Slashdot Mirror
'Aaron's Law' Introduced To Curb Overzealous Prosecutions For Computer Crimes
SonicSpike writes: Sens. Rand Paul (R-KY) and Ron Wyden (D-OR), and Rep. Zoe Lofgren (D-CA) introduced bipartisan legislation today to better target serious criminals and curb overzealous prosecutions for non-malicious computer and Internet offenses.
The legislation, inspired by the late Internet innovator and activist Aaron Swartz, who faced up to 35 years in prison for an act of civil disobedience, would reform the quarter-century old Computer Fraud and Abuse Act (CFAA) to better reflect computer and internet activities in the digital age. Numerous and recent instances of heavy-handed prosecutions for non-malicious computer crimes have raised serious questions as to how the law treats violations of terms of service, employer agreements and website notices.
"Aaron’s Law would change the definition of 'access without authorization' in the CFAA so it more directly applies to malicious hacks such as sending fraudulent emails, injecting malware, installing viruses or overwhelming a website with traffic."
The legislation, inspired by the late Internet innovator and activist Aaron Swartz, who faced up to 35 years in prison for an act of civil disobedience, would reform the quarter-century old Computer Fraud and Abuse Act (CFAA) to better reflect computer and internet activities in the digital age. Numerous and recent instances of heavy-handed prosecutions for non-malicious computer crimes have raised serious questions as to how the law treats violations of terms of service, employer agreements and website notices.
"Aaron’s Law would change the definition of 'access without authorization' in the CFAA so it more directly applies to malicious hacks such as sending fraudulent emails, injecting malware, installing viruses or overwhelming a website with traffic."
I'm sure I speak for many here when I invite you to go fuck yourself, officer.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
The law was written in 1983 and updated a tiny amount in 1986. It was a time before the internet, and was specifically written with ATMs in mind. Even worse, they used one of the most ambiguous and horribly loosely written laws in existence, the Espionage Act of 1917 as the blueprint. This is the same law the US government used to charge Edward Snowden with espionage, which is supposed to be when you give confidential information to foreign governments, not someone that is not supposed to have it (seriously, that is what the law defines as espionage).
So yes, access without authorization makes a lot of sense when used for ATMs. When applied to the internet, it makes using practically any for-profit web site illegal to visit and requires you to use your actual name, not an alias (that is also illegal according to this law - you are misrepresenting yourself).
What did Aaron do? He put public domain documents on the internet that a school was charging something like 10 cents a page for copies. Since this was a "financial transaction," this was a 25 year felony crime according to a law written for ATMs. Not exactly sure how it got to 35 years, as I remember that law was 25 max. Incidentally, I know several people more legitimately charged with that - they were pirates arrested in the 1980s (affiliated with the Super Pirates of Minneapolis and Midwest Pirate's Guild), but most were underage and served no time.