Aaron’s Law – Definition

Cite this article as:"Aaron’s Law – Definition," in The Business Professor, updated September 21, 2019, last accessed August 9, 2020, https://thebusinessprofessor.com/lesson/aarons-law-definition/.


Aaron’s Law Definition

Aaron’s Law is a term referring to a 2013 bill that was introduced in the United States Congress. The bill is still pending after it failed to pass.

A Little More on What is Aaron’s Law

Aaron’s Law is a bill that was proposed in order to amend the 1986 Computer Fraud and Abuse Act (CFAA). The 1986 CFAA is a law that governs computer abuse in the United States. Aaron’s Law was named after the famous internet activist Aaron Swartz who died at the age of 35 years after committing suicide.

Before ending his life, Aaron was facing a 35 years possible prison sentence plus a $1 million dollar fine. Aaron’s charges came after the prosecutor found him guilty of violating one of the CFAA provisions.

He had unlawfully downloaded over two million education articles. According to CFAA, this was considered fraud because the academic articles he downloaded were supposed to be accessed only through subscription.

Following Aaron Swartz’s death, a California representative Zoe Lofge created the famous Aaron’s Law. He introduced the bill in 2013 to the US Congress for the purpose of amending the CFAA. The amendments were aimed at addressing some fundamental problems that existed within the CFAA.

What  Aaron’s Law was supposed to Address

Aaron’s Law was created to address the following CFAA’s issues:

  • To separate the CFAA treatment of daily internet activity as an intention to commit internet fraud.

It was to exclude breach of terms of service as part of CFAA violations. It was to make the court differentiate between unauthorized access from hacking or cyber attacks. The Law was to consider things such as unauthorized access to online information, password log in requirements, and encryption not to be unlawful and, therefore, not prosecutable.

However, the law maintained that acts such as government agency hack attacks, virus attacks, among others would remain prosecutable as stipulated in the CFAA.

According to the current FCAA’s provisions, a person who acts against a website’s terms-of-service qualifies for a jail term. The penalties involve both prison terms and a fine when one downloads copyrighted material. These terms of violation were seen to be a harsh interpretation that would lead to heavy penalties on minor terms of service violations. This is what Aaron’s Law was supposed to eliminate.

  • To remove the FCAA redundant provision

Currently, the FCAA contains a redundant provision that subjects an individual to the possibility of facing multiple prosecution charges for a similar crime under various provisions. The multiple charges are, therefore, seen as unfair as they pave-way for excessive penalties to those convicted.

  • Aaron’s Law aimed at reforming violation’s penalties

Reforming violation penalties intended to prevent the prosecutors from incorporating charges that are not provided under CFAA. It is important to note that, the current FCAA bill is unclear as it lacks specifications and clarity. Because of this, there are chances that prosecutors will incorporate criminal charges that would aim at behavior that goes beyond hacking. This would lead to unfair severe penalties such as long term imprisonment and/or heavy fines.

However, this bill did not succeed and, therefore, it is still pending.

Why the Bill Failed to Pass

One major reason why the bill was rejected is that Congress felt that allowing password authorization so that people could get access to information and use it without permission, would pave the way to serious internet fraud.  This may be dangerous even to state agencies.

Note that though the bill was not able to pass, the Congress has been regularly amending the CFAA. The amendments were done in the following years; 1986, 1994, 1996, and 2002, respectively.

Reference for “Aaron’s Law”






Academic Research on “Aaron’s Law”

Aaron’s Law: Bringing sensibility to the computer fraud and abuse Act, Murfin, M. (2013). Aaron’s Law: Bringing sensibility to the computer fraud and abuse Act. S. Ill. ULJ, 38, 469. This article discusses the how the computer fraud and abuse Act can help to address computer fraud. The author begins by explaining how Aaron Swartz, a 24-year-old, had been indicated using the Computer Fraud and Abuse Act (CFAA) of 1986 for downloading and distributing JSTOR’s digitized academic journal archive. The author then discusses the impacts of the Act on the society.

Aaron’s Law: Reactionary Legislation in the Guise of Justice, Viana, M. A. (2015). U. Mass. L. Rev., 10, 214. According to the Note, the Computer Fraud and Abuse Act (CFAA), also known as ‘Aaron’s Law,’ resulted in the prosecution and the death of hacktivist Aaron Swartz. The note describes the circumstances under which Aaron had been prosecuted, namely his act of downloading data from JSTOR and distributing. The Note further examines another case, Robbins v. Lower Merion School District, which had also been ruled using the CFAA. Amending the Act, according to the Note, would help to remove a civil remedy in the case of Robbins. The Note concludes that the case of Aaron Swartz could have involved prosecutorial discretion in order to allow CFAA to function as intended by the Congress while also offering meaningful remedies to plaintiffs like Robbins.

[PDF] AARON’S LAW, UNCLAIMED, A. O., PERSONS, A. O., & PERSONS, A. O. AARON’S LAW. This Oregon legislature document lists the cases under which Aaron’s law has been utilized including the accusatory instruments, abduction persons, abandoned or unclaimed property, actions and proceedings, and contested cases.

[PDF] The CFAA and Aaron’s Law, Juo, J. The CFAA and Aaron’s Law. This article discusses the invention of the Computer Fraud and Abuse Act (CFAA) as well as Aaron’s law. According to the author, the CFAA was enacted in 1984 with the aim of criminalizing the hacking of computers in line with financial records, national security, and government property. It had, however, been amended several times including 1994 and 1996 when it was expanded to protect computers and communication. The author then discusses the story of Aaron Swartz who had been arrested and prosecuted for hacking JSTOR and distributing its content. Later, Aaron’s Law was introduced in 2013, an amendment of CFAA which required the removal of the “exceeds authorized access” language from the statute and define “access without authorization” to refer to the access of information on a protected computer that the accesser lacks authorization to obtain by circumventing technological measures that prevent unauthorized individuals from obtaining that information.

Birthing CLA: Critical Legal Activism, the IP Wars and Forking the Law, Ekstrand, V. S., Famiglietti, A., & Berg, S. V. (2012). Cardozo Arts & Ent. LJ, 31, 663. This article discusses the failure of CLS and how it resulted in the emergence of the Critical Legal Activism (CLA). The author explores the concepts of coders and critical copyright and how this led to the inception of the CLA. The article further discusses the CLA landscape and how it helps to fight the IP wars.

Was this article helpful?