Conor Brian Fitzpatrick (aka “Pompompurin” of Breached.vc) isn’t the only person to have their sentence vacated and remanded for re-sentencing this year. Paige Thompson, who was responsible for the massive Capital One hack in 2019, will also be re-sentenced. Eugene Volokh writes:
A short excerpt from the 9,000-word U.S. v. Thompson, decided yesterday by Ninth Circuit Judge Danielle J. Forrest, joined by Judge Johnnie B. Rawlinson:
Paige Thompson committed the second largest data breach in United States history at the time, causing tens of millions of dollars in damage and emotional and reputational harm to numerous individuals and entities. The district court correctly calculated Thompson’s sentencing range under the Federal Sentencing Guidelines (the Guidelines) to be 168 to 210 months of imprisonment. It then granted a roughly 98% downward variance to time served (approximately 100 days) and five years of probation. Because the district court made clearly erroneous findings and did not properly weigh the 18 U.S.C. § 3553(a) sentencing factors, we conclude that the sentence it imposed is substantively unreasonable, and we vacate and remand for resentencing….
As in Fitzpatrick’s case, the judge had made a significant departure from federal sentencing guidelines in sentencing Thompson, which the appellate court found to be unreasonable. As Volokh writes:
The district court considered that Thompson is transgender, autistic, and has suffered prior trauma in her life. Thompson’s personal background and characteristics are, of course, proper considerations at sentencing, but they may not be the sole basis for the chosen sentence. And the district court also speculated that recent BOP policy changes about housing transgender inmates may be undone by a future presidential administration. Such speculation regarding BOP policy is improper, especially when it apparently carried the weight it did in this sentencing. {The BOP has since changed its policies regarding the incarceration of transgender persons. See Exec. Order No. 14,168 (Jan. 30, 2025). The district court may consider this non-hypothetical policy on remand, but, consistent with this opinion, it may not do so at the expense of a proper weighing of all the § 3553(a) factors.} …
As the district court explained, hacking is “not … a crime of passion that [just] happens.” Fraud crimes like those at issue here typically are calculated, and, as a result, are particularly amenable to general deterrence. But, while the district court acknowledged the Government’s argument that a low sentence would incentivize similar crimes, it does not appear that it gave this factor meaningful weight in selecting the sentence that it imposed. This was a clear error of judgment….
Read more at Reason.
h/t, Risky Biz News