Picking Up Aaron Swartz's Dropped Flags
My first quality time with Aaron Swartz was at the last Comdex, in the Fall of 2002. He had just turned 16, but looked about 10. His old Mac laptop featured a screen with no working backlight. Only he could read it, which he rationalized, with a smile, as a "security precaution." When I asked him about school, he said he had moved on. He was still learning all kinds of stuff, but he didn't need school for that. And hey, there was work to be done, and he was too busy with that.
A Comdex organizer had booked me for one side of a debate panel and asked who else I wanted on my side. I volunteered Aaron. Friends Mary Lu Wehmeier and Doug Barcon were in the audience, and shot a video of the panel. They pulled off the audio and shared it with me a few days ago. It's not especially clear, but one of the cases Aaron makes in the debate rings as true today as it did twelve years ago. It's for general purpose computing. Here is the story I wrote about that trip for Linux Journal at the time. And here's a photo of the four of us, courtesy of Mary Lu and Doug:
Aaron was one of our best and brightest: the living embodiment of promise. He was just 26 years old when he died, and he had already delivered an enormous sum on the promise of his heart and brainpower. God knows what else he would have done, had he lived. Here is a partial list, roughly in order, starting when he would have been in junior high school, had he bothered to go (he hardly needed to):
- The idea for Wikipedia, long before the real thing came along.
- The ArsDigita Prize. Phillip Greenspun: "Starting at age 12, Aaron had built an information system using the Oracle RDBMS and our open-source toolkit and the intent of the prize was to encourage and enable them to do more. Aaron was just 13 years old at the time and seemingly less than 5′ tall. Whenever anyone complained that our software and/or Oracle was too hard to install I would say “Well, a 12-year-old in Chicago managed to do it."
- At age 14, Aaron was a member of the working group behind RSS 1.0. It's not one we use today, but it mattered.
- He served on the W3C'sRDF Core working group and authored RFC 3870.
- John Gruber gives Aaron credit for help on Markdown, for which Aaron was the first beta tester in 2004.
- Says his mentor and friend Larry Lessig, Aaron was one of the early architects of Creative Commons. As a teenager, he helped design the code layer to our licenses, and helped build the movement that has carried us so far.
- He started Infogami, a wiki platrorm that later supported web.py and Open Library sites), and merged with Reddit in 2005.
- Helped build a free public library at Archive.org.
- Launched DemandProgress.org, in the course of leading the successful fight to block SOPA/PIPA legislation
- He was a fellow at the Edmond G. Safra Center for Ethics at Harvard University
- He contributed help to Rootstrikers and Avaaz, both of which work toward political action and reform.
Now Aaron has himself become a cause — or a number of them. Sitting through a long series of previews at a movie theater the other night, I realized that a movie on Aaron's life is probably inevitable. Books too. Meanwhile, he has dropped all the flags he carried, and others who care should pick them up or help carry the ones already flying in capable hands. In addition to those listed above, here is a list I invite readers to enlarge:
- "Aaron's Law": an amendment to the Computer Fraud and Abuse Act (CPAA) drafted by Representative Zoe Loffgren, who represents San Jose and nearby Silicon Valley. This can help fix the broken legal system that allowed — even encouraged — the pursuit of Aaron by a federal proscecutor's office that sought punishment far exceeding the severity of Aaron's alleged crimes, and which — according to his closest friends and family — drove Aaron to suicide.
- Freedom to Connect: an essential principle behind personal networking, facilitated by the Internet's founding protocols, as they were designed in the first place. It was at David Isenberg's Freedom to Connect conference in 2012 that Aaron gave his last and best speech, and it is to David that the Freedom to Connect "brand" belongs. The next Freedom to Connect (aka #F2C) event will be held on 4-5 March in Silver Spring, Maryland. It should be a good one.
Energies flowed to and from all of those at Aaron's memorial service two Saturdays back in New York, which was held in the Great Hall at Cooper Union. It was one of the most moving events I have ever witnessed, and it was a great privilege to be placed first in the series of speakers there. I won't go into what was said there, because DemocracyNow has a video of the whole thing. I also put up a set of my own photos, which shot from my seat. But I will invite you to care not just about Aaron's causes, but about the absolute injustice of his death.
While Aarons suicide was an insane act, so was the legal system that encouraged his pursuit by federal prosecutors that sought a level of punishment severely disproportionate to the actual harm done by his alleged crime: surreptitiously downloading large numbers of academic journals from JSTOR, at MIT. I remember when news of this came out at the time, I thought "That was wacky." Not "This will turn into a huge federal case." Or that it would drive him to suicide. But that's what his parents and other close friends claim, and they are in the best position to know.
The ill-considered prosecution leading to the suicide of computer prodigy Aaron Swartz is the most recent in a long line of abusive prosecutions coming out of the U.S. attorney’s office in Boston, representing a disastrous culture shift. It sadly reflects what’s happened to the federal criminal courts, not only in Massachusetts but across the country...
Since the mid-1980s, a proliferation of vague and overlapping federal criminal statutes has given federal prosecutors the ability to indict, and convict, virtually anyone unfortunate enough to come within their sights. And sentencing guidelines confer yet additional power on prosecutors, who have the discretion to pick and choose from statutes covering the same behavior.
This dangerous state of affairs has resulted in countless miscarriages of justice, many of which aren’t recognized as such until long after unfairly incarcerated defendants have served “boxcar-length” sentences.
Aaron Swartz was a victim of this system run amok. He was indicted under the Computer Fraud and Abuse Act, a notoriously broad statute enacted by Congress seemingly to criminalize any use of a computer to do something that could be deemed bad.
As Harvard Law School Internet scholar Lawrence Lessig has written for The Atlantic: “For 25 years, the CFAA has given federal prosecutors almost unbridled discretion to bully practically anyone using a computer network in ways the government doesn’t like.”
...He was charged by the Middlesex County district attorney’s office with breaking and entering in the daytime. Lawyers familiar with the case have told me that it was anticipated that the state charge would be continued without a finding, with Swartz duly admonished and then returned to civil society to continue his pioneering electronic work in a less legally questionable manner. Tragedy intervened when Ortiz’s office took over the case to send “a message.”
Our technical world is not taking this lightly. Two days ago Anonymous apparetly sent a threatening message too compex to explain here, but that's what links are for.
On the constructive side, Rep. Zoe Loffgren is floating a draft of "Aaron's Law", which would remove breaking contracts from the realm of felony. Lessig:
If every breach of contract worth more than $5,000 were a crime, Manhattan wouldn't be the world's most amazing city. Manhattan would be a federal penitentiary, with every prominent Wall Street firm very well represented. Fail to execute a trade on time? Two years in jail. Back out on an acquisition? Thirty to life.
Computer law is different, however, because Congress didn't really understand this "wild west" (as the network was called when Congress passed the Computer Fraud and Abuse Act in 1986), and because geeks make them uncomfortable. For 25 years, the CFAA has given federal prosecutors almost unbridled discretion to bully practically anyone using a computer network in ways the government doesn't like. It does that by essentially criminalizing the violations of a site's "terms of service" in combination with obtain[ing] anything of" at least $5,000 in value. And even if in the vast majority of cases prosecutors exercised that discretion, well, in this case the abuse of that discretion has ended in tragedy. As Tim Wu so brilliantly describes, we have built a system of criminal law that depends upon our trusting the government. Few civil libertarians from either the right or the left, though, will be surprised that it turns out that the bureaucrats manning the battle stations cannot be trusted...
But now Congress may actually do something to remedy at least part of this important flaw. Congresswoman Zoe Lofgren (D-CA) has introduced a draft bill -- importantly, first on Reddit, a platform Aaron had helped to build, and, once she gets the Net's feedback, in the United States Congress -- to change this rule of the CFAA and return contract law to its civil home. Her bill, which she calls "Aaron's Law," would limit the scope of the Computer Fraud and Abuse Act and exclude "crimes" that are nothing more than a breach of contract. No more "felonies." No more prosecutions resulting in prison sentences. Violations of the "terms of service" would be a breach, not a crime. Had that change been made before Aaron's death, the government's felony charges would likely have collapsed. Had the government's charges collapsed, Aaron Swartz, in my view, would still be frantically working to make the world a better place.
I could go on, but I'd rather not. Since Aaron died my main job has been processing what it means, what needs to change, what we should do. Enough already.
Let's just go do it.
* A small coincidence: Harvey Silverglate is the big brother of Sam Silverglate, one of my good friends from junior high, back when I was growing up in Maywood, New Jersey. I've long since lost touch with Sam, but it's cool to see Harvey weigh in on this.
Doc Searls is Senior Editor of Linux Journal
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- New Container Image Standard Promises More Portable Apps
- The Humble Hacker?
- The Death of RoboVM
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- Varnish Software's Hitch
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide