Report to the President, MIT and the
|Back to top|
In brief, among our more significant findings are the following:
1. Until the arrest in January 2011, MIT was unaware that the person who engaged in the downloading of JSTOR’s data beginning in September 2010 was Aaron Swartz. Until the arrest, MIT’s concern was to stop the use of its network, by an unknown person, to download massive numbers of articles from the JSTOR database, which was in violation of MIT’s licensing agreement with JSTOR and whose scale threatened the operation of the JSTOR network to the extent that JSTOR blocked MIT’s access to JSTOR for three days. When, on the morning of January 4, 2011, MIT’s network personnel located a laptop—covered by a cardboard box and plugged into a router in a basement data closet in a campus building—they were not sure with whom or with what kind of situation they were dealing, and they contacted the MIT Police. For the same reasons, the MIT Police sought forensic assistance from a detective in the Cambridge Police Department who had expertise in computer crime and with whom they had worked repeatedly in the past. The Cambridge detective, who was a member of the New England Electronic Crimes Task Force, responded to the call, accompanied by an agent of the U.S. Secret Service. While the inclusion of the Secret Service agent was not the intention of MIT, it was a recognized possibility. It was not until a few days later, when Aaron Swartz was arrested, that MIT learned the identity of the person involved in the JSTOR downloading. Thus, we find that MIT did not focus on Aaron Swartz at any time during its own investigation of the events that led to his arrest, and that MIT did not intentionally “call in the feds” to take over the investigation.
2. MIT never requested that a criminal prosecution be brought against Aaron Swartz. Early in the prosecution by the U.S. Attorney’s Office in Boston (the “USAO”), MIT adopted a position of remaining neutral, with limited involvement. MIT hired outside counsel who had experience in criminal law and in the functioning of the Boston U.S. Attorney’s Office; and MIT requested and received subpoenas for the production of documents. Some documents were turned over to the USAO prior to receiving a subpoena, but, for the reasons discussed in this report, this production did not violate federal laws.
3. In keeping with its stance of neutrality, MIT never issued a public statement about Swartz’s prosecution or advocated publicly on his behalf, even though doing this was urged by Aaron Swartz’s family and legal team and by two members of the faculty. One of the reasons for MIT’s silence was the good- faith belief, based on private conversations with the lead prosecutor, that the Institute’s opinion would have no effect on the prosecution, and that public statements might make circumstances worse for Aaron Swartz. MIT did inform the prosecution that it was not seeking punishment for Swartz, and it did inform the defense that it was not seeking any civil remedy from him.
4. Before Aaron Swartz’s suicide, the MIT community paid scant attention to the matter, other than during the period immediately following his arrest. Few students, faculty, or alumni expressed concerns to the administration. In preserving MIT’s stance of neutrality and limited involvement, MIT decision- makers did not inquire into the details of the charges until a year after the indictment, and did not form an opinion about their merits. MIT took the position that U.S. v. Swartz was simply a lawsuit to which it was not a party, although it did inform the U.S. Attorney’s Office that the prosecution should not be under the impression that MIT wanted jail time for Aaron Swartz. (MIT did not say it was actually opposed to jail time.) Among the factors not considered were that the defendant was an accomplished and well-known contributor to Internet technology; that the Computer Fraud and Abuse Act is a poorly drafted and questionable criminal law as applied to modern computing, one that affects the Internet community as a whole and is widely criticized; and that the United States government was pursuing an overtly aggressive prosecution. MIT’s position may have been prudent, but it did not duly take into account the wider background of information policy against which the prosecution played out and in which MIT people have traditionally been passionate leaders.
Part I of this review recounts the actions MIT took from the first discovery of the downloading up to the time of Aaron Swartz’s arrest. Part II reviews actions after the arrest by those involved other than MIT, in order to set the context for Part III, which describes MIT’s own decisions and conduct between the arrest and the death of Aaron Swartz. Part IV highlights some of the options that MIT faced throughout this history. Part V provides some questions for the MIT community that the review panel believes should be starting points for discussion within MIT.
It was not part of our charge in this review to draw conclusions, but rather to determine facts and to consider what can be learned from this tragedy. Part V accordingly poses questions, not answers. These questions are for everyone at MIT, not just the Institute’s leadership. They concern the kind of community that MIT is and the kind of community it could become. The questions reflect not only the particular events of the Aaron Swartz case, but also the overall Institute circumstances and climate in which the events occurred. The most difficult questions challenge us to become better at negotiating the tension between prudence and passion, as great institutions must.
*The Review Panel realizes that there has been significant controversy surrounding the events described in this report. We appreciate that many of the people involved have legitimate concerns about their privacy and their security, and we know that some have even been personally threatened. Consequently, our report generally does not identify individuals by name. Many of these individuals have already been identified in court filings and other public documents, and we are fully aware that their names are readily discoverable on the Internet. Even so, we see no need to further erode their personal privacy. So as a rule, people in this report are identified by their role or position rather than by name. There are a few exceptions. In cases where including their names makes the narrative more understandable, we’ve named public officials—such as prosecutors, detectives, federal agents, judges, or police officers whose role in the events has already been described in public court filings. For some people actively involved in the events described, such as defense counsels for Aaron Swartz, we have used their names with their permission to do so. We have also named some people whose connections are only tangential to the events described in the report without having sought permission.
Cambridge, MA July 26, 2013
Peter A. Diamond
[Editor’s Note: The entire report can be viewed at: swartz-report.mit.edu/docs/report-to-the-president.pdf.]
|Back to top|
|Send your comments|
|home this issue archives editorial board contact us faculty website|