Why Is Congress Trying to Make Our Internet Abuse Laws Worse, not Better?

[Commentary] In January this year, political activist and net guru Aaron Swartz committed suicide. Facing the potential of years in prison for downloading a database of academic articles, Swartz had exhausted his wealth and his will to fight. With the help of a rope, he gave up. Swartz's death has turned a light on the statute that had put Swartz's liberty in jeopardy: the Computer Fraud and Abuse Act, or CFAA for short.

This federal criminal statute has gotten way out of hand. The CFAA was passed in 1986 to punish the new crime of computer hacking. But a lot has changed since 1986. Use of computer networks was rare then. Now it is ubiquitous. And Congress has expanded the law several times, making its reach broader and its punishments more severe. The act has become a sprawling mess -- a powerful and mysterious weapon that could potentially reach millions of ordinary Americans. And prosecutors have interpreted it incredibly broadly. The problem results from the law's vague language: The act criminalizes "unauthorized access" to a computer. But almost 30 years after its passage, no one yet knows when access is unauthorized. The law cries out for a common-sense reworking. After Swartz's death, a cross-partisan coalition in Congress, led by Democrat Zoe Lofgren and Republican Darrell Issa, did just that, proposing a law that would end liability for terms-of-service violations and would limit felony liability for violations. But, incredibly, some in Congress are going the other way.