Jail Looms for Man Who Revealed AT&T Leaked iPad User E-Mails
UPDATE 11/20/2012: Auernheimer/Weev has been found guilty on both counts, with sentencing scheduled for 90 days or more from today.
AT&T screwed up in 2010, serving up the e-mail addresses of over 110,000 of its iPad 3G customers online for anyone to find. But today Andrew Auernheimer, an online activist who pointed out AT&T’s blunder to Gawker Media, which went on to publicize the breach of private information, is the one in federal court this week.
His case highlights some potentially troubling disconnects between the practicalities of online life and the rule – and application – of the law.
Auernheimer, whose pugnacious online persona is Weev, is up on two counts, each with the potential to land him with five years in jail. One alleges that by being in possession of the e-mails from AT&T’s leaky system he handled “identification information” in breach of a law intended to protect against identity theft, USC 1028. It’s worth noting that so far there appears to be no indication that Weev had plans to use the e-mails collected for anything more than proof that AT&T was leaking its customers’ data.
The more concerning charge to online activists watching Weev’s case is based on the Computer Fraud and Abuse Act, which forbids “unauthorized access” to a computer. Weev and a fellow hacker who originally uncovered AT&T’s mistake and collected the e-mails didn’t ask the company for permission to access the Web addresses that shared iPad users’ private information. But those Web addresses weren’t hidden behind password prompts or any kind of protection – they were publicly accessible. Getting AT&T’s system to spit out a customer’s e-mail address simply required visiting an AT&T web address with a particular – and easy to guess – code tagged onto the end.
Groups like the Electronic Frontier Foundation (EFF) worry that should that charge succeed it will become easy to criminalize many online activities, including work by well-intentioned activists looking for leaks of private information or other online security holes. Weev’s case hasn’t received much attention so far, but should he be found guilty this week it will likely become well known, fast.
Keep Reading
Most Popular
Geoffrey Hinton tells us why he’s now scared of the tech he helped build
“I have suddenly switched my views on whether these things are going to be more intelligent than us.”
ChatGPT is going to change education, not destroy it
The narrative around cheating students doesn’t tell the whole story. Meet the teachers who think generative AI could actually make learning better.
Meet the people who use Notion to plan their whole lives
The workplace tool’s appeal extends far beyond organizing work projects. Many users find it’s just as useful for managing their free time.
Learning to code isn’t enough
Historically, learn-to-code efforts have provided opportunities for the few, but new efforts are aiming to be inclusive.
Stay connected
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.