Sentencing reopens debate on hacktivism and whistle-blowing

On March 5, 2012, more than a dozen federal law enforcement agents broke down the door of Jeremy Hammond’s Chicago home and promptly arrested him.

Hammond — a then-27-year-old self-identified "hacktivist" — was accused of hacking the servers of global intelligence firm Strategic Forecasting, or Stratfor, and leaking 5 million emails to WikiLeaks.

Among other revelations, the leaks suggested that Stratfor was actively searching for links between U.S. Day of Rage, a campaign finance reform website that catalyzed the Occupy movement, and Islamic fundamentalist groups.

Hammond was sentenced to 10 years in prison Friday, the maximum sentence he could have received after pleading guilty to one count of conspiracy. If Hammond's case had gone to trial, he could have faced a sentence of anywhere from 37 years to life in prison.

Hammond has spent 18 months in solitary confinement, where he has been denied bail and access to his family. He was sentenced by U.S. District Judge Loretta Preska in a New York City courtroom.

His supporters see him as a whistle-blower in the league of Daniel Ellsberg, Chelsea Manning and Edward Snowden and are calling for leniency.

Hammond has a long activist history both on- and offline and, though he kept a low profile, was an active member of Anonymous. At 22, he was arrested for hacking ProtestWarrior.com, a conservative website, and making off with 5,000 credit card numbers with the intent to charge donations to progressive causes. The hack earned him both celebrity status in hacking communities as the “electronic Robin Hood” and two years in federal prison.

However, many of his supporters claim that the Stratfor hack was not Hammond’s idea, but a consequence of FBI entrapment.

"This is not something that Jeremy initiated," said Grace — an activist, friend of Hammond’s and administrator of FreeJeremy.net who prefers not to give her last name for privacy reasons — to Al Jazeera America.

Court documents released the day after Hammond's arrest state that his primary co-hacker, an Anonymous affiliate who went by the alias Sabu, had been arrested and pleaded guilty to hacking in August 2011. As he was still hacking on Dec. 11 — and managed to evade arrest despite the crackdown on Anonymous activities during the Occupy movement — it appeared he led a double life as a hacker and FBI informant.

"It is widely known that Sabu was used to build cases against a number of hackers, including myself," wrote Hammond in an August statement that appears on his website. "What many do not know is that Sabu was also used by his handlers to facilitate the hacking of targets of the government's choosing … What the United States could not accomplish legally, it used Sabu, and by extension, me and my co-defendants, to accomplish illegally."

Many of Hammond's supporters suspect that the FBI not only knew about the Stratfor hack but conceived, facilitated and orchestrated it with the intent to arrest him.

"(The FBI) will set you up to do the crime; they will give you everything you need to do the crime and then arrest you for it," Grace says. "This has grave consequences and complications for how the government deals with whistle-blowers or activists they just don’t like."

The FBI declined to comment.

Many in the Internet freedom and privacy rights activism community see Hammond’s case as an opportunity to reopen the debate on the Computer Fraud and Abuse Act (CFAA) and how it affects whistle-blowers. Drafted in 1984, the CFAA was meant to protect against malicious hackers and identity theft. But the way it is currently written criminalizes all hacking, including that of would-be whistle-blowers who claim they hacked for ethical reasons.

According to the Electronic Frontier Foundation, a nonprofit digital rights group, a primary problem with the CFAA is the way it punishes cybercrime.

"Computer crime can be serious and law enforcement should properly investigate and prosecute those who use computers to cause financial harm and violate the privacy of others," reads the Electronic Frontier Foundation's call to overhaul the CFAA. "But at the same time, the punishment should fit the crime."

Although Hammond now faces punishment for only one count of conspiracy, he originally faced multiple counts and a hefty prison sentence. This is because many of the CFAA's provisions differ only slightly from one another, meaning that in many cases the alleged cybercriminal can be accused of the same thing twice. As a result, charges and jail sentences pile on top of one another. Earlier this year, fellow hacktivist Aaron Swartz committed suicide while facing the consequences of 13 felonies for a single hack.

Additionally, the penalties for cybercrime are unusually harsh in the United States. Punishment for cybercrime often far exceeds the consequences of its offline equivalent. For example, while vandalism is a misdemeanor, unauthorized hacking of a website and changing the text is a felony that can bring five years in jail.

Three counterparts of Hammond's in the United Kingdom and Ireland, who have also been apprehended for participating in the Stratfor hack, face 15 months in prison, one year in prison and 300 hours of community service, respectively.

Over the past 18 months, Hammond's supporters have written hundreds of letters in defense of his work and asked the judge to recognize that his actions were taken for ethical reasons.

On Friday, activists, hacktivists and supporters from Anonymous, Occupy and other privacy rights organizations are expected to rally for him both inside and outside the lower Manhattan courtroom.

"Jeremy Hammond’s acts are political and an act of civil disobedience," Alexa O’Brien, an independent journalist, activist and founder of the U.S. Day of Rage website, told Al Jazeera. "They are political hacks; he wanted to expose the behavior of companies like Stratfor."