Rebooting Computer Crime Law Part 1: No Prison Time For Violating Terms of Service
Rebooting Computer Crime Law Part 1: No Prison Time For Violating Terms of Service
In the wake of social justice activist Aaron Swartzs tragic death, Internet users around the country are taking a hard look at the Computer Fraud and Abuse Act (CFAA), the federal anti-hacking law. As weve noted, the CFAA has lots of problems. In this three-part series, we'll explain these problems in detail and why they need to be fixed.
Here is the CFAA's greatest flaw: the law makes it illegal to access a computer without authorization or in a way that exceeds authorization, but doesnt clearly explain what that means. This murkiness gives the government tons of leeway to be creative in bringing charges.
For example, overzealous prosecutors have gone so far as to argue that the CFAA criminalizes violations of private agreements like an employers computer use policy or a web sites terms of service. Thankfully, some federal courts have recognized the absurdity of this argument, but Congress needs to fix the law to make it crystal clear. Vague laws are dangerous precisely because they give prosecutors and courts too much discretion to arbitrarily penalize normal, everyday behavior.
So, under the governments theory, what innocuous activities could the CFAA criminalize? Here are a few things that could violate the CFAA under the governments misguided interpretation of the law:
Lying about your age on Facebook. Facebooks Rights and Responsibilities make users promise not to provide any false personal information on Facebook. So dont even think about RSVPing to an event you cant attend, or posting a misleading status update, or telling people youre married when youre not. These are all activities that could violate Facebooks terms, and have you facing a years-long prosecution if the government decides to make an example of you.
https://www.eff.org/deeplinks/2013/01/rebooting-computer-crime-law-part-1-no-prison-time-for-violating-terms-of-service