This whole thing weirds me out. Here we are on Hacker News, and yet there is a super-large contingent of people going "Well, he DID technically commit a victimless crime...".
So yes - he did do something that was against some terms of service. But jail time? For breaking a clickthrough "license" and computer hacking at MIT in the service of public knowledge? This sucks unutterably.
MIT: Playful physical hacks okay, but don't try to mass harvest the knowledge of the world or the DOJ will come down on you like a sledgehammer.
JSTOR: All the world's knowledge, as long as you don't try to access all of it.
DOJ: We'll break you just because we can (or for other reasons that we are not stating).
Hacker News: Well, they do have a point - he did access semi-public data in a non-approved way, and he had to plug into the network in a strange way to do it.
I think "he just broke a clickthrough license" greatly oversimplifies what he was alleged to have done. In fact, what he did was to devise an escalating series of tactics to evade the countermeasures that both MIT and JSTOR set up to stop him from doing what he was doing.
And as has been pointed out elsewhere on this thread, the likelihood of him spending a single night in custody is very low.
Perhaps not, but if the DoJ's perspective is that mirroring JSTOR without permission ultimately constitutes wire fraud, then the series of tactics he took, legal or not, establish mens rea: they constitute evidence that Swartz' actions were knowing and purposeful.
I like the article you cited, but it seems predicated on a lot of assumptions about the evidence the DoJ has. Like I've said elsewhere: if the only thing Swartz was doing was taking a shortcut to getting bulk documents to analyze, then this is clearly a misstep on the DoJ's part; an extreme overreaction. But if they have evidence that his plan was to dump them onto BitTorrent, they have a case. I hope they lose the case!
Other than plotting to murder the president, I am not sure there are any crimes of thinking about doing illegal things.
Even if the DOJ has evidence that he planned on dumping the JSTOR archives on BitTorrent, until he actually would have pushed that data, (IANAL) but I believe that they can't necessarily persecute based on actions never undertaken.
I'm not a lawyer, but I think there's a sense in which this comment misses the point and a sense in which it's simply wrong.
First: to prevail in a criminal proceeding, the prosecution has the burden of proving two things: actus reus (an actual act that causes social harm) and mens rea (criminal intent). The prosecution's failure to establish mens rea will in a wire fraud case lead to acquittal. So, his intentions are very valid.
Second, even if Swartz fails to actually publish documents on BitTorrent, if the prosecution can muster evidence showing that he would have, were he not thwarted in his attempt by MIT, JSTOR, or the DoJ, then he's culpable for the attempt. To prove the attempt it needs to be shown that Swartz intended to commit the offense (maybe he emailed his friends about it) and that he took "substantial steps" towards committing the offense.
Intent matters in law. For example, if someone is arrested with enough of an illegal drug, they can be charged with "possession with intent to distribute". That is a different charge than just "possession".
Posession with intent to distribute is an actual statutory crime (written explicitly to make prosecution easier for the cops)
There is no generalised "intent to" law, there would need
to be an actual seperate crime of posession with intent to distribute academic articles.
So "mens rea" is not enough to convict without action unless there is a specific exception. And in general even the police try not to rely on the intent laws - which is why bank robbers get nicked after robbing the bank, and why we have such convoluted anti terrorist laws.
Most crimes aren't strict-liability, and for all of those, the state has to prove mens rea. It's not an optional thing, or something that has fallen out of fashion.
Similarly, there is a huge body of law around what it takes to convict for an attempt as opposed to the actual crime. Attempts also require actus reus, but of a different sort (for instance, "an attempt occurs when the defendant has obtained control of an indispensable feature of the criminal plan").
Still, "intent to piracy" isn't a crime. He's accused of scraping the documents, not doing anything with them. It's the same crime, whether he intended to use the as a personal library, analyze them, or put them all on The Pirate Bay.
The only question of "intent" is whether he intended to bypass security, and download the documents.
I think it's a stupid law. Wire fraud should only matter if he used social engineering, forged cookies, or some other measure that was intentionally deceiving (see the definition of "fraud"):
From Wikipedia:
Common law fraud has nine elements:
1. a representation of an existing fact;
2. its materiality;
3. its falsity;
4. the speaker's knowledge of its falsity;
5. the speaker's intent that it shall be acted upon by the
plaintiff;
6. plaintiff's ignorance of its falsity;
7. plaintiff's reliance on the truth of the representation;
8. plaintiff's right to rely upon it; and
consequent damages suffered by plaintiff.
Now, he did "lie" - he listed his name as "Gary Host". But were the damages consequential to the plaintiff's reliance on the dummy name? I doubt it.
Robbing a bank while wearing a Mickey Mouse mask isn't fraud. It's robbery, and it might bring down the wrath of the Disney corporation, but the disguise isn't conning anyone, so it's not fraud. Robbing a bank by disguising yourself as a security guard would be fraud, as the disguise isn't just to mask your identity, but to deceive the victim.
Robbing an archive while using phony credentials (but NOT the credentials of a person who is allowed to access the archive) shouldn't be wire fraud.
the state has to prove mens rea. It's not an optional thing, or something that has fallen out of fashion.
You say it like the state can't just do whatever it damn well pleases, such as imprison Aaron if he's being a pain in its ass.
It's obvious that the US is quite a police state already. If we assume that Aaron's indictment is political - which seems highly likely to me at least - it makes you look like some kind of weird police state apologist.
And doesn't the (alleged) fact remain that he continuously circumvented virtual and physical security systems in order to mirror a reported $1.5 million worth of assets in to his personal possession?
When you boil it down it doesn't exactly sound like he should be receiving 10 hours of commuter service because he ran wget a few times. MIT and DoJ are just supposed to -assume- that he has nothing but perfectly angelic intentions with $1.5 millions dollars of an asset that he secretly obtained? I don't make that logical leap with you guys. The facts will come out. He will present his case with his defense team, and hopefully justice will be done.
1) It's very likely the $1.5 million figure is heavily inflated so as to help the prosecution with their case. I would like to see people really investigate where this $1.5 million is coming from? Was that how much JSTOR was really making off those documents, or were they using RIAA-style accounting to come up with its "value"? Considering JSTOR hasn't exactly been forthcoming in their public statements, many believe they don't see anything criminal with A.S.' actions. They would prefer he simply go through 'proper channels'.
2) If Schwartz is smart, he will not comment on his intentions no matter what. Simply maintain his denial that he intended to upload them anonymously to BitTorrent. Make the case entirely about the facts on hand. "Is it hacking to violate a site's TOS"?
3. MIT and DOJ could assume that there are other ways to stop whatever illegal actions they're assuming besides criminal prosecution. Already someone has leaked 30 million scientific papers from JSTOR simply because they assumed this is what MIT and DOJ were trying to stop.
Doubt it. JSTOR subscriptions have a public price list; if MIT is paying "tens of thousands of dollars annually" for it, they are getting a deep discount. If every organization of MIT's size is paying tens of thousands of dollars for it, JSTOR is generating millions annually.
Yes, by the way: it is "hacking" (computer fraud and abuse) to violate a site's ToS knowingly, recklessly, or purposefully. To preempt a recurring stupid message board article: it is tremendously difficult to prove that a blog commenter or a site visitor knowingly violated some random clause in your ToS, which is why tiny little ToS violations on blog sites don't get prosecuted.
So if I were to try to scrub photos accessible to me with a valid username and password from Facebook, (btw Facebook makes millions annually off its users viewing photos) I would be hacking?
Not sure if it would be considered hacking but facebook has definitely sued and won judgments against folks who scraped data from public facebook profiles.
I did some googling, and while Facebook has sued small fare (like individual researchers) those researchers have pointed out that all the public profiles have been cached by Google's webcrawler, and they haven't sued Google (yet).
The was an article by a retired judge and law professor explaining how the law could be interpreted differently to suit the circumstances. Regardless of the rights and wrongs of what Aaron did, I'm very worried that the book is going to be thrown at him to make an example of activists in the area of intellectual property.
I telecommute. Most people today do most of their personal communication over the internet. A charge of wire fraud carries hefty penalties and would tax the finances of most people to be able to defend against such charges.
If the scope of wire fraud isn't reduced, then if I even do something like tell a lie on news.ycombinator.com, I could potentially be charged with it.
The charge isn't the problem. It's the money (and time) sink of having to retain a lawyer and prove your innocence. The game is the prosecution load you up with charges and then leaves it up to you and your lawyer to chip away at each one.
If you've read the news lately you'll see 100 counts of X and 24 counts of Y. They are trying to intimidate you into a plea. They know that a conviction would be hard to get on the charges as presented so they are trying to trip you up just once. Chances are you've done something illegal and don't know it yet. So, while you are burning through savings and equity the DOJ has unlimited resources and time to come to pin something on you.
With all that pressure most people would just cop to something to have it be done with.
> MIT and DoJ are just supposed to -assume- that he has nothing but perfectly angelic intentions with $1.5 millions dollars of an asset that he secretly obtained?
Yes. That's known as "innocent until proven guilty".
Let me rephrase that: They are supposed to -ignore- an action they are aware of that they believe constitutes criminal conduct? Prosecutors, DoJ don't drop cases they think they can bring to trial when, in their perception, illegal activity is taking place just on a hunch. Right?
I don't understand why people are bringing issues of the availability of scientific journalism into this. I agree that the prices and paywalls involves are ridiculous and a bad idea for a variety of reasons, but that seems orthogonal to the issue here.
I don't think anyone is denying that Swartz committed a (possible series of) minor crimes. Claiming that "information should be free" doesn't stop them from being crimes. What's shocking is the response from the government, which appears to be using this incident for its own purposes rather than to preserve the rule of law. No one seems to really be asking why this is happening, and I think that is by far the more interesting question. Is the justice department trying to expand its reach, as the article suggests? Is this a deterrent for future "hackers"? Has one of Swartz's numerous hornet nest-kickings pissed off someone high up, who wants him removed from the playing field?
If there's evidence yet to come that Swartz intended to anonymously push the corpus he took from JSTOR up to BitTorrent, the crime is no longer minor.
I think I share Swartz's politics, but I'd like to believe that law enforcement would at least take a plan like that seriously.
On the other hand, it's equally possible that there is no evidence Swartz was going to publish what he took from JSTOR, and that instead the DoJ is upset about the PACER incident, which it couldn't prosecute, and jumped on this case, which it clearly can prosecute.
Swartz is lucky to have such well connected and influential friends.
As a tangent, isn't it scary that you can effectively piss off entities such as the DoJ and they can hold a grudge against you?
Or from the article:
> Attorney Jerry Cohen, a Boston IP lawyer, suggests this aggressive use of criminal charges rather than civil charges is part of a trend in government prosecution of such cases, like taking “a sledgehammer to drive a thumb tack… It’s intended to terrorize the person who’s indicted and others who might be thinking of the same thing.“
Is it even legally okay to publicly make an example of someone like that?
I guess. What do you expect? They're people just like everyone else. This isn't one of those "1,001 crimes you can commit in the morning while making orange juice" things from Reason magazine. Aaron went way out of his way to expose himself to this situation. It's possible that where you see an Internet folk hero, the DoJ sees someone bent on forcibly publishing every closed database pertaining to the public interest, laws be damned.†
Let me add something else that I think some other HN people may be familiar with:
My Confirmation sponsor is/was a criminal court judge (friend of the family). Very nice guy. Spectacularly nice guy. I babysat his kids once. I've seen him maybe twice in the past ten years, but I'd be surprised if he didn't remember the names of my kids. When I was younger, we saw him all the time. Every weekend. My dad played in the church folk group with him.
I can't remember the particulars, it may have been 4th of July firecrackers (illegal in Chicago) or it may have been shaving cream on Halloween, but either way he caught me and some friends doing something technically illegal. It was NOT. OK. I remember the legality of the incident being taken VERY. SERIOUSLY. Entirely different demeanor. I've seen the same thing with friends' cop dads.
I think people on HN don't fully appreciate the extent to which prosecutors and judges take the law seriously. They've dedicated their life to it. Our country is ruled by laws.
There are definitely times when the law is wrong, or when its diligent enforcement doesn't ultimately serve the social good. This may very well be one of them. But I think it's a very bad idea to build a worldview around the notion that the criminal justice system is going to casually look past the law. The law is a big deal.
† I don't know Aaron Swartz personally and am not asserting any of this to be true.
†† To your later edit: there's no statute against "public example making". If you don't want to be an example, avoid felonies. That's going to get me downvoted, so can we assume good faith and accept this new emoticon I just made up: :#> as shorthand for "I don't really think the person we're talking about is culpable for a felony based on the information we currently have"? :#>! :#>! :#>!
I think people on HN don't fully appreciate the extent to which prosecutors and judges take the law seriously.
On the other hand, a relative is a DA. She has explained how around the holidays, she collaborates with the prosecutor to ram cases through the system or slap people on the wrist and send them home. This way all the noble guardians of the law can take an extra few weeks off between Thanksgiving and Christmas.
I said they were people, and people who had dedicated their lives to the idea of the law. I did not say they were superhuman. They can be wrong and have faulty judgement. In fact, I feel like I went out of my way not to ascribe moral judgement on their worldview; I simply wanted to point out that their worldview exists and shouldn't be ignored if you plan on operating at the frontier of the law.
It's good of you to point out the limitations of that worldview. I don't mean to criticize you. I'm just saying, be careful if you think that a charge of "hypocrisy" is going to help here. The real world is not an Internet message board argument. Lots of prosecutors, all of them riven with human frailties, nonetheless believe passionately in the law. You're not going to talk them out of it.
I am for the most part happy about this. Unlike a lot of HN people, I think that the law by and large serves the common good, and protects the weak far more than the powerful.
(My uncle was/is? an ADA. I didn't hear any stories like this, but didn't ask. Totally believe it though.)
My point is not a charge of hypocrisy, I just think the language you are using imparts a phony gravitas. I'm a systems engineer but I would LOL if I read that someone wrote I "dedicated my life to the spirit of the command line."
Likewise, many lawyers are just in it because it's something they are good at and it pays the bills. Not every lawyer is Harvey Silverglate.
I'm really not trying to impute gravitas. I am being completely serious. These people we're talking about at the DoJ are different people when matters of law come up. They are not kidding around about it.
That doesn't make them granite monuments to justice. But it might mitigate the concern that they're being petty. There is a reasonable narrative here in which Swartz is purposefully causing harm to the social good. I don't really agree with that narrative (based on what we know now), but I can see it.
If it helps, think about pro-life people (I'm pro-choice) and their attitude towards abortion. They are not kidding around about that issue. Do they have a lot of gravitas to you? Maybe not! But they believe human beings are being killed. So I can see where they're coming from, even though I disagree with them.
Yes, in this particular case you are right.
This case is interesting because Aaron is doing this as an "activist" and as such it becomes political-legal theatre. He is friends with a bunch of lawyers and legal researchers who are working at the intersection of IP rights and freedom of information rights.
If he was just some nobody kid in Schaumburg stealing PDFs from Motorola, he'd either be in jail already or slapped on the wrist and sent home. Nobody would have heard about it, and there'd be no internet dialectic about it.
We don't really know if this was an "activist" crime.
It's very possible that he just intended to analyze the documents and publish aggregated results. If that's the case, I think this prosecution is a mistake; an extreme overreaction. Scholarly analysis of JSTOR documents is not a criminal intent. His actions may leave him culpable to a variety of minor crimes, but his impact on the social good is minimal at worst.
On the other hand, it's possible (though less likely, I think) that the intent here was to mirror JSTOR onto BitTorrent. I might sympathize with this goal, but I don't think its prosecution as wire fraud is an overreaction. I'll root for Aaron at trial, though.
The problem with that analysis is that there's nothing criminal (or even illegal) about sharing public domain works over BitTorrent. So whether he copied the documents for personal use or distribution, it was still the initial copying that was at fault.
It's a little like someone broke into a library every night for a few months and scanned a bunch of public domain books.
The only actual crimes are breaking and entering, and using the scanning equipment without authorization. What he intended to do with the scans is irrelevant.
JSTOR's particular collection of documents is protected by copyright and has been valued, by virtually every one of the most learned and respected educational institutions in the country, at millions of dollars annually.
Let's say I come into possession of a trove of public domain documents from the 1800s, and I take the time to scan every one of them painstakingly and from those scans to assemble an academically useful database, for which I charge $100/person/year for access. Your contention is that because the underlying documents are public domain, you are entitled to unfettered access to my work product, despite the fact that I took steps to gate access to my work product.
The law isn't going to see it that way, I don't think. But maybe you're right. I'm not a lawyer.
Like everyone else on HN, I wish all these documents were freely available too.
Copyright protects creative work. If you used creativity (as defined in case law) in choosing documents for your compilation, or got creative with your scanning, then you can claim exclusive rights.
Look for links in the phrase "such scans are often considered uncopyrightable" in the original article for more on this topic.
There is a "collective works" copyright, so I guess -- I am also not a lawyer -- that if one made a copy of some database, it may be infringing on the creator's rights even if the contents of the database consisted solely of public domain works.
>You are free to copy and use individual images but copying and distributing the complete collection may infringe what is known as the “collective works” copyright. Collections of public domain material will be protected if the person who created it has used creativity in the choices and organization of the public domain material. This usually involves some unique selection process, for example, a poetry scholar compiling a book -- The Greatest Poems of e.e. cummings.
I don't think JSTOR is using what could be described as a unique selection process.
I found this comment greyed. How does anyone downvote this? It's a single sentence with two clauses both of which state objectively verifiable facts relevant to the thread and responsive to the parent comment.
People downvote things they don't like, including the truth. They are also generally unable to distinguish between "this is how things are" and "this is how things should be", and will generally downvote as if you'd written the latter.
Our country is ruled by people. Laws are one way in which we communicate what is right and wrong, but they are imperfect and inconsistently enforced. Laws can also be changed, turning what is legal upside down for better or worse.
We are ruled by people, and we should never forget this. Laws are a convenient means of justifying the power of certain people over others; one which without substantial insight appears more fair than it actually is.
Well then don't rant about how serious our laws are. I don't much care how stern your paternal figure was about having illegal fireworks - moral and legal are almost unrelated.
To be vocally unhappy about something immoral is to be lauded. To defend action based on legality is trite.
I was spurred by a specific sentence in your comment. Honestly I'm not especially concerned with your take on the situation, but with the conversation as a whole.
Am I surprised that the Feds are seeking a criminal indictment? No. Am I unhappy at the expansion of Federal power both at the expense of State power as well as an independent authority? Yes. Do I think that the justice system takes its job seriously? Yes. Do I think they do this selflessly? No. Do I think their position will lead to a better future? No.
Do I think their prosecution of this case stems from a desire to assert the will of the people? No. I think it comes from their own selfish desires, and should not be defended.
If you don't want to be an example, avoid felonies.
This is the point where, on reddit, someone would post the image captioned "civil disobedience is still disobedience". And they'd be right -- activists who campaign for big changes often end up in jail (multiple times, or for a long time, or both) along the way. It's not nice and it's not pretty, but it's reality.
This is the point where, on reddit, someone would post the image captioned "civil disobedience is still disobedience". And they'd be right -- activists who campaign for big changes often end up in jail (multiple times, or for a long time, or both) along the way. It's not nice and it's not pretty, but it's reality.
True, but I hope your position isn't that "the rest of us should sit on our hands and shut up while it happens." If it is... well, sorry, but I don't accept that. My chance of having any meaningful impact in terms of "changing the world" before I die might be small, but I'll never stop arguing and fighting for what I believe in. I mean, what would be the point in living if we did that?
It's more that I get annoyed when I see people doing things for whatever cause they support, and then being surprised when they discover there can be consequences, or that the big entrenched system they're fighting will act like, um, a big entrenched system.
About being made an example of: I guess what you say makes decent sense. I'm more worried about the sort of situation where many people could be prosecuted of a certain crime, but one of them gets picked on because they are the designated target.
Another habit that I really don't like (that prosecutors have no qualms with) is when people are suspected of a crime but there is not enough evidence, sometimes they'll be taken in for a lesser "orange juice" crime until the prosecution can come up with something substantial.
But I guess you're right, even though they are dedicated to the law, prosecutors and judges are only human, and most of the time things do turn out well. I just wish they weren't so overt about it, as if it were completely okay.
I mostly agree with everything else you are saying.
I agree that we should not make overzealousness a virtue, and will go you one further by saying that zealous or not, out-of-proportion punishments shouldn't be considered virtuous either.
I think people on HN don't fully appreciate the extent to which prosecutors and judges take the law seriously. They've dedicated their life to it. Our country is ruled by laws.
"the DoJ sees someone bent on forcibly publishing every
closed database pertaining to the public interest, laws
be damned.
...longwinded rather tangental story about your
childhood...
† I don't know Aaron Swartz personally and am not
asserting any of this to be true."
classy...
Anyway, the primary issue with your little story here is you are taking a single encounter with a single person and making a generalization about an entire profession with it. A positive generalization sure, but still a generalization (and as someone who on occasion reads the news, one that does not jive with my perception of reality).
I have no idea what you are trying to say here. Are you offended by the idea that someone might have an interpretation of the actions of the DoJ other than mendacious pettiness? That literally seems to be the only point you're trying to make: "you said something positive about the DoJ".
If you read the comment more carefully --- I apologize for making that harder for you by being long-winded --- you'll see that I'm not even defending the prosecution; just offering a theory for it other than pettiness.
The law is a form of social technology... and yes it's a big deal.
However, we get into trouble when we leave too much about the enforcement of laws up to the whims and discretion of the law enforcement officer... for very obvious reasons. If we simply want to let armed thugs wearing badges decide who gets punished and how much, there is no need for laws.
Good :) I thought your comment did a nice job of humanizing the law enforcers... I was just intending to mention what I think the limit of my sympathy for the psychology of the enforcers is :)
>there's no statute against "public example making". If you don't want to be an example, avoid felonies. That's going to get me downvoted, so can we assume good faith and accept this new emoticon I just made up.
Don't be a dick. You yourself have undoubtedly committed dozens of felonies this year alone. The sheer quantity of criminal legislation makes it almost unavoidable, and nobody is in a position to hurl stones at the unfortunate who get caught in the crossfire.
Nothing in the link I provided was about orange juice. It discussed wiretapping, linking to sites with potentially violent anti-American content and a variety of other issues.
You've commented repeatedly on this thread about how it's THE LAW and how certain people's brains essentially shut off when evaluating ethics vs legality. Furthermore the tone of your comments make it clear that you have some respect for this sort of non-thinking.
Bringing public stoning into the discussion is a ridiculous straw-man. Isn't the fact that over two million Americans are in prison, and over half of them on non-violent offenses staggering enough already?
>Is it even legally okay to publicly make an example of someone like that?
Yes, it's entirely up to the prosecuting attorney to prosecute with vigor. Again, if you up-jump the charges you often lower the odds of conviction because the burden of proof is raised, but so is the penalty. This also gives the prosecuting attorney grounds for a settlement (plea to lesser, civil charges, but with stiffer terms).
So it could all be posturing that a judge will throw out... what is good to know is that Schwartz can likely attract the best defense attorneys to fight this.
"mens rea" means that there was knowing intent to commit a crime. Clearly there was mens rea is this case as steps were taken to circumvent and conceal the act. mindcrime's point is that your comment suggests the crime could be escalated based on some possibility that the defendant might commit a more serious crime. This more serious crime was of course not committed, thus making it a crime of thought.
We have our wires crossed; I see why: I'm writing message board comments, not essays.
There are two issues of intent here:
(1) There is the question of whether Swartz's repeated accesses of JSTOR were done knowing that access was wrong, or recklessly, or purposefully to accomplish an illegal end. This question, of "mens rea", is I think reasonably established in the charging documents by things like MAC address spoofing.
(2) There is the entirely speculative question of whether Swartz had the intention of "liberating" all of JSTOR onto BitTorrent. Nobody knows whether this is true except Swartz and possibly the DoJ. My suggestion here is only that we don't know all the evidence, and perhaps some of the severity of the DoJ's response is based on evidence they have but have not yet disclosed to the public.
The confusion here is my fault. Sorry.
I certainly don't believe that Swartz should be prosecuted for thinking JSTOR should be liberated, or that the DoJ should be building a case based on what they think he was going to do next.
Based on the text of the indictment, the establishment of his intent with the documents is the one claim that doesn't appear to established with any mention of supporting evidence. This stands in stark contrast to the meticulously detailed accounts of MAC address changes, computer purchase history and surveillance video describing his actions.
The question that this hinges on is whether there is hard evidence of his intent; either there exists a clear statement from Swartz of his intention (e.g., say, a chat log from an informant where he expressed his intent, or an actual upload) and they didn't feel the need to share this info to get the indictment, or they're just trying to make up some circumstantial case (oooh, look, he had a BitTorrent client on a laptop we seized) to justify the harassment.
I would guess that it must be something very weak, ambiguous and circumstantial which is why they didn't feel the need to substantiate the claim. But then again, given the long time frame (many months) and the rashness of some of the behavior Swartz displayed, I wouldn't be at all surprised to find that someone got him to say something via electronic means that could be construed as an intent to P2P the documents.
This question, of "mens rea", is I think reasonably established in the charging documents by things like MAC address spoofing.
On this point specifically I hope that, if it would be beneficial and accurate, Swartz's attorneys bring up the point that:
1. Programmers routinely work around various limitations to do their jobs.
2. Those limitations may originate in the laws of physics, limitations of current technology, or excessively strict corporate IT policies.
3. Those workarounds may include changing MAC addresses, connecting to a different switch port, etc.
4. Therefore, a programmer such as Swartz would have considered his actions in an engineering context. Overcoming any blocking or access rate limitations imposed automatically by JSTOR's systems would be seen by Swartz in the same light as bypassing a faulty router or otherwise routing around network damage, rather than as a specifically legal affront.
5. Thus, at first glance, mens rea is not present.
Ok, IANAL, but I don't see the connection. My understanding of the use of "mens rea" in criminal law was that it referred to the necessity of intent, in order to qualify an action as a crime. I've never understood it to mean that intent - by itself - can be considered a crime.
My point above is that if Aaron did not actually distribute the files to bittorrent, then making any relevance of his intent to do so, is "thought crime." And as you can no doubt gather, I would consider such a thing to be total bullshit. That is, bullshit vis-a-vis my personal view of a sort of universal ethics... not necessarily with with regards to US government statutes.
If they caught Aaron, he gave up all the documents, and in the course of investigating him got a warrant for his email, wherein he wrote a series of messages about how he planned on liberating JSTOR, the evidence of his intent becomes relevant.
We are just talking here. I have absolutely no reason to believe that there is evidence that Swartz was going to liberate JSTOR. It's just, people seem to want a "why is the DoJ going so nuts about this", and I'm just saying, "here's a what-if".
So if the security guard catches me with my pockets stuffed with loot before I actually go out the door, would you say it's not shoplifting because I only intended to commit the crime, but didn't complete the act?
What's the difference between the scenario you described and forgetting to pick up a basket by the door then using your pockets to hold what you intend to buy?
There's a reason why security normally waits until the person leaves the store to nab them.
How do you understand the charge of attempted murder then?
A man brings a gun to a political demonstration where a VIP with whom he violently disagrees will be arriving. He reaches the front of the crowd and as the VIP draws near, the gun slips from his pocket and he is arrested. Are you meaning to tell me he shouldn't be charged with attempted murder just because he hasn't yet pulled the gun out and engaged the trigger?
Just so you know, people have already been convicted under these circumstances, so the case law is already pretty clear.
Well, I wouldn't charge them with murder. You were talking about charging someone with shoplifting (not even "attempted shoplifting", if that exists) merely for holding not-yet-purchased items in their pockets while still in the store.
Attempted murder is a crime with a specific definition in specific laws. It's harder to make this charge stick than murder, for obvious reasons, but police are rather more likely to arrest someone they think is attempting murder than arrest someone they think is considering shoplifting, for equally obvious reasons.
...What does any of this have to do with planning to distribute files by bittorrent? These are not useful analogies.
>I don't think anyone is denying that Swartz committed a (possible series of) minor crimes.
If you read through the charges, it isn't cut and dry clear that he did actually commit any federal crimes.
He didn't do anything special to get into JSTOR. Essentially he was web scraping with a bunch of different user-names and passwords. There is nothing specifically illegal about that.
It isn't clear that it cost JSTOR anything or actually damaged JSTOR. It may have caused a disruption to the service, but it isn't clear the disruption was intentional. He didn't wake up one day and decide to DDOS JSTOR.
Although he has a history of distributing documents, it isn't clear that he intended to distribute these particular documents.
What I'm surprised about is that he did this so badly. There are a number of colleges around Boston and Cambridge all with libraries that have access to JSTOR. He had to have known that JSTOR and MIT wouldn't like this. Couldn't he have scraped the database slowly and from multiple points so that it blended in with the normal traffic?
There's a really pernicious fallacy among geeks that the difficulty of a hack has bearing on its offensiveness to the law. No. If you know you're not supposed to access something, and you take deliberate steps to access it anyways, you are culpable.
Who said he was not supposed to access the files? JSTOR is available from MIT. MIT gives out generous guest access. Did Aaron have to agree to not download above a certain number of documents?
The DoJ would say --- and a grand jury would agree --- that it became clear to him that he wasn't supposed to access the files when both MIT and JSTOR took steps to stop him from accessing them; his intent to access that data knowing that countermeasures had been erected, and his purposeful evasion of those countermeasures, helps establish mens rea.
To the "so what, he just trespassed. You don't get the FBI involved for trespassing."
If they just found him randomly wandering the halls where he should not be, obviously the FBI would not be involved. If they see him entering the network cages in order to mirror an asset worth $1.5 million dollars to his personal storage devices... I think they take the trespassing a bit more seriously and in a different context :p
I suspect the reason the availability issue keeps coming up is that this restriction on research by third parties is considered a 'bad' thing by nearly everyone except the people benefiting from it. This 'social injustice' is a form of angst that keeps seeking expression.
To you point about the government using the incident to its own purposes, this is not new. There is a tremendous amount of heat (we'll call it campaign dollars ;-) being put on representatives to 'protect' copyrights. Jason's case is convenient in that there seems to be a lot of evidence that he did in fact work around the existing licensing schemes, and those schemes are based on copyright. Perhaps the government is hoping to get a published decision to establish some case law here, or perhaps folks can point to it and tell their deep pocket contributors that they 'really took it to this guy.'
Now that its out there and providing a nexus, it seems a good place to elevate the scientific research monopoly discussion.
The "Why" question? I don't know, to me it's pretty simple. It's their job. Justice? Sure that has a role somewhere in there, but let's be real: A prosecutor's job is to get convictions. They have a set of rules which they can shape around a group of facts which they use to get their convictions.
In an era when digital security is such a hot topic, I'm not really surprised that someone in the Justice Department would be attempting to prosecute Aaron for as much as they can line up against him.
I think that ascribing some larger legal agenda behind this is a reach, or even a political agenda targeted at "silencing" Swartz is a reach. Does the DoJ likely want to crack down on anything that smells of security issues? Sure. And I'm Not saying that the idea that legal and political agendas are pursued is ludicrous. I'm just not so sure this case is anything remarkable. He (allegedly) did what he did, the DoJ thinks they can make a case against him. So they will.
As others have mentioned, he's crossed the Feds in the past, but I also must point out that there have been a ton of press as of late about "hacking" at large. Anonymous and LulzSec come first to mind: if federal enforcement is ramping up a broad campaign against computer crimes, a lot more people may get caught up in prosecution.
Empires in decline get progressively more brutal. Sounds like Aaron Swartz became an embarrassment so is being side-tracked from the good work he does.
I am not 100% sure of this, but I think this is probably true: similar to the case of Eliot Spitzer who as governor of NY was investigating Wall Street. So, I think that Wall Street had their lackey the US Government (via the FBI) dig up something on Spitzer to bring him down. I believe that this situation is called a plutarchy.
This is tinfoil-hat stuff. Governors who frequent prostitutes can't expect to stay in office, full stop. The likelihood that Swartz does a single overnight in custody over this is practically nil. The brutality we are arguing about here is the possibility of him ending up with a felony on his record.
Are you kidding? How many members of Congress routinely use prostitutes? Should they be kicked out of office? Are they ever?
I think that Spitzer's mess-up should have stayed between him and his wife - she is the appropriate authority to dish out punishment in this case :-)
If Spitzer had not been getting close to blowing the cover of dubious dealings on Wall Street (that affected the values of our stock portfolios during the crash a year later) I personally don't believe that the episodes with a prostitute being made public would have happened.
I think the larger point is: if you want to be in the public eye, then you need to fully expect that someone is always digging for dirt, and thus it's better to keep your nose clean. Perhaps Spitzer was taken down because of his investigation, but that just drives home the point. Certainly, opponents could make up charges, but they didn't do that in this case.
One wouldn't want to downplay the badness of having a felony record. For instance, Swartz may imagine one day running for office, or being a key person in a political campaign. Or needing to work directly with institutional investors.
There may still be fields of activism wherein a felony conviction is helpful, but it's not at all clear that information access is one of them. Nobody associates computers emotionally with the '60s.
To paraphrase Feynman, this might have some relevance to the situation:
"...he also worked with Shireen Barday at Stanford Law School to assess “problems with remunerated research” in law review articles (i.e., articles funded by corporations, sometimes to help them in ongoing legal battles), by downloading and analyzing over 400,000 law review articles to determine the source of their funding. The results were published in the Stanford Law Review."
I speculate that Pacer is more relevant: during a trial run of free public access to Pacer, Swartz is alleged to have mirrored almost 20% of the database; as (it is alleged) a result, the public trial of Pacer was shut down and an investigation launched into the security of the Pacer system.
One possible narrative inside the DoJ: we can't launch public trials of open access to databases, because this Aaron Swartz guy has decided that his Python code will have the final say in any policy decisions we make. But that's not for him to decide! And here he is again, taking the same approach, this time to a commercial database that produces 7 figure annual recurring revenues.
I don't agree with this mindset (:#>! :#>!) but I'd understand it.
Two different law systems, two different legal philosophies. In the Nordic model, prison is largely rehabilitative. I don't think they even give life sentences. In America, prison is decidedly punitive, with little thought to rehabilitation, and the death penalty is commonplace.
In this particular case, the death penalty is relatively commonplace. As in, using OECD as a benchmark, the US executes more people than the average OECD member. I wanted to illustrate the contrast between the American and Norwegian legal systems, not make a statement about the use or validity of the death penalty.
Then it would be appropriate to say "the United States executes prisoners while Norway doesn't." That makes the point fine.
Car crashes are commonplace here. Drunk driving accidents are. Executions occur less often than once a week in the US, mostly in a few select states, and the US has a population of over 300 million people. We (I'm from the US) even have a disproportionately large prison population and the death penalty is still extremely, extremely rare.
"There were 46 executions in 2010". For some perspective, if you think the death penalty is commonplace, then you must think getting killed by lightning is very commonplace.
Commonplace as rare events go. Any American can get hit by a lightning; the actuality of suffering a death penalty concerns a much smaller number of people, namely a select few of those imprisoned for life. Especially in contrast to the OP's comparison to Norway, 46 versus 0 per year makes it pretty commonplace. There are over thousand people "on the list" in dozens of states at the moment.
shouldn't that be United States v. Aaron Swartz because the US is bringing charges against him? Aaron Swartz v. United States makes it sound like he is suing the government, but there's nothing on that page that says he is.
When Google and Bing start sending 'human bots' out to Universities to facilitate the downloading of data, I'm pretty sure a lot of people will be going to jail. Just saying.
To me, there is no comparison. Inadvertantly capturing a few random packets from open, public Wifi signals while driving down the road? They changed wifi channels about 5 times a second. All investigations that I have read concluded that no meaningful data was retrieved.
And to compare that to specifically circumventing physical and virtual restrictions after warning the user against a set of actions? Where the target data was not worthless, as in Google's case, but worth over $1 million dollars?
It wasn't inadvertent. It was by design. Lets get that straight. If, for example, you're running tcpdump(1) with a packet capture size of 1500 (I don't know if G was doing that, but I'm giving an example), then you can't claim that you captured the packets' contents inadvertently.
Many years ago, when writing web crawlers was the cool thing to do, I wrote one (like an idiot, I wanted to see how deep the web was). Unfortunately, I didn't have a good synchronization scheme, so it ended up beating on a poor website for too long. The operator of that site sent a stern email to our DNS contacts, complaining. And we shut the crawler down. Today, I fear I'd be indicted for "wire fraud"!
So he's suing the United States now, eh? Because usually the first person named is the complainant. Getting the simplest and most basic details wrong like this is a reliable indicator that everything which comes afterwards is going to be similarly ill-founded. This is a prime example of the yawning gulf between blogging and proper journalism.
Kindly do not misread that as support for the legal status quo, JSTOR, or anything else.
Regardless of who was hosting them before and how much their hosting costs were that were used to justify the paywall, Google Scholar should be brought in to host them all going forward. They're out in the open, might as well put them to good use.
They are not. You're thinking of the the torrent of public domain works released by Greg Maxwell, which isn't directly related.
Aaron Swartz downloaded much, much, more, and according to JSTOR's statement: "We secured from Mr. Swartz the content that was taken, and received confirmation that the content was not and would not be used, copied, transferred, or distributed."
Well, Mr.Swartz should probably thank Anonymous and Lulsec for provoking the US Government. They're fed up and have determined whoever they get their hands on (minor hacking or not) they're going to drag you into federal court and make an example out of them.
This reminds of back in the 90's when there wasn't any laws in place to address hacking. But man, the Feds did not like kids making them look like fools. Once they got the laws of the books, it was open season on hackers.
I'm pretty sure the next few years are going to see a major crackdown on hacking again. Just like the recent arrests of supposed Lulsec and Anon members.
This guy will be lucky to get out of federal prison in 15 years.
To me this looks like a career move by the prosecutor who wants to get some convicted hackers on his CV, which will look good when it comes to promotion time as these crimes get more and more relevant. The US justice system seems to have degenerated so that prosecutors do anything to get some people convicted, as long as they are a) popular or b) it helps them in some way, regardless of the quality of thee evidence or the merit of prosecution to the general public.
I'm super curious to know if there is someone else out there who believes that there is a connection between Aaron's political activism and his indictment. Not that his political views would represent the major cause of his indictment, but still.
Anyway, just ranting...
We must evolve & develop economic & political systems that eliminate the government's authority to railroad a person like this. It's disturbing and a blatant flaw in a free nation.
I'm just curious why someone who did this is still a fellow at a center for ethics. It seems like the whole situation, even if it's been cleared up with MIT and JSTOR, is completely unethical, regardless of the legal case.
Could you comment more expansively on why you find this situation unethical? If so, can refrain from leaning on the legality of the situation. I haven't heard a good explanation that didn't use the legal ramifications as a central support.
Nice spin: he's been charged for "excessive downloading".
Way to ignore the physical break-in to install a computer directly on a network switch. I, for one, hope that he gets a criminal record at the very least (plea deal). This really puts the crime in a different league.
Unless I have my facts wrong, in which I'm willing to be corrected.
Well, a physical break-in would be a matter for the local police, maybe state. Federal prosecutors don't get involved with those cases unless it's the Pentagon or something.
This is only at the federal level because the "unauthorized access" crossed state lines. (Aaron was at MIT when he was knocking over JSTOR servers, probably in NYC.) So the prosecutor is only going to worry about that part.
I don't get why I'm expected to care about whether local or federal employees take an interest in the event. The state criminal court system isn't warm and fuzzy either.
He said "way to ignore the physical break-in" and I'm pointing out that federal prosecutors (almost) always ignore physical break-ins. It's not a federal crime.
I take your point, but I'd like to point out that it's a side track. It gives the impression that you don't want to talk about whether a crime happened, and instead focus on the purported injustice of federal involvement. Well, what's unjust about that? That the DoJ and federal court system is more severe than Massachusetts?
It's not a side track to point out that he should be charged with one set of crimes by the state government, but that he is instead being charged with a different set of crimes (Wire Fraud, Computer Fraud, Unlawfully Obtaining Information from a Protected Computer, Recklessly Damaging a Protected Computer) by the federal government.
You think MA doesn't have computer crime statutes? The subtext to this thread seems to be "if they charged him locally they'd only be able to get him on trespassing". Uh, no.
There is a difference with charging him locally though (in my mind). The attorneys that would prosecute Aaron in MA were hired by a left government accountable to a fairly liberal population. Those prosecuting Schwartz federally were hired by a government that leans slightly to the right. I honestly think that makes a difference in the outcome of this particular case, given the nature of the crimes. Also when we consider Aaron's personal history, I think it's safe to say he has fairly influential friends in MA and possibly some enemies on the federal level.
All of this is pure conjecture and speculation of course. But I would be lying if I said I wouldn't be more comfortable about the situation if Aaron was being tried by the MA government.
I see what you're coming from but I don't really buy it. I think the difference between federal and state is strictness and deliberation, not right vs. left.
The state criminal justice systems are deluged by drug violence and domestic violence and are largely reactive (I write while missing the court date for my mugger's prosecution, due to a sick daughter).
The federal system is more deliberate (word chosen carefully) and somewhat less reactive. It has more discretion about what cases to chase down. It's probably more inclined to keep its teeth sunk into anything it starts too.
The same political environment that appointed this prosecutor also appointed the prosecutor that took down Scooter Libby.
Re: left vs. right and deliberation: that seems reasonable. Also sorry about the mugging. :( Still though, that doesn't address the advantage Aaron has in MA in terms of friends and enemies. And as far as public support is concerned, you can be sure that a good number of the people that support Aaron have ties to MA or Cambridge. When we talking about a couple thousand people, that goes a lot farther on the local level than on the federal level I think. A speech by a group of MIT and Harvard professors for example might make a difference in MA but surly doesn't have that big of an impact nationally. Perhaps I am seeing differences where there are none though. ^^
Again, the state would only have bothered to get involved if MIT had bothered to press charges, which apparently they didn't. And all the stuff you mentioned happened across state lines, so if the case for those things is to be made at all, it should be made in federal court.
Well, he probably wouldn't be charged with the state crime in most states, if MIT's claim that they aren't supporting the prosecution is accurate--- it's very rare for these kinds of state-law charges involving property (trespassing, breaking&entering, etc.) to get prosecuted if the victim isn't interested in pressing charges. Federal prosecutors seem to take a more freelance approach to charging.
Hm, sorry if I gave that impression. Anyway, I'm more curious about why the feds are continuing with the case after everyone involved seems to have dropped it. Should be an interesting case to watch.
Actually, from the material in the charging document, Swartz's actions do go a ways towards demonstrating intent. He's clearly aware that JSTOR and MIT don't want him doing what he's doing, and devises an escalating series of tactics to evade their countermeasures. "Intent" is largely expressed in words like "purposefulness".
I disagree -- I was referring to the "ultimate" intent of openness and transparency. Shall we focus on the intent of the Woolworth's lunch counter sit-in as a purposefulness to deprive white people of their midday repast?
Edit (appending as reply chain is too deep):
Thomas, I see you that your focus is computer security, so I can understand how you are focusing on the breach of security and not the end goal. Perhaps I'm naive, but from the posting this thread is discussing it appears that his intentions clearly are honorable.
The sit-in directly targeted an unjust law; the sit in was both the means and the end. Swartz is accused of breaking laws as a means to a different end (unless he planned on dumping the database to BitTorrent, in which case the whole thing was a grand act of civil disobedience; for his sake, I hope that's not what's going on.)
In either case, I don't have to agree with the prosecution to point out one obvious way it could be structured.
I don't think that this poster should have so many downvotes, as of 12:59 EST. Even if he is wrong, or you do not agree with him, he is adding to the discussion in a reasonable matter, inviting conversation and debate.
So yes - he did do something that was against some terms of service. But jail time? For breaking a clickthrough "license" and computer hacking at MIT in the service of public knowledge? This sucks unutterably.
MIT: Playful physical hacks okay, but don't try to mass harvest the knowledge of the world or the DOJ will come down on you like a sledgehammer.
JSTOR: All the world's knowledge, as long as you don't try to access all of it.
DOJ: We'll break you just because we can (or for other reasons that we are not stating).
Hacker News: Well, they do have a point - he did access semi-public data in a non-approved way, and he had to plug into the network in a strange way to do it.