Former prosecutor: U.K. hacker's extradition is inevitable

Computerworld - The former prosecutor of the Gary McKinnon hacking case said there's no reason to believe the European Court of Human Rights will ultimately block the alleged hacker's extradition to the U.S.

On Tuesday, the Strasbourg, France-based court held up the British hacker's extradition and called for an Aug. 28 meeting to decide whether the court should continue to block the extradition.

McKinnon, 42, of London, is charged in the U.S. with eight counts of unauthorized access and causing damage to a protected computer. He was indicted in 2002 for allegedly breaking into military computers and other government systems 2001 and 2002. He has been fighting extradition since then and so far has been able to stay out of the U.S. and its courts.

The European Court of Human Rights delayed the extradition just a week after the highest British court dismissed what had been McKinnon's latest appeal against extradition. At the time, his lawyer, Karen Todner, said his last hope was an appeal to the European Court of Human Rights.

"I was slightly surprised, I must say," said Scott Christie, who was an assistant U.S. attorney in New Jersey at the start of the hacking investigation, and was the first prosecutor brought into the case. "The European Union has this body which addresses perceived violations of the European human rights convention. Mr. McKinnon believes his rights under that convention have been violated by the U.K. rulings."

McKinnon has contended that if extradited to the U.S., he could be treated as a terrorist, tried in a military tribunal and ultimately imprisoned at Guantanamo Bay.

"Mr. McKinnon has never been classified in that manner or treated in that manner, as far as I'm aware," said Christie, who now leads the information technology group at law firm McCarter & English LLP. "He will be treated as a normal criminal defendant in the civil court system of this country. He's a run-of-the-mill criminal with a run-of-the-mill crime."

Christie said McKinnon simply is "grasping at straws" with his latest appeal.

He also noted that since McKinnon has become something of a "cause celebre," the European court is going to take its time and give the issue a full and fair review. But that doesn't mean the court will uphold the stay on his extradition.

"At this point and time, there's no indication the European court will give any credibility to his argument," said Christie. "It would be premature for him to believe that he has found a sympathetic shoulder to cry on. For all the reasons he didn't prevail in the U.K., he shouldn't prevail there. Enough already, Mr. McKinnon."

Christie also said he doubts that U.S. prosecutors would consider trying McKinnon in European courts. "Extradition seems imminent," he added.

In New Jersey, the government contends that McKinnon first hacked into the computer network at Naval Weapons Station Earle in Colts Neck, on April 7, 2001. The intrusion wasn't discovered until late in September, when McKinnon allegedly deleted computer files that were needed to power up computers on the network. The government charges that in the five months that McKinnon allegedly was in and out of the system, he installed remote access software to make it easier for him to get into the network. He also allegedly stole about 950 passwords and deleted computer logs and files.

Assistant U.S. Attorney Erez Liebermann, who now is the lead prosecutor on the case, said McKinnon allegedly caused $290,431 in financial damages to the weapons station that is focused on replenishing munitions and supplies to the Atlantic fleet.

In Virginia, McKinnon is facing seven counts of unauthorized access. There, the U.S. attorney's office claims he caused $900,000 in damages to computers in 14 states. He allegedly broke into systems of the U.S. Army, the U.S. Navy, the U.S. Air Force, the Pentagon and NASA.

Liebermann noted that each of the eight charges carries a maximum sentence of 10 years in federal prison and a $250,000 fine. However, based on sentencing guidelines, Christie estimates that the sentences would drop down to the three-to-five-year range.

Jeremy Kirk of the IDG New Service contributed to this story.

Read more about cybercrime and hacking in Computerworld's Cybercrime and Hacking Knowledge Center.