Alex Goldman is a producer for On the Media. One time he got run over by a car.
The Latest on the Hacker Law
Tuesday, November 15, 2011 - 03:05 PM
It wasn't too long ago that On the Media interviewed Electronic Frontier Foundation Senior Staff Attorney Marcia Hofmann about the Computer Fraud and Abuse Act (CFAA). The act, written in 1986, was designed to outlaw criminal computer hacking, but according to Hofmann, it is written in such a technically imprecise manner that it could be used to prosecute someone who violated Terms of Service for a site like Facebook.
Hofmann believed that the focus of the law needed to be narrowed, saying, "The important thing is for Congress to decide what behavior it is that we want to penalize and make that behavior illegal. You know, one of the hallmarks of our criminal justice system is that people know what behavior is illegal. And in some of these situations they may or may not know what behavior is illegal."
She's not alone in thinking that the act needs reform. George Washington University law professor Orin Kerr released a statement yesterday in advance of testimony he will give to a US House of Representatives subcommittee on Crime, Terrorism, and Homeland Security today. He says that perfectly innocuous online behavior could be prosecutable under the CFAA. "In the Justice Department’s view, the CFAA criminalizes conduct as innocuous as using a fake name on Facebook or lying about your weight in an online dating profile," says Kerr. "That situation is intolerable."
But CNET is reporting that the Department of Justice believes that it's vitally important to be able to prosecute terms of service violations:
The law must allow "prosecutions based upon a violation of terms of service or similar contractual agreement with an employer or provider," Richard Downing, the Justice Department's deputy computer crime chief, will tell the U.S. Congress tomorrow.
Scaling back that law "would make it difficult or impossible to deter and address serious insider threats through prosecution," and jeopardize prosecutions involving identity theft, misuse of government databases, and privacy invasions, according to Downing.
So one side says the law’s broadness has created intolerable situations – and the other says that making the law more circumscribed would prevent the government from prosecuting criminals in the online arena. In the meantime, there continues to be uncertainty about when and how the law will be applied -- that might be worse than either extreme.