JSTOR has begun informal communication with the committee and will cooperate in its investigation as needed, an official said. MIT, meanwhile, launched an internal inquiry on its actions related to Swartz and will release its findings in a matter of weeks, though officials wouldn’t comment further.
The briefing also touched on prosecutors’ knowledge of Swartz’s history of depression the two officials said, as critics contend that the prosecution contributed to the 26-year-old’s decision to take his own life. Swartz’s release on $100,000 bond in July 2011 came under a condition, among others from Judge Judith Dein, that he seek mental treatment as directed by pretrial services.
“I’m a little concerned about some mental health issues here,” Dein said during Swartz’s arraignment, according to a court recording of the proceedings. “I guess there’s been some concerns in the past about his ability to handle the situation.”
Though many activists contend Swartz was unfairly prosecuted under the law, some legal experts instead lay blame on the statute itself, which they say is overly broad.
Orin S. Kerr, a professor at the George Washington University Law School, said what Swartz did “was pretty clearly a felony . . . this was not something that was even in the periphery of the statute.”
Kerr nonetheless argued that the law’s punishments are overly harsh, adding that its broad language can criminalize something as minor as violating a terms of service agreement. Falsifying personal information on a Facebook account, Kerr offered as an example, breaches the site’s small print, terms of service to which most users automatically agree.
“The government can put in jail any Internet user they want,” said Kerr, an expert in computer crime law. “We’re at the early age of figuring out what should be a crime and what should not be a crime when it involves computers.”
Representative Zoe Lofgren of California drafted legislation to reform the Computer Fraud and Abuse Act soon after Swartz’s death. The proposal would rewrite certain aspects of the hacking law, decriminalizing violations of terms of service, and giving “unauthorized access” a more concrete definition. “Cybersecurity is a serious problem,” Lofgren said in an interview. “This has nothing to do with it.”
Still, “Aaron’s Law” could prove a tough sell in Congress, especially given recent steps to ramp up protections against cybercrime and cyberterror. A report released last week by Mandiant, a US-based computer security firm, tracked years of cyberattacks on American corporations and government agencies by a group tied to the Chinese Army.
“Any time you’re talking about weakening a criminal statute, there’s always a fear that legislators will appear weak on crime,” said Andy Sellars, a fellow at Harvard University’s Berkman Center for Internet and Society.
Swartz first gained fame as a teenager when he cofounded Reddit and helped develop Creative Commons and RSS, a feed to automatically update content for online users. Over the past five years, he began translating his knowledge of Internet tools to mainstream progressive causes.
After the House and Senate unveiled legislation in 2011 to bolster copyright law — and fundamentally change how information is shared online, critics argue — Swartz catalyzed an Internet response that helped stall both bills in January 2012. Giants such as Google, Wikipedia, and Reddit joined tens of thousands of other sites in blacking-out web pages, and millions of Internet users protested online through petitions and e-mails.