Slashdot Mirror


'weev' Conviction Vacated

An anonymous reader writes "A few years back, Andrew 'weev' Auernheimer went public with a security vulnerability that made the personal information of 140,000 iPad owners available on AT&T's website. He was later sentenced to 41 months in prison for violating the Computer Fraud and Abuse Act (or because the government didn't understand his actions, depending on your viewpoint). Now, the Third U.S. District Court of Appeals has vacated weev's conviction. Oddly, the reason for the ruling was not based on the merits of the case, but on the venue in which he was tried (PDF). From the ruling: 'Although this appeal raises a number of complex and novel issues that are of great public importance in our increasingly interconnected age, we find it necessary to reach only one that has been fundamental since our country's founding: venue. The proper place of colonial trials was so important to the founding generation that it was listed as a grievance in the Declaration of Independence.'"

2 of 148 comments (clear)

  1. What happens now? by gnasher719 · · Score: 4, Interesting

    From Wikipedia: "Relief from judgment of a United States District Court is governed by Rule 60 of the Federal Rules of Civil Procedure.[1] The United States Court of Appeals for the Seventh Circuit noted that a vacated judgment "place[s] the parties in the position of no trial having taken place at all; thus a vacated judgment is of no further force or effect."[2] Thus, vacated judgments have no precedential effect.[3]"

    That seems to say that he is now in a legal position as if the trial had never taken place. So can he be taken to court in the proper place now?

  2. Re:To the point... by NatasRevol · · Score: 4, Interesting

    Well, not me, but the appeals court certainly did.
    This paragraphy is on page 10 of the ruling:

    The charged portion of the CFAA provides that
    “[w]hoever . . . intentionally accesses a computer without
    authorization or exceeds authorized access, and thereby
    obtains . . . information from any protected computer . . . shall
    be punished as provided in subsection (c) of this section.” 18
    U.S.C. 1030(a)(2)(C). To be found guilty, the Government
    must prove that the defendant (1) intentionally (2) access
    edwithout authorization (or exceeded authorized access to) a
    (3)protected computer and(4) thereby obtained information

    Then his paragraph is on page 12 of the ruling:

    Because neither Auernheimer nor his co-conspirator
    Spitler performed any “essential conduct element” of the
    underlying CFAA violation or any overt act in furtherance of
    the conspiracy in New Jersey, venue was improper on count
    one.

    I guess you're smarter than them.

    Also, if passing a phone identifier to a query of a web server could access all this information, is that really a 'protected computer'? I'd say no.

    --
    There are two types of people in the world: Those who crave closure