By Gerry Smith
Dec 20, 2013
Does the law have mercy for computer hackers with a cause?
That was a recurring question in 2013 as several so-called hacktivists, facing years in prison, pleaded for leniency, claiming they had broken into computer networks for the public good.
"I did this because I believe people have a right to know what governments and corporations are doing behind closed doors," Jeremy Hammond told a judge, echoing other hackers who said their motives were ideological, not financial. "I did what I believe is right."
But the courts showed little sympathy for such arguments in 2013, a year when hacktivists and the government clashed repeatedly in an escalating struggle over control of information.
Peter Ludlow, a philosophy professor at Northwestern University, wrote in The Nation that the prosecution of hacktivists was part of "a war on knowledge" that extends beyond hackers to include Edward Snowden and Chelsea Manning, who exposed government secrets. Manning is serving a 35-year sentence for Espionage Act violations. Snowden, in Russia on temporary asylum, has been charged with espionage and theft of government property.
“Taken together, the lesson appears to be that computer hacking for social causes and computer hacking aimed at exposing the secrets of governing elites will not be tolerated,” Ludlow wrote.
In November, Hammond, 28, whose hacking of a private intelligence firm revealed how the government had monitored members of the Occupy Wall Street movement, was sentenced to 10 years in prison.
In March, Andrew “Weev” Auernheimer, 27, who said he was trying to protect consumers from identity theft when he shared a security loophole in AT&T’s servers with a journalist, was sentenced to three years in prison.
In January, Aaron Swartz, 26, who claimed he was trying to free publicly funded research from behind a paywall, committed suicide while facing a felony charge and potential prison sentence for downloading millions of scholarly articles from Massachusetts Institute of Technology servers.
Gabriella Coleman, a professor at McGill University who studies hacker culture, said the work of hacktivists was "producing tangible effects."
"But the courts are unwilling to acknowledge this activity as politically motivated and for the public good," Coleman said in an email.
Michael Sussman, a former Justice Department cybercrime prosecutor, said hackers who say they deserve leniency because they did not hack for financial gain are unlikely to see compassion from the government.
“I don’t think the ‘Robin Hood’ aspect of this is going to matter much to prosecutors,” Sussman said. “I don’t think in the federal government anyone is saying, ‘Oh well, these people consider themselves hacktivists, so we should have a real hands-off policy.’”
In fact, prosecutors say hacktivists have caused substantial harm. Hammond, who also stole credit card data belonging to nearly 1 million people, caused “personal and financial chaos for individuals whose identities and money he took and for companies whose businesses he decided he didn’t like," Manhattan U.S. Attorney Preet Bharara said after Hammond pleaded guilty this year.
Prosecutors said Auernheimer violated the privacy of thousands of iPad owners by disclosing their email addresses to a reporter at the gossip website Gawker, which published redacted versions of some emails.
But 2013 was not only the year the law caught up with some hacktivists. It was also the year the law itself came under scrutiny.
In June, legislation was introduced in Congress to amend the Computer Fraud and Abuse Act, which prosecutors invoked to charge Swartz, Auernheimer and Hammond. Critics say the law is too broad and excessively punitive, meting out stiff prison terms for some computer-related crimes they deem relatively innocuous.
Rep. Zoe Lofgren (D-Calif.) said in an interview that she introduced the bill, called “Aaron’s Law” because she felt Swartz “was bullied” by prosecutors for “an act of civil disobedience that certainly didn’t call out for multiple years in federal prison.”
Lofgren said the 1986 law to combat criminal hacking of military and bank computers has become outdated.
“Things have changed,” Lofgren told HuffPost. “To allow a statute created when the Internet was not in commercial use to go without review is a big mistake.”
But with many competing priorities in Congress, Lofgren said her legislation “has not been a major topic of discussion” this year.
“There hasn’t been an outpouring,” she said. “It does not appear my colleagues in the House feel pressure” to reform the law.
Not all hacktivists donned prison jumpsuits this year. In 2011, federal authorities accused 14 people of helping the hacker group Anonymous launch a cyberattack against the online payment service PayPal. Most faced up to 15 years in prison if convicted.