Chad Sandler

Aaron Swartz was indicted in 2011under the CFAA and wiretapping statute for exceeding his authorized access to the research portal JSTOR and downloading and disseminating articles from JSTOR. He subsequently committed suicide leading to a public backlash against criminal prosecution under the CFAA. This article in Forbes reviews Aaron’s actions and explains how they violated the CFAA. It explains that the misconduct went beyond violating JSTOR’s terms of use to include exceeding authorized use and circumventing identity restrictions.

Orin Kerr offers a cogent legal analysis defending the actions of federal prosecutors in the case against Swartz. Kerr asserts that under the Wire Fraud statute, Swartz’s use of masked IP addresses and false identification to gain access to JSTOR articles comports with statute’s prohibition on schemes to gain property by false pretenses.

Kerr then analyzes the case under the CFAA. He notes that the $5,000 threshold is easily met here if one uses the ‘reasonable costs of production’ value that many courts have adopted. With regard to exceeding authorized use, Kerr points out the methods used by Swartz to circumvent detection (and defensive block attempts) by JSTOR.

Efforts to amend the CFAA include removing liability for exceeding authorized use to perhaps simply access without authorization. This tech crunch article outline some of the legal debate on reformation efforts:

Finally, a few days ago, Alan F. Westin, noted privacy scholar, passed away. This article highlights his contributions to the field of information privacy. He believed privacy “is more than the right to be left alone. It is the ability to control how much information about ourselves we reveal to others, and how and when to share it.”