The Colorado Supreme Court agreed on Tuesday that a man could not stand convicted of identity theft for using the “personal identifying information” of a nonprofit entity, rather than a human being.

The state’s identity theft law applies to people who, without authorization, use the financial identifying information or personal identifying information “of another” to obtain something of value or to defraud. Personal identifying information, in turn, encompasses items like social security numbers, birthdates, government ID cards — all of which identify “a specific individual.”

The question for the Supreme Court was whether defendant Jesus Rodriguez-Morelos committed identity theft by using the personal identifying information of an organization, not a person. 

No, the court decided.

“Notably, only human beings can possess most of the types of information listed in this definition of ‘personal identifying information,'” wrote Justice Melissa Hart. “An organization does not have a social security number, a date of birth, a government-issued driver’s license or identification card number, a passport number, biometric data, or a student or military identification number.”

Justice William W. Hood III wrote separately to argue the law was ambiguous, but the majority’s interpretation made sense. He suggested lawmakers probably intended to hold defendants like Rodriguez-Morelos criminally liable, but the language they wound up adopting failed to clearly communicate that goal.

“The identity theft statute’s use and definition of the term ‘of another’ suggest that the General Assembly’s goal was to protect natural persons and entities in Colorado from being victimized by identity theft,” Hood wrote for himself and Justice Brian D. Boatright. “Although the majority’s analysis is reasonable, it seems the legislature might have intended a different result.”

An Arapahoe County jury found Rodriguez-Morelos guilty of theft, identity theft and criminal impersonation. Rodriguez-Morelos legitimately volunteered with a nonprofit helping migrant workers, but he falsely held himself out as the group’s “director of education” and offered unauthorized classes to become a nursing assistant. 

Most students were Spanish speaking and some were undocumented. None of the people who testified at trial had received jobs as nursing assistants.

The most serious charge, identity theft, could have been proven through Rodriguez-Morelos’ use of the nonprofit’s financial identifying information at the end of the course or by appropriating the nonprofit’s name and tax-exempt document. In reviewing his conviction, the Court of Appeals concluded neither form of identity theft was proven in Rodriguez-Morelos’ case because, among other things, the nonprofit was not a “specific individual.”

“In other words, if the prosecution charges a defendant with identity theft for using personal identifying information, but the thing used does not fit within the definition of that term, then the defendant has not committed the crime,” wrote Judge Steve Bernard.

The Colorado Attorney General’s Office acknowledged the circumstances surrounding Rodriguez-Morelos’ identity theft conviction were uncommon and the legal dispute was narrow.

But it cited testimony from 2006, when the legislature changed the law, suggesting the meaning of personal identifying information should be read broadly. At the time, a prosecutor told lawmakers the crime of identity theft was meant to encompass victims who were a “living person, they could be a dead person, or definitely a business entity.”

“I do acknowledge, in layman’s terms, a ‘specific individual’ could mean ‘human being,'” Assistant Attorney General Caitlin E. Grant told the justices at oral argument. But the appellate court “forgot the context of the identity theft statute and what it’s trying to protect.”

Chief Justice Monica M. Márquez recited the specific items lawmakers listed and deemed them “very human kinds of identifiers.”

“Help me understand what we can glean from the list there to say this pertains more broadly to corporations,” she said.

Ultimately, the Supreme Court agreed with the Court of Appeals. Hart acknowledged organizations may well have personal identifying information unique to them, but that the identity theft law nonetheless listed things possessed by humans. 

“For that particular type of identity theft, a defendant can only be convicted when the crime is committed against a specific human person,” she concluded.

Hood, in his concurrence, argued it seemed “odd” for lawmakers to overlook organizations that have their personal identifying information stolen, especially if someone were to use the organization’s name without authorization. Still, he could not say that legislators in 2006 clearly wanted to penalize defendants like Rodriguez-Morelos.

“I therefore respectfully urge the General Assembly to clarify its intent,” he wrote.

The case is People v. Rodriguez-Morelos.