2011 in Review: Hacking Law
As the year draws to a close, EFF is looking back at the major trends influencing digital rights on 2011 and discussing where we are in the fight for free expression, innovation, fair use, and privacy.
EFF has long been concerned about the Computer Fraud and Abuse Act (CFAA), a federal law that allows people to be sued civilly and charged criminally with a host of anti-hacking offenses. 2011 has been a landmark year for prosecutions under the statute, with the feds pursuing aggressive, high-profile cases against members of Anonymous and LulzSec, as well as open access advocate Aaron Swartz.
Some companies tried to push the law far beyond its limits again in 2011. In Sony v. Hotz, a case that eventually settled, Sony claimed that users violate the CFAA when they access their own video game consoles in ways Sony doesn't like. And in Lee v. PMSI, Inc., a company struck back against a former employee who filed suit for wrongful termination, unsuccessfully arguing that she violated the CFAA by spending too much time surfing the Internet at work in violation of company policy.
As these cases unfolded in the courts, the Obama Administration pushed to expand the scope of the CFAA and enhance penalties, which is a dangerous move when it's so unclear what the law criminalizes. Thankfully, Senators Grassley, Franken and Lee introduced a proposal to clarify that it's generally not a crime to violate website terms of service or acceptable use policies. Though we think the amendment could be even better, it's a step in the right direction and we hope the Senate passes it in 2012.