"Aaron’s Law would refocus the CFAA to target more extreme criminal activities like phishing for credit card information and injecting viruses onto servers, which was actually the original purpose of the law before it became a favorite litigious tool for all manner of digital crime. This refocusing of the CFAA would come from defining “access without authorization” to mean “actual unauthorized access to information by circumventing technological or physical controls—such as password requirements, encryption, or locked office doors,” wrote Aaron’s Law co-sponsors in Wired last year.
Congresswoman Zoe Lofgren and Senator Ron Wyden introduced Aaron’s Law last June to much fanfare and positive press—they even got the internet to look over it before they took it to Congress—and now, with the Aaron Swartz documentary Internet’s Own Boy in theaters, I decided to check on the amendment’s progress. Given the internet’s support for the amendment and for all things Swartz, I had high hopes. Shockingly, Aaron’s Law has gone nowhere since last year, and hasn’t even budged from the subcommittee it was introduced in.
In an interview with a Canadian-based news outlet, Internet’s Own Boy filmmaker Brian Knappenberger cited Oracle Corporation and CEO Larry Ellison as the company primarily responsible for the Congressional inaction. Founded in 1977, Oracle sells tech products ranging from computer hardware like graphics cards to database software. Oracle had financial reasons for keeping the CFAA as is, Knappenberger was told, which included the continued ability to go after competitors aggressively.