Aaron's Law hopes to blunt US computer crime law
US Representative Zoe Lofgren has proposed an amendment to the Computer Fraud and Abuse Act. Lofgren also presented her amendment on Reddit. The amendment is called "Aaron's Law" by Lofgren and is being put forward as a response to the death of Aaron Swartz, the internet activist who killed himself while facing thirteen felony counts of computer and wire fraud after he attempted to liberate millions of academic papers from the JSTOR archive.
Currently, the CFAA allows prosecutors to define unauthorised access to computer systems such that even a simple violation of an ISP's or a web site's terms of service could be used to bring felony charges. Lofgren's proposal amends the law such that unauthorised access is not a felony if that access was solely contrary to terms of service or other contractual arrangements between a user and a service. A simple modification like this could well have reduced the number of felony charges that Swartz faced.
Wire and computer fraud charges are often added in hacking cases where ISPs' terms of service appear to have been broken, yet the charge can carry a three to five year prison sentence. Lofgren says using the law in this way "could criminalize many everyday activities and allow for outlandishly severe penalties" and she is now seeking cosponsors for the bill, which she hopes will be enacted quickly and act as a tribute to Swartz's life.
Other US law makers have also stepped up to condemn the prosecution; Representative Jared Polis reportedly said "the charges were ridiculous and trumped-up," while Representative Darrell Issa said his oversight panel would look into whether federal prosecutors had acted inappropriately. Lofgren, Polis and Issa are all members of the House Judiciary Committee. Issa also said that Congress should take up Swartz's aims and make more information freely available and make sure "that what is paid for is as widely available as possible to the American people".