Aaron's Law Is Doomed and the CFAA Is Still Broken 134
I Ate A Candle (3762149) writes Aaron's Law, named after the late internet activist Aaron Swartz, was supposed to fix U.S. hacking laws, which many deem dated and overly harsh. But the bill looks certain to wither in Congress, thanks to corporate lobbying, disagreements in Washington between key lawmakers and a simple lack of interest amongst the general population for changes to the Computer Fraud and Abuse Act. Representative Zoe Lofgren blamed inactivity from the House Judiciary Committee headed up by Representative Bob Goodlatte, which has chosen not to discuss or vote on Aaron's Law. There is still an appetite for CFAA reform, thanks to complaints from the security community that their research efforts have been deemed illegal acts, perversely making the internet a less secure place. But with the likes of Oracle trying to stop it and with Congress unwilling to act, change looks some way away.
Re:Larger request (Score:5, Informative)
The same thing happens with civil lawsuits also. If the RIAA thinks they've caught you uploading a thousand songs, they'll sue you for $150 million (the maximum penalty the law allows). Then, they will offer to settle for "only" $3,000 and a signed statement that they give you which basically admits your guilt and forces your silence on the matter. Your options are a) pay for a lawyer and spend time and money fighting the case knowing that you might lose and, even if you win, might not get back lawyer fees or b) settle and cut your losses.
Most people understandably choose option b. It's nice to say you'll defend your innocence in theory but in reality a fight like this would be too much for some people when they need to juggle work, bills, and other aspects of real life. The RIAA counts on this and abuses the legal system to ensure as high a "number of pirates caught" number as possible regardless of whether those "pirates" are really guilty or not.
Re:He didn't hack (Score:3, Informative)
But he had every right to attach his computer to that network. MIT has (or had?) a free and open network. It was open to everyone, not just students, faculty and guests. So there was no problem with him connecting to their network, or stashing his computer there.
JSTOR's contract with MIT allowed access to their papers to anyone on MIT's network. Not limited to students and faculty. Just anyone coming from their network. So there was nothing illegal about him downloading papers from JSTOR.
However, JSTOR's terms of service limited the number of papers one could download in a given period of time. I think it was something like 25 a day. Aaron, however, wrote a script that would download all 4 million in rapid succession.
The only thing "wrong" that he did was violate JSTOR's terms of service. Yes, if everyone did that the system would collapse. What he did amounts to bad manners. For that he deserves to be threatened with up to 50 years in jail? That's the kind of abuse Aaron's Law is intended to stop.
Re:Larger request (Score:5, Informative)
Apparently the young man committed suicide due to the threat of severe charges and punishments.
He was offered a 6-month sentence in a low security prison. Turned it down.