COVINGTON, Ky. (AP) — A northern Kentucky man is headed to federal prison for four months for hacking into people’s accounts on the social networking site SodaHead.com and changing posts that put forth conservative views.
Attorneys for 38-year-old Michael Pullen of Dry Ridge say the changes were merely a prank. Lawyer Dennis C. Alerding told The Kentucky Enquirer the case is “an enormous waste of taxpayer money.”
Prosecutors and a federal judge disagreed, however.
Prosecutors say what Pullen did amounted to cyberbullying.
U.S. District Judge David Bunning sentenced Pullen five months in prison and ordered him to pay $21,000 in restitution to the Internet company.
Pullen is scheduled to report to the federal prison camp in Ashland by Oct. 21.
Pullen said he would replace posts he considered racist or homophobic with something like, “I’m super fancy. Why don’t you call me fancy pants?”
“If what they wanted to do was to convince my client to never, never do it again ... and punish him, they could have just as easily suspended his driver’s license for a year and fined him $1,000,” said Alerding.
A spokesman for U.S. Attorney’s Office for the Eastern District of Kentucky was furloughed because of the partial government shutdown and couldn’t be reached for comment.
Eric Goldman, a Santa Clara University School of Law professor and director of the High Tech Law Institute in Silicon Valley, is an outspoken critic of the Computer Fraud and Abuse Act, known as the CFAA, but said it appears to have been properly applied in Pullen’s case. But, Goldman noted, it isn’t clear if Pullen’s games were harmful.
“This is a fairly straightforward application of the law,” Goldman said. “We might want some type of restriction against accessing someone’s private space on a computer — even if it is done as a prank. There was probably some teeth gnashing, but what other damages were incurred from his intrusion?”
Arthur Clements, former director of technical operations at SodaHead.com, testified at Pullen’s sentencing last month that if the hacking had continued it would have posed a threat to the company.
“We realized it could kill our business,” said Clements, who is now a contract employee for SodaHead.com.
The California-based social networking site says it has 3.8 million unique monthly visitors in the United States and 6.9 million globally.
The trouble started in early 2009 after Pullen was laid off from his job of three years. Bored and unable to find work, Pullen became a prolific user of SodaHead.com.
The self-proclaimed nonconformist said the tone of comments on the site began to concern him.
“I would go in there and poke holes in their arguments,” Pullen said.
After a few months Pullen learned how to take control of other users’ accounts by exploiting a known bug in SodaHead.com’s software. That’s when he realized there was an opportunity for some tomfoolery. Pullen said he targeted the accounts of people who are intolerant of others.
“They were saying these devious, dastardly things like, ‘I can’t wait for the second Civil War so I can shoot me a liberal,’ “ Pullen said.
Pullen says he only hacked accounts for two weeks, but it was long enough to catch the attention of the Secret Service. Federal agents showed up at his door in March 2010, but he wasn’t indicted until November 2012.
“It was all just meant to be funny,” Pullen said.