If someone breaks into a company's system, surely the company has a very real obligation to help prosecute the law-breaker? While I can see where there's an argument to made in favour of not prosecuting someone who really is a white-hat hacker (although I'm personally loathe to apply that label to anyone who doesn't have a track record of responsible security research and pen testing as opposed to J. Random Hacker who happens to tell the company after the fact), this guy pretty clearly doesn't fall into that category.
While the article was light on the details (being as it was that it was about the sentencing rather than the crime), it does seem as though he both copied some of Facebook's source code or other internal data (as it mentions it being copied to an external hard drive), and it does not seem as though he reported the hole to Facebook along with any details of how he penetrated their system.
Given that, why should Facebook not help to prosecute him?
If someone breaks into a company's system, surely the company has a very real obligation to help prosecute the law-breaker? While I can see where there's an argument to made in favour of not prosecuting someone who really is a white-hat hacker (although I'm personally loathe to apply that label to anyone who doesn't have a track record of responsible security research and pen testing as opposed to J. Random Hacker who happens to tell the company after the fact), this guy pretty clearly doesn't fall into that category.
While the article was light on the details (being as it was that it was about the sentencing rather than the crime), it does seem as though he both copied some of Facebook's source code or other internal data (as it mentions it being copied to an external hard drive), and it does not seem as though he reported the hole to Facebook along with any details of how he penetrated their system.
Given that, why should Facebook not help to prosecute him?