Feeds:
Posts
Comments

Archive for July 20th, 2011

Photo by feralindeed

As you may have heard by now, a young rabble-rouser by the name of Aaron Swartz has landed himself in a whole heap of trouble. If you don’t know what I’m talking about, take a look at this article in the New York Times, then come back so I can ramble incoherently about things I don’t understand.


Allegedly, Aaron Swartz broke into a restricted wiring closet at MIT, made an unauthorized connection to MITs network (he is not affiliated with the school), used several methods to mask his identity (MAC address spoofing, IP switching, clever Python scripts, etc.), and proceeded to download over four million articles from JSTOR in direct violation of JSTOR terms of service. Wow. JSTOR, libraries, information, access…get ready for every librarian with a Twitter account to jump on the biggest thing to hit libraries since McMastergate.


So, what do librarians think about Swartzgate (yes, I just called dibs on the inevitable stupid suffix). Well, it’s still early, but here are the three most tweeted headlines in my feed:

If the headlines are to be believed, Aaron Swartz has been indicted for downloading too many articles from JSTOR. Given the possibly unethical nature of the academic publishing world and the oppressive nature of publisher copyright agreements, Swartz’s case looks like a great rallying cause for librarians concerned with freedom of information, open access, and scholarly communication. But, before the onslaught of blog posts gets too far, I’d like to clear up a few things…


No, Swartz did not really steal anything
Some reports are framing the Swartz indictment in terms of theft. Supposedly, by downloading millions of articles, he stole the property of JSTOR (and MIT, depending on how you read the license agreement). As U.S. Attorney Carmen Ortiz was quoted in a DOJ press release:

Stealing is stealing whether you use a computer command or a crowbar and whether you take documents, data or dollars. It is equally harmful to the victim whether you sell what you have stolen or give it away.

Well, I hate to break it to you, but Swartz did not steal anything in the traditional sense of theft. Take a look at Black’s Law Dictionary, which defines ‘theft’ as “the felonious taking and removing of another’s personal property with the intent of depriving the true owner of it.” As many bloggers have already pointed out, Swartz did not deprive JSTOR (or MIT) of the articles in question; JSTOR still has the articles. You’ll hear this line of thinking a lot in the near future.


Yes, Swartz really did commit larceny
Though it may not be theft, Swartz did commit larceny. What a lot of commentators don’t realize is that the legal sense of larceny is not the same as the everyday sense of theft. Moreover, with the exception of a handful of very narrow cases, larceny is only prosecuted at the state level, so it helps to look at the Massachusetts General Laws. Specifically, Chapter 266, Section 30, on larceny:

Section 30. (1) Whoever steals, or with intent to defraud obtains by a false pretence, or whoever unlawfully, and with intent to steal or embezzle, converts, or secretes with intent to convert, the property of another as defined in this section, whether such property is or is not in his possession at the time of such conversion or secreting, shall be guilty of larceny…[my emphasis]

But electronic information isn’t property, right? Not so fast there, buster. Under Massachusetts law, property includes “electronically processed or stored data, either tangible or intangible, data while in transit, telecommunications services.” I’m no legal expert, but under Massachusetts law, it looks like Swartz did commit larceny. Specifically, he obtained intangible, electronically stored data through false pretenses. As to whether he intended to defraud (cause injury or loss through deceit) JSTOR or MIT, I won’t speculate as to his motives, but lets just say that if the entire contents of JSTOR were suddenly available for free through BitTorrent, I think the financial loss would be substantial. So, no, he did not deprive anyone of property, but yes he did obtain data through false pretence with the intent to affect JSTOR in some manner. Perhaps most interesting is the fact that Swartz is not being prosecuted for larceny at all. JSTOR is not pursuing legal action against Swartz at all and the case is being directed by the U.S. Attorney’s Office. So, the whole issue of theft is a red herring.

Swartz was not indicted for downloading too many articles
This is the big one. Yes, Swartz allegedly downloaded more than four million articles. He did this under false pretenses and in direct violation of JSTOR’s license agreements. And what was he charged with? Here’s the list:
  • Wire Fraud (18 U.S.C. § 1343)
  • Computer Fraud (18 U.S.C. § 1030(a)(4))
  • Unlawfully Obtaining Information from a Protected Computer (18 U.S.C. § 1030(a)(2), (c)(2)(B)(iii))
  • Recklessly Damaging a Protected Computer (18 U.S.C. § 1030(a)(5)(B), (c)(4)(A)(i)(I),(VI))
Err…where’s the “you stole our articles” charge? Well, as I pointed out above, there was no deprivation of property, and more importantly, this type of larceny would be prosecuted at the state level, if at all. Instead, Swartz is charged under the Computer Fraud and Abuse Act. Really, 18 U.S.C. § 1030(a)(2) is the only charge that comes close to addressing the large number of articles downloaded, but, as at least one real legal expert has noted, Swartz was completely within his rights to access the information in question; he did not exceed authorized access in the sense intended by the provision (by 18 U.S.C. § 1030(e)(6), to exceed authorized access is “to access a computer with authorization and to use such access to obtain or alter information in the computer that the accessor is not entitled so to obtain or alter”). It’s the manner in which he accessed it that lead to the indictment, not the quantity of articles downloaded.


If anything, the relevant federal charges would have to do with copyright infringement. But, Swartz is not being charged under 18 U.S.C. § 2319 (Criminal Infringement of Copyright) and Title 17 does not appear anywhere in the indictment. It all comes down to a case of computer fraud and unauthorized access. If entering restricted areas, making unauthorized connections to a secure network, intentionally masking your identity, and repeatedly circumventing security interventions is your preferred method of making a statement about copyright and open access to scholarly communication, you might be going about it the wrong way.


Don’t believe the hype
Some of the more popular soundbites flying around the interwebs only serve to confuse the issue. For example,  Demand Progress Executive Director David Segal is widely quoted as saying that the case “is like trying to put someone in jail for allegedly checking too many books out of the library.” No Dave, it’s not like that at all. It’s more like trying to put someone in jail for allegedly breaking into the library after hours. James Jacobs, a librarian at Stanford, has been quoted as saying that “it’s incredible that the government would try to lock someone up for allegedly looking up articles at a library.” Yes, James, that would be incredible, if it happened. But, there’s a big difference between looking up articles in a library and committing fraud in order to violate license agreements.


Again, Swartz is not being charged with downloading too many articles. He is being charged with computer fraud. Whether he downloaded four million articles, or just four, the articles themselves are immaterial. Hell, he could have just played Farmville and the indictment would stick. As to whether the Computer Fraud and Abuse Act is a just law, that’s a separate issue from JSTOR.

“I’m growing Z39.50s!”



The takeaway

I’m not a legal scholar, so I could be wrong about all of this. But, there seems to be a disconnect between what the indictment alleges and what the “information wants to be free” crowd alleges. From some posts, it looks even less like a disconnect and more like misinformation and misrepresentation. I get that scholarly communication is broken. Believe me, I would like nothing more than to see the current system replaced with free and open access to information. Too much of our intellectual heritage is trapped behind exorbitant subscription models and draconian terms of use. Still, computer fraud is not necessarily the way to go about realizing change, and the whole thing leaves me with more questions than answers. Here are the two big ones:


First, I’m still trying to figure out how fraudulently downloading and sharing four million articles from JSTOR is supposed to help the open access movement. The primary users of JSTORs archives are scholars who probably already have access through their library, so Swartz must be interested in making the archives available to non-academics. But, what is the demand for scholarly articles outside of the ivory tower? How many people are anxiously awaiting the day they can finally put down that James Patterson novel and curl up with Zeitschrift für philosophische Forschung? I know, I know, that’s a bit hyperbolic. But, my point is that the problem isn’t a lack of access for those that most want to read scholarly articles in JSTOR, the problem is found in exorbitant subscriptions and byzantine terms-of-use agreements.


Second, I’m also wondering why JSTOR was targeted. Since when is JSTOR the bad guy? I may be pretty green on matters of institutional subscription services, but I thought JSTOR was a non-profit. Sure, JSTOR costs an arm and a leg, but isn’t that mostly the fault of publisher license agreements? Wouldn’t it make a stronger statement to go after a publisher/vendor like SAGE or ThomsonReuters? Why not hit a publisher that’s making oodles of money off of scholarly indifference to the predatory licensing we librarians have warned about for years? Seriously, JSTOR? WTF?  I’m deeply troubled by this because publishers have JSTOR bent over just like the rest of us, and the most probable outcome I can foresee involves big name publishers like Oxford, Cambridge, or Blackwell forcing even more stringent license agreements and higher subscription fees. If anything, publishers are going to force JSTOR to adopt stricter licensing and libraries will be forced to eat the cost.


In sum, there’s a lot of hyperbole and misinformation in the circus surrounding Swartzgate, and I think it can only detract from the open access movement. It’s one thing to sit at a library computer and openly and honestly violate database terms of agreement as an act of civil disobedience or protest. It’s quite another to sneak into unauthorized areas and commit wire fraud. However, there is a silver lining. Though Swartz has done nothing to help open-access, his case (along with the Bradley Manning case) will bring more scrutiny to the Computer Fraud and Abuse Act. I’m sure that after the moving wall has passed you can read all about it in a convenient JSTOR-provided journal…assuming you can still afford the subscription.
Advertisements

Read Full Post »