Hounded to Death: Did Prosecutors Abuse Cybercrime Laws in Swartz Case?

It would have been impossible not to witness the outpouring of grief, anger and suspicion that consumed the internet since last weekend. The untimely death of Reddit co-founder, internet activist and all-round computer genius Aaron Swartz on Friday in a suspected suicide has given birth to intense debate over what many have termed as ‘legal bullying’ and the perceived dangers of cybercrime.

Unsurprisingly, given the sledgehammer of felony charges that Swartz was facing for what was a relatively innocuous crime, the reaction to his death has been an overwhelmingly sympathetic one. Swartz was accused of stealing over four million files from the MIT’s online archive and journal distribution service JSTFOR, an offence that was mischievous at best, yet could have resulted in more than three decades behind bars had he been found guilty and the prosecutor had his way.

In light of Swartz’s suicide, many are arguing that the authorities were way too heavy handed in their handling on the affair, and their seemingly relentless, inhuman mission to throw the book at the young activist.

For instance, one of Swartz’ staunchest supporters, Alex Stamos, wrote in his blog post The Truth about Aaron Swartz’s Crime, that his actions failed to meet even the broadest of definitions for the term “hack”, given that all he used were a handful of python scripts to discover the journal’s URLs. Swartz did nothing that would constitute the actions of the so-called professional hacker that he has been accused of being – no breaking CAPTCHA’s, no parameter tampering, nothing more complex than using a basic command line tool that downloads files in much the same way as you right-clicking on a link and selecting ‘save as’.

Furthermore, according to Stamos, Swartz did not attempt to cover his tracks in any way, something that was illustrated by his failure to take even the most rudimentary of precautions such as deleting his browser history or encrypting his laptop’s identity in order to download the files he took.

Given the obviously over-the-top nature of the charges that Swartz was facing, one has to wonder if cybercrime legislation was being abused here, with prosecutors using the threat of stiff punishments designed for genuine criminals simply to try and ‘teach a lesson’ to someone that they thought needed to be put into his place.

Swartz certainly hadn’t made too many friends among the powers that be during his all-too short lifetime, a fact that only lends weight to this argument. Swartz has long been seen as something of a troublemaker in certain circles. For instance, he was one of the main advocates for consumer privacy and freedom of information, and he undoubtedly threw a huge spanner in the works by taking a lead role in the anti-SOPA crusade. Furthermore, Swartz had pulled a similar stunt to his JSTFOR mischief before, downloading and publically releasing more than 20% of the federal court documents held on the government’s PACER database – actions that led to an FBI investigation into him.

Swartz’s death “was the product of a criminal justice system rife with intimidation and prosecutorial overreach,” his family said in a statement last weekend. His trial was set to go ahead this April, with a preliminary hearing scheduled to take place this month.

More than anything else, Swartz’s case seems to highlight the uncertainty within society over the dangers of cybercrime and how to deal with those that break into computer systems not to enrich themselves, but simply to share data with others.

Chris Soghoian of the American Civil Liberties Union, makes the point in his own commentary that existing laws fail to make a distinction between what are obviously two very different forms of cybercrime – those that hack as a form of protest, or to spread information (like Julian Assange), or else simply to prove how skillful they are, and those that do so purely to gain profit from the deed.

“The government used the same laws intended to go after digital bank robbers to go after this 26-year-old genius,” explains Soghoian.

It’s almost ironic that Swartz was at the forefront of a hugely influential and vocal community that advocates that people like himself should be protected from the very same laws that led to his death – laws that were put in place to deal with malicious criminals that cause genuine harm to others, rather than activists whose only crime is to cause mischief.

Here with more insight and analysis over at News Desk this morning is SiliconAngle founder John Furrier:

About Mike Wheatley

Mike loves to talk about Big Data, the Internet of Things, Hacktivists and hacking, but he also hates Google and can never resist having a quick dig at them should the opportunity arise :) Got a REAL news story or tip? Email Mike@SiliconANGLE.com.