America's Draconian Computer Fraud and Abuse Act
It's another Obama police state law.
by Stephen Lendman
It's an anti-hacking law. It criminalizes accessing computer systems "without authorization."
"(E)xceeds authorized access" terminology was left undefined. Misinterpretations and abuse followed. Overzealous prosecutors take full advantage.
In 1984, CFAA was enacted. It was amended numerous times. It's primarily a criminal law. At issue are seven types of offenses.
They include obtaining national security information, compromising confidentiality, trespassing in a government computer, accessing a system to defraud and/or obtain value, damaging a computer or information therein, trafficking in passwords, and threatening to damage a computer.
A 1994 amendment permits civil actions. In 2001, Patriot Act provisions addressed computer crime. They require Internet service providers to report suspicious information or activity "without delay."
In 2008, the Identity Theft Enforcement and Restitution Act criminalized conspiracy to commit CFAA related crimes.
The Electronic Frontier Foundation (EFF) calls CFAA "infamously problematic." Reforming it is long overdue. Creative prosecutors game the law advantageously.
Charges unrelating to hacking follow. CFAA's "disproportionately harsh penalty scheme" punishes innocent victims.
Alleged first-time offenders face up to five years imprisonment. Repeat ones get ten or more years and stiff fines.
Violations of other CFAA provisions impose longer sentences. In some cases, life in prison is possible.
Aaron Swartz was maliciously and wrongly charged with excessive CFAA penalties. EFF demands reform. Abusive legislation requires fixing. Punishments should fit crimes. CFAA is rife with problems. It's outlandishly draconian.
Its undefined language encourages abuse. Minor no harm incidents become major ones. Criminal prosecutions follow. EFF's proposal remains a work in progress. It's three-part series discussed it.
Part 1 calls for "no prison time for violating terms of service." CFAA's greatest flaw criminalizes accessing computer systems "without authorization" or in ways that "exceeds authorization."