Jail Looms for Man Who Revealed AT&T Leaked iPad User E-Mails
UPDATE 11/20/2012: Auernheimer/Weev has been found guilty on both counts, with sentencing scheduled for 90 days or more from today.
AT&T screwed up in 2010, serving up the e-mail addresses of over 110,000 of its iPad 3G customers online for anyone to find. But today Andrew Auernheimer, an online activist who pointed out AT&T’s blunder to Gawker Media, which went on to publicize the breach of private information, is the one in federal court this week.
His case highlights some potentially troubling disconnects between the practicalities of online life and the rule – and application – of the law.
Auernheimer, whose pugnacious online persona is Weev, is up on two counts, each with the potential to land him with five years in jail. One alleges that by being in possession of the e-mails from AT&T’s leaky system he handled “identification information” in breach of a law intended to protect against identity theft, USC 1028. It’s worth noting that so far there appears to be no indication that Weev had plans to use the e-mails collected for anything more than proof that AT&T was leaking its customers’ data.
The more concerning charge to online activists watching Weev’s case is based on the Computer Fraud and Abuse Act, which forbids “unauthorized access” to a computer. Weev and a fellow hacker who originally uncovered AT&T’s mistake and collected the e-mails didn’t ask the company for permission to access the Web addresses that shared iPad users’ private information. But those Web addresses weren’t hidden behind password prompts or any kind of protection – they were publicly accessible. Getting AT&T’s system to spit out a customer’s e-mail address simply required visiting an AT&T web address with a particular – and easy to guess – code tagged onto the end.
Groups like the Electronic Frontier Foundation (EFF) worry that should that charge succeed it will become easy to criminalize many online activities, including work by well-intentioned activists looking for leaks of private information or other online security holes. Weev’s case hasn’t received much attention so far, but should he be found guilty this week it will likely become well known, fast.
Keep Reading
Most Popular
Large language models can do jaw-dropping things. But nobody knows exactly why.
And that's a problem. Figuring it out is one of the biggest scientific puzzles of our time and a crucial step towards controlling more powerful future models.
The problem with plug-in hybrids? Their drivers.
Plug-in hybrids are often sold as a transition to EVs, but new data from Europe shows we’re still underestimating the emissions they produce.
Google DeepMind’s new generative model makes Super Mario–like games from scratch
Genie learns how to control games by watching hours and hours of video. It could help train next-gen robots too.
How scientists traced a mysterious covid case back to six toilets
When wastewater surveillance turns into a hunt for a single infected individual, the ethics get tricky.
Stay connected
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.