In 2004, a few years before the rise of Anonymous, the notorious online collective of hackers and activists, a seventeen-year-old named Jeremy Hammond gave a talk on “electronic civil disobedience” at the annual Def Con hacking conference. “We believe that hacking is a tool. It is a means to an end,” he said, shaking his head of bleached-blond hair as he spoke. He rejected those who hack for personal gain or to improve corporate security. He advocated hacktivism, which he defined as “a practical application of network insecurity skills … as a means of fighting for social justice by putting direct pressure on politicians and institutions.”

This past Friday morning, Hammond, now twenty-eight, stood before a federal judge wearing a smirk and a black prison jumpsuit. He was about be sentenced for a string of computer crimes, making him the latest hacktivist to be punished for disrupting computer systems. Hacktivists, unlike the standard criminal hackers, claim to seek political change rather than financial gain—a distinction that rarely earns them much sympathy before the law. But, like his talk at Def Con, Hammond’s final speech in court was unrepentant. “I also want to shout out my brothers and sisters behind bars, and those who are still out there fighting the power,” he began.

Hammond isn’t as widely known as Edward Snowden or Chelsea Manning, but his reputation precedes him: in 2011, he worked with members of Anonymous to break into the systems of the U.S.-government-intelligence contractor Strategic Forecasting, Inc., better known as Stratfor, and to leak millions of its internal e-mails to WikiLeaks. The trove revealed, among other things, surveillance of political groups in the U.S. and abroad, from Occupy Wall Street to activists who campaigned in Bhopal, India, following a deadly gas leak in 1984 that killed thousands of people.

Hammond also aided in the theft of sixty thousand credit-card numbers from Stratfor, which were leaked online after they were used by Anonymous to make more than seven hundred thousand dollars’ worth of fraudulent charges, which included large donations to charities and nonprofits—although, as the security researcher Mikko Hypponen explained shortly after the leak, none of the intended recipients could make use of the money. The group then defaced Stratfor’s Web site, wiped its client database clean, and destroyed its e-mail server. Hammond, using the alias “sup_g,” told one of his comrades at the time that he was “hoping for bankruptcy, collapse.”

Hammond was caught after he teamed up with Hector Xavier Monsegur, known as Sabu, the leader of the Anonymous splinter group LulzSec and, unbeknownst to Hammond at the time, an F.B.I. informant. Sabu, at the F.B.I.’s request, provided Hammond with a server on which to store stolen data—including what he had obtained from Stratfor—and fed Hammond a list of Web sites to attack.

Hammond had not only been caught in the sting; he had also become an unwitting pawn in the government’s electronic spy games. Hammond claimed that his intrusions, made during January and February of last year, “affected over 2000 domains” and included the government Web sites of Brazil, Turkey, and Syria, among other countries, as well the “official website of the Governor of Puerto Rico, the Internal Affairs Division of the Military Police of Brazil, the Official Website of the Crown Prince of Kuwait, the Tax Department of Turkey, the Iranian Academic Center for Education and Cultural Research, the Polish Embassy in the UK, and the Ministry of Electricity of Iraq.” At Hammond’s sentencing, when he began reading the names of the countries that Sabu had told him to attack, which the government had redacted from court documents, he was silenced by the judge.

The defense did its best to portray Hammond’s crimes as acts of electronic civil disobedience—the same kind of acts that he’d described years ago at Def Con. They read selections from the hundreds of letters of support that Hammond had received, including one from Daniel Ellsberg, the Pentagon Papers whistle-blower. They blasted the government’s “one-dimensional view” of Hammond’s actions, saying that his motivations for exposing powerful institutions like Stratfor were the same as those that had inspired his community service in his native Chicago, where he frequently volunteered at soup kitchens and taught disadvantaged kids how to use computers.

The U.S. district judge Loretta Preska was unmoved, focussing on statements made by Hammond in online chat logs, where he encouraged his fellow Anonymous members to cause “maximum mayhem” with Stratfor’s credit cards. Besides, Preska reasoned, Hammond was a repeat offender who had already served a two-year sentence for hacking the Web site of Protest Warrior, a right-wing group known for crashing anti-war rallies. “These are not the actions of Martin Luther King, of Nelson Mandela … or even Daniel Ellsberg,” she said.

Even if Preska had been sympathetic to Hammond or to his cause, it would have been difficult for her to hand down a particularly lenient sentence. The Supreme Court has instructed judges to ignore sentencing guidelines at their own peril, and the Computer Fraud and Abuse Act, an anti-hacking law that was enacted in 1986 and was modelled on a wire-fraud statute from 1952, which was itself based on a 1948 mail-fraud statute, engenders restrictive sentencing guidelines.

General federal sentencing guidelines establish forty-three levels of “offense seriousness.” The higher the level, the more severe the punishment. In a hacking crime, prosecutors can do a number of things to increase the level of offense, including deconstructing a single act of hacking into multiple charges: unauthorized computer use, wire fraud, damaging “a protected computer,” stealing protected information, and sometimes even aiding and abetting other crimes. They can calculate the damages caused by the hack—“the loss”—at a high rate, and they can present evidence that the defendant is not taking responsibility for what he has done. In Hammond’s case, his plea agreement notes that the “base offense level” for his crime was six, which would typically carry a sentence of six to twelve months. But the prosecutors calculated that he had caused more than a million dollars in damage and harmed more than two hundred and fifty people. Taking into account his prior convictions, his “adjusted offense level” was thirty-one, for which the minimum penalty is twelve years. To avoid such a long sentence, Hammond pleaded guilty to one count of a conspiracy to violate the C.F.A.A., which carries a maximum of ten years, and he asked the court for lenience because he had used “his abilities to potentially unmask unlawful surveillance and intelligence-gathering efforts and seek out hidden truths.”

Declaring a need to “promote respect for the rule of law,” Preska gave Hammond the maximum sentence of ten years. His jail time will be followed by three years of supervised release, during which all of his devices will be monitored by police software, his property will be subject to warrantless searches, and he’ll be forbidden from using encryption or anonymity tools.

In a letter to the court on Hammond’s case, Hanni Fakhoury, a lawyer with the Electronic Frontier Foundation, points to a defendant who was recently convicted in a hundred-million-dollar welfare-fraud scheme and received a hundred and twenty-five months in prison—only five months longer than Hammond’s sentence, despite inflicting far greater damages. Hammond’s collaborators in the U.K. received dramatically lighter sentences than he did, ranging from two hundred hours of community service to thirty-two months in prison.