Lauri Love won’t be extradited to the United States to face hacking charges

Over four years since arrest, British student wins High Court appeal.

Graham Cluley
Graham Cluley
@[email protected]

Lauri Love won't be extradited to the United States to face hacking charges

There has been a major development in the long-running fight by British student Lauri Love to avoid extradition to the United States, where he has been accused of hacking into various government websites.

Love, who suffers from Asperger Syndrome and depression, was arrested in October 2013 by officers of the UK’s National Crime Agency posing as UPS couriers. It has been claimed that he, and associates, stole sensitive military data and personal information related to over 100,000 US government workers. Legal experts have estimated that he could be hit by a sentence of up to 99 years in prison if convicted in the States.

You can understand, therefore, why anyone accused of hacking would prefer to be tried in the United Kingdom rather than the USA. In fact, the UK High Court has heard that there was a severe risk Lauri Love would attempt suicide before he was extradited.

Sign up to our free newsletter.
Security news, advice, and tips.

Well, there’s good news today for Lauri Love, as The Guardian reports:

Lauri Love, the British student accused of hacking into US government websites, will not be extradited to face trial in America, the high court has ruled.

Lawyers for the 32-year-old, who lives in Suffolk, had argued that he should be tried for his alleged crimes in the UK and that he would be at risk of killing himself if sent to the US.

The court accepted both of the main arguments advanced by Love’s lawyers that there was no reason he could not be tried in England and that he might suffer serious damage to his health if he were extradited.

This feels like the right decision to me, but doesn’t mean it’s the end of Lauri Love’s legal fights. All eyes now turn to the Crown Prosecution Service, to see if it (with assistance from its US counterparts) will prosecute him in the United Kingdom.

The full judgment can be downloaded here.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

5 comments on “Lauri Love won’t be extradited to the United States to face hacking charges”

  1. LP

    If the UK can make a decision like this, I see no reason the US can't decide that mutual protection treaties have exceptions and pull out all US forces in the UK. When they have no US tripwire or local forces, they can pay for all of their defences. I'm sorry I was once part of it.

    Yes, I remember the risks that led to WWII and know that there may not be enough time to counter modern threats.

  2. Graeme

    I believe it is important to find out what he stole and if he has risked the lives of US citizens or military personnel by passing on sensitive details, then he should answer in some way to the US.

  3. Ian

    Perhaps an alternative would be for the most powerful military and cyberintelligence power in the world to put in place basic protections for their military systems that aren't a pushover for loners in foreign countries with mental problems. There is something surreal and risible about the US seeking to put the blame on such sad individuals instead of putting their hands up for having such ineffective cyberprotection of their …er….cybersecurity,

  4. Brian

    But if he hacked into a system he IS to blame. If a burglar breaks into your house is it the burglar’s fault or yours for not having stronger locks?

    1. Ian · in reply to Brian

      Yes he's to blame and should be punished.
      But this is not 'a burglar breaking into my home', it is a sad, lone individual with mental issues waltzing into Fort Knox. I am simply astonished that the US is not way, way too embarrassed to publicise the car-crash of their "elite" cyberscurity bodies to be pushed over by such a poor creature by seeking his extradition. It's like a bouncer suing a 2 year-old for hitting him.
      No wonder Russia is walking all over US cybersecurity if it cannot protect itself from lone sad cases. This is doubtless a signal of intent to Moscow that the US is going to seek extradition of Russian trolls next?
      God help us: what a pathetic sight the US makes in such a case. They'd do better to shut up and learn to protect themselves from 2-year-olds.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.