Stop Comparing the Steubenville Hacker to the Steubenville Rapists. It's Misleading and Wrong.

A blog about murder, theft, and other wickedness.
June 12 2013 5:49 PM

Stop Comparing the Steubenville Hacker to the Steubenville Rapists. It's Misleading and Wrong.

169460608
A political activist wears an Anonymous mask.

Photo by Rahman Roslan/Getty Images

Crime is Slate’s crime blog. Like us on Facebook, and follow us on Twitter @slatecrime.

If you’re on Twitter, you may have seen this sentiment making the rounds:

Advertisement

Though this sounds outrageous, it’s not entirely accurate.

First, some background. The hacker in question is a 26-year-old Kentucky man named Deric Lostutter. Here’s Mother JonesJosh Harkinson:

Lostutter may deserve more credit than anyone for turning Steubenville into a national outrage. After a 16-year-old girl was raped by two members of the Steubenville High football team last year, he obtained and published tweets and Instagram photos in which other team members had joked about the incident and belittled the victim. He now admits to being the man behind the mask in a video posted by another hacker on the team's fan page, RollRedRoll.com, where he threatened action against the players unless they apologized to the girl.

In April, Harkinson reports, FBI agents raided Lostutter’s house, looking for “evidence related to the hacking of RollRedRoll.com.” Last week, Lostutter started publicizing his story, blogging about how the government had emailed him about its intent “to send out a ‘Target Letter’ which means they are going to try to indict me for a Federal Offense, (most likely a felony and two misdemeanors) to a secret Grand Jury of 23 individuals, for which I can not be present to state my side, nor state my innocence.” Now, Lostutter’s story is getting popularized on social media, pegged to the provocative notion—as cited in the Mother Jones story—that, if convicted, he might face 10 years in prison whereas the Steubenville rapists only got one and two. There’s even a Deric Lostutter defense fund.

It does in fact seem likely that the government is building a case against Lostutter. It’s not clear at all, though, that Lostutter—who hasn’t yet been indicted and hasn’t yet been charged with a crime—will ever actually face 10 years in prison. In the search warrant for the raid on Lostutter’s house, the feds were given permission to seize, among other things, “All records relating to violations of Title 18 U.S.C. § 1030(a)(2)(C) (Computer Crime).” That’s the Computer Fraud and Abuse Act, or CFAA, which has recently been applied against high-profile defendants like Aaron Swartz, Matthew Keys, and Andrew “Weev” Auernheimer. The CFAA is a controversial and outdated computer crime statute that enables prosecutors to threaten defendants with long prison sentences, in hopes that those defendants will choose to accept a plea bargain.

Mother Jones’ Harkinson tells me that he arrived at the "10 years maximum" figure based on conversations with Lostutter and by looking at the sentencing guidelines for the CFAA. And, indeed, if Lostutter is charged under the CFAA, it’s conceivable that he’d face a maximum sentence of 10 years—maybe even longer. But it is very, very unlikely that he would actually spend 10 years in jail. As the Electronic Frontier Foundation’s Hanni Fakhoury wrote this April, “While maximums play an important role in criminal sentencing, the actual sentence a defendant will receive depends mostly on the sentencing range recommended in the United States Sentencing Guidelines (‘USSG’).”

The sentencing guidelines take into account the financial loss caused by the defendant’s alleged actions, the means by which the crimes were committed, the defendant’s background and character, and other factors. A guidelines sentence is almost never the maximum possible sentence. Even Aaron Swartz, who was accused of causing a $2 million financial loss to the JSTOR digital archive, was only facing a maximum sentence of 78 months on the CFAA charges. That’s a long time in prison, but it’s also a far cry from the 50-year maximum sentence that many news articles noted he could have received.

“CFAA sentences have really varied,” the EFF’s Fakhoury told me in an email. “Christopher Chaney, who hacked into celebrity accounts and took nude photos and other information, received a 10 year sentence. Luis Mijangos got 6 years for his sextortion scheme. Lostutter's behavior doesn't seem as egregious as either of their behavior.” My guess is that if Lostutter is charged under the CFAA, he’ll either plead out and get probation or a short sentence—probably in exchange for information that’ll help the feds in their ongoing battle against the hacking collective Anonymous—or he’ll be convicted, in which case he’ll still only get a fraction of the maximum sentence.

As for the Steubenville defendants: Trent Mays and Ma’lik Richmond were tried and sentenced as juveniles, which limits the length of the punishment they can receive. This is a good policy. The juvenile justice system is ostensibly focused on rehabilitation rather than punishment, because juveniles aren’t fully formed adults, and are thought to be less culpable for their actions. This is not a controversial notion. In his majority opinion for 2004’s Roper v. Simmons, a Supreme Court case which found that it is unconstitutional to sentence juveniles to death, Justice Anthony Kennedy wrote, “From a moral standpoint it would be misguided to equate the failings of a minor with those of an adult, for a greater possibility exists that a minor’s character deficiencies will be reformed.”

If Richmond and Mays had been tried as adults, their sentences likely would have been more severe. The state of Ohio does allow for juveniles charged with felony offenses to be tried as adults. Before that can happen, the state holds what’s known as an amenability hearing to determine the likelihood that the juvenile defendant can be rehabilitated. Richmond and Mays were both first-time offenders who, at their amenability hearing, presented dozens of letters and statements testifying to their good character. At that same hearing, when asked whether she wanted Richmond and Mays to be tried in adult court, the mother of the Steubenville rape victim said, “I thought about it over a million times, and I leave it in God's hands.” It’s no huge surprise, then, that Judge Thomas Lipps decided to try the two as juveniles.

I understand why it seems disgraceful that two convicted rapists—no matter how old they are—might only serve a couple of years for their crimes. Still, the idea that Richmond and Mays got off with straightforward one- and two-year sentences, respectively, isn’t quite accurate. Richmond, 17, was sentenced to a minimum of one year in juvenile detention, though he could remain incarcerated until he turns 21. Mays, 16, was sentenced to a minimum of two years in juvenile detention on the rape charge, but was also given a consecutive sentence on another charge, which could keep him in the system until he turns 24.

The CFAA is a bad law that empowers prosecutors to threaten criminal defendants with absurdly long sentences for relatively minor offenses. It ought to be reformed, and I’ve said as much more than once. But it is disingenuous for social media users to compare a possible maximum sentence that might be imposed on a 26-year-old man who has not yet been charged with a crime with the real-life, already-imposed minimum sentences imposed on underage offenders by a juvenile court. That comparison oversimplifies and confuses the issues in the Steubenville case, and it doesn’t help anyone make a coherent argument about what’s right and what’s wrong with the American criminal justice system.

Justin Peters is a writer for Slate. He is working on a book about Aaron Swartz, copyright, and the rise of “free culture.” Email him at justintrevett@fastmail.fm.