You'll be free to spend a lot more time worrying about offending people with time or resource advantages who will retaliate by disrupting your life online. But don't worry, I'm sure everybody who could fuck you over online will always share your beliefs.
Really, though, after the last couple of years it seems reasonable for USA citizens to feel more threatened than protected by the CFAA, whether they're activists or they just choose to change their MAC occasionally.
I've drawn the opposite conclusion from the last 2 years.
Nobody has been charged under CFAA simply for changing their MAC address. When you try to turn the Swartz case into a slogan like that, you do your whole argument a disservice, because your slogan is trivially refuted.
I'll be less terse: the odds that any American's life is going to be disrupted by someone who would violate the CFAA is much higher than the odds that a federal prosecutor would bring a CFAA case against them.
I am not arguing that the CFAA doesn't badly need fixes. The zeitgeist seems to say that the big problem is criminalization of ToS violations (which was in the wake of Lori Drew inevitably going to stop being the case anyways), but I think the real problem is the sentencing rules that follow CFAA convictions.
What about the odds that one's life is going to be disrupted by someone who would violate the CFAA but no other laws (also then multiplied by the chance of said violation actually being successfully investigated and prosecuted) versus the everpresent odds of one's life being disrupted by someone outside of the reach of the CFAA ?
I think the globalization issue is a little bit overblown, since most other western countries have similar laws, and a huge fraction of the online crime that affects Americans originates from the west.
And what about those in the west that will really never get caught? I mean presumably one of the reason sentences are so high is because enforcement is so hit or miss, even though higher sentences don't deter people who think they're invincible.
Agree: it is a problem that it's so difficult to investigate computer crime that the unfortunate few who get caught also deal with all of society's pent up frustrations. We can address that by fixing sentencing.
Is the CFAA an effective deterrent to this sort of disruption? If the disruption is economic in nature (banking, credit card etc.), the guilty party is likely overseas. If the disruption is of a personally embarrassing nature, prosecution will only occur if the victim is famous. If the disruption is "tragic" (Lori Drew etc.), we probably don't want the law to address it.
I agree that sentencing rules are a serious problem, but that problem is much more general than the CFAA. We have entirely too many people in prison.
No, it's not an effective deterrent, and that's an ambient public policy problem that probably contributed to Aaron's maltreatment. Every prosecutor in the country has to be painfully aware of the absurdly low percentage of computer crimes that are ever properly investigated, let alone convicted and sentenced under CFAA. As a result, when we get our talons into one unlucky person, they tend to get walloped.
The response to that can't be to make genuine intrusions harder to prosecute. That's the opposite direction we need to go. But regardless of that fact, there's no reason we need to be dangling 5 year sentences in front of first-time offenders.
