Perhaps one of the stupidest things a prosecutor trying to defend criminal prosecution under CFAA can say is to admit that they have no understanding of what the alleged “hacker” did that made his conduct a hack or violation of CFAA.
But that’s pretty much what happened in a Philadelphia courtroom yesterday during Weev’s appeal of his conviction. Mike Masnick of TechDirt has some good coverage of it:
We’ve been covering the ridiculous DOJ case against Andrew “weev” Auernheimer for quite some time. If you don’t recall, Auernheimer and a partner found a really blatant security hole on AT&T’s servers that allowed them to very easily find out the email addresses of iPad owners. There was no breaking in to anything. The issue was that AT&T left this all exposed. But, with a very dangerous reading of the CFAA (Computer Fraud and Abuse Act) and a bunch of folks who don’t understand basic technology, weev wassentenced to 3.5 years in jail (and has been kept in solitary confinement for much of his stay so far). Part of the case is complicated by the fact that weev is kind of a world class jerk — who took great thrill in being an extreme online troll, getting a thrill out of making others miserable. But, that point should have no standing in whether or not exposing a security hole by basically entering a URL that AT&T failed to secure, becomes a criminal activity.
Throughout the case, it’s been clear that the DOJ was trying to make up an interpretation of the law that had no basis in the actual technology world. And it became abundantly clear at a hearing before the appeals court concerning weev’s case, that the DOJ really has no idea what weev did. They’re just sure it’s bad because it involves computers and stuff. Seriously, as reported by Vice:
“He had to decrypt and decode, and do all of these things I don’t even understand,” Assistant US Attorney Glenn Moramarco argued.
Read more on TechDirt.