NASA hacker McKinnon moves closer to extradition

The Crown Prosecution Service has decided it will not prosecute self-confessed NASA hacker Gary McKinnon in the U.K., edging him closer to extradition to the U.S.

McKinnon's diagnosis with Asperger's Syndrome, a condition on the autistic spectrum, had not been taken into account in the decision, a Crown Prosecution Service (CPS) spokesperson told ZDNet UK on Thursday.

Gary McKinnon

(Credit: ZDNet UK)

U.S. authorities last year won the extradition of McKinnon to face charges of breaking into 97 military and NASA computers. In December, McKinnon's legal team sent a letter to the CPS in which he confessed to offenses under section 2 of the Computer Misuse Act, in an attempt to be prosecuted in the U.K. rather than the U.S.

McKinnon faces up to 70 years in a maximum security prison if convicted of hacking charges under U.S. law. In a statement regarding its decision, the CPS said the offenses McKinnon admitted to in his confession, including the unauthorized access to a computer system, are not as serious as the charges US prosecutors have leveled against him.

"We identified nine occasions where Mr. McKinnon has admitted to activity which would amount to an offence under Section 2 of the Computer Misuse Act (unauthorized access with intent)," Alison Saunders, the head of the CPS organized crime division, said. "Although there is sufficient evidence to prosecute Mr. McKinnon for these offences, the evidence we have does not come near to reflecting the criminality that is alleged by the American authorities."

Saunders made the decision on McKinnon in consultation with Keir Starmer, the director of public prosecutions, the CPS spokesperson said.

U.S. prosecutors allege that McKinnon was politically motivated in his hacking attack on U.S. Army, Navy, Air Force, and NASA systems in 2001. They also allege that he caused $700,000 worth of damage by deleting files, and that he disabled the function of a warship.

McKinnon has never denied accessing the systems, but he does deny causing any damage. He claims to have been searching for evidence of UFOs.

The CPS does not have access to the evidence held by U.S. authorities that could allow it to make more serious charges against McKinnon, his solicitor, Karen Todner, told ZDNet UK on Thursday.

"The real question is should we really be making such an example of a guy who was apparently just a UFO conspiracy theory nut?"

--Graham Cluley, Sophos consultant

"The reason the CPS doesn't have the evidence is that the U.S., under the extradition treaty, does not have to provide any evidence," Todner said. "The CPS could have asked to see the evidence, but it didn't do that."

The CPS spokesperson confirmed that the department had not asked to see any evidence. U.S. prosecutors are not required to show any prima facie evidence to secure the extradition of a U.K. citizen, under the terms of the US/UK Extradition Treaty of 2003.

"The harm occurred in the US, affecting infrastructure in the U.S., the witnesses are located in the U.S., the bulk of the evidence is in the U.S., and the task of gathering evidence from the U.S. is considerable," the service's spokesperson said. "U.S. prosecutors were able to frame charges reflecting the extent of Mr. McKinnon's criminality."

Todner said that the next step would be a High Court review of home secretary Jacqui Smith's decision to turn down McKinnon's appeal against extradition last year. A date has not yet been set for the review, as it hinged on the CPS decision. Todner expects it to be scheduled in April.

McKinnon was not available for comment at the time of writing. According to Todner, he was still hopeful that the High Court review might save him.

McKinnon's mother, Janis Sharp, criticized the U.K. prosecutors for not taking his health into account in its decision.

"I'm heartbroken at the lack of compassion shown towards my desperately vulnerable son," said Sharp. "Gary is a gentle man with Asperger's, not a dangerous terrorist. His obsessions led him to search U.S. computer systems. Wrong? Yes. But extraditing him to a high-security prison, knowing he won't survive--surely no-one can honestly believe that punishment fits the crime?"

Graham Cluley, senior technology consultant at security company Sophos, said that the U.K. IT community had shown sympathy for McKinnon's plight. "The real question is should we really be making such an example of a guy who was apparently just a UFO conspiracy theory nut?" Cluley said in a statement.

Tom Espiner of ZDNet UK reported from London.

[sodapop2k9]

I dont see a good legal reason to give him leniency. He did something he knew was against the law, he knew the the penalties were severe. He should not have done it, period. What he was looking for nor his health have any bearing on the criminal trial. They are considerations for sentencing.

[lifelonglego]

Gary should be extradited and sent to jail.His condition shouldn't have any affect on his extradition. He did something he knew was wrong and illegal. He caused damage to United States of America to a severe extent. 700,000 dollars is a huge amount, and the disablement of a warship is a huge offense the should be rewarded with an equally huge sentence.

[chuckles2008]

I would be fighting this too if I was threatened with 70 years at a Federal max facility where parole is not possible. I still feel he probably will get something around the 3-5 year range. I wouldn't let the terrorism charges stick. He should be charged with the "unauthorized access to computer" charge, not any terrorism based charge. That $700,000 figure is suspect. Look at the fudged numbers when the Clinton admin went after Mitnick. I would take those numbers with a grain of salt.

[ferretboy88]

So did this idiot find any space alien info in our computers?

[hassan_bin_sober]

They should give him a medal for exposing the vulnerability of NASA's system!

[n3td3v]

The network admins who left the networks insecure should face charges as well.

[Darren Palmer]

Ignoring the fact the chap has an ailment, which in itself may not be irrelevant, there's no arguing surely the logic of potentially sticking him in a maximum security prison for up to 70 years?.

Whether in the UK or the US both legal systems need a good @rse kicking if they think that these sentences are fair when a recent supermarket row in the UK resulted in murdering of an innocent victim and the guilty guy got 5 years!!!. Bet that's not anything like maximum security either.

Make a scapegoat out of the poor guy who had the opportunity to exploit pathetic US Military security but pat the murderers and real terrorists on the back provided they don't know how to use a computer too.

He disabled a warship? what a joke!. If he managed that then it must have been running the fabled "windows for Warships" and patch tuesday hadn't yet come around. Hopefully the shuttle is still powered by a BBC Micro otherwise we're screwed there too!

[ferretboy88]

If you can do the crime you can do the time. He was well enough to learn how to crack. Now he is well enough to get smacked around in prison.