Appeals court overturns conviction of Andrew “weev” Auernheimer in iPad hacking case

Andrew “Weev” Auernheimer, in 2012. Photo: pinguino.

Notorious hacker and troll weev was released from prison this evening. A federal appeals court today overturned his conviction in a case of significance for all security researchers.

Weev exposed a security flaw in AT&T's website and obtained the personal data of more than 100,000 iPad users. He was charged with violating the Computer Fraud and Abuse Act (CFAA), and sentenced to three and a half years in prison. Today's ruling says prosecutors did not have the right to charge him in a state where none of the alleged crimes occurred.

Kim Zetter in Wired:

Andrew “Weev” Auernheimer was in Arkansas during the time of the hack, his alleged co-conspirator was in California, and the servers that they accessed were physically located in Dallas, Texas and Atlanta, Georgia. Prosecutors therefore had no justification for bringing the case against Auernheimer in New Jersey, a federal appeals panel ruled this morning. The appeal was closely watched in cyber law and civil liberties circles, and Auernheimer had a powerhouse legal team that handled his case pro-bono.
From Ars Technica:
The case against Auernheimer, who has often been in solitary confinement for obtaining and disclosing personal data of about 140,000 iPad owners from a publicly available AT&T website, was seen as a test case on how far the authorities could go under the Computer Fraud and Abuse Act (CFAA), the same law that federal prosecutors were invoking against Aaron Swartz. But in the end, the Third US Circuit Court of Appeals didn't squarely address the controversial fraud law and instead said Auernheimer was charged in the wrong federal court.

"Although this appeal raises a number of complex and novel issues that are of great public importance in our increasingly interconnected age, we find it necessary to reach only one that has been fundamental since our country’s founding: venue," the appeals court wrote. "The proper place of colonial trials was so important to the founding generation that it was listed as a grievance in the Declaration of Independence" (PDF).

From the EFF:

Auernheimer was represented on appeal by the Electronic Frontier Foundation (EFF), Professor Orin Kerr of George Washington University, and attorneys Marcia Hofmann, and Tor Ekeland. In an opinion issued this morning by the U.S. Court of Appeals for the Third Circuit, Judge Michael Chagares wrote that the government should not have charged Auernheimer in New Jersey, which had no direct connection to AT&T or Auernheimer.

"We're thrilled that the Third Circuit reversed Mr. Auernheimer's conviction," EFF Staff Attorney Hanni Fakhoury said. "This prosecution presented real threats to security research. Hopefully this decision will reassure that community."

Here is today's court ruling [PDF].

For more on weev, this Gawker profile is a good place to start. Don't miss his thoughts on The Jews.