Aaron Swartz death must spark legal re-think

The suicide of internet activist Aaron Swartz could provide the US with a wake up call about its US Computer Fraud and Abuse Act.

The 29-year-old law has been used by the US government to hit hackers with draconian court cases over what should be legal technicalities and misdemeanors.

Swartz faced years in prison and ridiculous fines for downloading millions of academic articles from a private database through a network at the Massachusetts Institute of Technology.

His defence was handicapped by bullying prosecutors who were threatening to use the full force of a law which could jail you for lying about your identity on Facebook or delete files from your work laptop before you quit.

The US attorney’s case was based on the 1984 CFAA law, which some legal experts contend has been amended so many times that some portions of it no longer make sense. For example the penalties for minor offences can exceed those for more serious crimes.

Eric Goldman, a professor at the Santa Clara University School of Law, told Yahoo Finance that so much has changed and become more complicated, and the law has kept Frankenstein-ing.

Other legal experts said that US Attorney Carmen Ortiz followed the dodgy law too closely in bringing charges against Swartz.

For example, courts across the US are split about what constitutes illegal access, which, you would have thought, would be pretty important in a hacking case.

Despite this, US prosecutors have cheerfully bought 297 federal criminal cases under the CFAA and related computer fraud laws from 2010 through 2012. This often scares the beejesus out of people who probably would not be charged with anything.

Take, for example, the man who was charged because he deleted files from his company’s laptop after he was fired, or the woman who set up a fake Facebook account. Some of these face millions of dollars of fines and long stretches in jail.

But it is not just the government prosecutors who are addicted to the nebulous law. There have been more than 300 civil lawsuits which were brought in during private disputes citing the CFAA and related laws.

Marcia Hofmann, a senior staff attorney at the Electronic Frontier Foundation, said that prosecutors have taken advantage of the vague terms to add huge penalties to lesser cases.

They make an aggressive reading of what unauthorised access means to try to throw the book at somebody, she said.

Often prosecutors use that aspect of the law to punish something else the person did that the prosecutor didn’t like, but would have a harder job getting a court to bring in any penalty.