Modernizing Authentication — What It Takes to Transform Secure Access
The Electronic Frontier Foundation (EFF), along with law professor Orin Kerr, attorney and EFF fellow Marcia Hofmann, and trial laywers Tor Ekeland and Mark Jaffe, have filed an appeal of the 41-month prison sentence imposed on Andrew "Weev" Auernheimer for leveraging a security flaw in AT&T's Web site to access 114,000 iPad owners' e-mail addresses.
According to an EFF statement, the appeal argues that the government's flawed application of the Computer Fraud and Abuse Act resulted in an improper conviction and sentence.
"The government set out to make an example of Auernheimer," EFF staff attorney Hanni Fakhoury said in a statement. "But the only message this sends to the security-research community is that if you discover a vulnerability, you could go to jail for sounding the alarm."
Auernheimer is currently imprisoned at the Allenwood Federal Correctional Complex in White Deer, Penn.
"Auernheimer was aggressively prosecuted for an act that caused little harm and was intended to be -- and ultimately was -- in the public interest," Hofmann said in a statement. "The CFAA's vague language gives prosecutors great latitude to abuse their discretion and throw the book at people they simply don't like."