In 2012, a 16-year-old was sexually assaulted at a high school party in Steubenville, Ohio. The incident was documented through Instagram photos and tweets by those present, but was covered up by the school.

It was only after a pair of hackers with Anonymous breached a football fan website that the evidence was uncovered and the rapists identified. Ma’lik Richmond and Trent Mays were sentenced to one and two years in prison, respectively, for the assault.

One of the alleged hackers, however, could serve a significantly longer sentence, because of an antiquated US law.

Deric Lostutter, who pleaded not guilty, could serve up to 16 years behind bars for violating the Reagan-era Computer Fraud and Abuse Act (CFAA). The law uses vague terminology to forbid unauthorized access to a computer.

"Under the Computer Fraud and Abuse Act, Deric is exposed to a greater potential sentence than the Steubenville rapists got," Lostutter’s lawyer, Tor Ekeland, told Sputnik.

"This illustrates how draconian and disproportionate sentencing can be under the CFAA, particularly for alleged hacks where the actual harm was minimal."

Ekeland has been a vocal opponent of the CFAA, and previously defended the hacker known as weev for his alleged role in an AT&T breach.

Ekeland also points out that Noah McHugh, who admitted to participating in the hack, received a plea deal. He will spend less than one year in prison for his role.

"They want to make an example out of me," Lostutter told Mic earlier this month. "For exposing a coverup."

Lostutter’s trial begins November 8.