Skip to main content

Andrew Auernheimer is not Aaron Swartz

Andrew Auernheimer is not Aaron Swartz
Image used with permission by copyright holder

A chorus of tech pundits – myself included – unleashed a collective wail of outrage earlier this week, upon learning that hacker Andrew “Weev” Auernheimer received a 41-month sentence from a U.S. judge in New Jersey. A jury decided in November that pilfering 120,000 iPad user email addresses from a publicly accessible portion of AT&T’s website and leaking the breach to the press violated the contentious Computer Fraud and Abuse Act (CFAA). Auernheimer’s punishment far outweighs his “crime,” we said – further proof that this increasingly infamous anti-hacking law should no longer exist.

That latter point I stand by. What I can no longer support is the beatification of Auernheimer, whose dirty laundry has muddied an important debate about computer crime laws in the U.S.

Recommended Videos

While it’s not at all clear whether Auernheimer is a “good person,” however you want to define that, he has firmly established his public persona as a force of chaotic badness. Around the time that another “hacker” haunted by a serious CFAA prosecution, Aaron Swartz, was helping develop the valuable Creative Commons licensing, Auerenheimer was busy releasing the Social Security Number and home address of blogger Kathy Sierra. “This was part of a larger trolling campaign against Sierra,” wrote Mattathias Schwartz in a 2008 New York Times Magazine piece about Internet trolls (featuring Weev), “one that culminated in death threats.”

Andrew-Auernheimer
Andrew Auernheimer Image used with permission by copyright holder

Ruthless trolling, blatant antisemitism, compulsive lying – this is the type of baggage Weev carries wherever he travels. If we are serious about successfully navigating the craggy political landscape that stands between us and fair computer crime laws, we must cut Auernheimer loose. This is me pulling out my knife – a move I should have made from the start.

My mistake came on Tuesday in the form of my latest “Digital Self” column, which carries the headline “We all lose with the Web’s last bandits behind bars.” Weev takes top billing, both as the lead image, and in the copy. Like many others, I packed “Auernheimer” foolishly close to “Swartz,” implicitly drawing a false parallel.

My argument – that a recent wave of high-profile cases based on the CFAA has created a volatile environment for journalists and Internet activists – did not explicitly absolve Auernheimer of wrongdoing. Still, the admittedly rant-y piece sparked a heated reader debate about the nature of Auernheimer’s actions. Does he deserve to go to jail? Did he even break the law at all? And should he be painted a hero by the tech punditry?

Auernheimer’s apologists argue that, due to its negligent security, AT&T deserves full blame for this fiasco. If the wireless provider had better protected its network, Auernheimer and his partner, Daniel Spitler, would never have had the ability to scrape email addresses in the first place.

Ryan Tate, who first reported the “iPad hack” for Gawker (thanks to Auernheimer tipping him off), writes in Wired that the “scapegoating of Auernheimer is revolting,” partially because “it lets AT&T off the hook for exposing sensitive information to public view, shifting the blame onto those who reported the slip-up, and discouraging future disclosure.”

What complicates the Auernheimer saga is that all of these arguments are correct. This story has no hero.

The Electronic Frontier Foundation, which is helping in Auernheimer’s appeal, echoes this argument. “Weev is facing more than three years in prison because he pointed out that a company failed to protect its users’ data, even though his actions didn’t harm anyone,” said EFF Senior Staff Attorney Marcia Hofmann, in a statement. “The punishments for computer crimes are seriously off-kilter, and Congress needs to fix them.”

Then there’s Auernheimer himself, who recently told Mashable’s Alex Fitzpatrick that he believes he “did the right thing,” that he “did something of global social good.” He maintains that he was prosecuted solely because he “embarrassed” AT&T. “I went and notified their customers for them,” he said. “And they didn’t appreciate that at all.”

In short, according to the apologists, Auernheimer is going to jail for “grey hat” hacker tactics meant to ultimately protect consumers. 

Auernheimer critics believe his actions clearly fell on the wrong side of the law. Just look at the evidence, they say. He acted with blatant malicious intent – not to protect AT&T iPad users, but to hurt AT&T, and have a good laugh at the company’s expense. The script that scraped the user data (which was actually written by Spitler, not Auernheimer) used “brute force” tactics to uncover data that AT&T never intended to be public, which justifies the prosecution’s assertion that the pair illegally accessed a “protected computer” – a move strictly prohibited under CFAA. As commenter nickwest points out, in response to the suggestion that AT&T is at fault for not properly protecting its data: “If I forget to lock the door to my house, and leave my private documents on my kitchen table, it’s ok for someone to come in, take them, and then put them in the newspaper?”

In short, according to his detractors, Weev deserves every month behind bars he received.

What complicates the Auernheimer saga is that all of these arguments are correct. This story has no hero.

aaron-swartz
Aaron Swartz Image used with permission by copyright holder

AT&T did fail to protect its network. Auernheimer and Spitler did access the iPad user email addresses through brute force tactics, with the intent to cause harm to AT&T – they admit as much in the IRC chat logs cited in the original criminal complaint against them (PDF). And the CFAA is a dangerous law that allows the imposition of severe penalties for relatively harmless crimes, and gives prosecutors egregious powers over almost any Web users they choose to pursue – including legitimate cybersecurity professionals who make us all safer by uncovering network holes. Every inch of this slimy tale stinks.

Those of us who genuinely want to do the right thing – not for the lulz, but for justice – must shed ourselves of Auernheimer’s self-serving, self-destructive escapades. Andrew Auernheimer is not Aaron Swartz, no matter how many times we repeat that he is. Groups like the EFF may find it necessary to help appeal his sentencing, as part of a broader strategy to change the CFAA. But if the rest of us want to win the inherently political battle for better computer crime laws, not one of us should let our righteousness over the intolerable failings of the CFAA seduce us into painting Auernheimer a martyr anymore than we already have.

Andrew Couts
Former Digital Trends Contributor
Features Editor for Digital Trends, Andrew Couts covers a wide swath of consumer technology topics, with particular focus on…
PayPal vs. Venmo vs. Cash App vs. Apple Cash: which app should you use?
PayPal, Venmo, Cash App, and Apple Wallet apps on an iPhone.

We’re getting closer every day to an entirely cashless society. While some folks may still carry around a few bucks for emergencies, electronic payments are accepted nearly everywhere, and as mobile wallets expand, even traditional credit and debit cards are starting to fall by the wayside.

That means many of us are past the days of tossing a few bills onto the table to pay our share of a restaurant tab or slipping our pal a couple of bucks to help them out. Now, even those things are more easily doable from our smartphones than our physical wallets.

Read more
How to change margins in Google Docs
Laptop Working from Home

When you create a document in Google Docs, you may need to adjust the space between the edge of the page and the content --- the margins. For instance, many professors have requirements for the margin sizes you must use for college papers.

You can easily change the left, right, top, and bottom margins in Google Docs and have a few different ways to do it.

Read more
What is Microsoft Teams? How to use the collaboration app
A close-up of someone using Microsoft Teams on a laptop for a videoconference.

Online team collaboration is the new norm as companies spread their workforce across the globe. Gone are the days of primarily relying on group emails, as teams can now work together in real time using an instant chat-style interface, no matter where they are.

Using Microsoft Teams affords video conferencing, real-time discussions, document sharing and editing, and more for companies and corporations. It's one of many collaboration tools designed to bring company workers together in an online space. It’s not designed for communicating with family and friends, but for colleagues and clients.

Read more