Someone recently asked me about wrongful convictions in computer crime cases. In five minutes, I came up with five. There’s US v. McDanel, one of mine, in which a Los Angeles man was convicted and spend 16 months in prison for notifying the customers of his employer that the company´┐Żs computer services were vulnerable to hackers and directing the customers to information on how to repair the vulnerability. The DOJ eventually admitted that the conviction was in error in late 2003.

There’s US v. LaMacchia, in which the government tried to prosecute a man who operated a free warez board for non-commercial copyright infringment under the wire fraud statutes and was told that they couldn’t get a conviction for something Congress had clearly left out of the copyright law. Congress then amended the statute to prohibit certain non-commercial copyright infringment.

There’s US v. Councilman, where the court decided that what the defendant was charged with doing, reading the emails of subscribers to his email service, was not a crime.

There’s US v. Puffer, where the jury refused to convict a man for demonstrating the insecurity of a county court’s open wireless network.

Finally, there’s US v. Elcomsoft, where the jury refused to convict a Russian company charged under the anti-circumvention provisions of the United States’ DMCA for marketing a program that could decrypt Adobe eBooks.

I’d be really interested to hear if anyone knows of any other examples.