Skip to main content

The world's biggest troll is back on trial

The world's biggest troll is back on trial


The notorious weev begins an appeal on his hacking conviction

Share this story

On the 19th floor of Philadelphia's federal courthouse, a gel-haired US marshal is taking our cellphones. There's a court order on the table explaining why: Judge McKee has ordered that no phones or electronic equipment can be present on this floor, or in this courtroom, or during any other proceeding relating to this trial. The lawyers get an exception, but the rest of us have to hand in our bags and get used to a pre-electronic existence in the courtroom.

A US Marshal is taking our cellphones

The reason, of course, is weev, known to the court as Andrew Auernheimer. We're here for his appeal trial, a reexamination of the ruling that sent the troll-slash-security-researcher to prison last year. He was convicted of computer fraud for accessing and publishing the emails of 114,000 iPad users, held on an AT&T server. The final sentence was for 41 months in prison and $73,000 in restitution payments, but it was overshadowed by the trial itself. Supporters had smuggled in phones to surreptitiously live-tweet the proceedings, and the trial kept grinding to a halt so the bailiff could eject them. As a result, nine months later, we're walking through a metal detector in full view of an explosives-sniffing dog.

A reexamination of the ruling that sent weev to prison

As it turns out, there's no point: the crowd is mostly other lawyers, showing up to watch weev's appeal team go to work. The closest thing to a hacker entourage is Robert David Graham, a prominent researcher with Errata Security who has been following the case from the beginning. He sits quietly in the back, helping one lawyer with a technical question in the hushed minutes before the proceedings began. "I'm scanning the entire internet as part of my work," he tells me, "so a lot of this stuff affects me personally."

"The right decision here could protect next month's Aaron Swartz."

He's not the only one. The Computer Fraud and Abuse Act (CFAA) has played a central role in computer crime prosecutions, from the Paypal 12 to the ultimately tragic prosecution of Aaron Swartz. The string of prosecutions has given the law a bad reputation with digital rights groups like the Electronic Frontier Foundation, which is leading weev's appeal. For critics, the law is working as a blank check to prosecute anyone causing trouble on the internet. And while there are still plenty of reasons to dislike weev as a person, his appeal gives lawyers a chance to succeed where measures like Aaron's Law stalled out. "This is our best, soonest chance to fix the statute," says Jennifer Granick, a Stanford law professor who's joined the legal team for the appeal. "The right decision here could protect next month's Aaron Swartz."

The EFF has been making their case since July, when they first announced the appeal.Their main point, hammered home since the first trial, is that AT&T hadn't imposed any password requirement or other protection when the data in question was pulled. The information was available on a public URL, so prosecutors have been forced to claim the access was "without authorization" solely because they didn't explicitly say it was okay. (To put it in terms of a physical "breaking and entering" charge, EFF says there was entering but no breaking.) It's a dilemma with far-reaching implications, since the web is all about different forms of internet access. For EFF, the answer is simply that public forums come with public risk. As appeal lawyer Orin Kerr puts it in the arguments, "when you post information publicly on the world wide web, you assume the risk that others will access that information." Interlopers like weev are just part of the equation.

"It's hard to read the tea leaves, but sometimes you get a feeling."

Inside the courtroom, the arguments focus on simpler issues, like whether the initial case was tried in the right court. The prosecution held the trial in New Jersey, a state with unusually strong computer-crime laws but no obvious connection to the case. Weev was in Arkansas; his accomplice was in California. The servers were in Georgia and Texas. There were victims in New Jersey, but with more than 100,000 people affected by the leaks, there were victims everywhere. As one of the appellate judges says, that means they could have had the trial in Hawaii if they wanted, where at least there would have been better weather.

The trio of judges seem amenable to the argument, allowing for some tentative optimism. As one EFF lawyer tells me outside the courtroom, "it's hard to read the tea leaves, but sometimes you get a feeling." As the court empties out, we find the faces that had been missing inside, half a dozen identifiably hackery supporters in boots and leather jackets, wild beards and blue hair. Many have come down from New York, arriving too late to hear the arguments themselves. As we leave, I ask Graham what he thinks of the trial. It seemed like things went well for the EFF? He corrected me: "You mean, it went well for Andrew."