LAWIN

Aaron Swartz

Aaron Swartz

Life of Aaron Swartz

Aaron Swartz “helped develop the RSS syndication format used for Web-based news feeds, the social news site Reddit and the Creative Commons codes now used to help promote the online sharing of Web content. Politically, he was well known for his role in founding the group Demand Progress, one of the more effective voices against legislation that many believe would have significantly limited online free speech and innovation. One of his causes was “Open Data.” He realized that sitting in many computers was a lot of inaccessible information that, in principle, anyone should be able to access. He was committed to taking publicly funded data—including the results of government-funded scientific research—and making it available on the Web for easy access.”(source: https://www.scientificamerican.com/article/its-times-reform-computer-fraud-abuse-act/).

He once used an automated script to bulk-download documents from a free trial program for the PACER database. Aaron led the charge against the broad online copyright-enforcement proposals SOPA and PIPA in 2012.

In January 2011, Aaron Swartz “downloaded a large number of articles from the academic-document archive JSTOR onto his laptop. Aaron had a JSTOR account, allowing him access to the work, but he arguably abused that access by setting up a computer at Massachusetts Institute of Technology and downloading articles in bulk over a period of weeks. He was originally arrested on a minor charge, and JSTOR decided not to pursue the case. Unfortunately, federal prosecutors did not drop the charges.”(source: https://www.scientificamerican.com/article/its-times-reform-computer-fraud-abuse-act/). For some, Aaron Swartz violated JSTOR’s terms of service by downloading too many papers at once, in order that these “publicly funded”papers (see below) could be distributed free to researchers who can’t afford to pay for them.

Punishment

A federal indictment (the details contained in the indictment are allegationsuns) charged him with “wire fraud, computer fraud, unlawfully obtaining information from a protected computer, and recklessly damaging a protected computer. If convicted on these charges, Swartz’s punishment could have led to “35 years in prison, to be followed by three years of supervised release, restitution, forfeiture and a fine of up to $1 million.”

Some have argued that prosecutorial threats along with his depression led to his eventual suicide.

Death

Nearly two years after his initial arrest, Swartz committed suicide, and this had a high impact on internet commeentaries and “virtual”collective action.

At the time of his death, Swartz faced felony charges for his downloading of more than 4 million academic journal papers from the online archive JSTOR, or about 80 percent of the JSTOR library. The downloading was carried out surreptitiously using a laptop computer that was left in a basement wiring closet in an MIT building, physically connected to the MIT computer network.

After Swartz’s death posthumous awards were given to him; a proposed revision of the law under which he was prosecuted was introduced in Congress, and a petition was filed with the White House demanding the firing of the federal prosecutor responsible for the case.

“Activists are invoking Swartz’s name for an upcoming day of action against NSA surveillance. Senators continue to question the Justice Department over the aggressiveness of his prosecution. A year after Swartz’s death, the CFAA not only remains unchanged, but some proposals in 2014 might actually strengthen it.”(source: https://www.washingtonpost.com/blogs/the-switch/wp/2014/01/11/the-law-used-to-prosecute-aaron-swartz-remains-unchanged-a-year-after-his-death/)

MIT Report

In July 2013, MIT issued its report, written by professor Hal Abelson, about the MIT’s own actions in the case. The report says that University’s neutrality stance did not consider factors including “that the defendant was an accomplished and well-known contributor to Internet technology”; that the law under which he was charged “is a poorly drafted and questionable criminal law as applied to modern computing”; and that “the United States was pursuing an overtly aggressive prosecution.”

Reactions to the MIT Report

In August 2013, three respected academics, writers of leading work in digital law, language, and civics, have written about the report: Harvard Law’s Larry Lessig, Northwestern’s Peter Ludlow, and the director of MIT’s Center for Civic Media, Ethan Zuckerman. They agreen on that Swartz may not have broken the law. The weightiest charges filed against Swartz were under the Computer Fraud and Abuse Act (CFAA). The CFAA makes it a crime to gain “unauthorized”access to a computer or network. The prosecution alleged that Swartz’s use of the MIT network was “unauthorized.”But as Lawrence Lessig writes on the Abelson report:

“The report says that MIT never told the prosecutor that Aaron’s access was “unauthorized.”They indicated that his machine was not supposed to be plugged into the ethernet jack it was plugged into, but there is no law against abusing an ethernet jack. The law regulates authorized access to a network. The whole predicate to the government’s case was that Aaron’s access to the network was “unauthorized,”yet apparently in the many many months during which the government was prosecuting, they were too busy to determine whether indeed, access to the network was “authorized.””

MIT and the neutrality

While the University adopted a neutral stance, the reality was that the power between the defense (an internet activist and his lawyers) and the prosecution (the U.S. Government) differed enormously, so, according to professor Peter Ludlow, the institute’s report “makes it clear that MIT was at best neutral in a technical sense: “In consequence of the differences in the powers, timing, and goals of the two parties in the case, neutrality in responses was not consistent with neutrality in outcomes.”For example, the report argues that MIT “could have automatically supplied the defense with a copy of every document supplied to the prosecution, rather than waiting for a defense subpoena. Similarly, it could have offered a defense interview with every employee interviewed by the prosecution.”It failed to do so.”

The professor also argues that the “report also notes that MIT turned over a number of intercepted electronic communications to the prosecution without subpoena, a step that the defense argued was “in violation of the Fourth Amendment and the Stored Communications Act.”One can argue about whether MIT violated the law in intercepting and turning over the documents, but it is plainly Orwellian to characterize such actions as “neutral.”

Lessig also argued that:

“One particularly pertinent moment was in June 2011 when the Media Lab Director [Joi Ito] informed the administration that Aaron Swartz was charged with “unauthorized access”and suggested that MIT would be in a position to cast doubt on this charge if so desired. …

A charge of “accessing [the MIT network] without authorization or in excess of authorized access”deeply involves MIT, since MIT provides the authorization and sets the rules of authorization. Thus MIT set rules that played a key role in determining what constituted a felony in the Aaron Swartz case.”

In the opinion of the three academics, the “neutrality” of the University alone determined whether Swartz’s guilt under the CFAA. That neutrality was, in fact, tacit approval. The director of MIT’s Center for the Civic Media, Ethan Zuckerman, explained that according “to Abelson’s report, MIT’s president, chancellor and Office of the General Counsel did the minimum – and sometimes less than the minimum, when they failed to respond to defense subpoenas – in allowing Aaron Swartz and his team to mount a defense.”

Computer Fraud and Abuse Act (CFAA) and the Wire Fraud Statute

The Computer Fraud and Abuse Act (CFAA) and the wire fraud statute were the statutes the U.S. government used to prosecute Aaron Swartz.

CFAA

The Computer Fraud and Abuse Act was written in 1986, before most Americans started interacting online.

The Computer Fraud and Abuse Act is at the center of a group of high-profile criminal cases, including the accusation of the former Reuters journalist Matthew Keys, for cooperating with the Anonymous to vandalize the Web site of a former employer. Keith Downey, a 28-year-old programmer from Florida, was accused of attacking PayPal’s server to protest its termination of a donation page for Wikileaks. And Andrew Auernheimer was convicted under CFAA for attacking AT&T servers and turning over illegally obtained information about iPad users to the gossip site Gawker.com.

Several American laws like Theft of Trade Secrets, the Privacy Act, copyright law, the Stored Communications Act, wire fraud, and HIPAA already criminalize misuse of information.

Aaron Swartz was not the first or last victim of prosecution under the CFAA. In cases like United States v. Drew and United States v. Nosal the U.S. government claimed that violating a private agreement or corporate policy amounts to a CFAA violation.

The Computer Fraud and Abuse Act makes it a federal crime to access a computer without authorization or in a way that exceeds authorization. In an article of Wired (https://www.wired.com/opinion/2013/06/aarons-law-is-finally-here/):

“Confused by that? You’re not alone. Congress never clearly described what this really means. As a result, prosecutors can take the view that a person who violates a website’s terms of service or employer agreement should face jail time.

So lying about one’s age on Facebook, or checking personal email on a work computer, could violate this felony statute. This flaw in the CFAA allows the government to imprison Americans for a violation of a non-negotiable, private agreement that is dictated by a corporation. Millions of Americans — whether they are of a digitally native or dial-up generation — routinely submit to legal terms and agreements every day when they use the Internet. Few have the time or the ability to read and completely understand lengthy legal agreements.

Another flaw in the CFAA is redundant provisions that enable a person to be punished multiple times … for the same crime. These charges can be stacked one on top of another, resulting in the threat of higher cumulative fines and jail time for the exact same violation.

This allows prosecutors to bully defendants into accepting a deal in order to avoid facing a multitude of charges from a single, solitary act. It also plays a significant role in sentencing. The ambiguity of a provision meant to toughen sentencing for repeat offenders of the CFAA may in fact make it possible for defendants to be sentenced based on what should be prior convictions — but were nothing more than multiple convictions for the same crime.”

Aaron Law

After Aaron death, there were calls for an “Aaron’s Law”to limit the scope of the Computer Fraud and Abuse Act. And in June 2013, a bipartisan group of lawmakers introduced (by Reps. Lofgren and Sensenbrenner) a draft in this terms (which were redrafted and postes also in reddit).

The draft had some support, specially from many advocacy groups (including the Demand Progress group Swartz had founded during his action campaign over SOPA). It had opposition from some software industry groups as well. In the beginning of 2014, it looks like Aaron’s Law went nowhere.

But some organizations are still leading reforms to the CFAA. For example, the Electronic Frontier Foundation (EFF) made suggestions which expand on Repres. Lofgren’s draft bill known, which are presented here:

EFF proposals

EFF: Specific Reasons to Improve the CFAA

EFF: Initial Suggestions for improving Aaron’s Law

EFF: Additional Suggestions for improving the Penalty Scheme

Open Access Movement

Aaron Swartz wrote in his Open Access Guerilla Manifesto that the “Open Access Movement has fought valiantly to ensure that scientists do not sign their copyrights away but instead ensure their work is published on the Internet, under terms that allow anyone to access it”.

The authors of the (contents of) academic journals (professors, researchers and scientists) were not paid for their work by the copyright owners. In fact, much of the work underlying these articles was funded in full or in part by government grants or charitable contributions to universities and medical institutes. The system whereby researchers who want their work published in the oldest, most prestigious journals must agree to sign away the copyrights to their work predates the rise of the internet and online storage and retrieval. At one time, when expensive bound copies of journals needed to be published and archived, this system might have made sense as a way of compensating for this expense. Today this legal relic of the pre-digital age serves to restrict access to information developed at public expense so that a small number of publishing firms (many of them foreign) can profit from work they didn’t pay for.

In this sense, an article originally appeared in The Atlantic on March 26, 2013 about Aaron Swartz, argued:

“Academics such as scientists communicate their results of research and study by publishing articles in peer-reviewed journals. They do not make money off their publications. In this respect, they differ from creative artists such as musicians or writers, who may earn royalties or fees.

The community of scientists reviews each other’s papers, free of charge. What is gained here is prestige: prestige in being published, or prestige in serving as a reviewer. While prestige doesn’t directly translate into monetary gain, it is an important factor in gaining tenure, being promoted, and competing for grants from granting agencies.

Finally, it is the granting agencies — many government-funded — that ultimately support the research endeavor, paying for researchers’ salaries, research supplies and equipment, and finally the costs of publication.

Given this model, you might think that accessing scientific publications would be inexpensive. But this is not the case. The publications themselves typically land in corporate-owned scientific journals that restrict access by hefty subscriptions that only major university libraries can afford. For instance, Northwestern University pays more than $7.5 million per year for electronic subscription of journals, with the price of a single journal yearly subscription well over $1,000.”

Posted

in

, , , ,

by

SALVADOR

Tags:

, , ,

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *