April 29, 2015 | By Cindy Cohn

Aaron’s Law Reintroduced: CFAA Didn’t Fix Itself

Aaron’s law, the proposed law named in honor of Internet hero Aaron Swartz was reintroduced last week by Rep. Zoe Lofgren (D-Calif.) and Senator Wyden (D-Ore.), with new co-sponsor Senator Rand Paul (R-Ky.). This bill is the same as the one introduced in 2013 and we call upon Congress to move it forward.

The CFAA is one of the laws that is misused by prosecutors, piling on potential jail time to relatively minor charges in order to ratchet up pressure on defendants and get them to plead guilty rather than risk trial. In the time since Aaron's tragic death, EFF has continued to see misuses of the CFAA in prosecutions across the country. While this bill wouldn’t fix everything that is wrong with the law, it would ensure that people won't face criminal liability for violating a terms of service agreement or other solely contractual agreements. It would also rein in some of the potential for prosecutorial discretion by limiting penalties and stop some of the game playing with duplicate charges that we continue to see. More specifics on our website, along with links to EFF’s ongoing work in the courts can be found on our CFAA Issue page.

We’re pleased to see Senator Paul on the list of sponsors, along with Reps. Jim Sensenbrenner (R-Wis.), Mike Doyle (D-Pa.), Dan Lipinski (D-Ill.) and Jared Polis (D-Colo.). With increasing concerns raised about overcriminalization and overreaching by the police and prosecutors across the country, fixing the CFAA should be on any list for criminal justice reform.

And equally important, it appears that we may need to stop Congress from making the law worse. Recently Senators Kirk (R-Ill.) and Gillibrand (D-NY) announced the Data Breach Notification and Punishing Cyber Criminals Act, in which they threatened to increase the already out-of-proportion penalties for "obtaining information from a protected computer without authorization," the key phrase in the CFAA.  Dressed up as an answer to data breaches, this proposal is yet another way to avoid addressing the real issues with data breaches: the lack of strong incentives for industry to keep our data safe and the FBI's concerted efforts to reduce the security we could all enjoy through the use of strong encryption.

We hope Congress moves Aaron's law forward.


Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

Pls plan to call your House Rep Monday, "vote no FCC privacy repeal" If your rep is Republican, ask 5 friends too https://eff.org/gopp

Mar 24 @ 4:18pm

A loophole in Australia's copyright safe harbor rules will stay open, endangering local user-generated content sites https://www.eff.org/deeplinks...

Mar 24 @ 1:37pm

In all, @agcrocker addressed the appeals court on NSLs for more than 25 minutes. Here's the full recording. https://youtu.be/ccS06CFkZ5M

Mar 24 @ 1:09pm
JavaScript license information