Prosecutors, others involved in Swartz case express safety, privacy concerns
- 03 April, 2013 11:34
The U.S government and two other entities involved in investigations leading to the indictment of the late Internet activist Aaron Swartz have asked a federal court in Boston to redact the names of people involved in the case from documents being sought by Swartz's estate and by some lawmakers.
In separate affidavits filed with the court last week, the Department of Justice, the Massachusetts Institute of Technology and Ithaka Harbors Inc. a nonprofit organization that operates JSTOR, a large database of academic journals, cited privacy and security concerns as reasons for their redaction requests.
Swartz, 26, hanged himself in January apparently over concerns stemming from the prospect of spending up to 35 years in prison on hacking-related charges.
Federal prosecutors in Massachusetts had alleged that Swartz violated the provisions of the Computer Fraud and Abuse Act (CFAA) when he misused his guest access privileges on MIT's network to systematically access and download 4 million documents from JSTOR. He was indicted on 13 counts of felony hacking and wire fraud related to the alleged theft.
Swartz claimed he had downloaded the scholarly documents in JSTOR solely to make them available for free to everyone on the Internet.
His death galvanized calls for a review of the use of the CFAA by federal authorities. Many blamed prosecutors for harassing Swartz and for trying to scare him into making a plea deal by hitting him with charges that carried long prison sentences. S
Swartz's family accused prosecutors of intimidation and overreach and asked for an investigation into the government's handling of the case. They have demanded to know the names of all those who were involved in the investigation in order to understand the role that "institutional players" had in Swartz's death.
Several lawmakers have asked the Department of Justice for more information on the Swartz prosecution.
In an affidavit filed last week, Jack Pirozzolo, first assistant U.S. attorney for the District of Massachusetts, said the government agreed in principle to the unsealing of certain documents related to the case in accordance with the demands of Swartz's attorneys and Congress.
However, he argued that the documents be stripped of the names and other identifying information of individuals involved in the case for the sake of their privacy and security.
Pirozzolo claimed that U.S. Attorney Carmen Ortiz, who oversaw the prosecution of the case, and assistant U.S. Attorney Stephen Heymann both received harassing and potentially threatening emails in the weeks and months following Swartz's suicide.
"One such email I have seen states, among other things: ROFLMAO just saw you were totally dox'd over the weekend by Anonymous," Pirozzolo wrote referring to an email allegedly sent to Heymann. "How does it feel to become an enemy of the state? FYI, you might want to move out of the country and change your name."
Pirozzolo noted that Heymann's home address, personal phone number and the names of family members and friends have been posted online and his Facebook page hacked since Swartz's death. He added that Heymann and his father had received postcards with an image depicting a man's head in a guillotine.
Pirozzolo said he had informed Swartz's attorney "that whatever additional public benefit might exist by disclosing certain names was, in this case, outweighed by the risk to those individuals of becoming targets of threats, harassment and abuse."
A similar motion filed by MIT noted that the university had no objection to certain documents being unsealed so long as it was given a chance to redact them first to protect "the privacy and safety" of members of the MIT community. The university said it also wanted to redact some information to prevent the disclosure of MIT network vulnerabilities to the public.
Kevin Guthrie, the president of Ithaka Harbors, called on the court to protect the identity of the company's employees. "A number of events since Mr. Swartz's death have caused JSTOR and our employees to be concerned for their safety and privacy," Guthrie said in an affidavit last week.
He pointed to the hacking of MIT's website and the site of the U.S. Sentencing Commission by those protesting Swartz's death as examples of the fallout from Swartz's death. "We also are aware of public reports of an anonymous call to MIT claiming that a gunman was on the campus to retaliate against people involved in Swartz's case," Guthrie said.
He claimed the company had received several threatening emails and other online messages after Swartz's suicide. "A number of JSTOR personnel have spoken with me to express concern that their safety and privacy could be compromised if their names were released in connection with this matter," he noted.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed. His e-mail address is email@example.com.
Read more about cybercrime and hacking in Computerworld's Cybercrime and Hacking Topic Center.
Join the Computerworld Australia group on Linkedin. The group is open to IT Directors, IT Managers, Infrastructure Managers, Network Managers, Security Managers, Communications Managers.
- Cost of a Privacy Act breach could extend to ongoing audits: legal expert
- How Hunter Water is saving $50k a year in software licences
- NSW government invites registrations for ServiceFirst contract
- Audit agency does BYOD with BlackBerry
- Telstra breached privacy of over 15k customers: Privacy Commissioner
Cost of a Privacy Act breach could extend to ongoing audits: legal expert
If you haven't retired Windows XP and haven't been fired yet, get busy
Turnbull asks how the NBN got that way
Turnbull asks how the NBN got that way
Vodafone launches smartphone app for encrypted calls