Searching over 5,500,000 cases.

Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.

Groomes v. State

Court of Appeals of Arkansas, Division IV

September 25, 2019



          Ben Motal, for appellant.

          Leslie Rutledge, Att'y Gen., by: Chris R. Warthen, Ass't Att'y Gen., for appellee.

          BRANDON J. HARRISON, Judge.

         A Garland County Circuit Court jury found Gerald Lee Groomes guilty of twenty counts of distributing, possessing, or viewing matter depicting sexually explicit conduct involving a child. On appeal, he argues that some of the images do not depict sexually explicit conduct, that there was insufficient evidence that he knowingly viewed or possessed prohibited material, and that his convictions violate constitutional prohibitions on double jeopardy and cruel and unusual punishment. We affirm.

         In May 2017, Groomes was charged with thirty counts of distributing, possessing, or viewing matter depicting sexually explicit conduct involving a child.[1] At a jury trial in May 2018, Special Agent Michael Hendrix, an employee of the Arkansas Attorney General's Office Special Investigations Division, testified that he works in the cybercrimes unit and primarily investigated child-exploitation cases. He explained that as an investigator, he has specialized tools that monitor peer-to-peer networks, which allow the transfer of digital files over the internet from one computer to another. These tools focus on anyone who offers to participate in the sharing of child-exploitation material and makes such files public. The system identifies that user's IP address, which can provide the user's geolocation, service provider, and physical address or name assigned to the account.

         Hendrix testified that on 5 October 2016, he connected with IP address; that user was offering to participate in the sharing of child pornography. Hendrix's computer connected with that user's computer and was able to download 185 files of alleged child-exploitation material between October 5 and 8 January 2017. On 19 March 2017, Hendrix connected with the same IP address and downloaded one additional file of alleged child pornography. At that point, Hendrix assigned the case to another agent to initiate the legal process of obtaining a subpoena for that user's service provider and to proceed with the case.

         On cross-examination, Hendrix confirmed that the IP address he had connected with belonged to Groomes's home computer. He also said that Groomes used a program called uTorrent to download and share the images. Hendrix agreed that he cannot tell if a person opened a file on his or her own computer, but he can show that a file was downloaded and stored in a shared folder.

         Drew Evans testified that in January 2017, he had been a special agent with the Arkansas Attorney General's Office and worked in the cybercrimes unit. Evans took over Hendrix's investigation and identified approximately 280 files containing suspected child pornography in the files he received from Hendrix. Evans personally viewed each image and identified it as sexual-exploitation material. He subpoenaed AT&T to obtain the subscriber information for the IP address; the subscriber was identified as Gerald Groomes. On 1 March 2017, Evans and Agent Jeremiah Terrell went to Groomes's address and confirmed that Groomes had lived there by himself since 2011. On March 19, with Groomes's computer still actively sharing child-exploitation material, Evans began drafting a search warrant. The warrant was executed on March 23, and agents seized Groomes's computer and hard drive. Special Agent Chris Cone, a computer-forensics expert, examined the evidence at the scene and confirmed the presence of explicit images, so Groomes was arrested.

         Cone testified that agents found a desktop computer that was powered off in Groomes's residence. Cone explained that he removed the side panel, disconnected the power and data-connection cables on the back of the hard drive, and connected them to his own laptop, which allowed him to read the information contained on the hard drive. He was able to quickly determine that file-sharing software was installed on the hard drive and that there were "files of interest to this investigation" on the hard drive. He then stopped his examination and transported the hard drive to his lab in Little Rock, where he created an "acquired forensic image, " meaning a copy, of the hard drive so he could work from the copy without jeopardizing the original. Cone applied a filter that allowed him to view all the still images or videos containing child pornography regardless of where those images were stored on the hard drive. Cone also determined that the hard drive's current Windows operating system had been installed on 1 March 2017, twenty-two days before the search warrant was executed, and contained one user-created account named "great." Cone confirmed the presence of file-sharing software, specifically uTorrent, on Groomes's computer, and explained that uTorrent stores data in the user account associated with the software-in this case the "great" account. Cone described that within each user account there is a hidden folder named "AppData, " which is

a folder that is just placed there by the operating system and it is typically hidden from the user's view. It's not to say that a user couldn't make changes to the system and look at it, but by default it's hidden.
And within the AppData folder are three additional folders and they're labeled "Local, LocalLow, and Roaming." And in the Roaming folder with uTorrent, there's an entry for the uTorrent software. And not just with uTorrent, but with a lot of programs that you install on a computer, they make entries into the Local or the Roaming and sometimes LocalLow folder with an AppData. And it's just a mechanism for Microsoft Windows to store settings and features and preferences about that program that's installed on the system.

         Cone explained that "when a user is interacting with folders and files and they double-click a folder or they double-click a file and they open it, a link file is created in the-in an area within AppData for a recent file."

         In this case, Cone identified six files within the uTorrent folder with names that, in his experience, are consistent with child sexual-abuse material: "LS Star, " "LS Little Guests, " "LS Land Issue 18 Alien Stars, " "LS Barbie, " "Lolita Magazine 8YO, " and "Flower Power 7YO." He said that a "shortcut" link to the uTorrent software had been "pinned" to the computer's task bar by the "great" Windows user account. Cone also found names of video files associated with VLC media-player software in the AppData folder corresponding to VLC; the most recently played videos included "9YO Girl Masturbate on Webcam and Piss on Floor, " ...

Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.