Friday

March 29th, 2024

Insight

Does this cybercrime law actually keep us from fighting discrimination?

Hayley Tsukayama

By Hayley Tsukayama The Washington Post

Published June 30, 2016

The American Civil Liberties Union is challenging a key computer crime law, arguing that it violates the Constitution and specifically prevents researchers from identifying systemic discrimination, such as those related to housing and job searches.

The group is backing several anti-discrimination researchers and First Look Media - publishers of the Intercept - in a legal challenge filed Wednesday. At issue is the Computer Fraud and Abuse Act (CFAA). The law makes it a jailable offense to break the terms of service of any Internet company. (That means that using a pseudonym on Facebook or lying to let a 12-year-old create a Google account breaks the law.)

The researchers and journalists say that breaking those rules can be necessary for research and argue that simply violating websites' rules shouldn't carry such a heavy penalty. In particular, the lawsuit says that those looking to investigate whether housing and job sites discriminate against applicants often must create several fake accounts to test how sites' algorithms view similar candidates.

"The law has long protected such socially useful misrepresentation in the offline world," the complaint reads. "In the online world, however, conducting the same kind of audit testing generally violates websites' terms of service," the filing notes, which in turn violates the CFAA.

The complaint also argues that researchers must be able to scrape sites - using tools to pull large amounts of information from them - to collect the data sets they need to conduct their research. Companies tend not to like this, as it pulls what they may consider proprietary data from the businesses they've built.

The researchers and the ACLU argue that the CFAA, as written, violates the First and Fifth amendments by preventing news organizations and researchers from conducting their investigations without fear of harsh punishment. They also argue that the law puts too much power in the hands of companies, which can change their terms at any time - and, in doing so, criminalize any number of behaviors.

The CFAA has been sharply criticized in the past for being overly broad, poorly defined and disproportionately harsh.

The debate came to the fore after the 2013 suicide of noted programmer Aaron Swartz, who was facing jail time for scraping information from the academic site JSTOR.

A reform law, called Aaron's Law, was introduced some months later, and proposed that those who violate terms of service should be punished for any damage caused, rather than simply for breaking the rules. The bill has languished in Congress ever since.

There have since been several calls to strengthen the CFAA, as the threat of cybercrime grows. In a 2015 speech, Deputy Assistant Attorney General David Bitkower made clear that the Justice Department isn't interested in prosecuting people who lie about their weight on dating websites. But, he said, loosening the law too much risks allowing some wrongdoers to walk away without penalty. He pointed to a case where a police officer was bribed to hand over confidential police records; that CFAA conviction was overturned. The Justice Department has proposed rewriting the law so that "trivial actions" are not treated as an offense - but the definition of "trivial" may not cover all research applications.

And some lawmakers are not convinced that there are good reasons to break the rules. Some politicians see all those who circumvent the rules as criminals. Or, as Rep. Louis Gohmert, R-Texas, put it in a 2013 hearing: "I don't really understand why you want to be protective of the hackers."

By highlighting how the CFAA specifically prevents further research into housing and job discrimination, the ACLU and researchers have found a way to use some of the government's own priorities against itself.

Barack Obama's administration has repeatedly called for close study of whether companies use big data in a discriminatory way.

The Federal Trade Commission, for example, asked whether the use of big data is inclusive or exclusive. And the White House itself released a major report last month cautioning that, used poorly, big data can perpetuate damaging stereotypes.

"Without deliberate care, these innovations can easily hardwire discrimination, reinforce bias, and mask opportunity," the report's authors - including U.S. chief technology officer Megan Smith - said in a blog post.


Previously:
How to reclaim your smartphone storage space in time for those summer vacations
Who should (and should not) buy the iPhone SE
I played with Apple's new iPhone. Here's what you need to know
10 iPhone tricks that will make your life easier
12 ways to use your Android smartphone more efficiently
Wifi routers are getting way more expensive --- here's why you should buy a new one anyway

Columnists

Toons