BBC reports:
An autistic man suspected of hacking into US government computer systems is to be extradited from Britain to face trial, a court has ruled. Lauri Love, 31, who has Asperger's Syndrome, is accused of hacking into the FBI, the US central bank and the country's missile defence agency. Mr Love, from Stradishall, Suffolk, has previously said he feared he would die in a US prison if he was extradited.
Also at Ars Technica , The Guardian , and Reuters . Here is the judgment against Love (PDF).
Related Stories
Lauri Love[*], in the UK, is facing extradition requests from three separate US court districts and a potential 99 year prison sentence for his alleged involvement in the online protests that followed the death of Aaron Swartz. Depsite no evidence offered by the US, the British courts have preliminarily agreed to extradition and his appeal will be on the 28th and 29th of November. Again, no evidence has been presented against him, but if he were tried in the UK he would be facing a maximum of 32 months in prison, not 99 years as the US is aiming for.
[*] According to Wikipedia's entry for Lauri Love:
Lauri Love is a Finnish-British activist charged extraterritorially with stealing data from United States Government computers including the US Army, Missile Defense Agency, and NASA via computer intrusion.
Previously: Lauri Love to be Extradited to the U.S.
The UK high court has finally ruled on the extradition of Lauri Love, the Finnish-British student accused of cracking U.S. government websites. He will not be extradited to face trial in America. The court accepted both of the main arguments that there is no reason he cannot not be tried in England and that he might suffer serious damage to his health if he were extradited.
Source: Hacking Suspect Lauri Love Wins Appeal Against Extradition to US
Previously: Lauri Love to be Extradited to the U.S.
Lauri Love's Appeal Will be Heard in the UK on November 28th and 29th
Lauri Love case: US abandons extradition case
Efforts to extradite alleged computer hacker Lauri Love have been abandoned by US authorities.
[...] Mr Love said he may help UK investigators to bring charges to get the case "over and done with".
American authorities confirmed they will not fight a High Court decision to block Mr Love's extradition to the US, on the grounds it would be "oppressive". A Crown Prosecution Service spokesman confirmed Mr Love will not be extradited.
Also at Bloomberg and The Hill.
Previously: Lauri Love to be Extradited to the U.S.
Lauri Love's Appeal Will be Heard in the UK on November 28th and 29th
Cracking Suspect Lauri Love Wins Appeal Against Extradition to US
(Score: 2) by canopic jug on Saturday September 17 2016, @04:56PM
Money is not free speech. Elections should not be auctions.
(Score: 0) by Anonymous Coward on Saturday September 17 2016, @06:32PM
Why were the UK charges dropped? The BBC article doesn't say. Maybe the US and UK prosecutors agreed to charge him stateside. Not sure what to make of this. On the one hand, I think hacking is ok. On the other hand, those who get caught breaking the law should expect to face consequences.
(Score: 1) by Francis on Saturday September 17 2016, @08:49PM
Presumably they decided that the crime took place in the US and that charging him in the UK would be redundant.
Which makes sense, he should be charged in the UK or the US, but not both. There probably was some sort of deal hammered out and presumably in the future if anybody in the US is caught cracking servers in the UK that they'd be extradited to the UK rather than being tried in the US.
Or perhaps not, there's a history of these sorts of things not being 2-way streets.
(Score: 4, Interesting) by Arik on Saturday September 17 2016, @09:05PM
I admit I didn't read all the links but is there any evidence this gent ever set foot in the US?
If laughter is the best medicine, who are the best doctors?
(Score: 1) by Francis on Saturday September 17 2016, @09:13PM
Why would that matter?
Jurisdiction in cases like this is tricky because the crime can reasonably said to be committed either where the computers that were broken into were located or where the attacker was located. And probably you could make an argument for a third country if there was an intermediary computer somewhere else used.
This isn't like normal crimes where you can say with reasonable certainty where the crime was committed, these computer crimes are effectively committed in multiple locations at the same time.
(Score: 4, Insightful) by zeigerpuppy on Sunday September 18 2016, @12:23AM
That's a very dangerous precedent.
Up until now criminal proceedings have respected the idea of jurisdiction.
This is a massive power grab by the US.
If he committed a crime he should be charged by the laws of his own land, not those of another (unless of course he is visiting such said nation).
Or else the UK has effectively ceded sovereignty to the US.
(Score: 1) by Francis on Sunday September 18 2016, @02:05AM
It's not a dangerous precedent to set. You've always been prosecuted in the jurisdiction where the crime took place.
He is alleged to have broken into servers that were in the control of the US federal government, why shouldn't he be tried in the US? Don't want to be tried in the US? Don't commit crimes in the US. It's not like he didn't know where the servers were.
(Score: 2) by frojack on Sunday September 18 2016, @05:50AM
The point is moot.
He's already admitted the crime, he's now just hoping to get off with a sympathy defense based on his disease.
No, you are mistaken. I've always had this sig.
(Score: 2) by Arik on Sunday September 18 2016, @11:01AM
The language has to be perverted for this to sustain the laugh test. So you speak of him 'breaking into servers.' Breaking, really? He had a crowbar that reached across the Atlantic?
If laughter is the best medicine, who are the best doctors?
(Score: 1) by Francis on Sunday September 18 2016, @12:12PM
First off, you keep using the phrase "set precedent" and it's quite clear you have no idea what you're talking about. There's plenty of precedence for people being tried in other countries for things they did abroad. The US regularly tries it's own citizens for bribing foreign officials. There was that guy in BC that was prosecuted for sending pot seeds into the US using the mail.
Secondly, how precisely do you enforce the law if people are allowed to break it by locating themselves overseas? It's one thing if those people are engaged in activities in foreign lands and with items that are located there. I don't expect to be arrested for badmouthing the king of Thailand here in the US as I have no reason to believe that this server is in Thailand.
But, if I broke into a server in Thailand to post graffiti on their websites, that is something that should lead to the possibility of being extradited. It's kind of a toss up whether the US authorities would consider it to be a breach of human rights and refuse the extradition request, but the crime itself was committed in Thailand under this scenario and they'd be the appropriate venue for resolving it.
Just because you choose to be oblivious to the consequences of letting people break the laws of foreign lands via this technicality doesn't make it reasonable. Cracking and malware are largely a problem because certain nations don't have or enforce laws against the activities when directed at third party nations. Waiting for the Russians or the Chinese to start arresting people for cracking systems in foreign lands is ridiculous. They aren't going to extradite them either, but should those individuals wind up in a country that will extradite them, then they should be extradited to stand trial.
In this case, he could have easily avoided being tried in the US had he just not broken into US servers in the US. Break into UK servers in the UK and you can be tried in the UK. Break into foreign servers and you should be tried in that locality. Otherwise, what incentive would there be for the authorities to even bother prosecuting the crime? His crime didn't harm the UK in any meaningful way other than embarrass them a bit and cause the diplomats to have to rush in and work things out.
(Score: 2) by Arik on Sunday September 18 2016, @12:37PM
Quite clear is it? That your final answer?
"There's plenty of precedence for people being tried in other countries for things they did abroad."
There's some and it's been a source for serious concern. We don't need more.
"The US regularly tries it's own citizens for bribing foreign officials."
That's not the same case at all. That's a US Citizen in the US doing something against US law. Even if he can prove he wasn't in the country at the moment the bribe was paid he would certainly have had to take some actions inside the US to facilitate it.
"There was that guy in BC that was prosecuted for sending pot seeds into the US using the mail."
Emery et. al? They cut everyone else loose very quick and even he wound up with a plea. A great case study in malicious prosecution, btw. The pleas reached themselves demonstrate that the base charges were brought in bad faith.
"Secondly, how precisely do you enforce the law if people are allowed to break it by locating themselves overseas?"
As I do not fetishize control of other human beings behavior, I feel no need to 'enforce the law' per se. Some laws are surely necessary, but I'm having a hard time thinking of one that doesn't have a physical component. And I am not a fan of thoughtcrime.
"I don't expect to be arrested for badmouthing the king of Thailand here in the US as I have no reason to believe that this server is in Thailand."
You don't know where this server is, you aren't supposed to need to know, and anyway all we need is 1 reader in Thailand and a sufficiently powerful official with a grudge to see this tested.
"But, if I broke into a server in Thailand to post graffiti on their websites, that is something that should lead to the possibility of being extradited. "
Again, where do you find these transcontinental crowbars? How is it possible for you to 'break into' something without ever setting foot on the same continent where it exists? Why do you do such violence to the language rather than saying clearly what you mean?
"Cracking and malware are largely a problem because certain nations don't have or enforce laws against the activities when directed at third party nations."
Ah. We may have just found the key to your confusion.
This is complete and utter bullshit.
These things are problems because commonly used software is insecure by design.
If laughter is the best medicine, who are the best doctors?
(Score: 2) by dry on Monday September 19 2016, @01:00AM
That guy in BC, Marc Emery, is a good example of an illegal extradition. When the government can illegally ship the leader of a political party (or was that ex-leader?) to another country in the name of being tough on crime, there's something seriously wrong.
Extradition treaties usually include clauses where the crime has to exist in both jurisdictions and the punishment roughly comparable. In the case of Marc Emery, he was sent to America when the government knew he was facing years in prison for what in Canada was a ticket-able offence with perhaps a couple of hundred dollar fine.
Comparable would be America extraditing you for saying something bad about the King of Thailand on a Thai server, something that is Constitutionally protected in America.
I don' know much about this case but America does have a habit of inappropriately punishing people for embarrassing the government, even when their Bill of Rights says the government had no right to even pass the law.
(Score: 0) by Anonymous Coward on Sunday September 18 2016, @05:27AM
That's a very dangerous precedent.
Up until now criminal proceedings have respected the idea of jurisdiction.
This is a massive power grab by the US.
Here's another more dangerous precedent: http://www.bloomberg.com/news/articles/2015-03-11/accused-russian-hacker-on-tropical-holiday-nabbed-by-u-s-agents [bloomberg.com]
And another:
https://www.youtube.com/watch?v=pMas0tWc0sg#t=1m00s [youtube.com]
I'd be less unhappy about it if the USA were really the good guys but they definitely aren't. Don't get me started on that.
There are bankers and finance people who have done more damage to the US and the world, there's even more blood on their hands. Money laundering, theft, fraud and what happens to them? Nothing.
(Score: 0) by Anonymous Coward on Saturday September 17 2016, @08:09PM
And??? This can be said for anyone who might be sent to jail. This is only here to heighten the drama of the story.
(Score: 1) by Francis on Saturday September 17 2016, @08:52PM
Personally, I'd be more concerned about being raped or assaulted than killed.
As somebody that would be serving time for breaking into the government servers looking for evidence of a UFO cover up, it's unlikely that he'd have any particular enemies entering into prison. Certainly not like being sent to prison for molesting children or things of that nature.
Probably the biggest strike against him would be the typical poor social skills that usually accompany ASD.
(Score: 2, Flamebait) by BK on Saturday September 17 2016, @08:22PM
Well...
So as near as I can tell, some dude who lives in a country with an historically cozy extradition relationship with the USA decided to poke at some stuff that USA cares about. Dumb. And to do so in a way that made it so he could be caught. Dumb. I thought that people with Ass Burgers [wikipedia.org] were smart?
So he has supporters. The era of social media is amazing like that. And they think he is is being 'targeted' because he embarrassed people in power. So... yep. See... these people in power make laws and treaties and stuff. And breaking them is bad and may get you in trouble. And breaking them in a way that pokes those people is sure to cause you grief. So... how is this news? If this was some kind of protest then, good news, it's about to enter phase 3 (the jail phase) where they let you hunger-strike for the rest of your life! Fun times!
But, in the UK this would only be 3 years in jail! Well... you didn't want to serve those 3 years either. I thought people with Asperger's were supposed to be smart?
But he's depressed! And he has Ass Burgers! He'snot responsible! Well... personally, I hope he is delusional... because US law says he's not responsible if he didn't know he was doing a bad thing. He basically has to prove that he thought that he was entitled to access the US DOD and FBI and whatever. Fun times! Snot. I'd be depressed too!
...but you HAVE heard of me.
(Score: 2) by Runaway1956 on Sunday September 18 2016, @12:26AM
You've been moderated "disagree". I, for one, agree with you. At least in part.
I can think of reasons why he should NOT be extradited, but ass burger has nothing to do with it. It's amazing to me how many people who decide to go head-to-head with Uncle Sam take the drama route, finding some reason why the public should sympathize with them. Just like the US, the UK seems to have raised a couple generations of special snowflakes.
Depressed? Well, yeah, I guess. If I were a cannibal who had killed, roasted, and eaten a few hundred small children, I would be depressed too. Especially on the morning when they came to take me from death row to the little room where they jab needles into you and pump chemicals into your body.
Hello, Drama Queens everywhere. No one gives a flying fuck about your petty personal problems!!
(Score: 2) by jmorris on Saturday September 17 2016, @09:36PM
Guy breaks into U.S. property, is getting shipped here to stand trial by those he committed the crimes against. Isn't that what normally happens in the civilized world? This is different why? Because Internet?
If he committed any other crime against the U.S. or one of our citizens there would be no dispute what the result would be. But this is a controversy. Why? I think I know but lets hear somebody actually try to say why? It should be both fun and instructive.... if anyone has the balls, which is doubtful.
(Score: 0) by Anonymous Coward on Saturday September 17 2016, @10:18PM
Hacking is different because it is a new kind of crime where the morals and motivations are less clear than conventional crime. I believe hacking targets have the responsibility to defend their computers, and society (law enforcement) needn't get involved in most cases.
(Score: 2) by jmorris on Saturday September 17 2016, @11:44PM
Uh huh. Lemme rewrite that and see if you can see how stupid you were:
"I believe property owners have the responsibility to defend their homes/businesses, and society (law enforcement) needn't get involved in most cases."
Unfair? Please explain why? The locks on your home are less secure than Hillary Clinton's Microsoft Exchange Server, to say nothing of the U.S. military's missile control systems, so you are fine with anyone who can circumvent the lock on your door making off with your TV while you are away at work? Are you implying that if you don't have the absolute state of the art in security that 'you were asking for it' and the police shouldn't stir themselves to track down your stuff and punish the thieves? Why are you paying taxes?
The point is that no purely defensive posture can work, especially against foes who are permitted to try with no cost until they succeed. Unless the defense is paired with a credible threat of a counter attack of overwhelming ferocity there will be no security, and this basic reality is unchanged by transforming the problem space from physical reality into the Internet. Even if Windows were banished forever, no network will ever be safe unless it becomes clear that attacks will be returned with a ferocity sufficient to deter. Attacks against critical military infrastructure should be met with the utmost violence possible.
A penetration attempt by a hostile nation start on our defense information systems should merit the exact same response as an expedition in force against a physical military facility or a raid on one of our warships. In other words, our enemies should not know if we have vulnerabilities because they are too terrified to look for them. Russia probes NORAD, we turn out the lights in Moscow for a day. An attack by some halfwit should be stamped down on so hard that it makes an example, it is time to send the message that the time when nerds could count coup on .mil hosts for street cred are over. Even shorter, we live in serious times and we need to get serious.
(Score: 0) by Anonymous Coward on Sunday September 18 2016, @01:10AM
I wrote specifically that hacking is different than conventional crime. Obviously, you fail to appreciate the difference.
If I can get your computer to send me sensitive data, it's equivalent to me meeting your senile grandmother on the street and getting her to spill the beans on how often wet your pants when you were little.
(Score: 1) by Francis on Sunday September 18 2016, @02:54AM
Hacking is only different from conventional crime in that it's less clear where the crime is committed. Hacking is more or less the same thing as mail related crimes for these purposes. They arrested and convicted that guy in BC for mailing pot seeds to the US where he knew they were illegal. Had he just restricted his business to Canada he wouldn't be in prison.
Bottom line here is that if you don't want to be prosecuted, don't break into shit that you're not supposed to be breaking into consulting with a qualified legal council to tell you if there's an exemption that applies. One of the reasons why cracking and spamming remain such a problem is that certain countries like China, North Korea and Russia refuse to crack down on people engaged in it as long as they're doing it against foreign targets.
(Score: 1, Insightful) by Anonymous Coward on Sunday September 18 2016, @04:33AM
Opinions about morality differ.
A) We have politicians setting up email servers to circumvent FOIA requests and hackers who publish their emails.
B) A lot of information wants to be free. Aaron Schwartz was a good guy.
C) If you can't be arsed to protect your server, don't go whining when you get hacked. Companies should have serious liability for unauthorized information disclosure.
D) Without hackers, computer security would be so miserable that nations would be wide open to cyberwarfare.
What is the equivalent of the A,B,D benefits to society for thieves who steal TVs? There is none.
If someone puts a computer on a public network that ends up spitting out secrets, from an engineering point of view it's clear who's at fault. I'm surprised that the lawyer's point of view is more popular here.
(Score: 2) by jmorris on Sunday September 18 2016, @06:26AM
A) I don't have a problem if WikiLeaks posts the missing HRC emails because they are already under a court order to be released under both a FOIA request and multiple Congressional orders. Stop thinking the Internet magic pixie dust has anything to do with the morality of the thing. I'd be just as happy if somebody did a nocturnal mission on her residence and 'liberated' for release a cardboard box with the same documents. I have less sympathy for the leak of General Powell's private email, he was not under court order to produce the documents and didn't attempt to use BleachBit on them. And even less for the lowlife types who think 'information wants to be free' and some celebrity gets their naughty pics splashed on the net.
B) Aaron Schwartz was a moron and a thief. We probably agree that Copyright and Patent law is out of control, government funded research is getting put under private industry lockdown, all of that. Just stealing it all and putting up a .torrent is not the solution.
C) See my reply in this thread. If you could be bothered to think a half second you would realize how dumb you are on this.
D) If we expected physical security to meet this standard we would all live in fortresses with moats, hardpoints with fifty caliber machines gun mounts on each corner, fully interlocking camera views, laser defense systems, killbots, and full time security forces. Then we would back that up with a subscription to a shared neighborhood mortar battery, and squad of extra tough goons ready to airlift in when you send up a flare. Because you would be telling anyone taking less precautions that it was their own fault. And what sort of security a bank would need is just nuts. It is daft.
In the physical world you can't try for hundreds of hours to defeat a security system. Imagine if you could just walk into your local bank with power tools and have a go at the vault and the guards had to just watch you until you actually breached the door. Or walk around casing the joint, taking pictures, making notes, opening up access hatches to get a look at the wiring, etc. And nobody could stop you until you actually stole something. No, we need to treat attempts to enter a restricted system as the same crime as if it succeeded with 'attempted' prefixed. Give em most of the sentence plus tell the other inmates they are screwups who couldn't even pull off the job so they are on the bottom of the pecking order.
That said, current network security needs a serious rethink. It is pretty pathetic.
What is the equivalent of the A,B,D benefits to society for thieves who steal TVs? There is none.
Dunno, but you can't have a proper riot without everybody getting a TV out of the deal. I don't understand though, you will need to consult one of the Progressives who post here about the logic of it, they all seem to think it is a vital civil right though.
(Score: 2) by dyingtolive on Saturday September 17 2016, @11:59PM
It's different because usually we just drop a bomb on them via drone, I guess.
Don't blame me, I voted for moose wang!
(Score: 5, Insightful) by Runaway1956 on Sunday September 18 2016, @02:52AM
"stand trial by those he committed the crimes against. Isn't that what normally happens in the civilized world?"
No, it isn't what normally happens.
White dude commits a crime against an elderly woman in Harlem - the local populace isn't permitted to enforce justice on that white dude.
Black dude commits a crime against a hot white chick in the Deep South - the KKK isn't permitted to enforce justice on that black guy.
In fact, trials in the US are sometimes moved into a different jurisdiction because the defendant can't expect to get a fair trial locally.
The concept that you aren't to be judged by your victims is pretty firmly entrenched in law. You're to stand before an impartial judge, an impartial jury, and to verbally battle your accusers.
The idea that the US government can drag anyone they want into their own home turf for lynching is repugnant.
I do believe that the US and UK could and should have reached an agreement long ago to try their own citizens in their own countries for crimes committed against the other nation. That's the sensible thing to do. It's the humane thing to do.
This guy is about thirty? Let's presume that his parents are about fifty. Let us also presume that they are not wealthy. What are the chances of them taking advantage of visitation opportunities, during and after the trial?
If he had been apprehended within the US, the story would be quite different.
(Score: 5, Insightful) by DBCubix on Saturday September 17 2016, @11:40PM
And yet Gary McKinnon whom perpetrated the largest military hack of all time, remains in the UK?