The New Statesman’s rolling politics blog

RSS

McKinnon the scapegoat

Gary McKinnon’s fate is now bound up in cyberwar and matters of espionage as governments try and fai

After all the coalition posturing for the cause of Gary McKinnon, it looks like the government will not stop the autistic hacker's extradition after all.

The Prime Minister was applauded for discussing McKinnon with President Barack Obama in Washington on 20 July and later suggesting that the US might allow the hacker to serve any prison sentence in the UK. But this was a hollow victory. McKinnon's campaign was always about his extradition to the US, not whether he might serve time there, as David Cameron and other coalition MPs well knew when they made political capital from it before the election that brought them to power. The last government promised repatriation. Cameron has done nothing more.

The apparent injustice of this is greater than mere hypocrisy. To understand why, we must return to November 2000, barely three months before McKinnon was detected hacking US computers, when FBI agents performed an audacious hack of their own -- to collect evidence from computers in Russia.

The FBI hack has haunted US attempts to legitimise the cross-border collection of electronic evidence (known as trans-border access) ever since. Its illegitimacy was established in 2004 by the Budapest Convention on Cyber Crime, a US-backed cyberlaw treaty.

This was no surprise. The US helped design the treaty. The first draft was published six months before the FBI hack; the US signed it a year later, within weeks of convicting Vasili Gorchkov, one of the Russian extortionists.

In 2002, three months after a US court indicted McKinnon for hacking into US computers, the FBI hackers were decorated. Moscow reportedly responded by filing charges against the FBI agents in retaliation for their infringement of Russia's national sovereignty.

The evolving legal context was not overlooked in McKinnon's case. By the time the US requested his extradition in October 2004, the US/UK Extradition Act 2003 had entered into force. It allowed the US to order his extradition on less evidence than would normally be required to put someone before a British court. It promptly did so, citing evidence that, the high court heard last year, was insufficient to support its allegations.

Rough justice

Both cases illuminate the reasons why the progress of international cyberlaw, though slow in comparison with growing computer crime, has been plagued by concerns that it encroaches on established ideas of sovereignty, jurisdiction and human rights.

The problem is one of balance. On one side, a desire for justice to operate effectively in the computer age, when networks permeate our borders and so much of life transcends sovereign boundaries. On the other side, a desire for sovereign responsibilities and human rights not to be bowled aside in the rush for justice to operate at this height and at digital speeds.

These concerns were significant enough to trigger treaty reviews at both the United Nations and the Council of Europe, after 80 per cent of votes supported Russia's opposition to trans-border access at a UN meeting in April.

Hence also the proposed review of UK extradition law, under which prosecutors have justified the extradition of numerous people on flimsy evidence.

It all helps show how McKinnon's extradition rests on weak moral ground. Yet still the law leaves the government little choice but to let it proceed. A UK trial is permissible, if the US would agree to it. But even if the US evidence was good enough to stand up in a British court, neither government wants to stop the extradition.

Cyberwar

This is because the inherent insecurity of computer networks has now become a matter of national security. Computer breaches are a serious crime, Obama told Cameron, because they would increasingly leak valuable information. Within a week of that conversation, WikiLeaks had exposed 92,201 classified computer files with damning details of the US-led invasion of Afghanistan.

Nine and a half years after McKinnon was caught hacking, the threat of cyberwar and espionage makes his crime seem far graver than it ever was. The military can't secure its networks. It can't even tell the difference between organised hoodlums, foreign military agents and hobby hackers. As a result, all states can do is use punishment as a deterrent.

McKinnon will be strung up, metaphorically speaking, to demonstrate just how serious the US and UK are about protecting their networks. Computer systems won't be any more secure. Serious criminals and foreign states won't be deterred. But a semblance of justice will have been seen to be done.

As for actual justice, McKinnon's lawyers still have some appeals up their sleeves. The hacker's Asperger's syndrome may lead yet to his extradition being halted. That will be good enough for Cameron, so long as he can continue to give the impression he's working for McKinnon's cause.

Mark Ballard is a freelance journalist who writes about computer policy, crime, security, law and systems.

Read the full archive of the New Statesman's coverage of Gary McKinnon's case, in particular Sophie Elmhirst's exclusive interview.

12 issues for £12

Next Article