Skip to Content
Uncategorized

Jail Looms for Man Who Revealed AT&T Leaked iPad User E-Mails

The case highlights a troubling disconnect between online life and the rule of the law.
November 19, 2012

UPDATE 11/20/2012: Auernheimer/Weev has been found guilty on both counts, with sentencing scheduled for 90 days or more from today.

AT&T screwed up in 2010, serving up the e-mail addresses of over 110,000 of its iPad 3G customers online for anyone to find. But today Andrew Auernheimer, an online activist who pointed out AT&T’s blunder to Gawker Media, which went on to publicize the breach of private information, is the one in federal court this week.

His case highlights some potentially troubling disconnects between the practicalities of online life and the rule – and application – of the law.

Auernheimer, whose pugnacious online persona is Weev, is up on two counts, each with the potential to land him with five years in jail. One alleges that by being in possession of the e-mails from AT&T’s leaky system he handled “identification information” in breach of a law intended to protect against identity theft, USC 1028. It’s worth noting that so far there appears to be no indication that Weev had plans to use the e-mails collected for anything more than proof that AT&T was leaking its customers’ data.

The more concerning charge to online activists watching Weev’s case is based on the Computer Fraud and Abuse Act, which forbids “unauthorized access” to a computer. Weev and a fellow hacker who originally uncovered AT&T’s mistake and collected the e-mails didn’t ask the company for permission to access the Web addresses that shared iPad users’ private information. But those Web addresses weren’t hidden behind password prompts or any kind of protection – they were publicly accessible. Getting AT&T’s system to spit out a customer’s e-mail address simply required visiting an AT&T web address with a particular – and easy to guess – code tagged onto the end.

Groups like the Electronic Frontier Foundation (EFF) worry that should that charge succeed it will become easy to criminalize many online activities, including work by well-intentioned activists looking for leaks of private information or other online security holes. Weev’s case hasn’t received much attention so far, but should he be found guilty this week it will likely become well known, fast.

Keep Reading

Most Popular

Here’s how a Twitter engineer says it will break in the coming weeks

One insider says the company’s current staffing isn’t able to sustain the platform.

Technology that lets us “speak” to our dead relatives has arrived. Are we ready?

Digital clones of the people we love could forever change how we grieve.

How to befriend a crow

I watched a bunch of crows on TikTok and now I'm trying to connect with some local birds.

Starlink signals can be reverse-engineered to work like GPS—whether SpaceX likes it or not

Elon said no thanks to using his mega-constellation for navigation. Researchers went ahead anyway.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.