Terry Childs, the former network admin for San Francisco, was sentenced on Friday to 4 years in prison.
A City of San Francisco administrator who refused to hand over administrative passwords to the city’s network was sentenced to four years in state prison Friday.
Terry Childs was convicted in April of violating California’s hacking laws after he refused to hand over administrative control to the city’s FiberWAN network in July 2008.
…
Although the city’s network continued to run during the 12 days that Childs refused to hand over control, jurors found that by denying the city the administrative control to its own network, he had violated state law.
(via ComputerWorld)
To all folks in IT, this should be a very interesting case. By failing to provide a password to his supervisor for 12 days, he was successfully convicted as breaking state law. This strikes a nerve deep inside because I can’t comprehend how not speaking something inside your brain becomes breaking state law. I would understand if he lost his job for insubordination and breaking some policy he agreed to upon being hired but this is unfounded. Go read the CIO article Sorting Out Face From Fiction in the Terry Childs Case from August 2008 for a list of all the facts in the case.
You also have the standard ‘hit by a bus’ contingency plan question. What if this poor guy was actually unable to recall the password after being in a car crash or something? Would the city have been absolutely screwed at that point? What if he just quit on the spot when the passwords were requested? Would he still be required to give the password to the city or convicted of hacking when he had no responsibility to the city of San Francisco?
Worth a firing but not breaking the law, in my opinion. When he does get out, best of luck finding another IT job.
There are some worth-while comments over at BoingBoing’s article of Friday’s update if you’d like to hear other opinions on the matter.