[matt_wulfeck]

If someone broke into the tribune's printing office (which perhaps didn't collect the key or change the lock when they fired someone) and that person changed the headline and a byline for an article in the paper that went out to thousands of people, I still have a hard time believing a court would put that person in prison for 2 years because of it.

At some point we have to acknowledge these tough cyber laws do nothing but pass down intentionally harsh sentences to the unlucky few Americans that get the book thrown at them.

I predict we'll look back at them with the same embarrassment and shame we do mandatory minimum drug sentencing laws now.

[gamblor956]

Consider that your hypothetical scenario includes at least two distinct criminal charges: breaking and entering, and vandalism. In some jurisdictions, these would each be misdemeanors punishable by up to 1 year in jail. In most jurisdictions, these would be felonies, punishable by more than a year in jail (varies by jurisdiction and circumstances of charges but usually 2 to 5 for low-level crimes like these).

So one way to look at this is that he got the same amount of time, or less, he likely would have gotten if he had physically broken in and changed the title of the physical print of the paper (or had been an accomplice to others who actually perpetuated the criminal acts).

[tptacek]

I don't know about that. What's the value of an entire print run of the Los Angeles Times? It's probably quite a bit more than the damages the court imputed to Keys.

[matt_wulfeck]

I guess the fundamental difference driving my thinking is I believe it's futile to hand out prison sentences for crimes such as these. I'm dubious that it acts as any real deterrent to "hacking", and it waste tax-payer money.

It's also becoming clear that the plaintiffs in these cases are completely washing their hands of their own responsibility for the crime. I understand that this is common in case law such as this, but if we want to actually secure this country against real cyber criminals then we need companies to step up and take responsibility for what's happening within their networks.