Read

User menu

Search form

Video: Are Computer Laws Too Tough On "Hacktivists"?

Video: Are Computer Laws Too Tough On "Hacktivists"?
Wed, 10/23/2013 - by Sanya Dosani and Aaron Ernst
This article originally appeared on Al Jazeera America

Although they call themselves Anonymous, it didn’t take federal authorities long to identify members of the loosely affiliated “hactivist” network responsible for high-profile attacks on a series of corporate websites.

In July 2011, the FBI arrested 16 members of the group, accusing them of launching attacks against MasterCard, Visa and PayPal because the companies refused to process payments to Julian Assange’s whistleblower website WikiLeaks.

The attack, known as a distributed denial of service attack, or DDoS, involved using a program called the Low Orbit Ion Canon to send thousands of requests to the targeted website at a coordinated time. Overwhelmed with the volume of requests to view a page, the websites crashed.

In response, 14 members of Anonymous were indicted and charged under the Computer Fraud and Abuse Act (CFAA), a law enacted after a mid-1980s computer-hacking scare. Some of the counts carried more than a decade in prison.

Those charges, and others brought under the CFAA against “hactivists” seeking to remedy what they see as social injustice through online protest, have critics arguing that the potential punishment under the law doesn’t fit the crime.

Tor Ekeland, a New York lawyer who represents several hacktivists being charged under the CFAA, told America Tonight that he’s frustrated by the broad wording of the law.

“It prohibits unauthorized access to protected computers, and obtaining information in in one section,” he said. “So you could go to a website right now, click on a link, and the owner decides that they don’t want you to be at the website. Your access is unauthorized. Bang. You probably committed a felony under the CFAA.”

Ekeland represents Deric Lostutter, a hacktivist who helped expose the rape of a girl in Steubenville, Ohio, with this video. After reading about the case online, he recorded the video, which was then posted on Roll Red Roll, a fan site dedicated to the Steubenville High School football team. Two team members were later convicted of the rape in juvenile court. Lostutter admitted he made the video, but said someone else hacked into the site.

Lostutter’s life changed in April of this year. He had just returned from turkey hunting, he said, and was getting ready to go to work as a computer consultant, when a truck pulled into his driveway. “They jumped out with M16s and pointed them at my head and told me, ‘FBI, get the F down!’” he told America Tonight. “So, I did, and they put me in handcuffs.”

The FBI confiscated Lostutter’s computer and questioned him for hours. He says they later emailed him with a target letter, indicating that the government wanted to charge him with three felonies.

Lostutter believes that the government’s priorities are misplaced. “So you get 25 years in prison for forcibly entering your way into a computer, but one year in prison for forcibly entering your way into a female,” he said. “That’s the message that we’re sending with the Computer Fraud and Abuse Act.”

Federal officials in Ohio did not confirm whether the government plans to press ahead with charges against Lostutter. Few hactivists end up serving decades in jail, but the FBI raid on Lostutter represents a pattern of what many hacktivists told America Tonight is an overzealous crackdown by the government on people who just happen to use computers in old-fashioned protests against social injustice.

The Department of Justice and the FBI's cyber crime division refused multiple requests for an interview. Mark Rasch, a former prosecutor for the Department of Justice who helped write the CFAA, said the government doesn’t want to discourage civil disobedience, but those who break the law for the sake of protest should still face the legal consequences.

“When you do a denial of service attack on a commercial entity or government agency, you have taken it upon yourself to violate the law for a civil disobedience purpose,” he said. “When you do that you run the risk of being arrested.”

But hactivists’ protest tactics extend beyond DDoS attacks.

In December 2011, a politically motivated offshoot of Anonymous called AntiSec breached the website of global intelligence contractor Stratfor, stealing and publishing the passwords, addresses and credit card information of its clients, as well as internal e-mails – a practice known as “doxing.” Within the more than 5 million Stratfor e-mails published were “revelations about close and perhaps inappropriate ties between government security agencies and private contractors.”

Three months later, a man suspected of being behind the hack, Jeremy Hammond, was arrested. He pleaded guilty in May of this year for the Stratfor hack and eight other hacks of law enforcement and defense contractor websites, and faces up to 10 years in prison with his deal.

“I did this because I believe people have a right to know what governments and corporations are doing behind closed doors,” he wrote in a statement after the plea deal. “I did what I believe is right.” According to his supporters, he has been denied bail for being a flight risk and called “more dangerous than an online sexual predator” by the judge presiding his case.

Perhaps the case that has generated the most support for reforming the CFAA has been the tragic story of 26-year-old computer prodigy and Internet activist Aaron Swartz.

Swartz was a well-known figure advocating for freedom of information on the Internet. As a teenager, he helped create RSS, computer code that allows people to get automatic feeds from websites. Over time, he became an open information activist. In 2008, Swartz downloaded and released about 2.7 million public court documents from the Public Access to Court Electronic Records -- better known as PACER -- in an effort to make them available outside of the service, which charges for access to public records.

In 2010, he and Wikler founded the online group Demand Progress, which was instrumental in preventing the passage of the Stop Online Piracy Act, which was criticized for promoting censorship without adequately preventing criminal behavior. He also helped develop SecureDrop, a tool for sources to anonymously share confidential documents with journalists.

But in July 2011, Swartz was charged under the CFAA for using an unauthorized computer to download millions of academic articles from JSTOR, an online library protected by a paywall. The government alleged Swartz intended to distribute the articles to the public.

“It was like checking too many books out of the library,” his friend Ben Wikler told America Tonight. Under the CFAA, Swartz faced 13 felony charges, up to 35 years in prison and a $1 million fine.

In January, just weeks before his trial was set to begin, Swartz committed suicide. His death, which many of his friends arrtibuted directly to the government’s prosecution, raised questions about the fairness of the CFAA, triggered debates about political action in the digital age and served as a rallying point for “Aaron’s Law,” a bill to update the CFAA and narrow its scope.

Introduced by Representatives Zoe Lofgren (D-Calif.), Jim Sensenbrenner (R-Wis.) and Sen. Ron Wyden (D-Ore.) in June, the bill defines unauthorized access, decriminalizes merely violating a website's terms of service and removes a provision allowing prosecutors to bring multiple charges for one violation, among other measures.

But some security professionals, prosecutors and politicians have been critical of efforts to reform the law, fearing it would hamper its enforcement effectiveness. In testimony before the the House Judiciary Committee in 2011, Richard Downing, deputy section chief for computer crime and intellectual property at the Department of Justice, said “limiting the use of such terms to define the scope of authorization would, in some instances, prevent prosecution of exactly the kind of serious insider cases the department handles on a regular basis.” Reformers argue existing laws that cover the misuse of trade secrets address those issues.

Others contend that the poblem isn't the law, but how prosecutors choose to enforce it.

Still, many internet activists maintain that reform is badly needed. “We still need to pass Aaron's Law to stop this from happening the next time,” Swartz’s friend Wilker told America Tonight. “If this ends here, the system beat Aaron in a way. We need to change the system now."

For now, the bill remains in committee, and hacktivsts like Deric Lostutter wait in limbo to see what the future holds.

Originally published by Al Jazeera America

Sign Up

Article Tabs

Norway Sovereign Wealth Fund, Norwegian divestment, oil divestment, fossil fuel divestments, carbon emissions, Green New Deal, petro-states

Europe's largest oil producer is effectively admitting the oil game is over and promises to divest from the industry – but it wants to play to the final whistle. Can it have it both ways?

Amazon, Amazon Web Services, Amazon cloud storage, Amazon government relationship, Amazon surveillance technology, Amazon financial dominance

Amazon provides is unmatched providing cloud storage to our federal government, gubernatorial organizations and local municipalities, with over 2,000 agencies now dependant on AWS.

Brexit, Brexit failure, leaving the E.U., British turmoil, Brexit no-deal

The rejection of a no-deal left the government crestfallen as its attempt to keep control of the Brexit process by maintaining a no-deal on the table was quashed.

youth climate strike, climate protests, climate walkouts, strike for climate, Greta Thunberg, global youth protests

The global Youth Climate Strike will have its official coming out party this Friday, March 15, when tens of thousands of young people worldwide skip school to protest climate inaction.

Norway Sovereign Wealth Fund, Norwegian divestment, oil divestment, fossil fuel divestments, carbon emissions, Green New Deal, petro-states

Europe's largest oil producer is effectively admitting the oil game is over and promises to divest from the industry – but it wants to play to the final whistle. Can it have it both ways?

Environmental activists occupy the office of then incoming Democratic majority leader Rep. Steny Hoyer, D-Md. (J. Scott Applewhite / AP)

Amid transatlantic proposals for a Green New Deal, monetary policy – normally relegated to obscure academic tomes and bureaucratic meetings behind closed doors – has suddenly taken center stage.

Image Credit: Sara Jane Rhee

Teachers are now understanding that their labor power is part of a broader strategy to even the playing field in a political landscape that is increasingly unequal.

District of Columbia Democratic Attorney General Karl Racine (center) is hiring outside climate counsel to work on matters related to an Exxon investigation. Karl Racine/Facebook

Washington, D.C. Attorney General Karl Racine has revealed plans to hire climate lawyers to focus on an investigation and potential litigation against Exxon Mobil Corp.

billionaires, abolish billionaires, extreme wealth, wealth inequality, income inequality, tax the rich, wealth redistribution, wealth tax

America’s billionaires have suddenly realized they just may be facing an existential crisis: A good chunk of the American people, they now understand, would rather billionaires not exist.

Posted 6 days 4 hours ago
Amazon, Amazon Web Services, Amazon cloud storage, Amazon government relationship, Amazon surveillance technology, Amazon financial dominance

Amazon provides is unmatched providing cloud storage to our federal government, gubernatorial organizations and local municipalities, with over 2,000 agencies now dependant on AWS.

Posted 4 days 3 hours ago
Norway Sovereign Wealth Fund, Norwegian divestment, oil divestment, fossil fuel divestments, carbon emissions, Green New Deal, petro-states

Europe's largest oil producer is effectively admitting the oil game is over and promises to divest from the industry – but it wants to play to the final whistle. Can it have it both ways?

Posted 2 days 14 hours ago
Brexit, Brexit failure, leaving the E.U., British turmoil, Brexit no-deal

The rejection of a no-deal left the government crestfallen as its attempt to keep control of the Brexit process by maintaining a no-deal on the table was quashed.

Posted 5 days 4 hours ago
Brexit, Brexit failure, leaving the E.U., British turmoil, Brexit no-deal

The rejection of a no-deal left the government crestfallen as its attempt to keep control of the Brexit process by maintaining a no-deal on the table was quashed.

District of Columbia Democratic Attorney General Karl Racine (center) is hiring outside climate counsel to work on matters related to an Exxon investigation. Karl Racine/Facebook

Washington, D.C. Attorney General Karl Racine has revealed plans to hire climate lawyers to focus on an investigation and potential litigation against Exxon Mobil Corp.

Image Credit: Sara Jane Rhee

Teachers are now understanding that their labor power is part of a broader strategy to even the playing field in a political landscape that is increasingly unequal.

Amazon, Amazon Web Services, Amazon cloud storage, Amazon government relationship, Amazon surveillance technology, Amazon financial dominance

Amazon provides is unmatched providing cloud storage to our federal government, gubernatorial organizations and local municipalities, with over 2,000 agencies now dependant on AWS.

billionaires, abolish billionaires, extreme wealth, wealth inequality, income inequality, tax the rich, wealth redistribution, wealth tax

America’s billionaires have suddenly realized they just may be facing an existential crisis: A good chunk of the American people, they now understand, would rather billionaires not exist.