Prosecutors are known for having expansive views of the scope of their authority (among other things).  This is particularly true in the case of cybercrime.  But the Third Circuit has taken a more restricted view, at least when it comes to venue under the Computer Fraud and Abuse Act (CFAA).  That court has held that venue for the CFAA prosecution of Andrew “Weev” Auernheimer for the AT&T/iPad hack did not properly lie in New Jersey because the crime did not occur there, even if some New Jersey residents were affected by the crime.