After the January suicide of Reddit cofounder and open Internet activist Aaron Swartz, Rep. Zoe Lofgren (D-Calif.) introduced a bill called "Aaron’s Law." The law was designed to reform 1984’s Computer Fraud and Abuse Act (CFAA), which was being used to prosecute Swartz and has been criticized by many as being overly broad.
When crafting the language of Aaron’s Law, Lofgren turned to Reddit, an online community Swartz had been involved in since its early days, and asked its members to review and critique it.
Lofgren took the input into account when revising the law and posted the “Modified Draft Version” to Reddit on Saturday.
In her announcement on Reddit, Lofgren outlined the changes.
As with the original draft, the revision “explicitly excludes breaches of terms of service or user agreements as violations of the CFAA and wire fraud statute.”
The new draft, however, also indicates that “changing one's MAC or IP address is not in itself a violation of the CFAA or wire fraud statute.” It also limits the scope of the act by defining "access without authorization" as the circumvention of technological access barriers. No circumvention of technical measures, no fraud.
“Taken together, the changes in this draft should prevent the kind of abusive prosecution directed at Aaron Swartz,” wrote Lofgren, “and would help protect other Internet users from outsized liability for everyday activity.”
Lofgren said she intends to introduce a final version of the law to the House Judiciary committee soon. To do so, she will need to secure co-sponsors. She said she has already spoken with Sen. Ron Wyden (D-Ore.) and he intends to introduce the law in the Senate, should it make it through the House.
“The chances of success – whether for "Aaron's Law" or other proposals – will depend greatly on the degree of positive public engagement and support to change the law. As SOPA showed, when the Internet speaks, lawmakers listen. I think with enough constructive support we can have an opportunity to pass ‘Aaron's Law.’"
As the Electronic Frontier Foundation’s Cindy Cohn and Marchia Hofmann note, although the law reduces the broad scope of the CFAA, it does nothing to reduce what many believe to be disproportionately high penalties for computer fraud.
Photo via Wikipedia