Andrew “weev” Auernheimer, the hacker who notoriously released hundreds of thousands of iPad owners’ email addresses in an effort to call out AT&T’s lax security, was previously serving 41 months in prison, but will now go free due to a federal appeals court’s decision.
The Third Circuit Court of Appeals ruled federal prosecutors wrongly filed the case against him in New Jersey so they could use a Garden State law to enhance the charges against him.
In reality, the court pointed out, none of the alleged crimes he committed actually took place in New Jersey.
“No protected computer was accessed and no data was obtained in New Jersey,” the court ruled.
From the decision:
To enhance the potential punishment from a misdemeanour to a felony the Government alleged that Auernheimer’s CFAA [Computer Fraud and Abuse Act] violation occurred in furtherance of a violation of New Jersey’s computer crime statute.
The Third Circuit said this was problematic because prosecutors could enhance Auernheimer’s punishment if they could prove that he was conspiring to violate the CFAA “in furtherance of a state crime.”
During the times relevant to this case, Auernheimer was working from Arkansas and accessing computer servers in Dallas, Texas and Atlanta, Ga. Federal prosecutors could conceivably re-file a case against him in one of those states. However, his lawyers could get it thrown out for violating his Fifth Amendment right not to be tried twice for the same crime. It’s possible prosecutors could get around this roadblock by filing different charges against him.
The Computer Fraud and Abuse Act that Auernheimer was charged under is the same statute that ensnared Aaron Swartz, who tragically committed suicide after he got arrested for illicitly downloading articles from the academic journal JSTOR.
That law makes it a federal crime to access a computer without authorization or to “exceed authorised access.” Passed just a few years after the controversial hacker film “War Games” came out, the CFAA has been criticised for being antiquated. The CFAA has also come under attack for being so vague that you could be charged with a federal crime for violating a website’s terms of service.