Rep. Lofgren revises "Aaron's Law" with additional protections

Share this article:

Rep. Zoe Lofgren, D-Calif., has revised a draft proposal, nicknamed "Aaron's Law," to amend the Computer Fraud and Abuse Act (CFAA).

Two weeks ago, Lofgren took to Reddit to announce her plans to revise the federal anti-hacking law so that people like Aaron Swartz, the computer programmer and freedom-of-information activist who committed suicide in January, are not punishable by decades in prison.

Lofgren's first version of the bill would "exclude certain violations of agreements or contractual obligations, relating to internet service," a provision of the existing statute under which Swartz was charged. The congresswoman asked for feedback from the Reddit community and beyond, and on Friday returned to the social news site with some additional amendments. Swartz co-founded Reddit.

"This revised draft also makes clear that changing one's MAC or IP address is not in itself a violation of the CFAA or wire fraud statute. In addition, this draft limits the scope of CFAA by defining 'access without authorization' as the circumvention of technological access barriers," Lofgren wrote. "Taken together, the changes in this draft should prevent the kind of abusive prosecution directed at Aaron Swartz and would help protect other Internet users from outsized liability for everyday activity."

She said she soon plans to introduce a final version of the proposal in the House, and Sen. Ron Wyden, D-Ore., also plans to introduce the measure in the Senate.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

VBA malware on rise, templates make it easier to write code

VBA malware on rise, templates make it easier ...

Researchers at SophosLabs found an uptick in VBA samples in July.

Analysts spot 'Critolock,' ransomware claims to be CryptoLocker

Trend Micro noted several differences between Critolock and CryptoLocker, however.

Citadel used in APT attacks against petrochemical firms

Citadel used in APT attacks against petrochemical firms

In an interesting twist, financial malware Citadel was used to infect firms outside of the finance sector via APT attacks, Trusteer found.