Computer Fraud and Abuse Act threatens press freedom

NLRB threatens free association rights of Graduate student-workers
June 3, 2019
Yes we do want it all! 5 bills to improve police accountability & transparency in New York state.
June 11, 2019
NLRB threatens free association rights of Graduate student-workers
June 3, 2019
Yes we do want it all! 5 bills to improve police accountability & transparency in New York state.
June 11, 2019


On Wednesday June 5, a panel was held titled “Conspiracy to Hack: the Computer Fraud and Abuse Act, Free Speech, and Data Journalism”. The panel discussed theFirst Amendment implications of theComputer Fraud and Abuse Act (CFAA) in light of the recent indictment of Julian Assange. It also covered the broader implications of the indictment on First Amendment rights.

The CFAA was created with the intent of marking certain online behavior, like hacking, a federal offenseHowever, the statute has been criticized as overly broad. For example, the wording of  “exceeds authorized access” remains ambiguous. In some cases this has meant violating terms of service, or deleting information off of a computer after leaving a job. In a high-profile case, activist Aaron Swartz was prosecuted for violating the CFAA by collecting JSTOR articles in a way that the Department of Justice alleged “exceeded” his “authorized access.”n. The case was notable for the aggressive pursuit of Swartz through the CFAA, with charges that could have led to over 50 years in jail. The prosecution ended when Swartz committed suicide, and an effort to reform the overly broad powers of the CFAA was consolidated into what became known as “Aaron’s Law.” While the law drew early bipartisan support, it has since stalled.

In Julian Assange’s case, the CFAA was invoked because of conspiracy claim involving Chelsea Manning. Assange allegedly was given an encrypted password on a Department of Defense computer to crack. Gabe Rottman, technology and press freedom project director at the Reporters Committee for Freedom of the Press, explained that this combined with another indictment for violating the Espionage Act, presents a challenge to journalists. The issue is explained as potentially criminalizing the solicitation of classified information to journalists, and the journalists taking steps to access the information.

The CFAA presents problems in other ways to journalists. In some cases the CFAA has been interpreted to criminalize violating Terms of Service(ToS). The ACLU successfully challenged this interpretation in a DC federal court in Sandvig v. Sessions. The case involved professors and journalists scraping data from websites to evaluate algorithmic discrimination. In a high profile case with Facebook, ads were targeted in a way that allegedly violated the Fair Housing Act. If the CFAA were to include ToS in violation, it could make scraping public data challenging for journalists and researchers.

Companies like Facebook have a financial interest in keeping their algorithm practices secret if they engage in discriminatory practices. Facebook and other social media companies have faced scrutiny thanks to media coverage. Ramya Krishnan, staff attorney at the Knight First Amendment Institute at Columbia University, explained that “We are aware of instances where [websites] have instructed journalists and researchers to stop their projects essentially, to stop their investigations on their platforms.In part, in their view, because those projects violate their terms of service. And the implicit threat there is the CFAA, that they could bring a civil claim.”

Having Terms of Service be the benchmark for CFAA violations can make a vast array of activities, such as giving false information, making fake accounts, or even sharing information from the website, illegal.  Esha Bhandari, an attorney at the ACLU, explained that “the overbreadth of the CFAA was really depressing the amount of research that was going into the problem of algorithmic research.” The broadness of the act also creates an atmosphere where selective enforcement can

In the case of Assange, the broadness of the CFAA charges raised questions about selective enforcement. The indictment focuses on the collaboration of Chelsea Manning and Julian Assange’s release of classified information. Considering the broadness of what violating the CFAA can cover, the indictment may be a bellwether of enforcement against news organizations. As David Segal, the executive director of Demand Progress, warned on the panel, organizations like The New York Times and The Washington Post give directions for how to give them information, that could be obtained illegally. If someone violated a terms of service in the process of sharing information to news organizations it could be used as a preface to attack the publication and sharer.

The CFAA remains a challenge to First Amendment protected press freedom. The latest attack on Assange does far more than punish him, it has the potential to put a chilling effect on journalism broadly. At the same time corporations, left to their own devices, can put a hamper on research so long as they can use the broadness of the CFAA as a threat. The ability of journalism to uncover the issues of the increasingly complex digital sphere remains is threatened by an unreformed CFAA.