Tuesday, February 05, 2013
Zoe Lofgren drafts "Aaron's Law", to prevent frivolous prosecution for "terms of service" violations in computer system access
On January 15, 2013 Rep. Zoe Lofgren (D-CA) drafted a proposed bill to be called “Aaron’s Law”, link here.
The law would reform the 1986 Computer Fraud and Abuse Act, to eliminate the possibility of criminal prosecution merely for violation of a “terms of service” agreement with a telecommunications, Internet service or social networking provider, in interpreting the concepts of fraud or abuse.
Electronic Frontier Foundation has put the concept this way: “If you’re allowed to access information, doing so in an innovative way shouldn’t be a crime.” It also proposes that penalties should be appropriate for offenses.
Some of the “innovative ways” include using a different IP address or MAC to gain access.
The EFF link (which points to many discussion drafts) is here.
It’s possible for people to be banned from specific sites by IP address (by the “HTA access” mechanism), sometimes because of misconduct on the site, so presumably it would not be illegal for someone know he or she is “banned” from accessing a site through a different route (for example, wireless).
Presumably such legislation would not exempt deliberately flooding a site with bogus requests (for a “denial of service” attack).