The House Judiciary Committee is proposing a bill that expands the reach of the CFAA. Far from addressing the concerns of activists who point to the Aaron Swartz case, it seems to make the situation worse. Why is chair Bob Goodlatte (pictured) doing this?
In IT Blogwatch, bloggers prepare for a fight (again).
Your humble blogwatcher curated these bloggy bits for your entertainment.
Jennifer Martinez reports:
The bill draft would tighten penalties for cyber crimes...establish a standard for when companies would have to notify consumers [and allow] an attempt at a cyber crime [to] be punished as harshly as an actual offense.
It’s unclear which Judiciary members are sponsoring the draft bill. ... Momentum for cybersecurity legislation has increased in recent weeks amid alarms...about hacker attacks on American companies and key infrastructure. ... The draft bill would require companies that acquire, store or use personal information to report a security breach to its customers. ... If a company suffers a massive data breach, the draft bill would require them to notify the FBI or Secret Service. MORE
Alex Wilhelm calls the "attempt to commit" clause "unsettling":
Naturally, if a person is known to be directly working to execute illegal tasks, they should be stopped and charged appropriately. ... [But] boldening the law to allow the government to slap years in prison onto people it thinks are contemplating breaking computer law is troubling.
Given the often limited or incorrect interpretation of technology by those who hold legal power such a provision could be exceptionally dangerous. MORE
Here's Mike Masnick, with the fail-wail:
So, you know all that talk about things like Aaron's Law? ...the House Judiciary Committee has decided to raise a giant middle finger to folks who are concerned about abuses of the CFAA. ...it almost feels like the Judiciary Committee is doing it on purpose as a dig at online activists who have fought back against things like SOPA, CISPA and the CFAA.
Basically, this just gives the DOJ yet another tool to use against "computer criminals" when they want to bring the hammer down on someone they don't like. ... [It] can claim that anyone who talked about doing something...that violates the CFAA shall now be punished the same as if they had "completed" the offense.
This is not a good thing. ... You would have hoped that [they] would recognize that now is the time to fix the CFAA, not to make it worse. MORE
And Orin Kerr concurs:
Stop taking DOJ’s language from back in 2011 and packaging it as something new. ... In some ways, [it] is even more severe and harsh than DOJ wanted. ... For example, the proposed language would make it a felony crime to violate Terms of Service.
This language is really, really broad. [It] would make it a felony to lie about your age on an online dating profile [or] to violate TOS in the course of committing a very minor state misdemeanor. MORE
But intellitech suggests a conventional, democratic response:
You can write to them easily here: https://www.eff.org/aarons-law ...add a note to the end of the boilerplate about how you WILL NOT vote for them if they don't act.
Senators and Representatives, [I] see how you vote and how well you represent my interests via http://www.opencongress.org. MORE