The law is such an idiot when it comes to the internet. You can hardly expect better, since it was written in prehistoric times and is being maintained by people who lack many clues. And so to discuss crime and Aaron Swartz, it's useful to distance ourselves from definitions of crime that involve legality. There's a lot happening on the internet that's completely legal and very criminal, and there's also rampant illegality that should't be considered a crime.
Crime is really about upsetting or undermining a social construct. Stealing violates our social construct of property. Assault, murder, or hurting people in any way violates our mutual compact to live and let live. Social constructs vary in their utility and their generality. The most broadly useful get codified into laws. Some of the others do, too. When circumstances change, some of the social constructs need to be set aside and new ones constructed.
We're left with moral calculus. Here's my definition of moral calculus: it's anything you can't explain to an 8 year old about right and wrong, because the 8 year old isn't corrupt enough to believe it. It's an adult's set of excuses for doing or not doing the right thing. We need these excuses because our world is imperfect.
My first conversation with Aaron Swartz had me playing a "good cop" role. I needed to explain to Aaron how some of his mass-downloading was getting people really upset and could have negative consequences for the things he was trying to accomplish. If he would just ask, I told him, he could have an account for an API that DIDN'T crash to smithereens when asked for millions of records. And people were working really hard to make the information he wanted free, it just needed some years to make sure the machinery wouldn't collapse. Aaron sounded embarrassed. I sounded embarrassed.
I told him stories about I had once crashed Harvard's library system while doing some tiny little tests. Was that a crime? It wasn't MY bug. Maybe Harvard lost use of its catalog for a few hours in the middle of the night was that such a big deal?
I've also fixed crashes in the middle of the night. Believe me, you don't feel very charitable about the idiots who attack your system. The IP addresses usually say they're from Russia or India or China, but 99% of the time they're bots looking for something you don't have, so you make sure your system is robust enough to deal with some nasty tickles, and you go home and sleep soundly.
And apparently that's what happened to the folks at JSTOR when Aaron started his systematic downloading aimed at them.
So let me tell you a bit about JSTOR. JSTOR is a non-profit organization whose mission is to make scholarly information available in digital form, not just today, but into the future. And they do what they do very well. Almost too well. I had a business developing hyperlinking technology for libraries. The links to JSTOR worked quite well. There was no crashing of THEIR system when I reverse-engineered it. But they also took a legal stance that in order to link to them you had to have a legal agreement. I thought it was dumb, but they insisted on rigorous testing of my links before officially letting my system link to theirs. The result was better linking that benefitted everyone.
JSTOR's business model is to charge subscription fees to libraries to enable access to the articles they've digitized. Part of the fees are passed to their journal-publishing partners. And they make assurances to the partners that the intellectual property rights in these journals will be not be compromised. Their nightmare is that some third-world hacker will download all the technical articles and make them available in regions where it might be difficult for JSTOR and their publishing partners to assert their copyrights.
So of course JSTOR noticed Aaron's downloading articles and blocked the IP address he was using. Most likely that block affected lots of other people. And they contacted the MIT library to find the source of the mass downloading. Dealing with this kind of thing would have been a routine matter for both JSTOR and MIT Library. It's a common occurrence that someone acquires a proxy-server password from a friend and proceeds to download some journal they need for their research someplace that can't afford its own deluxe JSTOR subscription. So Aaron's first crime in the JSTOR affair was that his actions resulted in the loss of access to JSTOR for some part of the MIT community and loss of productivity at JSTOR and MIT Library. That's inconsiderate, but not illegal. Both MIT and JSTOR had legal obligations to do what they did. Aaron was just using guest access at MIT, so he wasn't bound by any institutional terms of service. And his robot wasn't reading JSTOR's website terms and condition.
Aaron didn't stop his downloading when MIT and JSTOR cut him off, alas. I think he was having too much fun eluding his pursuers. He didn't have to do anything terribly sophisticated, but it would have driven the network administrators crazy. There's nothing worse than having a hidden agent on your computer or on your network. Because even if it's not going anywhere it's not allowed to go, if you don't know where it is or what it's doing, you suspect the worst. You start doubting everything, and everyone, and you can lose your sanity. So that was Aaron's second crime. Diving people crazy via self-doubt is a crime in my book. But not illegal.
But why the reasonably good non-profit JSTOR? Why not attack Elsevier or some other for-alotta-profit publisher? My guess that Aaron's interest in JSTOR was its trove of public-domain articles. Once he had possession of the public domain articles, Aaron could commit a perfectly legal crime. He could distribute the digitized public-domain articles on the internet, for free. Executing a hack of the legal code was in character for Aaron, he had done it successfully with PACER.
While it's most likely legal, "liberating" JSTOR's public domain collection would be Aaron's crime number three, because it undermines an accepted social construct. It doesn't seem wrong to me for JSTOR to recover its digitization and distribution costs by charging willing customers for access. But there's an opposing argument that this information is part of our heritage and that it's immoral to deny people access to information they need, just because you're poor or you don't have connections to a fancy institution of higher learning, or you live in a country that struggles with subsistence or because you're only 13 years old. Those who build on the public domain have a special obligation to respect Tim O'Reilly's "create more value than you capture" rule.
It seems that JSTOR has accepted to moral burden of this argument. It's taken important steps to make its public domain corpus available to everyone. The great thing about moral calculus is that you can change it.
The fourth and final crime of Aaron Swartz was to commit suicide. That's the crime we're most angry about.
My last conversation with Aaron Swartz was at the SOPA protest in Manhattan a year ago. I congratulated him on the fruits of his activism. I told him about Unglue.it and our plans to make ebooks free to the world with crowdfunding. He loved the idea, and made me promise to let him know how it went. It's going ok, Aaron, but we could really use some help.
OK Go's @damienkulash sings at #aaronswnyc CC BY-NC-SA by Schwartzray |