This article will go into depth about what Aaron’s Law is and how it came to be.
What is it?
‘Aaron’s Law’ is a term that is indicative of a bill that was introduced to the United States Congress back in 2013. It was originally written by California representative, Zoe Lofgren, who proposed the bill in response to the death of 26-year-old, Aaron Swartz. Aaron’s Law essentially sought out to amend the Computer Fraud and Abuse Act of 1986 (the CFAA) following Swartz’s suicide in January of 2013.
More details on what led to his subsequent death will be discussed later. For now, we will continue to break down what Aaron’s Law is.
The Computer Fraud and Abuse Act of 1986 is the law that dictates computer abuse in the United States. Investopedia editor, Jake Frankenfield, defines computer abuse as:
“…the use of a computer to do something improper or illegal. Examples of computer abuse include using a computer to expose personally identifiable information (PII) such as Social Security numbers, using a computer to change the content of a website owned by someone else, intentionally infecting one computer with a worm that will spread to other computers, using a computer to illegally share copyrighted items, and using one computer to gain unauthorized access to another.”
Aaron’s Law didn’t succeed in getting a pass. That being said, Congress did end up modifying the CFAA and continues to do so on the regular. Past changes had taken place in 1989, 1994, 1996, and 2002. The controversial U.S. Patriot Act had an impact on the CFAA in 2001. The 2008 Identity Theft Enforcement and Restitution Act also has an effect on the overall scope of the CFAA.
What the bill would fix
Supporters of the failed Aaron’s Law fought back, claiming that the CFAA is too vague. Due to the general wording of the CFAA, users who go against the terms of service can potentially face prison time. An additional error in the CFAA is tied to redundancies. Individuals can easily be tried for the same crime more than once under different factors. These cases of repetition enable charges to connect and allow immensely severe penalties for the convicted.
Aaron’s Law proposed the amendment of the language of the CFAA as a means to make punishments regarding both prison terms and fines for downloading copyrighted material less disciplinary and more reflective of the stolen material’s value.
Most recently, Aaron’s Law was reintroduced in May of 2015. However, it was once again stalled, throwing the bill’s future into uncertainty.
Who was he?
Now that we have painted a clear picture of what Aaron’s Law is, it only makes sense that we go into who the man behind the bill was. Who was Aaron Swartz and what led to both his suicide and the creation of the “law”?
Born on November 8, 1986, Swartz was an American computer programmer, writer, entrepreneur, political organizer, and Internet activist. He was said to be a prodigy with computers, being a fast learner when it comes to coding and Internet culture, and also taking college-level courses by the time he was in the 10th grade.
He was involved with the development of the web feed format, RSS, as well as the Markdown publishing format. In addition, he aided in the development of the organization, Creative Commons (a non-profit group that expands the range of creative works that are available for others to legally share and build upon) and the website framework web.py. He was – and still is – recognized as the co-founder of the popular social news aggregation, Reddit.
Along with computers, Swartz’s work also focused heavily on civic awareness and activism. He played a part in the launch of the Progressive Change Campaign Committee in 2009 so that he could learn more about competent online activism. He founded the online group called Demand Progress, an Internet activist-oriented entity that is known primarily for its campaign against the Stop Online Piracy Act (SOPA).
This was an incredibly controversial bill that was introduced in the early 2010s and was supposed to expand the abilities of U.S. law enforcement to fight back against online copyright infringement and trafficking of counterfeit goods. Mashable writer, Chris Heald, sums up why SOPA was not fondly received by the masses with the following reasons:
- Gives the government the right to unilaterally censor foreign websites.
- Gives copyright holders the right to issue economic takedowns and bring lawsuits against website owners and operators, if those websites have features that make it possible to post infringing content.
- Makes it a felony offense to post a copyrighted song or video.
Additional activism work on Swartz’s part includes filing a Freedom of Information Act (FOIA) request to obtain knowledge about the treatment of activist and ‘whistleblower’, Chelsea Manning, a suspected source for the classified information platform, WikiLeaks. Moreover, he was a participant for Wikipedia in mid-2003. In 2006, he ran – albeit unsuccessfully – for a position in the Wikimedia Foundation’s Board of Trustees. That same year, he also wrote an analysis of how articles on Wikipedia are written.
It’s evident that for a period of time, Swartz was a familiar face and an active member of the Internet community. Even now, years after his passing, he is still remembered for his contributions, whether they were direct or indirect. So, what happened to him?
The early stages of his tragic downfall would begin in 2008. Swartz used a public library account as a way to get full access to the federal court system information website called PACER (Public Access to Court Electronic Records). Contrary to what the name implies, PACER required a subscription and had an 8 cents per page charge. All so that one can view public court records. The technology was essentially outdated and Swartz, along with other individuals, believed that the fee was ludicrous, especially for electronic data. Not only that, electronic data that could potentially be repeatedly duplicated at no real cost.
In response, Swartz put together a Perl script, which is a family of script programming languages that share similarities in the syntax to the C language. He did this on a rented Amazon cloud computing instance that effectively drew around 2.7 million documents out of PACER. Following this, he turned them over to another activist, who later published them. This caught the attention of the FBI, who went on to investigate Swartz about the matter. Ultimately, they did not charge him, but as you might expect, Swartz would not be as lucky with the authorities next time.
While this motivation has not been confirmed and might very well be pure speculation, Swartz’s efforts with PACER probably gave him the incentive to target JSTOR next. For those who are unaware of what this is, it’s a digital library that’s full of academic texts, such as journals, books, and other primary sources. It is a popular source destination for postsecondary students and it actively collaborates with the academic community to assist libraries and independent researchers.
For proper bandwidth and access, Swartz set up a laptop inside of a wiring closet. According to authorities, Swartz used JSTOR to download a large number of academic texts by way of MIT’s computer network during the course of a few weeks. At this point in time, Swartz was a research fellow at Harvard University. This was how he gained easy access to a JSTOR account. It should also be noted that visitors to the open campus of MIT were able to access JSTOR through its network.
On the subject of why he did this, Swartz took note of the fact that knowledge produced at public universities and financed by the U.S. government was not typically released free for public consumption. On the contrary, it was basically being copyrighted and benefits were not being given to the original authors. It was being made private and it was locked by for-profit corporations that did not invest in any of these public works. Each year, they earn billions of U.S. dollars for private publishers, seeing as how these publications were free to access for students on an array of academic databases.
As mentioned before, Swartz downloaded lots of texts from JSTOR. Not only that but the whole Westlaw database (an online legal research service for legal professionals), too. This way, he began uncovering disconcerting connections of corporation investors of legal research that gave money to law professors. The ‘donations’ was for those professors to write law reviews for these corporations to benefit from and shield them from any repercussions.
The massive download would consequently trigger several issues at JSTOR’s servers. The organization administrators immediately contacted MIT. They managed to zero in on the IP address and the location of where the download was taking place. As soon as the location (i.e. the wiring closet) was found, they set up a video camera in the room. When Swartz returned, the download was stopped and he was identified. He was immediately arrested by both campus police and the U.S. secret service.
The legal battle
Instead of pursuing a civil lawsuit against Swartz, JSTOR negotiated a settlement with him. This would require Swartz to turn over all the data that had been downloaded. However, federal prosecutors were unwilling to go through with any bargaining. They charged Swartz under the CFAA and, in turn, offered him a ‘take it or leave it’ deal: plead guilty and serve six months in prison.
Before moving forward, a couple of other facts should be noted. Six months after Swartz’s official arrest, the federal grand jury indicted him. The charges were as follows (from The New Yorker):
UNITED STATES OF AMERICA v. AARON SWARTZ, Defendant
Description of Offense Charged:
- 18 USC 1343 Wire Fraud
- 18 USC 1030(a)(4) Computer Fraud
- 18 USC 1030(a)(2) Theft of Information From a Computer
- 18 USC 1030(a)(5)(B) Recklessly Damaging a Computer
- 18 USC 981. 982, 1030 & 28 USC 2461 Forfeiture
- 18 USC 2 Aiding and Abetting
A few months later, he was indicted by a Middlesex County Superior Court grand jury on “…charges of breaking and entering, larceny of electronic data, and unauthorized access to a computer network in connection with the illicit downloading of millions of academic articles.” While the charges and this particular indictment would later be dropped, federal prosecutors would go on to file an overruling indictment that added nine more felony counts. This would increase Swartz’s maximum sentence to 50 years of imprisonment and up to $1 million in fines.
Deal or no deal
It was during the plea negotiations that the ‘take it or leave it’ deal was put on the table. By taking the deal and pleading guilty of 13 federal crimes, he will spend six months in a low-security prison. Both Swartz’s defence attorney and Swartz himself rejected the deal. Their reasoning was that they were pushing for the trial. That way, federal prosecutors would be in a position where they would have to publicly justify their persistent pursuit. Numerous critics chastised the federal prosecution for essentially ‘overcharging’ Swartz with a 13-count indictment. Moreover, they said the prosecution was “overzealous.”
Looking at this 17-month legal battle – one that had no set trial date and wasn’t ending any time soon – through Swartz’s perspective, it must’ve been overwhelming. With the future of this legal battle cast into doubt, Swartz hung himself in his apartment on January 11, 2013. Following his death, federal prosecutors went on to drop the charges.
The sudden passing immediately spurred further activism in the community. Swartz’s status and the severity of the charges against him attracted a lot of attention. Many believed his actions to be too innocuous for the charges. The backlash continued to spread, with various hacker groups attacking and defacing the websites of organizations that were related to Swartz’s arrest.
Politicians eventually took note of the reactions. Three members of the House Judiciary Committee raised questions about the government’s handling of the situation: Darrell Issa, Jared Polis, and Zoe Lofgren. HB 2454 modified the CFAA to exclude terms of service violations from the list of crimes covered by the act. It’s a minor change, but it would prevent potential abuse by both service providers and prosecutors seizing on technicalities in terms that users are unaware of.
Additionally, it provided language as a means to clarify the penalty provisions of the statute to limit enhanced penalties solely to criminal acts and for other violations of the act itself. This effectively prevents prosecutors from easily tacking on extra charges. Like making false statements to federal officers. Furthermore, it keeps prosecutors from using those extra statements to boost jail time arbitrarily.
Aaron’s Law has an intricate and rather tragic origin. It’s important to understand what it stands for, what it focuses on, and what it aims to rebuild.