"Aaron's Law" introduced in Congress to reform computer fraud law
Rep. Zoe Lofgren (D-Calif.) and Sen. Ron Wyden (D-Ore.) introduced a new bill into Congress Thursday, geared toward reforming the laws used to charge Internet activist Aaron Swartz with multiple felonies for downloading academic journal articles in 2011.
The bill, titled Aaron’s Law Act of 2013, is named for Swartz, who, facing up to 35 years in prison for what Lofgren and Wyden called “an act of civil disobedience,” committed suicide in January. Written in consultation with government officials, advocacy groups, businesses and the Reddit community, Aaron’s Law seeks to update the language of the Computer Fraud and Abuse Act (CFAA), much of which was authored in 1986.
According to Lofgren and Wyden in an editorial for Wired, the central problem with the CFAA is the vagueness of its provisions. For example, the act, authored years before the invention of the World Wide Web, states that anyone who “intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains information from any protected computer” can be sentenced to 10 years in prison.
“Confused by that?” wrote Lofgren and Wyden. “You’re not alone. Congress never clearly described what this really means...so lying about one’s age on Facebook, or checking personal email on a work computer, could violate this felony statute.”
In other words, according to the Columbia Journalism Review, the ambiguity of the CFAA means that the same laws used to prosecute Bradley Manning for allegedly leaking classified military information can be used to go after Internet users for violating the lengthy “terms of service” agreements attached to most products accessed online.
The problem of vagueness is only compounded by the fact that some of these laws overlap with one another in scope, giving the government the ability to charge offenders multiple times for the same violation. “This is, in fact, what happened to Aaron Swartz,” they wrote, “more than a third of the charges in the superseding indictment against him were under this redundant CFAA provision.”
The reforms proposed in the brief, 63-line bill are aimed at limiting the breadth and severity of the CFAA by striking redundancies and clarifying ambiguous language like “exceeds authorized access” (as in the aforementioned provision).
If passed, the bill will narrow the authority of the CFAA, but other laws on wire fraud and theft of trade secrets are already in place to protect against the most threatening abuses.
“Aaron’s Law is not just about Aaron Swartz,” wrote Lofgren and Wyden, “but rather about refocusing the law away from common computer and Internet activity and toward damaging hacks.”
Photo by Peretz Partensky/Flickr
Armory builds Iron Man a suit worthy of the Norse gods
Tony Stark would be the most stylish hero in Asgard with this leather armor.22k
Dudes build huge real-life gundam so the U.S. can fight Japan in a giant robot battle
Japan, you have one year to name the battlefield.17k
Homeless man plays best cover of Styx's 'Come Sail Away' you've ever heard
Are we sure this isn't really Dennis DeYoung?15k
The great Reddit meltdown has begun
Winter is coming to the Front Page of the Internet.
The 3 biggest questions heading into the ESL ESEA final
The first edition of the ESL ESEA Pro League is coming to a head this weekend with $250,000 on the line.27