Feeds

MIT clears itself of responsibility for Aaron Swartz's prosecution

Father says the university failed its 'moral obligation' to his son

Beginner's guide to SSL certificates

Six months after the suicide of internet activist Aaron Swartz, MIT has released a 182-page report into the university's involvement in his arrest and prosecution, and has determined that it did nothing wrong.

Swartz, who at 14 coauthored the RSS standard, subsequently cofounded Creative Commons and the Reddit online community, and is a recent inductee to the Internet Hall of Fame, was found hanging in his New York apartment in January, weeks before he was due for court hearings on 13 felony charges relating to his use of MIT's network to download 4.8 million papers from the JSTOR academic database.

"MIT did not 'target' Aaron Swartz, we did not seek federal prosecution, punishment or jail time, and we did not oppose a plea bargain," said MIT president Rafael Reif in a statement, although he did add the university would be reviewing its policies.

The report, prepared by MIT computer science professor Hal Abelson, economics professor and Institute professor emeritus Peter Diamond, and Washington attorney Andrew Grosso, has taken so long because it's based on the detailed examination of over 10,000 documents and many personal interviews, the authors said.

They found that the university had maintained a policy of strict neutrality, and did not attempt to influence the prosecution of Swartz by federal authorities. It also notes that "Swartz was neither a member of the MIT staff, nor an enrolled student nor alumnus, nor a member of the faculty."

But the report has angered Swartz's father, himself a member of MIT's Media Lab. In a statement to The Register, he said the report showed that MIT handed over information to the prosecution without subpoena warrant (a courtesy not extended to Swartz's defense team), and withheld information and witness lists that were handed to government investigators.

"Having now read Abelson's report, it is clear that MIT in fact played a central role in Aaron's suicide," Robert Swartz said. "MIT made numerous mistakes that warrant further examination and significant changes. MIT was not neutral in the legal case against Aaron. Whether MIT was neutral or not is a red herring: the university had a moral obligation to advocate on Aaron's behalf."

Who called whom?

The report details how MIT was initially contacted by research archive JSTOR because of a server-crashing number of downloads being requested by MIT's network. The requests appeared to stop after a while, but JSOTR got back in touch when it became apparent that the request frequency had been slowed and 4.8 million articles had been copied.

Trying to trace the source, the university's IT staff found a laptop in a cardboard box in one of their network rooms and called MIT police, who determined they didn't have the skills to handle it. They called the local Cambridge police, and a local detective arrived with a Secret Service and an officer from the Boston Police Department in tow.

The Secret Service agent tried and failed to copy the hard drive, so the laptop was fingerprinted and a camera was installed to monitor it. Just half an hour later someone did come in and swap out the laptop hard drive, but then left before MIT police could arrive.

A second visit was noted two days later, and this time an off-duty MIT police officer was in an unmarked police car that just happened to be near the building. He had a still image of the laptop's visitor, saw a cyclist matching the picture, and stopped him for questioning.

The report says the cyclist was Swartz, who ran away when questioned but was later apprehended by the policeman and a colleague. He refused to answer questions, so the local police were called and he was taken away to be charged. MIT did not ask for charges to be brought, the report states, and JSTOR didn't wish to either. But the US Department of Justice had other ideas.

US attorney Carmen Ortiz and her assistant Stephen Heymann used the provisions of the Computer Fraud and Abuse Act to rack up 13 felony charges against Swartz that would have seen him behind bars for a maximum of 35 years and facing $1m in fines. Swartz, 26, committed suicide shortly before hearings began.

Two charges of misconduct have since been filed against Heymann, but Ortiz has defended her handling of the case, saying that her "office's conduct was appropriate in bringing and handling this case." She said that the prosecution was only planning to ask for six months in prison, and had no intention of asking for a maximum sentence, particularly as it was clear Swartz wasn't harvesting the JSTOR archives for personal gain.

You can't be neutral on a moving train

Harvard law professor Lawrence Lessig, who was a close friend of Swartz, said that MIT's report showed the "emptiness in the concept of 'neutrality'," and in fact shows the extent to which the university's lack of action doomed Swartz to prosecution.

"'Neutrality' is one of those empty words that somehow has achieved sacred and context-free acceptance – like 'transparency', but don't get me started on that again," he writes. "But there are obviously plenty of contexts in which to be 'neutral' is simply to be wrong."

The lynchpin of the government's case against Swartz was that he had unauthorized access to MIT's network. But, he says, the report states that MIT never told police of federal prosecutors if Swartz wasn't authorized to use the network, and apparently didn't even bother to decide this itself.

The report does note that had Swartz asked for access in the usual way he would have been granted it under the terms of MIT's open guest policy for network use and, "it might be argued that Aaron Swartz accessed the MIT network with authorization." The university neglected to mention this to the either prosecution or defense teams, however.

"If indeed MIT recognized this, and didn't explicitly say either privately or publicly that Aaron was likely not guilty of the crime charged, then that failure to speak can't be defended by the concept of 'neutrality'," Lessig concludes. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
The 'fun-nification' of computer education – good idea?
Compulsory code schools, luvvies love it, but what about Maths and Physics?
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
Lords take revenge on REVENGE PORN publishers
Jilted Johns and Jennies with busy fingers face two years inside
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Yes, yes, Steve Jobs. Look what I'VE done for you lately – Tim Cook
New iPhone biz baron points to Apple's (his) greatest successes
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.