Dangerous Bill Would Threaten Legitimate Websites

New legislation under consideration in Congress would jeopardize online freedom and creativity

New legislation under consideration in Congress would jeopardize online freedom and creativity


Congress is considering sweeping Internet legislation that purports to target "rogue websites" with the intent of cracking down on the theft of everything from movies to songs to designer handbags. While the goal is laudable, too many innocent websites would wind up in the crosshairs.

These bills (the PROTECT IP Act in the Senate and the Stop Online Piracy Act, or SOPA, in the House) would do more harm than good to cybersecurity, the Internet economy, and online free expression.

SOPA, on which the House Judiciary Committee held a hearing yesterday, casts a net so wide that it would imperil the viability of Internet innovation. It would create two new types of legal action that would put social media and user-generated content sites -- anything from YouTube to Wordpress to Craigslist to Dropbox to some new service that might launch tomorrow -- at risk. First, it would empower the Attorney General to seek court orders against "foreign infringing sites," but this term's definition is so broad that any site with a non-U.S. domain name that allows user-generated content would qualify.

Once the A.G. has obtained a court order, a number of intermediaries could be compelled to take action. If served with a copy of the order,

  • Internet Service Providers would have to prevent access to the site, including not resolving requests for the site's domain name (akin to calling directory assistance for a phone number and getting a false response).
  • Search engines would have to remove links to the site.
  • Payment networks would have to prevent payments to the site from U.S. customers.
  • Advertising networks would have to stop serving ads either on or about the site.

Separately, SOPA would also create a private system for cutting off sites' financial resources.  Payment and ad networks would have to cease doing business with any site -- foreign or domestic -- within five days of receiving an allegation by a rightsholder that the site is "dedicated to theft of U.S. property," using a definition of "dedicated" that has little relation to common usage. If the financial intermediary does not cease doing business with the site, the rightsholder could initiate a private lawsuit against the accused site to compel the intermediary -- and others -- to cut ties.

Domain-name filtering, common to both bills, is an ineffective tool for combating infringement that will cause significant problems for cybersecurity. At the same time, there are myriad ways to get around a domain-name filter, from users' entering a site's I.P. address manually, to simple browser plug-ins that will always know where to look for the site, so the long-term effect on infringement will be minimal. Lastly, since we're talking about whole domains (think of all the individual sites under "blogspot.com"), domain-name filtering is a blunt instrument when surgical precision is called for. It will likely result in blocking lawful expression rather than just infringement.

In addition to domain-name filtering, SOPA would impose an open-ended obligation on Internet Service Providers (ISPs) to prevent access to infringing sites. This means that SOPA would impose an unprecedented responsibility on ISPs to scrutinize and screen all user traffic.  Preventing access to specific sites would require ISPs to inspect all the Internet traffic of its entire user base -- the kind of privacy-invasive monitoring that has come under fire in the context of "deep packet inspection" for advertising purposes.

Beyond the implications of the technical blocking required, SOPA's breathtaking scope would upset the careful balance struck by existing digital copyright law and change the bargain, chilling the growth of social media and forcing sites to adopt a new role as content police.  Even general-purpose social-media sites with no bad intent could be tagged as theft sites "facilitating" infringement -- simply by providing the platforms for users' content.

To protect themselves, platforms of all kinds would be pressured to actively monitor and police user behavior. This new de facto duty to track and control user behavior would significantly chill innovation in social media and undermine social websites' central role in fostering free expression. It would also set the dangerous international precedent that governments seeking to block online content -- be it infringement, or hate speech, or political dissent -- should look to online communications platforms as points of control.

Under SOPA's private notice-and-cutoff system, any online content or communications platform could lose its financial support at the whim of the most litigious rightsholder. Every user-generated content platform, social-media website, or cloud-based storage service would be at constant risk. All it would take would be a single allegation to payment and ad networks that the challenged website is designed in a way that prevents it from sufficiently monitoring users' activity to identify infringement.

The bill would thus eviscerate today's predictable legal environment, subjecting innovators to a new era of uncertainty and risk. User-driven sites have flourished under the Digital Millennium Copyright Act's safe harbor, which clearly defines their legal responsibilities and expressly rejects any obligation to actively track and police user behavior. Under SOPA, that legal predictability would be tossed aside, exposing service providers to constant second-guessing by rightsholders.

Taking careful aim at online intellectual property infringement is one thing, but upsetting the legal balance that has led to more than 10 years of growth in Internet services is another. The current Congressional proposals threaten extensive and unnecessary collateral damage.

Image: Fight for the Future.