Laptop wrapped in crime scene tape.
This week is "Cyber Week" in the House of Representatives, with the body slated to vote on CISPA and on a handful of other cyber security and reesarch bills. Among them was supposed to be an update of the Computer Fraud and Abuse Act, the law under which activist Aaron Swartz was prosecuted by the Department of Justice, a disproportionately zealous prosecution that his colleagues say led to his suicide in January.
CFAA reform was already looming, but the suicide of 26-year-old Reddit co-founder Aaron Swartz in January helped galvanize groups to change the law so that not all hacking is considered the same and to make penalties less draconian in some cases. Swartz killed himself as he faced up to 35 years in prison and a $1 million fine after prosecutors alleged he stole more than 4 million documents from the JSTOR database of academic research papers at MIT.

“Right now, what we’re experiencing is a cyberpanic in Congress and all this fear about cybercrime and computer attacks,” said Hanni Fakhoury, an attorney at the Electronic Frontier Foundation. “That’s why there’s been a renewed effort to use the CFAA aggressively. But the problem is a lot of the cases that get a lot of attention are where there aren’t really cybercrimes going on.”

CFAA reformers cite the dozen federal judges who have rejected prosecutors’ varied interpretations of the law. The result is confusion across the nation’s judiciary as to the CFAA’s proper role.

Things as simple as violation of a site's terms of service could be prosecuted as violations of the CFAA and could lead to years in prison. Most companies ignore and won't pursue these kinds of violations. In fact, JSTOR didn't want the federal government to pursue Swartz. Internet activists want these violations to be civil, rather than criminal. The initial version of the CFAA pushed by the Department of Justice reauthorization could have made the current law even worse, adding amendments that included racketeering and conspiracy to the possible charges internet users could unwittingly face for simple violations.

Luckily, saner heads seem to have prevailed and the legislation has been pulled off the fast track and out of cyber week, thanks to a flurry of lobbying efforts by activists. Rep. Jim Sensenbrenner (R-WI) had intended to take up the legislation in his subcommittee this week, but has postponed it now indefinitely. The lobbying by activist groups included a memorial service at the House of Representatives last week, and more than a dozen meetings with key lawmakers from both parties. In this case, Sensenbrenner and the Judiciary committee chair, Rep. Bob Goodlatte (R-VA), have been working with activists in what Demand Progress co-founder David Segal says is "good faith." This could actually be a case where internet activism ends up not just preventing a bad law from being enacted, but makes a bad law better.

Originally posted to Joan McCarter on Mon Apr 15, 2013 at 08:58 AM PDT.

Also republished by Daily Kos.

Your Email has been sent.