Swartz suicide shines light on federal anti-hacking law

Federal Computer Fraud and Abuse Act is applied too broadly in alleged data theft cases, critics say

By , Computerworld |  Security, Aaron Swartz, data theft

Aaron Swartz

Demand Progress founder and director Aaron Swartz speaks out against SOPA and PIPA.


The suicide of Internet activist and pioneer Aaron Swartz has focused attention on what some activists say is the overzealous use of the federal Computer Fraud and Abuse Act anti-hacking statute.

Swartz, 26, hanged himself last Friday, apparently over concerns stemming for the prospect of spending up to 35 years in prison on hacking-related charges.

[MIT to probe its role in Aaron Swartz's suicide and Senators push for changes in cybercrime law]

Federal prosecutors had indicted Swartz on 13 counts of felony hacking and wire fraud related to the alleged theft of millions of documents from JSTOR, an online library of literary journals and scholarly documents sold by subscription to universities and other institutions.

Several charges against Swartz were tied to alleged CFAA violations.

Swartz's death prompted calls by some legal experts for a review of CFAA. A petition launched Monday on the White House's website that called for reforming the anti-hacking law had garnered about 550 signatures.

The CFAA, enacted by Congress in 1986, makes it illegal to knowingly access a computer without authorization, to exceed authorized use of a system, or to to access information valued at more than $5,000.

In intent and spirit, CFAA is an online anti-trespassing law targeting criminal hackers who break into systems to steal or sabotage data. Penalties range from five-years prison sentences to life in prison.

Federal prosecutors in Massachusetts alleged that Swartz violated the provisions of the law by allegedly misusing guest access privileges on Massachusetts Institute of Technology's network to systematically access and download a huge number of documents from JSTOR.

In court documents, prosecutors alleged that while a Fellow at Harvard University's Safra Center for Ethics between Sept. 2010 and Jan 2011, Swartz registered for guest access on MITs network using a fictitious name and temporary email address.

They alleged that over the course of a few weeks,

Originally published on Computerworld |  Click here to read the original story.
Join us:






Answers - Powered by ITworld

Ask a Question