Have You Committed the Crime of Outsmarting?

The Hacker Manifesto lauds the world of the electron and the switch, where the talented are treated equally and the values of curiosity and exploration reign supreme. Yet studying computers, network security, and programming flaws can be a crime or civil offense. Just two examples: In Sony v. Hotz (2011), a case that eventually settled, Sony claimed that researchers who studied the way their own game consoles worked violated the CFAA.

Thoughts on Orin Kerr's CFAA Reform Proposals: A Great Second Step

Law professor and cybercrime expert Orin Kerr published a proposal to amend the Computer Fraud and Abuse Act (CFAA) to address the overcriminalization that he has been at the forefront of identifying and combatting. His current proposal, which very simply but comprehensively addresses a number of problems with the CFAA, is here.

By focusing purely on whether the service operator implements technological access barriers, the proposal risks a similar problem to the one that the current statute has, giving server owners plenary authority to criminalize the way members of the public interact with information made available online, but through “technological access barriers” rather than merely terms of service and employee agreements.

With the CFAA, Law and Justice Are Not The Same: A Response to Orin Kerr

Law Professor and Computer Fraud and Abuse Act expert Orin Kerr wrote today in his usual thorough and well-informed fashion about the legal claims in Aaron Swartz's case.  While his analysis of the law is, as usual, spot on, I nevertheless disagree with its treatment of Aaron's case as routine and, by implication, unremarkable.  I am in the process of explaining why , but want to address here a few of Orin's arguments. 

Towards Learning from Losing Aaron Swartz

Over the weekend, I learned that Aaron Swartz had taken his own life. I cried, and am still crying, for him, his family, for the close friends who loved him, and for our community. We lost a rare and special person, one who did so much in his short life to make the world a better place. Any do-gooder, including myself, could be proud were we to accomplish as much. We don't know what else he would have acheived were he to have lived. But I admit that I also cried for myself, because I felt guilty that I didn't do more to help Aaron in his criminal case. This post is about part of that challenge, the challenge to improve computer crime laws, and the criminal justice system more generally. Hopefully in the end, there'll be something that I, and you, can do about it.

Beta-testing the Konomark Project

Konomark is my project with CIS. In this post, I’m reporting the results of the first phase of my beta test.

Konomark aims to encourage the sharing of copyrighted works on the internet in an informal, person-to-person way. The konomark is a standardized symbol that signifies your willingness to receive gratis permission requests. Here’s an example:

Tool Without a Handle: “Kittens, Cities, and Creepshots”

In this post, I apply the “tool” metaphor to two common concerns with respect to online services and privacy:  profanity in discussion fora and the publication of “creepshots” - public photos (and associated comments) of women taken without the consent of the subject.  These two examples help demonstrate the point that thinking of online services as “tools” better generates innovative responses to social concerns, including those where privacy and free expression interests collide.  “Tools” call for solutions that change how the service works, while thinking of services as “spaces” calls fo


Subscribe to Stanford CIS Blog