A 26-year-old law says that any unauthorized access into a protected network or computer — like your access to this website — is a federal crime with longer prison sentences than most violent crimes.
Pernille Ironside / ThoughtWorks / AP / File
In 1970, a 14-year-old boy dialed into a nationwide computer network, uploaded a virus he had written and caused the entire network to crash.
That boy was Bill Gates. Five years later, he founded Microsoft.
A few years later, two young men went around college dorms in California selling boxes of wires that let students bypass telephone-company restrictions and make long-distance calls for free.
Those young men were Steve Jobs and Steve Wozniak, and a later venture they started, Apple, is now the most valuable company in the world.
In 2010, another young man, who had already founded a multimillion-dollar company, broke into a utility closet at the Massachusetts Institute of Technology.
He hooked up a laptop to the campus network and downloaded 4 million academic journal articles, most of them in the public domain, from a paid archive to which he had a subscription.
He was arrested, indicted twice on multiple counts of fraud and, at a trial that was to have begun in April, faced 50 years in federal prison and a $1 million fine.
His name was Aaron Swartz, and last week he hanged himself.
The difference between the fates of Gates, Jobs and Wozniak on the one hand, and of Swartz on the other, originates with the Computer Fraud and Abuse Act.
The CFAA is a 1986 law, section 1030 of the federal criminal code, which makes any unauthorized access into a protected network or computer a federal crime and permits harsh penalties for those convicted.
But 1986 was a long time ago. Today, any Web server can be defined as a protected computer, and almost anything can be defined as unauthorized access.
Use your roommate's Netflix account to watch movies on your iPad? You're violating the CFAA.