A hacker sentenced to three and a half years in prison for obtaining the personal data of more than 100,000 iPad owners from AT&T’s unsecured website is about to go free, after a ruling today that prosecutors were wrong to charge him in a state where none of his alleged crimes occurred.
Andrew “Weev” Auernheimer was in Arkansas during the time of the hack, his alleged co-conspirator was in California, and the servers that they accessed were physically located in Dallas, Texas and Atlanta, Georgia. Prosecutors therefore had no justification for bringing the case against Auernheimer in New Jersey, a federal appeals panel ruled this morning.
The appeal was closely watched in cyber law and civil liberties circles, and Auernheimer had a powerhouse legal team that handled his case pro-bono.
“Venue in criminal cases is more than a technicality; it involves ‘matters that touch closely the fair administration of criminal justice and public confidence in it,’” the judges wrote in their opinion (.pdf). “This is especially true of computer crimes in the era of mass interconnectivity. Because we conclude that venue did not lie in New Jersey, we will reverse the District Court’s venue determination and vacate Auernheimer’s conviction.” … Read more at Wired.