| HN Mirror

>"...[U]nfortunately, from what I've read (particularly what's in the Abelson report, see below), I don't think the DOJ was listening to MIT in this case anyway; the US Attorney's office had its own view of the case and wasn't receptive to alternative views..."

>"I'm also curious what 'involvement with the prosecution' you think MIT had. Have you read the Abelson report? It's quite comprehensive in its treatment of what involvement MIT had at each phase of things."

I'm very skeptical of any internal investigation conducted by an institution that exonerates it from all wrongdoing. While I have tremendous respect for Prof. Abelson as a person and an academic, it was obvious from the outset that he was interested primarily in protecting MIT's reputation rather than seeking the truth. Nor am I the only person that thought so. See e.g. http://business.time.com/2013/07/31/aaron-swartzs-father-bla...

Prof. Abelson began his investigation with an outright statement in The Tech that he didn't expect to find any wrongdoing. That very statement is the hallmark of either an inept or a biased investigator. A true investigator enters his task with no preconception of what its result will be. To do otherwise is to invite confirmation bias.

Universities are places of complex politics. I wouldn't trust any investigation by an employee of the institution under investigation, much less a professor who's beholden to the very administrators he's investigating for funding, offices, and staff.

Also, MIT didn't seek leave merely to redact names of employees, although I see no reason why those who participated in these terrible events should be shielded from public opprobrium, but also any information in which MIT has a privacy interest. For an attorney, what that means is any information that could potentially implicate or even embarrass the university. I stand by my original statements.

I'm very skeptical of any internal investigation conducted by an institution that exonerates it from all wrongdoing.

"Wrongdoing" is a broad term. The report says that MIT did not do anything illegal. It does not say that MIT made no mistakes.

Once again, have you actually read the report? If not, you should do so instead of relying on biased second-hand accounts.

I wouldn't trust any investigation by an employee of the institution under investigation

In other words, you don't think any institution can ever police itself. But the alternative is for it to be policed by...another institution?

This is, of course, the old quis custodiet problem, and it has no guaranteed solution. But I don't see why the default position should be that no institution can police itself. I think we ought to expect institutions to police themselves, and you can't do that if you automatically distrust anything the institution says about itself.

MIT didn't seek leave merely to redact names of employees...but also any information in which MIT has a privacy interest.

Source, please? The only things I'm aware of them asking for are to redact names and identifying information of employees and information about MIT's network vulnerabilities.

I see no reason why those who participated in these terrible events should be shielded from public opprobrium

Even if they were acting reasonably? For example, take the MIT network engineers who noticed the unusual activity and reported it, helped to discover where it was coming from (as in, what device was producing it--the laptop), but had no further part in the proceedings. They are named in the documents. Do they deserve public opprobrium?

The world is not black and white, and people have to try to make reasonable decisions with incomplete information all the time. I will agree that the MIT administration made mistakes (although it's a lot easier to say that in hindsight); but I do not agree that every single person affiliated with MIT who participated at any point in these events acted wrongly and deserves public opprobrium.

http://www.documentcloud.org/documents/729140-mit-motion-to-...

> "'Wrongdoing' is a broad term. The report says that MIT did not do anything illegal. It does not say that MIT made no mistakes.

Once again, have you actually read the report? If not, you should do so instead of relying on biased second-hand accounts."

Yes, I have read the report in detail. To comment without doing so would be irresponsible.

In particular, the portion I, as well as many others including Aaron Swartz's father, take issue with is the section beginning on page 52 entitled "MIT adopts and maintains a posture of neutrality."

MIT in fact began the prosecution through contacting law enforcement, conducted a sting operation by videotaping the wiring cabinet, and most importantly, at every turn chose to escalate the situation rather than see the incident for what it was: a petty experiment. They could have chosen to block his access, or approached him privately. Instead they chose to hand him over to a US attorney's office for prosecution under laws they knew or should have known to be draconian.

>"In other words, you don't think any institution can ever police itself."

That is emphatically not what I said, nor is it an accurate restatement.

I said that I don't trust any internal investigation which exonerates the institution that conducted the investigation. Prof. Abelson began his investigation by stating, "The review will not be a witch-hunt or an attempt to lay blame on individuals. We don’t know what we’ll find as the answers unfold, but I expect to find that every person acted in accordance with MIT policy."

Before he spoke to a single witness, weighed a single piece of evidence, examined a single record, or interviewed a single expert he stated that he expected to find no deviation from policy. That is not the statement of a fair or unbiased investigator.

I place no more stock in his investigation than I would a JP Morgan or Goldman Sachs "investigation" that concluded that they played no role in the mortgage crisis.

Twisting my words to argue against a strawman is facile and does not further the cause of informed debate.

>"Source, please?"

Note the broad claims to protecting employee "privacy." This is about more than redacting a few names, not least because FOIA requires that the names of third parties be redacted anyway.

If redacting names is a requirement of the law, why would MIT need an invented "pre-screening" procedure to ensure names were redacted? The answer is, of course, that they wouldn't.

Never have I seen a private institution intervene in a FOIA request in this manner. This intervention had precisely nothing to do with protecting the privacy of employees, and everything to do with establishing a legal avenue to conceal information MIT found embarrassing.

>"I see no reason why those who participated in these terrible events should be shielded from public opprobrium >>Even if they were acting reasonably? For example, take the MIT network engineers who noticed the unusual activity and reported it, helped to discover where it was coming from (as in, what device was producing it--the laptop), but had no further part in the proceedings. They are named in the documents. Do they deserve public opprobrium?"

No, nor would they receive it. Setting aside that FOIA requires their names be redacted anyway, I trust that sunlight is the best disinfectant, and that public scorn would be heaped upon those that deserve it.

Yes, I have read the report in detail.

Hmm. I'm not sure you read the same report I did.

MIT in fact began the prosecution through contacting law enforcement

Local law enforcement, yes--because, as the report notes, they did not have the in-house expertise to figure out what was going on. MIT did not call in the Secret Service; local law enforcement did. And calling law enforcement to help figure out who is using your network in a way you didn't expect is not the same as beginning a prosecution.

conducted a sting operation by videotaping the wiring cabinet

The cabinet, the room it was in, and the network as a whole were MIT's property. Would you call it a "sting operation" if you put a video camera in your house to figure out who was trying to hook up to your home network?

and most importantly, at every turn chose to escalate the situation rather than see the incident for what it was: a petty experiment.

I strongly disagree with this characterization, and I don't think the report supports it.

They could have chosen to block his access

They did, several times. Each time he changed tactics to circumvent the blockage.

or approached him privately

They couldn't, because they didn't know whom to approach. Swartz was not identified until he was arrested, and even then MIT did not identify him; the Cambridge police did.

Instead they chose to hand him over to a US attorney's office for prosecution

They did no such thing. You are twisting the facts.

I said that I don't trust any internal investigation which exonerates the institution that conducted the investigation.

First of all, as I said before, the report does not "exonerate" MIT. But let's assume for the sake of argument that we are looking at a report by an institution concerning its own conduct which does exonerate it, in all respects.

Second, even on that assumption, what you say here amounts to the same thing I said before: you don't think any institution can police itself. You are basically assuming that, if an investigation is ever started at all, there must have been some wrongdoing, so if the institution doesn't find any wrongdoing, it must be a whitewash. That's equivalent to saying that no institution can ever police itself. (It's also wrong, in my opinion; investigations can perfectly legitimately find that no wrongdoing took place.)

I'm not judging the report by statements made beforehand. I'm judging it on its own merits. I don't think you are doing likewise.

Note the broad claims to protecting employee "privacy"

No, the claims aren't broad, because they specifically say "employee privacy". They do not say, as you implied they did, "anything in which MIT has a privacy interest". That would indeed be very broad, but that's not what MIT requested.

No, nor would they receive it.

Hollow laugh. You have a much greater faith than I do in the public's ability to consider such things rationally, particularly when the public is being inflamed by rhetoric about how the government is being draconian and MIT is aiding and abetting it.

I would debunk this piece by piece, but it's more efficient to make my point with a single example.

>"Local law enforcement, yes--because, as the report notes, they did not have the in-house expertise to figure out what was going on."

Your argument, on Hacker News, which you find perfectly plausible, is that the Massachusetts Institute of Technology lacked sufficient in-house expertise to diagnose a mass download via curl?

Ladies and gentlemen, I rest my case.

to diagnose a mass download via curl

It wasn't the downloading that was hard to diagnose; they figured out pretty quickly what was being downloaded. What caused the difficulty was the tactics that were used to circumvent the normal controls on downloading and usage of the network. I do find it plausible (though very disappointing) that the MIT administration did not have in-house expertise in the low-level diagnosis necessary to deal with that. How familiar are you with MIT?

jack-r-abbit 4688 days ago

Are you completely unaware of the irony in stating your distrust of "any internal investigation conducted by an institution that exonerates it from all wrongdoing" and then pointing to an article about the defendant's father thinking the same thing? Any chance his dad might be less than neutral here as well?

There's another irony here, which is mentioned in that article. The father said that MIT was not neutral, and seems completely unaware that the Abelson report he complains about says the same thing. The report says that MIT adopted a policy of neutrality, but the actual effect of that policy was not neutral; it was biased in favor of the prosecutors and against Swartz. One of the report's recommendations is to reconsider that kind of policy choice.

Of course I distrust his father as well. That's why I want to see the original documents, and make my own conclusions. There's no irony here.

MIT is making a claim that it's report represents the ground truth about the events, an assertion echoed by the previous poster. That claim is dubious, not least because of its provenance.

jack-r-abbit 4688 days ago

Well, you didn't say that initially. You said you didn't trust MIT to properly investigate itself, and to support your opinion you linked to another person with the same opinion. But that person is also someone you don't trust? I'm not sure how that was intended to help you. But that doesn't really matter to me anymore... I've lost interest in your opinion. Sorry.

MIT is making a claim that it's report represents the ground truth about the events

Have you read the report? It documents its sources of information pretty thoroughly. There is certainly enough information there for you to, as you say, read it and draw your own conclusions. That's what I've done.