The difference between Victor Faur and Gary McKinnon

Graham Cluley
Graham Cluley
@[email protected]

Victor Faur and Gary McKinnon

Clu-blog reader Lucian has been in touch following the entry I posted this weekend suggesting that there had been inconsistency in the treatment meted out to NASA hackers Gary McKinnon and Victor Faur.

McKinnon, a Brit, is facing extradition to the United States after hacking into NASA and Pentagon computers shortly after September 2001.

Faur, a computer programmer who hacked into NASA, US Navy and Department of Energy computers between 2005 and 2006, has not faced extradition proceedings and was given a suspended sentence and a fine in Romania last week.

Sign up to our free newsletter.
Security news, advice, and tips.

Lucian has been kind enough to go into detail about the apparent discrepancy:

The reason why U.S. did not push for extradition is not because they did not want to, but because they couldn’t. At the time of Faur’s arrest, the extradition agreement between Romania and the U.S. dated back to 1924 with an ammendment in 1936. Therefore, it did not include any IT related offences as basis for extradition, Romania only passing such specific laws in 2001.

At 10 September 2007 Romania and U.S. signed a new bi-lateral agreement, to reflect the one between the European Union and the U.S., which facilitates extradition and it was ratified by the Romanian Parliament on 21 May 2008. The formulation of the new treaty is rather generic and does not specifically say anything about IT-related offenses, but it does contain two noteworthy (for this case) specifications:

1. A person will be extradited even if the laws of the two states place the offence in different categories or if the offense if formulated differently.

2. The extradition will be refused if the person has already been convicted for the offence in the state from where he is to be extradited from.

We could say Faur was just lucky, because the U.S. authorities would have very much loved to have him over, but in the future Romanian hackers will be just as exposed to extradition as the British ones.

Some other information like Faur’s attorney’s comments after the sentence, translated from Romanian into English can be found in my Softpedia article.

Thanks for helping me understand Lucian!

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.