If you haven't watched the INFILTRATE keynote from Stephen Watt here then you need to do that, especially if you are a lawyer who specializes in cyber law. INFILTRATE is where you hear about issues that effect the community in the future, and you should register now! :)
But let me float my and others initial feeling when MalwareTech got arrested: The "killswitch" story was clearly bullshit. What I think happened is that MalwareTech had something to do with Wannacry, and he knew about the killswitch, and when Wannacry started getting huge and causing massive amounts of damage (say, to the NHS of his own country) he freaked out and "found the killswitch". This is why he was so upset to be outed by the media.
Being afraid to take the limelight is not a typical "White Hat" behavior, to say the least.
That said, we need to acknowledge the strategic impact law enforcement operations as a whole have on national security cyber capabilities, and how the lighter and friendlier approach of many European nations avoids the issues we are having here in the States.
Pretty much every infosec professional (yes, even the ones in the IC!) knows people who have been indicted for computer crimes now. And in most of those cases, the prosecution has (as in the video above) operated in what is essentially an unfair, merciless way, even for very minor crimes. This has massive strategic implications when you consider that the US Secret Service and FBI often compete with Mandiant for the handling of computer intrusions, and the people making the decisions about which information to share with Law Enforcement have an extremely negative opinion of it.
In other words: Law Enforcement needs to treat hacker cases as if they are the LAPD prosecuting a famous actor in LA. Or at least, that's the smartest thing to do strategically, and something the US does a lot worse than many of our allies.