One of the most unusual criminal hacking prosecutions recently began when a Massachusetts federal grand jury returned an indictment against Aaron Swartz, a fellow at, of all places, Harvard University’s Center for Ethics. The four count criminal indictment, available here, charges Swartz with wire fraud, computer fraud, unlawfully obtaining information from a protected computer, and recklessly damaging a protected computer. It also seeks forfeiture of property involved in or gained through the criminal enterprise. What is interesting about this case is not merely that it charges a fellow at Harvard’s Center for Ethics with numerous serious felonies but what precisely Swartz is charged with stealing — 4.8 million academic articles from the proprietary JSTOR database. Since academics generally support the free dissemination of information, believing strongly that information should be free, Swartz’s action might be seen as part of a larger effort at data liberation, intended to free information from being locked up in proprietary databases, available only to those affiliated with institutions having the ability to pay. In fact, the indictment itself indicates that JSTOR charges institutions heavy subscription fees of up to $50,000 annually for access to its database of academic articles.
A post by Audry Watters in ReadWriteWeb quotes Jason Kottke as saying it’s not too difficult to guess,” why Swartz did it. He points out that Swartz had made earlier efforts to download and distribute court files from Pacer, the government-run fee-based Public Access to Court Electronic Records system. After Pacer was made available to a limited number of libraries, the New York Times reported that Swartz and others tried to “download as many court documents as they could, and send them to him for republication on the Web, where Google could get to them.” If what is alleged in the indictment is true, Swartz therefore seems committed to data liberation in favor of free public access (not to mention widely available Googlized indexing).
The Swartz indictment therefore raises fascinating questions about the conflict between academic and technology values supporting the free public access to information through the democratizing force of the internet and efforts by business (even of non-profit corporations like JSTOR) to commercialize such information through storage in proprietary, fee-based, walled databases.
Ironically, while it is the authors or publishers of the academic works in question that generally hold the copyrights to the downloaded articles, it is not they who are complaining — it is the owner of the proprietary database, JSTOR. While Congress has repeatedly addressed the question, it has consistently declined to provide any special copyright or similar intellectual property protection to the developers of proprietary electronic or other databases of non-original information. Indeed, the Supreme Court’s decision in Feist Publications, Inc. v. Rural Service Co, 499 U.S. 340 (1991), may suggest that there are constitutional limitations on providing any such protections. Thus, JSTOR probably holds no copyright or other similar proprietary interest in the contents of its database, which Swartz is accused of improperly downloading.
Significantly, unlike illegal downloading, hacking, or sharing of protected music or movie content, so frequently in the news, Swartz could not be and was not charged with illegal downloading the intellectual property of others. Consequently, the indictment focuses on the methods he employed to access the information. The indictment specifically provides extraordinary details of how Swartz allegedly gained access to the JSTOR database by hooking a laptop and associated hard drives purchased for this purpose up to the computer network at the Massachusetts Institute of Technology, an educational institution with which, according to the indictment, Swartz had no affiliation. Access to the MIT network was allegedly gained through one of the MIT communication wiring closets where Swartz allegedly hooked his laptop directly into the MIT network. Thereafter, the indictment claims he established fictitious accounts on the MIT network to access JSTOR and eventually spoofed MAC internet addresses on his laptop to counter efforts by MIT and JSTOR to thwart his alleged massive downloading of significant portions of the JSTOR database once they detected it.
Swartz may very well be correct that the intellectual property in the contents of the JSTOR database of academic articles is not owned by JSTOR. In fact, given that he was downloading mostly academic articles, the authors and, perhaps, the true owners of the articles (gusually academic publishers) may generally desire wide public distribution after their initial publication runs and sales were completed. Swartz’s goals in his attempted data liberation, if that is what he actually did, therefore may be lofty and consistent with the values of the academy and many in the technorati. Nevertheless, he has not been indicted for his objectives or his intent, but, rather, for the means he employed to implement those goals, i.e. breaking into and downloading information from protected computers in violation of both access and use rules and the licenses for the use of the JSTOR database. While many might agree with the goals of animal rights advocates seeking more ethical treatment of animals in research and other instances, breaking into pharmaceutical research labs to liberate research animals is still criminal and subject to prosecution however lofty the objectives. Similarly, while information may want to be free, those who seek to liberate it from others’ computers can still be prosecuted for their liberation efforts, as Aaron Swartz has just learned. Perhaps the prosecution of a prominent data liberationist, like Aaron Swartz, is merely the federal government’s efforts to fire a shot across the bow of others committed to data liberation. Maybe Aaron Swartz merely constitutes an easy target to send a message — low hanging fruit. I presume that Anonymous and LolSec are listening.