When Aaron Swartz committed suicide at the age of 26 in January, the online world was stunned. He had been the golden boy of the Internet—a leader in the advocacy of online rights who had also made major programming contributions to some of the most important platforms on the Web.
Why did he kill himself? His friends and family are convinced it was because unrelenting federal prosecutors indicted him on thirteen felony counts, threatening to put him away for up to ninety-five years. There is certainly no disputing that Swartz found himself on the wrong side of prosecutors who were going to do everything in their power to incarcerate him, even though it is now clear that he committed no crime. But apart from the tragedy of his death, the worst thing is that his case is just the tip of a growing iceberg.
In the year since Swartz’s death, a number of other computer hacktivists and whistleblowers have become the targets of the wrath of prosecutors and judges, and they have either gone to jail or are facing decades in prison—in one case 105 years. In each instance, the general theme seems to be the same: these are people who were interested in freeing up knowledge for the social good. In Swartz’s case, the goal was to liberate publicly funded knowledge that had been captured and placed behind a paywall. In other cases, it was to gain and disseminate knowledge about the nefarious dealings between our government and unaccountable private intelligence contractors. And in still other cases, it was to expose the ways corporations and private intelligence firms run psychological operations against Americans.
Taken together, the lesson appears to be that computer hacking for social causes and computer hacking aimed at exposing the secrets of governing elites will not be tolerated. The state will come down on such people as hard as it can. “The same beast bit us both,” jailed hacktivist Jeremy Hammond told The Guardian, referring to himself and Swartz. In both cases, as in many others, the question is why?
The prosecution of Aaron Swartz was based on the premise that he had obtained unauthorized access to the computer network at the Massachusetts Institute of Technology and downloaded millions of pages of academic journal articles from JSTOR, an online library. According to prosecutors, this act amounted to a violation of the 1986 Computer Fraud and Abuse Act, which makes it a felony to use a computer network in an unauthorized manner.
The CFAA was inspired in part by Hollywood fantasy: after political leaders watched the Matthew Broderick movie WarGames, they became concerned that a computer hacker might hack into NORAD via a dial-up modem. (Representative Victor Fazio reported that Ronald Reagan thought the movie was nonfiction.) The law is antiquated to say the least, and it is fair to say that prosecutors use—and abuse—it in ways not intended when it was written in the era before the Internet. For example, the Justice Department has held that a person can violate the CFAA simply by breaching the terms of service on an online user agreement (i.e., by lying in your user profile on Match.com). The result is that just about everyone, at some point, has violated the CFAA, making it an ideal tool for overzealous prosecutors.