On November 4 and 5, the Internet Archive will host the Fifth Annual Aaron Swartz Day and Hackathon. Aaron would have turned 31 on November 8. The late activist, political organizer, programmer, and entrepreneur was a dear friend of EFF’s who made a lasting imprint on the Internet and the digital community. Aaron’s life was tragically cut short after overzealous prosecutors sought to make an example out of him under the Computer Fraud and Abuse Act for using MIT’s computer network to download millions of academic articles from the online archive JSTOR. At EFF, we carry on Aaron’s legacy every day through our work on open access and CFAA reform. And this weekend, we’ll join our friends at the Internet Archive in celebrating Aaron’s life and work.
This weekend’s events include a two-day hackathon focused on SecureDrop, the whistleblower submission system Aaron created just before he passed away, and a Saturday evening memorial event. Speakers at the memorial event include Chelsea Manning, Gabriella Coleman, Barrett Brown, EFF’s Cindy Cohn, Aaron Day co-founder Lisa Rein, and many more.
Aaron died on January 11, 2013, at the age of 26, after being charged with 11 counts under the notoriously vague and draconian CFAA for systematically downloading academic journal articles from JSTOR. Facing decades in federal prison, Aaron took his own life. Aaron’s case stands as an example of how prosecutors abuse the CFAA’s vague language and harsh penalties to craft trumped up criminal charges for any behavior involving a computer they don’t like. Systematically downloading academic journal articles does not rise to the level of culpability that Congress had in mind when it enacted the CFAA—i.e., malicious computer break-ins for the purpose of causing damage or stealing information. But the law makes it illegal to intentionally access any computer connected to the Internet “without authorization” or in excess of authorization without actually telling us what “without authorization”—the statute’s most critical term—means. This overly vague language likely seemed innocuous to some back in 1986, but it has opened the statute up to rampant abuse by those seeking to stretch its reach.
EFF has been pushing for CFAA reform for years, and we increased those efforts after Aaron’s death. Since 2013, we’ve pushed for the passage of Aaron’s Law, which would reduce the CFAA’s disproportionately harsh penalties, shield security researchers and innovators from prosecution for doing their work, and clarify that violating a website’s terms of service is not a crime. Unfortunately, so far our efforts in Congress have been blocked, with tech giants like Google, Facebook, and Oracle shamefully unwilling to support reform even as the law needlessly claims lives and results in massively overbroad sentences.
We’ve also been fighting the CFAA in court. Over the past few years, we’ve convinced multiple federal courts of appeal that violations of private computer use restrictions cannot give rise to CFAA liability. This year, we urged the Supreme Court to take up US v. Nosal, a long-running CFAA case that would have provided the high court with the opportunity to clarify once and for all that the CFAA was meant to target malicious computer breaks—not to enforce computer use preferences. The court unfortunately turned down that opportunity, rejecting Nosal’s petition for Supreme Court review. We’re disappointed in this decision, but we’ll continue to advocate for a narrow interpretation of the CFAA’s vague language in lower courts across the country. We’ll soon be filing an amicus brief in the Ninth Circuit Court of Appeals in a case challenging LinkedIn’s use of the CFAA as a tool to limit access to publicly available data—an abusive use of the CFAA that we know would have disappointed Aaron.
While he was alive, Aaron railed hard against the idea of government-funded scientific research being unavailable to the public and his passion continues to motivate the open access community. While EFF continues to push for reforms to the CFAA, it's crucial to keep in mind that if open access were the standard for scientific research, then sharing it wouldn't be a crime at all—and Aaron never would have been charged in the first place.
As part of our work fighting for open access to data, EFF strongly supports the Fair Access to Science and Technology Act (FASTR), a bill that would require every federal agency that spends more than $100 million on grants for research to adopt an open access policy. The bill gives each agency flexibility to implement an open access policy suited to the work it funds—so long as research is available to the public after an “embargo period.”
One of the points of debate around FASTR is how long that embargo period should be. Last year, the Senate Homeland Security and Governmental Affairs Committee approved FASTR unanimously, but only after extending that embargo period from six to twelve months—a change that put FASTR in line with the 2013 White House open access memo. That’s the version that was recently reintroduced in the Senate. The House bill sets the embargo period at six months. In the fast-moving world of scientific research, even six months is an eternity to wait for open access, let alone twelve. But that said, FASTR would serve as an essential first step on which to build further reforms—and one we hope Aaron would be proud of.
We hope to see some of you at this weekend’s Aaron’s Day celebration. To find out more information about the hackathon or to buy tickets to the Saturday memorial event, visit the Internet Archive’s event page. And to support EFF’s efforts on open access and CFAA reform, visit https://supporters.eff.org/donate.