Editing Computer Fraud and Abuse Act (section)

==Criticism==
There have been criminal convictions for CFAA violations in the context of civil law, for [[breach of contract]] or [[terms of service]] violations. Many common and insignificant online acts, such as password-sharing and copyright infringement, can transform a CFAA [[misdemeanor]] into a [[felony]]. The punishments are severe, similar to sentences for selling or importing drugs, and may be [[Proportionality (law)|disproportionate]]. Prosecutors have used the CFAA to protect private business interests and to intimidate [[Free-culture movement|free-culture activists]], deterring undesirable, yet legal, conduct.<ref>{{citation | author-last=Curtiss | author-first=Tiffany | title=Computer Fraud and Abuse Act Enforcement: Cruel, Unusual, and Due for Reform | journal=Washington Law Review | volume=91 | issue=4 | year=2016 | url=https://www.law.uw.edu/wlr/print-edition/print-edition/vol-91/4/computer-fraud-and-abuse-act-enforcement-cruel-unusual-and-due-for-reform}}</ref><ref>{{Cite web |title=A Voice from Prison Blog {{!}} Criminal Justice Reform & Constitutional Rights |url=https://avoicefromprison.com/ |access-date=2022-10-25 |website=A Voice from Prison |language=en-US}}</ref>

One such example regarding the harshness of the law was shown in United States vs. Tyler King,<ref>{{Cite web |date=2020-08-13 |title=Texas Man Sentenced to 57 Months for Computer Hacking and Aggravated Identity Theft |url=https://www.justice.gov/usao-ndny/pr/texas-man-sentenced-57-months-computer-hacking-and-aggravated-identity-theft |access-date=2022-10-25 |website=www.justice.gov |language=en}}</ref> where King refused initial offers by the government for involvement in a conspiracy to "gain unauthorized access" to a computer system for a small company that an ex-girlfriend of King worked for. His role, even while not directly involved, resulted in 6.5 years imprisonment. No financial motive was established. A non-profit was started to advocate against further harshness against others targeted under the broad law.<ref>{{Cite web |title=A Voice from Prison Blog {{!}} Criminal Justice Reform & Constitutional Rights |url=https://avoicefromprison.com/ |access-date=2022-10-25 |website=A Voice from Prison |language=en-US}}</ref>

[[Tim Wu]] called the CFAA "the worst law in technology".<ref>{{cite web |title=Most of what you do online is illegal. Let's end the absurdity |author1=Christian Sandvig|author-link2=Karrie Karahalios|author2=Karrie Karahalios |date=2006-07-01 |work=[[The Guardian]] |url=https://www.theguardian.com/commentisfree/2016/jun/30/cfaa-online-law-illegal-discrimination}}</ref>

Professor of Law Ric Simmons notes that many provisions of the CFAA merely combine identical language to pre-existing federal laws with "the element of “access[ing] a protected computer without authorization, or [by] exceed[ing] authorized access,"<ref>[[Title 18 of the United States Code|18 U.S.C.]] § [https://www.law.cornell.edu/uscode/text/18/1030 1030(a)(4)]</ref> meaning that "the CFAA merely provides an additional charge for prosecutors to bring if the defendant used a computer while committing the crime."<ref>{{Cite journal|last=Simmons|first=Ric|date=2016|title=The Failure of the Computer Fraud and Abuse Act: Time to Take an Administrative Approach to Regulating Computer Crime|url=https://www.gwlr.org/the-failure-of-the-computer-fraud-and-abuse-act-time-to-take-an-administrative-approach-to-regulating-computer-crime/|journal=The George Washington University Law School}}</ref> Professor Joseph Olivenbaum has similarly criticized the CFAA's "computer-specific approach," noting both the risk of redundancy and resultant definitional problems.<ref>{{Cite book|last=Olivenbaum|first=Joseph M.|title=<CTRL><ALT><DELETE>: Rethinking Federal Computer Legislation|publisher=27 Seton Hall Law Review 574|year=1997}}</ref>

The CFAA increasingly presents real obstacles to journalists reporting stories important to the public’s interest.<ref name = Baranetsky>{{Cite web|last=Baranetsky|first=Victoria|title=Data Journalism and the Law|url=https://www.cjr.org/tow_center_reports/data-journalism-and-the-law.php/|access-date=2020-10-16|website=Columbia Journalism Review|language= en}}</ref> As data journalism increasingly becomes “a good way of getting to the truth of things . . . in this post-truth era,” as one data journalist told Google, the need for further clarity around the CFAA increases.<ref name = Baranetsky/>

As per Star Kashman, an expert in cybersecurity law, the CFAA presents some challenges in cases related to Search Engine Hacking (also known as Google Dorking). Although Kashman states that accessing publicly available information is legal under the CFAA, she also notes that in many cases Search Engine Hacking is ultimately prosecuted under the CFAA. Kashman believes prosecuting cases of Google Dorking under the CFAA could render the CFAA void for vagueness by making it illegal to access publicly available information.<ref>{{cite journal |last1=Kashman |first1=Star |title=Google Dorking or Legal Hacking: From the CIA Compromise to Your Cameras at Home, We Are Not as Safe as We Think |journal=Wash. J. L. Tech. & Arts |date=2023 |volume=18 |issue=2}}</ref>

===Aaron Swartz===
{{See also|Van Buren v. United States}}
{{quotebox
|quote = The government was able to bring such disproportionate charges against Aaron because of the broad scope of the Computer Fraud and Abuse Act (CFAA) and the wire fraud statute. It looks like the government used the vague wording of those laws to claim that violating an online service's user agreement or terms of service is a violation of the CFAA and the wire fraud statute.

Using the law in this way could criminalize many everyday activities and allow for outlandishly severe penalties.

When our laws need to be modified, Congress has a responsibility to act. A simple way to correct this dangerous legal interpretation is to change the CFAA and the wire fraud statutes to exclude terms of service violations. I will introduce a bill that does exactly that.
|source = —Rep. [[Zoe Lofgren]], Jan 15, 2013 <ref name="huffingtonpost.com">{{cite news|url=http://www.huffingtonpost.com/2013/01/15/zoe-lofgren-aarons-law-swartz_n_2483770.html |work=Huffington Post |title=Congresswoman Introduces 'Aaron's Law' Honoring Swartz |date=January 15, 2013 |first=Ryan J. |last=Reilly}}</ref>
|width=33%
}}

{{wikisource|Rep Zoe Lofgren Introduces Bipartisan Aaron's Law}}

In the wake of the prosecution and subsequent suicide of [[Aaron Swartz]] (who used a script to download scholarly research articles in excess of what [[JSTOR]] terms of service allowed), lawmakers proposed amending the Computer Fraud and Abuse Act. Representative [[Zoe Lofgren]] drafted a bill that would help "prevent what happened to Aaron from happening to other Internet users".<ref name="huffingtonpost.com"/> Aaron's Law ({{USBill|113|hr|2454}}, {{USBill|113|s|1196}}<ref>{{USBill|113|hr|2454|site=yes}}; [http://www.govtrack.us/congress/bills/113/hr2454 H.R. 2454] {{Webarchive|url=https://web.archive.org/web/20180715064344/http://www.govtrack.us/congress/bills/113/hr2454 |date=July 15, 2018 }} at [[GovTrack]]; [http://www.opencongress.org/bill/113-h2454/ H.R. 2454] {{webarchive|url=https://web.archive.org/web/20131112102251/http://www.opencongress.org/bill/113-h2454/ |date=November 12, 2013 }} at [[OpenCongress]]. {{USBill|113|s|1196|site=yes}}; [http://www.govtrack.us/congress/bills/113/s1196 S. 1196] {{Webarchive|url=https://web.archive.org/web/20180715040512/http://www.govtrack.us/congress/bills/113/s1196 |date=July 15, 2018 }} at [[GovTrack]]; [http://www.opencongress.org/bill/113-s1196/ S. 1196] {{webarchive|url=https://web.archive.org/web/20131112102253/http://www.opencongress.org/bill/113-s1196/ |date=November 12, 2013 }} at [[OpenCongress]].</ref>) would exclude [[terms of service]] violations from the 1984 Computer Fraud and Abuse Act and from the wire fraud statute.<ref>{{cite news|last=Musil |first=Steven |newspaper=CNET News |date=15 January 2013 | access-date=19 Oct 2021| url=https://news.cnet.com/8301-1023_3-57564193-93/new-aarons-law-aims-to-alter-controversial-computer-fraud-law/ |title=New 'Aaron's Law' aims to alter controversial computer fraud law}}</ref>

In addition to Lofgren's efforts, Representatives [[Darrell Issa]] and [[Jared Polis]] (also on the [[House Judiciary Committee]]) raised questions in the immediate aftermath of Swartz's death regarding the government's handling of the case. Polis called the charges "ridiculous and trumped up," referring to Swartz as a "martyr."<ref name=Hill/> Issa, chair of the [[United States House Committee on Oversight and Government Reform|House Oversight Committee]], announced an investigation of the Justice Department's prosecution.<ref name="Hill">{{cite web|last=Sasso |first=Brendan |url=https://thehill.com/policy/technology/139354-lawmakers-slam-doj-prosecution-of-swartz-as-ridiculous-absurd/ |title=Lawmakers slam DOJ prosecution of Swartz as 'ridiculous, absurd' |work=[[The Hill (newspaper)|The Hill]] |date= 2013-01-16|access-date=2013-01-16}}</ref><ref>{{cite news|url=http://www.huffingtonpost.com/2013/01/15/darrell-issa-aaron-swartz-_n_2481450.html |title=Darrell Issa Probing Prosecution Of Aaron Swartz, Internet Pioneer Who Killed Himself |publisher=Huffingtonpost.com |date=January 15, 2013|access-date=2013-01-16 |first1=Ryan J. |last1=Reilly}}</ref>

By May 2014, Aaron's Law had stalled in committee. Filmmaker [[Brian Knappenberger]] alleges this occurred due to [[Oracle Corporation]]'s financial interest in maintaining the status quo.<ref>{{cite news |url=http://o.canada.com/technology/swartz-doc-director-oracle-and-larry-ellison-killed-aarons-law |work=Postmedia |first=Jonathan |last=Dekel |title=Swartz doc director: Oracle and Larry Ellison killed Aaron's Law |date=May 1, 2014 |access-date=May 1, 2014 |archive-date=October 3, 2018 |archive-url=https://web.archive.org/web/20181003014431/https://o.canada.com/technology/swartz-doc-director-oracle-and-larry-ellison-killed-aarons-law |url-status=dead }}</ref>

Aaron's Law was reintroduced in May 2015 ({{USBill|114|hr|1918}}, {{USBill|114|s|1030}}<ref>{{USBill|114|hr|1918|site=yes}}{{USBill|114|s|1030|site=yes}}</ref>) and again stalled. There has been no further introduction of related bills.{{as of?|date=February 2023}}

{{clear right}}