> No one is saying that. If he was hit with trespassing then it would be a different story. He was political target hit with the worst laws they could find that remotely applied to his case.
He was hit with the hacking equivalent of trespassing. The point is that the fact that the network is unprotected or poorly protected doesn't make it any less "hacking" than the fact that property is unprotected or poorly protected makes it less "trespassing." What matters is whether Schwartz had permission to access the network for the kind of activity he engaged in, and he did not have such permission.
> No one is saying that. If he was hit with trespassing then it would be a different story. He was political target hit with the worst laws they could find that remotely applied to his case.
The aspies here are the techies who can't fathom why someone might characterize Schwartz's actions as "hacking into MIT's network to steal millions of scientific documents" and do so in good faith. It's aspies to not see how most people would see the situation that way, and rage at the prosecutor instead of acknowledging the larger task of changing people's views.
> Just the idea that Ortiz and Heymann had no choice but to hit Schwarz with these specific set of charges is absurd.
I didn't say she had no choice, I said her case was within the scope of the law. This is not a case where a prosecutor stretched obscure statute to railroad an innocent victim. This case was based on laws that proscribed exactly the kinds of activities the defendant undertook.
My point is that there are two very different kinds of "injustice" and people are confusing them.
In some cases, prosecutors charge defendants with completely tangentially-related laws in order to railroad them. But in this case the laws were on point. The real injustice is that the laws regarding "hacking" make no distinction between something like what Schartz did, and Russian mafia hacking into Bank of America's network.
Indeed. Perhaps it would clarify things if people who object to the Computer Fraud and Abuse Act could stand up and say "the CFAA is wrong and should be abolished; there should be no criminal penalty at all for unauthorized access to a computer system"?
At the least, there would still be criminal penalties for fraud, identity theft, misappropriation of trade secrets, blackmail, espionage, sabotage, etc.
When practically everything is a computer, having laws that specifically target computers seems unnecessary.
From what the trend has been, it looks like there are going to be 2 different lines of jurisprudence, one dealing with non digital works, actors and actions, vs one for the digital world.
It is increasingly clear that many situations online bear superficial similarity to real world analogues, and their edge cases make massive deviations from their r/l counterparts.
So laws will have to include cases for digital/computer based actions, at the very least as special cases.
If you can articulate a specific reason why e.g. "identity theft with a computer" requires different treatment than "identity theft" then we can discuss making an appropriate amendment to the laws against identity theft. But that is no excuse for the CFAA continuing to exist as written.
What I would be interested to hear is a valid argument for why "unauthorized access to a computer" (whatever that actually means) should be a felony or even a crime in cases when it doesn't occur in furtherance of any otherwise illegal act.
People talk about computers like they're property, but if you're accessing them then they're really like agents. Prohibiting "unauthorized access to a computer" isn't like prohibiting trespassing, it's like prohibiting talking to someone's agent without authorization. Which is silly. If your agent is stupid and someone convinces it to hop around on one foot or do some other such harmless thing, there is no reason for that to be illegal, you just train your agent to not do that if you don't want it to. If your agent is stupid and supplies foreign spies with copies of all your classified documents when they lie to it in the right way, anyone who does that is (or should be) guilty of espionage, and there is no utility in a separate law against "unauthorized access to an agent."
But there is great harm in prohibiting it, especially if the penalties are nontrivial, because depending on what "unauthorized" and "access" mean, we all arguably do it on a regular basis without even realizing it, and it makes us all subject to felony charges. So I'm waiting for someone to provide any good justification for why we shouldn't just repeal it.
Is it inconceivable that there's a middle ground to be found somewhere between "no criminal penalty at all" and "wildly, disproportionately harsh penalties"?
Perhaps we could call it "punishment that fits the crime"?
that property is unprotected or poorly protected makes it less "trespassing."
You know that booking someone for trespassing is pretty difficult, right? They have to be depriving you of the use of your property AND refuse to leave. So if I set up camp on your front lawn, and you ask me to leave, and I do, I was not trespassing. I don't think AS was depriving anyone of the use of their property here, was he? So the analogy does not really hold.
Do you approve of all actions throughout history performed under color of law? Your constant refrain to "Yes, these aren't terribly good laws, but they are the laws and that's enough" are so utterly unconvincing in light of this that I find it difficult to imagine your answer to the preceding question could possibly be anything other than yes, but before we proceed down that path I just thought I'd verify that assumption with you.
No honest person would call this the theft of millions of documents. This is akin to jumping the gate at a theme park and riding for free, a bunch of times. Nobody stole a rollercoaster. Harm was done but there's no need to reach for emotional terms to exaggerate it.
It'd take a lawyer to call this theft. I mean, by a word in a book it is but realistically it isn't.
For instance, I've had a forum post quoted word for word, and not as a reply. Of course I hadn't registered the copyright, but if I had I could have sued, as I would have been robbed - in your eyes. The same nothing would have happened but by virtue of a piece of paper you and yours would see it differently.
You talk about the closed mindset of hackernews but fail to see the emotionally isolated world inhabited by those who act as if morality flows from law instead of vice versa.
So again, no. I don't think an honest person would agree with that characterization of the events, at least not until a lawyer 'clarified' it for them.
He was hit with the hacking equivalent of trespassing. The point is that the fact that the network is unprotected or poorly protected doesn't make it any less "hacking" than the fact that property is unprotected or poorly protected makes it less "trespassing." What matters is whether Schwartz had permission to access the network for the kind of activity he engaged in, and he did not have such permission.
> No one is saying that. If he was hit with trespassing then it would be a different story. He was political target hit with the worst laws they could find that remotely applied to his case.
The aspies here are the techies who can't fathom why someone might characterize Schwartz's actions as "hacking into MIT's network to steal millions of scientific documents" and do so in good faith. It's aspies to not see how most people would see the situation that way, and rage at the prosecutor instead of acknowledging the larger task of changing people's views.
> Just the idea that Ortiz and Heymann had no choice but to hit Schwarz with these specific set of charges is absurd.
I didn't say she had no choice, I said her case was within the scope of the law. This is not a case where a prosecutor stretched obscure statute to railroad an innocent victim. This case was based on laws that proscribed exactly the kinds of activities the defendant undertook.
My point is that there are two very different kinds of "injustice" and people are confusing them.
In some cases, prosecutors charge defendants with completely tangentially-related laws in order to railroad them. But in this case the laws were on point. The real injustice is that the laws regarding "hacking" make no distinction between something like what Schartz did, and Russian mafia hacking into Bank of America's network.