The indictment of journalist Tim Burke raises disturbing questions about just how much the government will stretch a federal hacking law known as the Computer Fraud and Abuse Act to criminalize newsgathering.
Federal and local authorities have abused the CFAA and state-level computer hacking laws in the past, including to go after journalists.
As Freedom of the Press Foundation (FPF) Deputy Director of Advocacy Caitlin Vogus and ACLU Surveillance and Cybersecurity Counsel Jennifer Stisa Granick explain in a new op-ed for Ars Technica, the government now suggests with the Burke indictment that journalists violate the CFAA if they don’t ask for permission to use information they find publicly posted on the internet.
Vogus and Granick write:
Using a published demo password to get a list of URLs, which anyone could have used a software program to guess and access, isn’t that big of a deal. What was a big deal is that Burke’s research embarrassed Fox News. But that’s what journalists are supposed to do—uncover questionable practices of powerful entities.
Journalists need never ask corporations for permission to investigate or embarrass them, and the law shouldn’t encourage or force them to. Just because someone doesn’t like what a reporter does online doesn’t mean that it’s without authorization and that what he did is therefore a crime.