.


11    Notably, the service's policies prohibited members from posting last names,
addresses, phone numbers, or e-mail addresses within a profile, and also reviewed the
photographs, but not the profiles, for impropriety before posting them. (Carafano, supra,
339 F.3d at p. 1121.)
                                             27
[Defendant] was not responsible, even in part, for associating certain multiple choice

responses with a set of physical characteristics, a group of essay answers and a

photograph. [Defendant] cannot be considered an 'information content provider' under

the statute because no profile has any content until a user actively creates it." (Ibid.)

       Pointing to the breadth of the latter statement in Carafano, supra, 339 F.3d 1119,

the majority in Roommates disavowed any suggestion that Carafano had held an

information content provider automatically immune so long as the content originated

with another information content provider. (Roommates, supra, 521 F.3d at p. 1171, fn.

31.) It explained, "[E]ven if the data are supplied by third parties, a website operator may

still contribute to the content's illegality and thus be liable as a developer. Providing

immunity every time a website uses data initially obtained from third parties would

eviscerate the exception to section 230 for 'develop[ing]' unlawful content 'in whole or in

part.' " (Id. at p. 1171.) The Ninth Circuit clarified that in Carafano, the defendant was

immune because "[t]he allegedly libelous content there—the false implication that [the

plaintiff] was unchaste—was created and developed entirely by the malevolent user,

without prompting or help from the website operator." (Roommates, at p. 1171.) Though

the defendant provided "neutral tools" used by the poster, it "did absolutely nothing to

encourage the posting of defamatory content—indeed, the defamatory posting was

contrary to the website's express policies. . . . With respect to the defamatory content,

the website operator was merely a passive conduit and thus could not be held liable for

failing to detect and remove it." (Id. at pp. 1171-1172.)



                                              28
       Carafano's conclusion, the Ninth Circuit held, could not apply to the defendant in

Roommates: "By contrast, Roommate both elicits the allegedly illegal content and makes

aggressive use of it in conducting its business. Roommate does not merely provide a

framework that could be utilized for proper or improper purposes; rather, Roommate's

work in developing the discriminatory questions, discriminatory answers and

discriminatory search mechanism is directly related to the alleged illegality of the site.

Unlike Carafano . . . Roommate is directly involved with developing and enforcing a

system that subjects subscribers to allegedly discriminatory housing practices."

(Roommates, supra, 521 F.3d at p. 1172.) Furthermore, the Web site in Roommates was

unlike that in Carafano because it was "designed to force subscribers to divulge protected

characteristics and discriminatory preferences, and to match those who have rooms with

those who are looking for rooms based on criteria that appear to be prohibited by the

FHA." (Ibid.)

       The Ninth Circuit in Roommates likewise distinguished Zeran, supra, 129 F.3d

327, on which Bollaert relies. Zeran involved the plaintiff's negligence action against

America Online ("AOL") alleging that AOL had "unreasonably delayed in removing

defamatory messages posted by an unidentified third party, refused to post retractions of

those messages, and failed to screen for similar posting thereafter." (Zeran, supra, 129

F.3d at p. 328.) The Ninth Circuit in Roommates observed that the Fourth Circuit in

Zeran held AOL immune under the CDA for the defamatory and harassing message

board postings, pointing out that "AOL did not solicit the harassing content, did not

encourage others to post it, and had nothing to do with its creation other than through

                                             29
AOL's role as the provider of a generic message board for general discussions."

(Roommates, supra, 521 F.3d at p. 1172, fn. 33.) We agree there is no indication that

AOL in that case acted as anything other than a passive conduit for the allegedly harmful

content.

       Here, the evidence shows that like the Web site in Roommates, Bollaert created

UGotPosted.com so that it forced users to answer a series of questions with the damaging

content in order to create an account and post photographs. That content—full names,

locations, and Facebook links, as well as the nude photographs themselves—exposed the

victims' personal identifying information and violated their privacy rights. As in

Roommates, but unlike Carafano or Zeran, Bollaert's Web site was "designed to solicit"

(Roommates, supra, 521 F.3d at p. 1170, italics added) content that was unlawful,

demonstrating that Bollaert's actions were not neutral, but rather materially contributed to

the illegality of the content and the privacy invasions suffered by the victims. In that

way, he developed in part the content, taking him outside the scope of CDA immunity.

       Bollaert would have us follow the Sixth Circuit's decision in Jones, supra, 755

F.3d 398, involving a "user-generated, online tabloid" where users could anonymously

post comments, photographs and video, which the operator selected and published along

with his own editorial comments. (Id. at pp. 401-402.) But Jones supports our

conclusions. There, the Sixth Circuit adopted the Ninth Circuit's material contribution

test to determine whether a Web site operator is " 'responsible, in whole or in part, for the

creation or development of [allegedly tortious] information' " within the meaning of the

CDA. (Id. at p. 413.) The court held that unlike the Web site in Roommates, the Web

                                             30
site operator in that case "did not require users to post illegal or actionable content as a

condition of use," but instead instructed users to " '[t]ell us what's happening' " and

" 'who, what, when, where, why.' " (Id. at p. 416.) It also provided "neutral tools"—

labels by which to categorize the submission—as to what third parties submit. (Id. at

p. 411.) These tools, the Sixth Circuit held, did not constitute a material contribution to

any defamatory speech that was uploaded. (Ibid.) Nothing in Jones changes our

conclusion that the evidence in this case supports the jury's finding that Bollaert's design

and operation of UGotPosted.com made him an information content provider, taking him

outside CDA immunity.

                          II. Sufficiency of Evidence of Extortion

       Bollaert contends the evidence is insufficient to support his convictions for

extortion. He reiterates the People's extortion theory: that he threatened to injure the

victims by publishing their images on his UGotPosted Web site and used the postings to

illegally obtain money via ChangeMyReputation.com by having the photos removed.

Bollaert does not challenge evidence of his specific intent to extort; rather, he maintains

that as an interactive computer service provider and access software provider, he was

under no legal obligation to remove third party postings from his Web site even if they

were negative, but instead "merely offered a service to remove the photos." According to

Bollaert, he was "engaging in standard business practice," and not extortion, similar to

the practices approved by the Ninth Circuit in Levitt v. Yelp!, Inc. (9th Cir. 2014) 765

F.3d 1123 (Levitt). Bollaert also contends there is no evidence he directly or impliedly

threatened any of the victims, and that the information, which was already publicly

                                              31
available and exposed on his Web site, cannot constitute a secret for purposes of

extortion.

       The People respond that Bollaert used the implicit threat of continued exposure of

the victims' pictures and information to extort money from them, and because his Web

site contained, and indeed required, posters to provide the victims' personal identifying

information, he was obligated to remove the content. Relying on People v. Peniston

(1966) 242 Cal.App.2d 719, the People further respond that a secret can remain a secret

despite being made known to others, even many others, as long as there are some who do

not know it. They distinguish the circumstances here from those in Levitt, supra, 765

F.3d 1123 and assert the Ninth Circuit's analysis in that case is not controlling or

persuasive on the question of whether Bollaert should be immune from liability under the

CDA.

A. Trial Evidence

       At trial, victim Rebecca testified that after her manager at work had been told one

of his employees "was doing suspicious activity on the Internet," she discovered that

intimate photographs of herself and her ex-fiancée, as well as her full name, work

location, Facebook link and age, were posted on UGotPosted.com without her consent.

Rebecca felt "extremely violated" by the situation, which was very hurtful and

embarrassing to her. She e-mailed the Web site and demanded the photographs be taken

down, but received no response. She also e-mailed ChangeMyReputation.com, and

within minutes received a response directing her to pay $249.99 via PayPal. Rebecca

paid the money because she felt the images were disgusting and, though her manager and

                                             32
others had already seen them, she was worried the images would be exposed to more

people.

       Victim Jennifer testified that after she discovered nude pictures of her had been

posted to UGotPosted.com without her consent (in addition to her full name and work

location) she e-mailed the Web site and demanded the content be removed. Based on the

e-mails she had sent, as well as the link on UGotPosted.com, she became aware of

ChangeMyReputation.com, which Jennifer described as a PayPal account where one

could pay money to have the content removed within 48 hours. Jennifer then paid

$249.99, and her photographs were removed. Jennifer was subjected to racial slurs

directed at her as a result of the posting, and she felt "horrible," "dirty," and afraid that

someone was going to find her. She was afraid to leave her apartment and missed two

weeks of school.

       Victim Alaina testified that after she discovered her own nude pictures, full name,

age, city and school were posted on UGotPosted.com without her consent, she sent five

to 10 messages to the Web site in an effort to have the content removed without response.

Alaina testified she then "paid the blackmail fee of $350" to ChangeMyReputation.com,

which stated it would take photographs down upon payment. The content was removed

the next day. Alaina was "devastated" by the situation; she changed her appearance

because she lived in a small town, was afraid of being stalked, and still suffered

psychological trauma at the time of trial.

       Victim Jasmine testified that she was surprised to find nude pictures of her, her

first and last name, and "all of [her] social media" had been placed on UGotPosted.com.

                                               33
She worked for a large retailer at the time; her employer called to tell her that the

company had been informed about her pictures and she would be fired if they were not

taken down. Jasmine felt "really embarrassed and ashamed" when she saw the photos,

and it was a frightening experience for her because she "didn't want anybody to know."

Jasmine paid $249.99 to ChangeMyReputation.com and the content was removed

from UGotPosted.com, but her ex-boyfriend had to pay another $249.99 to

ChangeMyReputation.com to have the photographs removed from other Web sites where

the information later appeared. Nobody from UGotPosted.com ever contacted her about

the photographs.

       Victim Manuel testified that he was shocked to discover that nude photographs of

himself that he had sent to one individual, as well as his full name, town, and Facebook

link, had been placed on UGotPosted.com. The situation was upsetting because he was

gay and had not informed family or friends to whom the photographs were sent.

Strangers submitted commentary and were tracking him, causing him fear and concern.

Manuel found the link to ChangeMyReputation.com via a victim's forum and also

through UGotPosted.com, submitted a required photograph and a picture of his driver's

license, and paid $250 to have the content removed.

       Victim Brian testified he was astounded, angry and embarrassed to find his nude

pictures, full name, hometown, and Facebook link posted on UGotPosted.com without

his consent. He was immediately scared for his job and that his parents would find out

about the situation, though they never did learn about it. He e-mailed the Web site

administrator at UGotPosted.com. He also e-mailed ChangeMyReputation.com, and

                                             34
received a response stating: "Once you pay, they will be removed immediately. If not,

you can request a refund through PayPal." Brian asked whether he could pay after he

was notified the photographs were removed, and received an e-mail stating: "No, we

can't remove until you pay." After he expressed concern over possibly sending money to

the same operator of UGotPosted.com, he received a response telling him, "Make a

payment, and we will remove the content, thanks." After Brian paid $250, the content

was removed. The situation caused him shame, embarrassment and stress, as he knew his

high school classmates saw the posting and he was worried about who else would see it

in the future.

B. Legal Principles

       "Extortion is the obtaining of property from another, with his consent . . . induced

by a wrongful use of force or fear . . . ." (§ 518.) Fear, for purposes of extortion "may be

induced by a threat of any of the following: [¶] . . . [¶] . . . To accuse the individual

threatened . . . of a crime"; or "[t]o expose, or impute to him . . . a deformity, disgrace or

crime" or "expose a secret affecting him [or her]." (§ 519; see Flatley v. Mauro (2006)

39 Cal.4th 299, 326.)

       "In order to establish extortion, 'the wrongful use of force or fear must be the

operating or controlling cause compelling the victim's consent to surrender the thing to

the extortionist.' " (Chan v. Lund (2010) 188 Cal.App.4th 1159, 1171, quoting People v.

Goodman (1958) 159 Cal.App.2d 54, 61.) "The 'secret' referred to in the statute is a

matter 'unknown to the general public, or to some particular part thereof which might be

interested in obtaining knowledge of the secret; the secret must concern some matter of

                                              35
fact, relating to things past, present or future; the secret must affect the threatened person

in some way so far unfavorable to the reputation or to some other interest of the

threatened person, that threatened exposure thereof would be likely to induce him

through fear to pay out money or property for the purpose of avoiding the exposure.'

[Citation.] Whether a threatened exposure would have this effect on the victim is a

factual question and depends on the nature of the threat and the susceptibility of the

victim." (Philippine Export & Foreign Loan Guarantee Corp. v. Chuidian (1990) 218

Cal.App.3d 1058, 1978; see also Cross v. Cooper (2011) 197 Cal.App.4th 357, 387.)

       The threat may be implied from all of the circumstances: " 'No precise or

particular form of words is necessary in order to constitute a threat under the

circumstances. Threats can be made by innuendo and the circumstances under which the

threat is uttered and the relations between [the defendant] and the [target of the threats]

may be taken into consideration in making a determination of the question involved.'

[Citations.] . . . 'The more vague and general the terms of the accusation the better it

would subserve the purpose of the accuser in magnifying the fears of his victim, and the

better also it would serve to protect him in the event of the failure to accomplish his

extortion and of a prosecution for his attempted crime.' " (Stenehjem v. Sareen (2014)

226 Cal.App.4th 1405, 1424; see also People v. Choynski (1892) 95 Cal. 640, 642

[persons guilty of extortion "seldom possess the hardihood to speak out boldly and

plainly, but deal in mysterious and ambiguous phrases"].)




                                              36
       Extortion is a specific intent crime, and thus guilt depends on the intent of the

person who makes the threat and not the effect the threat has on the victim. (People v.

Umana, supra, 138 Cal.App.4th at p. 641.)

C. The Evidence Is Sufficient to Establish Both a Threat and a Secret Within the

Meaning of the Extortion Statute

       We first reject Bollaert's contentions concerning the absence of evidence of any

threat or secret for purposes of extortion. Whether the evidence shows Bollaert engaged

in the requisite threat by referring victims who desired to remove the offensive content to

ChangeMyReputation.com for the purpose of having them pay to remove it, must be

analyzed in the entire factual context. (Stenehjem v. Sareen, supra, 226 Cal.App.4th at p.

1424; People v. Massengale (1968) 261 Cal.App.2d 758, 765.) We conclude the threats

were inherent and implied in the very structure and content of Bollaert's Web sites, which

Bollaert himself created and operated. When victims were directed via UGotPosted.com

to the ChangeMyReputation.com Web site, they were informed either via the Web site or

e-mail they could have their photos removed for a fee, from which victims could infer

that if they did not pay, the offensive content would remain on the site in further public

view. Those victims who communicated with Bollaert before they paid were told the

content would only be removed upon payment, and Bollaert only removed the content

when the victims paid the requested fee, which eventually was deposited in Bollaert's

personal account. There is no question based on the victims' testimony that the display of

their private images and information subjected them to shame, disgrace and

embarrassment as to their reputation and character, and would continue to be exposed to

                                             37
other people if the content was not removed. The fact Bollaert did not take affirmative

action to seek out or contact the victims, but merely responded to the victims' pleas to

remove their content, does not render the threat element unsupported by the evidence.

Further, as we explain more fully below, Bollaert's act in removing the victims' personal

identifying information from his Web site, which he expressly solicited in the first place,

did not give him a lawful right to collect a fee.

       In sum, there is ample evidence from which the jury could conclude Bollaert's

joint operation and connection of the two Web sites in this manner, as well as his

communications to the victims, was a means to obtain their money by wrongful use of

fear, namely the threat to "impute to [them] . . . disgrace" (§ 519) by continued display of

their private nude images and further humiliation, embarrassment, and damage to their

reputation, unless they paid.

       We further conclude alternatively there is substantial evidence that the victims'

photographs and personal identifying information constituted a secret within the meaning

of the crime of extortion, notwithstanding its posting on the Internet and viewing by some

individuals. We are guided by People v. Peniston, supra, 242 Cal.App.2d 719. In

Peniston, the victim, during her relationship with the defendant, gave the defendant

partially nude photographs of herself. (Id. at p. 721.) After the relationship ended and

she married her husband, the defendant returned and asked her to give him money or he

would take the pictures to her husband and parents. (Ibid.) She paid him, but the

defendant contacted her again and when she asked him to return her pictures, he asked for

more money, prompting her to go to police. (Ibid.) On appeal from his extortion and

                                              38
attempted extortion convictions, the defendant challenged the evidence supporting the

finding that he had threatened to expose a secret, pointing to evidence that the pictures

were only some of a number of modeling pictures taken of the victim that had been

circulated throughout the West Coast. (Id. at p. 722.) The victim had testified her

husband knew some pictures existed but not their nature, and neither he nor her mother

were aware of her modeling activities. (Ibid.) She testified that she was on probation

from a prostitution charge and her parents had threatened to remove her children from her

if she got into more trouble. (Ibid.) She did not want her husband or parents to see the

photographs and other motion pictures, which unbeknownst to her had been exhibited in

arcades in San Fernando Valley. (Ibid.)

       The Peniston court pointed out that to suffice for extortion, the " 'thing held in

secret must be unknown to the general public, or to some particular part thereof which

might be interested in obtaining knowledge of the secret' " in addition to affecting the

threatened person in some way so far unfavorable to the reputation, or to some other

interest of the threatened person, that threatened exposure would be likely to induce the

victim through fear to pay money so as to avoid the exposure. (People v. Peniston,

supra, 242 Cal.App.2d at p. 722, italics added, quoting People v. Lavine (1931) 115

Cal.App. 289, 295; see also Cross v. Cooper, supra, 197 Cal.App.4th at p. 387.) It held

based on the evidence, a trier of fact could reasonably infer the victim feared that

disclosure of the pictures to her husband and parents might lead to adverse probation

consequences and the loss of her children, making the evidence sufficient to establish a

secret within the meaning of section 519. (Peniston, at p. 722.) In response to the

                                             39
defendant's further claim that the motion pictures were not a secret to the general public,

the Peniston court stated: "We think the trial judge correctly focused on the true issues in

the case, whether [the victim's] husband and parents knew about the pictures and whether

the threat of disclosure to them put [her] in fear." (Id. at p. 723.)12

       As in Peniston, where dissemination of the victim's images to the general public

via arcades or other means did not render the evidence insufficient to establish a secret

for purposes of extortion because the victim's family had not seen them, here, the fact the

victims' photographs were placed on the Internet and exposed to the public did not mean

that some other "particular part [of the public]" (People v. Peniston, supra, 242

Cal.App.2d at p. 722)—namely, family members, classmates, coworkers, or employers

who might be interested—had seen them. The People presented direct testimony from

some of the six victims concerning their fear that others would see their images if they

did not pay to have them removed, as well as evidence as to all of the victims that they

quickly paid for removal, from which the jury could readily infer the victims were fearful

of continued exposure. The jury could reasonably conclude the photographs therefore

remained a secret to persons who had not viewed the Web site, and reasonably found it



12      The appellate court also rejected the defendant's contention that there was no
evidence of a threat for purposes of his conviction for attempted extortion. It observed
that the People had charged him with extortion for his demand for money in November
1963 and attempted extortion in February 1964, and held the latter threat was implied
when the defendant told the victim he would return the pictures for $1000: "Although
there was no testimony of a direct threat in February, we think both parties understood
the consequence of nonpayment to be disclosure to husband and parents. The threat was
reasonably inferable from the circumstances." (People v. Peniston, supra, 242
Cal.App.2d at pp. 723-724.)
                                              40
was the victims' fear that others would see the content, causing further humiliation or

damage to their reputation, that compelled them to pay Bollaert's fee.

       Bollaert relies on Cross v. Cooper, supra, 197 Cal.App.4th 357 for the proposition

that "information publicly available on Web sites 'to anyone interested in knowing about

it' " does not constitute a secret within the meaning of the extortion statute. But Cross

was decided in the context of an anti-SLAPP (Code Civ. Proc., § 425.16) motion, where

conclusive evidence of illegal conduct—conduct that is illegal as a matter of law—

precludes anti-SLAPP relief. (Id. at p. 384.) The court there merely held that the record

in that case did not establish as a matter of law that the location of a registered sex

offender was a secret for purposes of the crime of extortion, partly based on evidence that

the information was publicly available on a Web site; plaintiffs' declarations showed she

and her neighbors knew of the information; and the plaintiff—who alleged the defendants

had interfered with a residential home sale—had conceded she had a duty to disclose to

any potential buyer, renter or potential lessee the existence of the Web site containing

information about registered sex offenders living in the area. (Id. at pp. 387-388.) Cross

in fact expressly adopted the principle stated in Peniston and Lavine that a secret may

either be unknown to the general public or "to some particular part thereof which might

be interested in obtaining knowledge of the secret." (Id. at p. 387, quoting Philippine

Export & Foreign Loan Guarantee Corp v. Chuidian, supra, 218 Cal.App.3d at p. 1078

and citing Peniston, supra, 242 Cal.App.2d at p. 430 & People v. Lavine, supra, 115

Cal.App. at p. 295.) Cross does not assist Bollaert.



                                              41
D. Bollaert Was Not Engaged in a Legitimate Service or Business Practice

       We further reject Bollaert's claim that he was engaged in a lawful or legitimate

business practice and not extortionate conduct. His claim is based on the factual premise,

which we have rejected ante, that he acted merely as an interactive computer service and

thus was not legally required to remove the offensive content, as well as on the Ninth

Circuit's decision in Levitt, supra, 765 F.3d 1123, which he claims discussed "extortion

as it relates to Internet service providers [sic]."

       In Levitt, the plaintiff small businesses sued Yelp! Inc. (Yelp), an online forum for

persons to express opinions about businesses, claiming it extorted or attempted to extort

advertising payments from them including by manipulating or removing positive user-

generated reviews about their business. (Levitt, supra, 765 F.3d at pp. 1126, 1134.) They

brought claims for violation of California's Unfair Competition Law (UCL), civil

extortion and attempted civil extortion, on the theory Yelp wrongfully threatened them

with economic loss. (Id. at p. 1127.) Pointing out both the Hobbs Act (18 U.S.C.

§ 1951(b)(2)) and California law require the obtaining of property with consent induced

by a wrongful use of force or fear, the Ninth Circuit held the plaintiffs failed to state a

claim. It applied a "claim-of-right" defense under which a defendant cannot commit

extortion by threatening economic harm to induce a person to pay for a "legitimate

service." (Id. at pp. 1130 [threat of economic harm made to obtain property from another

is not generally considered wrongful where the alleged extortioner has a legitimate claim

to the property obtained through such threats], 1133 ["to state a claim of economic

extortion under both federal and California law, a litigant must demonstrate either that he

                                               42
had a pre-existing right to be free from the threatened harm, or that the defendant had no

right to seek payment for the service offered"].) The court had previously held, for

example, that a mobile home park operator does not commit extortion by telling tenants

who refused to sign leases that they would have to pay their own utility bills and be

subject to future rent increases. (Id. at p. 1132, citing Rothman v. Vedder Park

Management (9th Cir. 1990) 912 F.2d 315.) "[T]he tenants did not allege that the park

owner 'may not raise the rent of those who have not signed the lease or that it may not

refuse to pay their utility bills,' " and thus they had no "pre-existing right to be free of

such threats." (Levitt, supra, 765 F.3d at p. 1132.) According to the Ninth Circuit, "[a]ny

less stringent standard would transform a wide variety of legally acceptable business

dealings into extortion." (Id. at p. 1133.) Thus, in Levitt, the court held in part that the

plaintiffs did not allege facts showing Yelp intended to induce payment through an

implicit threat of economic harm or the exploitation of economic fears. (Ibid.) Plaintiff

"had no pre-existing right to have positive reviews appear on Yelp's website"; she did not

allege a "contractual right pursuant to which Yelp must publish positive review, nor does

any law require Yelp to publish them." (Ibid., fn. omitted.)

       Bollaert mischaracterizes Levitt, which we do not follow in any event. Contrary to

Bollaert's suggestion, Levitt's holding did not turn on Yelp's status as an interactive

computer service or CDA immunity, which the Ninth Circuit expressly did not address.

(Levitt, supra, 765 F.3d at p. 1129.) The question was whether Yelp's alleged actions

were extortionate and thus unlawful under California's UCL. (Id. at p. 1130.) Even



                                               43
assuming arguendo Levitt is consistent with California law,13 as Levitt itself pointed out,

California does not recognize a claim-of-right defense where a defendant does not

threaten "economic loss" or make a threat that involves " 'the exploitation of [economic]

fears . . . .' " (Levitt, supra, 765 F.3d at p. 1133 & fn. 3 [threat to accuse a person of a

crime not subject to a claim-of-right defense].) Here, Bollaert's threat was continued

exposure of private personal information resulting in a violation of the victims' privacy

rights and emotional distress, not a threat to cause them economic harm. Though some

victims expressed fear of losing their jobs, Bollaert's threat was not directed to the

victims' workplaces or in any way related to their continued employment. Finally,

Bollaert's conduct is nothing like the legitimate albeit "hard bargaining" business tactics

discussed in Levitt. Bollaert, who did not merely decline to remove harmful content but

solicited and developed the unlawful content, did not have a lawful right to collect a fee

to remove the victims' personal information. And unlike the plaintiffs in Levitt who

did not have a preexisting right to have positive reviews appear on Yelp's Web site (id.

at p. 1133), the plaintiff victims here had a preexisting right—under privacy law—to be

free of Bollaert's threatened harm and not have their personal identifying information

solicited and placed on UGotPosted.com without their consent.




13      The California Supreme Court has pointed out that extortion may criminalize a
" 'perfectly legal' " threat. (Flatley v. Mauro, supra, 39 Cal.4th at p. 326; see also People
v. Beggs (1918) 178 Cal. 79, 84 [belief that the victim owes a debt is not a defense to the
crime of extortion; "[i]t is the means employed [to obtain the property of another] which
the law denounces"].)
                                               44
                      III. Instruction with CACI Nos. 1800 and 1801

       Bollaert contends the trial court erred when it instructed the jury with CACI No.

1800 pertaining to the tort of invasion of privacy by intrusion into private affairs, and

CACI No. 1801 regarding an invasion of privacy by public disclosure of private facts.

He argues that because these instructions are based on civil liability and actions arising

from civil law obligations, the court "effectively elevated these alleged possible civil

wrongs into an unlawful (criminal) purpose to become crucial elements of . . . section

653m[, subdivision] (a)," thereby permitting the jury to consider a lower standard than

the beyond-a-reasonable-doubt standard applicable to a criminal offense. He maintains

the error was prejudicial because there is no way to determine whether the jury relied on

either theory for its convictions on the identity theft counts.

       The People respond that Bollaert invited any error regarding these instructions as

his counsel requested they be given for a tactical reason. In reply, Bollaert does not

challenge the People's position other than to point out that his counsel requested the

CACI instruction in response to the court's expressed intention to give some type of civil

jury instruction as to the violation of section 653m.

       We agree Bollaert's instructional challenge is barred because he invited any

assumed error. "Under the invited error doctrine, a defendant cannot complain that the

court erred in giving an instruction that he requested. [Citation.] The invited error

doctrine applies when the defense has made a ' " ' "conscious and deliberate tactical

choice" ' " ' in asking for the instruction in question." (People v. Merriman (2014) 60

Cal.4th 1, 104; see also People v. Scott (2015) 61 Cal.4th 363, 400 ["Invited error . . . will

                                              45
only be found if counsel expresses a deliberate tactical purpose in resisting or acceding to

the complained-of instruction"].) The rule is designed to prevent a defendant from

gaining reversal on appeal because of an error he or she intentionally caused the trial

court to make. (People v. Coffman (2004) 34 Cal.4th 1, 49.) It will not apply if counsel

acted out of ignorance or mistake. (Ibid.) If defense counsel takes affirmative action, a

clearly implied tactical purpose will suffice to invoke the doctrine. (Ibid.)

       The record shows that during the jury instruction conference, Bollaert's counsel

objected to the People's proposed use of BAJI Nos. 7.20 and 7.21 respectively on the

elements of intrusion into private affairs and public disclosure of private facts, but she

had submitted the CACI jury instructions and asked the court to use CACI No. 1800 in

lieu of BAJI No. 7.20, and CACI No. 1801 in lieu of BAJI No. 7.21. She did so for an

expressly tactical purpose, pointing out that the instructions were similar except that

CACI No. 1800 contained one element not present in the BAJI instruction: "[W]ith

respect to intrusion into private affairs, it contains an element that I wish to argue as the

first prong that is not present in the BAJI, which is that the victim had a reasonable

expectation of privacy." The People unsuccessfully objected to the use of CACI No.

1800 as overbroad and not in accord with the principles expressed in Sanders, supra, 20

Cal.4th 909. As for CACI No. 1801, Bollaert's counsel explained that for purposes of

appellate review, she wanted to be consistent and have the most up-to-date version of the

instruction. The People expressed no objection to the use of CACI No. 1801. Because

Bollaert made a tactical choice to request the CACI instructions, he cannot now be heard

to challenge them.

                                              46
       In any event, our agreement with In re Rolando S., supra, 197 Cal.App.4th 936

disposes of the premise of Bollaert's challenge, which is that civil wrongs cannot be

equated with a "criminal wrong—an unlawful purpose." Rolando S. explained in a

reasoned analysis that "unlawful conduct includes acts prohibited by the common law or

nonpenal statutes, such as intentional civil torts." (Rolando S., at p. 946.)

       Bollaert's instructional challenge similarly fails on grounds he has not

demonstrated that the instructions as a whole were misleading or improper, or that the

instructions, the People, or the court somehow suggested or informed the jury that a

lesser standard applied. Our role is to determine the correctness of the jury instructions

" 'from the entire charge of the court, not from a consideration of parts of an instruction

or from a particular instruction.' " (People v. Castillo (1997) 16 Cal.4th 1009, 1016.)

Here, the trial court instructed the jury accordingly: that they "should not single out or

place added emphasis on a particular instruction" but must "consider the instructions as a

whole, a complete statement of what the Court considers to be the applicable law." It

instructed the jury as to the presumption of innocence and its requirement that the People

prove "the truth of what they have alleged" beyond a reasonable doubt. It instructed the

jury that the People were required to prove each of the elements of the crime of

unauthorized use of personal identifying information beyond a reasonable doubt

including the element that Bollaert "willfully used that information for an unlawful

purpose"; that Bollaert was being prosecuted for that crime under the People's three

separate theories, that "[e]ach of these is a separate theory, legal theory, as to how

[Bollaert] committed the crime"; and "[e]ach of them has its own elements, its own

                                             47
requirements which must be proved beyond a reasonable doubt." Under the

circumstances, the jury could not have understood from the instructions given that they

were to apply any lesser standard than proof beyond a reasonable doubt to the element of

use of personal identifying information for an unlawful purpose, and the various elements

of both invasion of privacy theories. Bollaert has not demonstrated instructional error.

                                     DISPOSITION

       The judgment is affirmed.

                                                                           O'ROURKE, J.

WE CONCUR:


McCONNELL, P. J.


HUFFMAN, J.




                                            48
