Court Overturns Controversial Hacker's Conviction, but Dodges the Hard Question

The Citizen's Guide to the Future
April 11 2014 4:55 PM

Court Overturns Controversial Hacker's Conviction, but Dodges the Hard Question

Weev-selfportrait-prophet
Andrew "weev" Auernheimer

Photo by weev/Wikimedia Commons.

Andrew Auernheimer, the infamous hacker and Internet troll imprisoned for revealing a security flaw in AT&T's website, will soon be walking free after more than a year behind bars. Today, the 3rd Circuit Court of Appeals in New Jersey vacated Auernheimer's conviction under the Computer Fraud and Abuse Act, a decades-old anti-hacking law which has been increasingly used to prosecute things that don't really seem like “hacking” at all.

In 2011, Auernheimer (aka “weev”) and his partner Daniel Spitler discovered that by simply incrementing an iPad serial number and entering the results into AT&T's website, they were able to obtain the personal data of 114,000 AT&T iPad customers, including celebrities and government officials. Last year, he was sentenced to 41 months in federal prison on counts of identity theft and “unauthorized access to protected computer,” despite that the sensitive data in question was readily available from AT&T's website. As weev has put it on multiple occasions after his conviction, “I'm going to jail for doing arithmetic.”

But the reasoning behind the court's reversal today didn't have anything to do with the nature of the charges, or computer crime law in general. Neither did it touch on Auernheimer's off-putting attitude and controversial trolling, which was an intense focus for the prosecution prior to his conviction. The case was vacated on the basis that the New Jersey venue was improper, because neither AT&T's server nor Auernheimer was physically located there.

Advertisement

Interestingly, a footnote in the court opinion points out that New Jersey law would have specifically required prosecutors to prove that Auernheimer “circumvented a code- or password-based barrier to access”—a task that given the facts would have been challenging, to say the least. This would have been made more difficult, given that the government doesn't seem to understand what Auernheimer actually did. During a recent appellate hearing in Philadelphia, assistant U.S. attorney Glenn Moramarco argued that what Auernheimer and Spitler did was “hacking” because they “had to download the entire iOS system on his computer, he had to decrypt it, he had to do all of these things I don't even understand." Later, he compared weev's actions to blowing up a nuclear power plant.

Auernheimer's legal team, led by the firm Tor Ekeland, P.C. and attorneys from the Electronic Frontier Foundation, has announced that they are seeking his immediate release, which could come as early as Friday night. But what happens next depends on whether the Department of Justice decides to retry the case in a different legal venue. That scenario would be bad for weev, who has spent much of his sentence in solitary confinement. But if the case ends here, it would also be a lost opportunity to for courts to finally clarify the vague laws governing what constitutes “hacking.”

On the other hand, it's not like there aren't other questionable CFAA cases to choose from. Former Reuters employee Matthew Keys faces up to 25 years in prison under the statute, for giving a password to the Los Angeles Times website to a member of Anonymous, which led to a headline being defaced for 30 minutes. (The court has bizarrely charged the act as “transmission of malicious code.”)

Auernheimer may be free, but the more important legal question of what separates petty mischief and security research from “hacking” remains unanswered—at least for now.

Future Tense is a partnership of SlateNew America, and Arizona State University.

Joshua Kopstein is a cyberculture journalist who studies policy, activism, and the dystopian present.

TODAY IN SLATE

Medical Examiner

The Most Terrifying Thing About Ebola 

The disease threatens humanity by preying on humanity.

I Bought the Huge iPhone. I’m Already Thinking of Returning It.

Scotland Is Just the Beginning. Expect More Political Earthquakes in Europe.

Students Aren’t Going to College Football Games as Much Anymore

And schools are getting worried.

Two Damn Good, Very Different Movies About Soldiers Returning From War

The XX Factor

Lifetime Didn’t Think the Steubenville Rape Case Was Dramatic Enough

So they added a little self-immolation.

Politics

Blacks Don’t Have a Corporal Punishment Problem

Americans do. But when blacks exhibit the same behaviors as others, it becomes part of a greater black pathology. 

Why a Sketch of Chelsea Manning Is Stirring Up Controversy

How Worried Should Poland, the Baltic States, and Georgia Be About a Russian Invasion?

Trending News Channel
Sept. 19 2014 1:11 PM Watch Flashes of Lightning Created in a Lab  
  News & Politics
Weigel
Sept. 20 2014 11:13 AM -30-
  Business
Business Insider
Sept. 20 2014 6:30 AM The Man Making Bill Gates Richer
  Life
Quora
Sept. 20 2014 7:27 AM How Do Plants Grow Aboard the International Space Station?
  Double X
The XX Factor
Sept. 19 2014 4:58 PM Steubenville Gets the Lifetime Treatment (And a Cheerleader Erupts Into Flames)
  Slate Plus
Slate Picks
Sept. 19 2014 12:00 PM What Happened at Slate This Week? The Slatest editor tells us to read well-informed skepticism, media criticism, and more.
  Arts
Brow Beat
Sept. 20 2014 3:21 PM “The More You Know (About Black People)” Uses Very Funny PSAs to Condemn Black Stereotypes
  Technology
Future Tense
Sept. 19 2014 6:31 PM The One Big Problem With the Enormous New iPhone
  Health & Science
Bad Astronomy
Sept. 20 2014 7:00 AM The Shaggy Sun
  Sports
Sports Nut
Sept. 18 2014 11:42 AM Grandmaster Clash One of the most amazing feats in chess history just happened, and no one noticed.