Andrew "Weev" Auernheimer Might Be a Jerk. But That Doesn't Make Him a Computer Criminal.

A blog about murder, theft, and other wickedness.
March 18 2013 4:36 PM

Andrew "Weev" Auernheimer Might Be a Jerk. But That Doesn't Make Him a Computer Criminal.

Andrew Auernheimer
Andrew Auernheimer is seen in this police booking photograph taken by the Fayetteville, Arkansas Police Department June 15, 2010 and released January 18, 2011.

Photo by Fayetteville Police/Handout/Reuters

Crime is Slate’s crime blog. Like us on Facebook, and follow us on Twitter @slatecrime.

In November 2012, notorious hacker, troll, and general nuisance Andrew “Weev” Auernheimer was convicted in federal court on conspiracy and identity theft charges. Auernheimer had been charged for his role in a scheme to exploit a security hole in AT&T’s 3G network and harvest the email addresses of over 114,000 iPad users, ostensibly in order to drum up business for his computer security firm. This afternoon, a federal judge sentenced Auernheimer to 41 months in prison—at the high end of the guidelines prosecutors had sought—followed by three years of supervised release. He was also hit with a $73,000 fine.

Advertisement

The government’s charges against Auernheimer are centered around an ostensible violation of the Computer Fraud and Abuse Act (CFAA), the vague and inadequate computer crime statute that I’ve criticized here before. Specifically, the indictment charged that, by conspiring to deploy a computer script that queried AT&T’s database for iPad users’ email addresses, Auernheimer unlawfully accessed or exceeded authorized access to a protected computer. (Under the CFAA, “protected computer” essentially means any computer with an Internet connection.) Once his culpability under the CFAA had been established, the DOJ could then charge him with the conspiracy and identity theft counts.

This is the third big CFAA-related case I’ve covered lately, the other two being those of Internet activist Aaron Swartz and Reuters deputy social media editor Matthew Keys. While the specifics of the charges in each case differ, all three illustrate the unfortunate plasticity of the CFAA, and how it can be shaped and contorted to cover almost any computing-related actions. (Did you fill out an NCAA bracket from your work computer today? Congratulations! Depending on your office’s computer use policies, you may have violated the CFAA!)

But Auernheimer’s case hasn’t elicited as much outrage or sympathy as the others have. This is likely because Auernheimer is a huge jerk. He has a long history of race-baiting and malicious trolling. “I hack, I ruin, I make piles of money. I make people afraid for their lives,” Auernheimer told Mattathias Schwartz in a 2008 New York Times Magazine piece about online trolling. In that same story, Auernheimer admitted to harassing a blogger named Kathy Sierra—or, as he described her in an email that also included her home address and Social Security number, “a cockholster chugged full of cum that isn't even worth giving the time of day.”

Not surprisingly, people aren’t exactly lining up to sign “Free Weev” petitions. On Sunday night, Auernheimer did an “Ask Me Anything” q-&-a session on Reddit, and was met with general disdain, with many people suggesting that the sentence was karmic payback for Auernheimer’s years of trolling. In an informal pre-sentencing brief to Judge Susan D. Wigenton, the U.S. Attorney’s office essentially echoed these sentiments in arguing that Auernheimer deserved a substantial prison sentence. “His entire adult life has been dedicated to taking advantage of others, using his computer expertise to violate others’ privacy, to embarrass others, to build his reputation on the backs of those less skilled than he,” wrote U.S. Attorney Paul Fishman, who went on to note the “atypical recalcitrance by the defendant to conform to the laws regarding unauthorized computer access.”

But just because you’re a jerk doesn’t mean that you’re a criminal. And in this case, it’s not clear that Auernheimer committed any actual crime. As Jeff Blagdon at The Verge put it, Auernheimer “cracked no codes, stole no passwords, or in any way ‘broke into’ AT&T’s customer database—something company representatives confirmed during testimony.” The defense argued that AT&T’s database security was flawed, and Auernheimer’s actions were tantamount to walking through an open door.

You could certainly argue that Auernheimer’s actions “exceeded authorized access”—an open door isn’t always an invitation to come inside. But the term “authorized access” is very, very vague, and it gives prosecutors far too much latitude to bring charges and threaten outlandishly long sentences for relatively minor violations. Congress ought to clarify the statute and better define its terms, before more people get caught up in it. If the CFAA is a bad law, then it’s a bad law, regardless of whether it’s being used against a malicious troll like Andrew Auernheimer or a secular saint-in-the-making like Aaron Swartz.

TODAY IN SLATE

Politics

The Democrats’ War at Home

How can the president’s party defend itself from the president’s foreign policy blunders?

Congress’ Public Shaming of the Secret Service Was Political Grandstanding at Its Best

Michigan’s Tradition of Football “Toughness” Needs to Go—Starting With Coach Hoke

A Plentiful, Renewable Resource That America Keeps Overlooking

Animal manure.

Windows 8 Was So Bad That Microsoft Will Skip Straight to Windows 10

Politics

Cringing. Ducking. Mumbling.

How GOP candidates react whenever someone brings up reproductive rights or gay marriage.

Building a Better Workplace

You Deserve a Pre-cation

The smartest job perk you’ve never heard of.

Hasbro Is Cracking Down on Scrabble Players Who Turn Its Official Word List Into Popular Apps

Florida State’s New President Is Underqualified and Mistrusted. He Just Might Save the University.

  News & Politics
Politics
Sept. 30 2014 9:33 PM Political Theater With a Purpose Darrell Issa’s public shaming of the head of the Secret Service was congressional grandstanding at its best.
  Business
Moneybox
Sept. 30 2014 7:02 PM At Long Last, eBay Sets PayPal Free
  Life
Gaming
Sept. 30 2014 7:35 PM Who Owns Scrabble’s Word List? Hasbro says the list of playable words belongs to the company. Players beg to differ.
  Double X
The XX Factor
Sept. 30 2014 12:34 PM Parents, Get Your Teenage Daughters the IUD
  Slate Plus
Behind the Scenes
Sept. 30 2014 3:21 PM Meet Jordan Weissmann Five questions with Slate’s senior business and economics correspondent.
  Arts
Brow Beat
Sept. 30 2014 8:54 PM Bette Davis Talks Gender Roles in a Delightful, Animated Interview From 1963
  Technology
Future Tense
Sept. 30 2014 7:00 PM There’s Going to Be a Live-Action Tetris Movie for Some Reason
  Health & Science
Medical Examiner
Sept. 30 2014 11:51 PM Should You Freeze Your Eggs? An egg freezing party is not a great place to find answers to this or other questions.
  Sports
Sports Nut
Sept. 30 2014 5:54 PM Goodbye, Tough Guy It’s time for Michigan to fire its toughness-obsessed coach, Brady Hoke.