Like him or not, Andrew "Weev" Auernheimer has been at the center of a legal maelstrom ever since he helped collect email addresses of 114,000 iPad owners that AT&T left unsecured and shared the news with Gawker in 2010. In November 2012, he was found guilty of identity fraud and conspiracy to access a computer without authorization. In March 2013, he was ordered to pay $73,000 and was sentenced to 41 months in federal prison. And today, the verdict that put weev behind bars has been reversed.
In his words, he was arrested for "arithmetic" -- all he claims to have done was fiddle with a URL and spilled the beans about what he found. Here's the thing though: Weev isn't free because his legal team artfully conveyed the distinction between hacking and incrementing a number at the end of a URL. He's free because the Third Circuit Court of Appeals decided he (who lived in Fayetteville, Arkansas at the time) wasn't tried in the right court.
"Venue in criminal cases is more than a technicality; it involves 'matters that touch closely the fair administration of criminal justice and public confidence in it,'" the ruling reads. "This is especially true of computer crimes in the era of mass interconnectivity. Because we conclude that venue did not lie in New Jersey, we will reverse the District Court's venue determination and vacate Auernheimer's conviction."
Weev is probably pleased as punch, but the unexpected circumstances of the reversal means that there are still questions about his actions that haven't really been answered. He was originally indicted under the Computer Fraud and Abuse Act, which many critics (like these) argue is unnecessarily vague and can be interpreted to fit plenty of negative narratives... even when the actions are as seemingly benign as playing with a URL.