If all goes as planned, Kevin David Mitnick will be sentenced today, four years after his arrest on charges related to computer hacking and parole violation. Nothing's certain -- the date for sentencing the man whom the front pages have portrayed as America's most notorious computer criminal has been moved back repeatedly.
On all sides of the case, people are exhausted. "We'll be happy to have it over with," said Chris Painter, the assistant U.S. attorney in Los Angeles who prosecuted Mitnick and has seen what he called the "marathon" through.
Mitnick was first convicted of unlawful intrusion into computer systems in 1989; after his release from prison, he was accused of violating the terms of his probation by continuing to break into computers and by not staying in contact with his probation officer.
He then went underground and was captured by law enforcement officers in Raleigh, N.C., in February 1995, accused of stealing thousands of data files and more than 20,000 credit card numbers from computers and hacking the sites of universities, computer and cell phone companies. He has never been accused of selling or using the credit card numbers; apparently Mitnick is an almost compulsive collector of things he finds online.
Since he has already spent nearly four years in Los Angeles's Metropolitan Detention Center, the likely result is that he will be released right after his sentencing based on the time he has already served.
The case is a Rorschach test, with wildly varying interpretations of the facts everywhere you look. The government portrays Mitnick as a vile public menace; to many on the Internet, his case is a miscarriage of justice. Mitnick fans have created Web pages tracking every jot and tittle of the case, some featuring a clock showing to the second how long he has been in jail.
In an e-mail exchange, journalist Charles Platt of Wired magazine called Mitnick "a media victim whose demonization was one of the most odious events in the short history of computers online. In a world where some folks siphon credit-card numbers from the phone lines, while others steal entire cash machines from shopping malls, we are somehow asked to believe that Mitnick, who never made any financial gain so far as I am aware, is the stereotypical criminal mastermind, straight out of a DC comic."
But Painter scoffs at this kind of thinking. "We didn't make an example out of Kevin Mitnick -- he is responsible by his conduct for what's happened to him." And, Painter said, it's irrelevant whether Mitnick intended to profit from his trespasses, since "it really doesn't matter to the victims what the motivation of the person attacking them is."
Mitnick's attorney, Donald C. Randolph of Santa Monica, Calif., has accused the government of inflating the estimates of damages caused by Mitnick, but the judge placed those pleadings under seal.
Late last month, Randolph asked the judge to unseal the pleadings. He cited e-mail correspondence between a government agent and companies, including Sun Microsystems Inc., that have claimed harm by Mitnick, and said the e-mails "clearly establish that the loss and restitution amounts claimed by the government throughout the course of this litigation were purposefully and artificially inflated in order to advance illegitimate government interests."
At one point, Sun was claiming that Mitnick's copying of its Unix operating system's source code amounted to damages of $80 million -- the value of the code. The company now gives that same source code away to educational institutions and will sell it to just about anybody else for $100.
"We are hopeful that the court will unseal the files of this case," Randolph said in an interview, "so the public may judge for itself whether the [prosecution] of Kevin Mitnick was handled fairly or otherwise." Sun did not return phone calls.
Painter dismisses questions about unsealing the record as a "smoke screen" and says the argument over the companies is "an attack on the victims." He states that "it's very safe to say that the losses in this case were not overstated." He also points out that Mitnick signed a statement of fact as part of his plea agreement in which he admitted to having caused at least $5 million in damages.
Mark Rasch, a former federal prosecutor now with the Reston-based security consulting firm Global Integrity, sympathizes with Painter. He notes that Mitnick, by the time of his North Carolina arrest, was a repeat offender for computer intrusion and other high-tech crimes.
Still, in Rasch's view the Mitnick case is a perfect example of "how difficult it can be in computer hacker cases to come up with an appropriate measure of damages. . . . In some ways they overstate the damages, and in some ways they understate it."
A lot of the evaluation process deals in intangibles, he said: "How do you measure things like loss of privacy? How do you measure inconvenience? How do you measure lack of trust? You can't."
Painter said his office is asking the judge to have Mitnick repay the actual repair costs, which they estimate at $1.5 million; Judge Mariana Pfaelzer has already said she wants the amount of restitution to be something that could reasonably be repaid, especially in light of the fact that under conditions of release, Mitnick will not be allowed to use the one skill he has really honed -- he won't be let near a computer.
Schwartz can be reached at email@example.com