Copyright owners have struggled to find an effective mechanism to fight the wide-scale online piracy of their intellectual property. Understandably, Congress wants to help. Legislation the House is now considering, however, takes a blunderbuss approach that would cripple online innovation, chill online free expression, subvert the inner workings of Internet security, and compromise user privacy. If Congress were to pass the legislation-–and it launched with considerable bipartisan support-–lawful businesses, innovators, and Internet users would end up as collateral damage.
The bill in question is called the Stop Online Piracy Act (SOPA). It would empower the Justice Department to seek court orders compelling a number of third parties-–Internet service providers (ISPs), search engines, financial networks, and ad networks-–to take action to cut off “rogue” websites based outside the United States. It also would give every copyright and trademark owner a mechanism to cut off the financial lifeblood of any site the rights owner thinks is facilitating infringement (or even just not doing enough to ferret it out). A simple allegation submitted to financial and advertising networks would be sufficient to start the process, and a lawsuit could follow if necessary.
What’s wrong with all that? For starters, the bill’s definitions of what constitute “rogue” sites are so broad that they could sweep in all kinds of lawful social networking platforms, cloud storage services, and online communications tools. Any site that allows users to participate by posting, commenting, or uploading material would be at risk of getting entangled in the bill’s wide regulatory net. Indeed, a site could be declared “dedicated to theft” even if it has no intent whatsoever to foster piracy, the site’s principal uses are perfectly lawful, and the site scrupulously removes pirated material when notified about it as directed under the Digital Millennium Copyright Act (DMCA).
Nor does a site have to be located outside the U.S.—and hence beyond the reach of ordinary copyright enforcement lawsuits--to be targeted. Even domestic sites would be at constant risk of allegations by whatever copyright or trademark owners are the most aggressive and litigious.
This would have a tremendous impact on online innovation. Current digital copyright law strikes a careful balance: sites must take swift action when notified of specific illegal activity. In return, they get a predictable legal environment in which they won’t be held liable for infringing activity of their users. This is what has allowed YouTube and other user-generated content sites to flourish.
SOPA would eviscerate that predictable legal environment. It would effectively give every copyright and trademark owner a big club with which to threaten any new technology or feature that it thinks doesn’t do enough to police possible infringing uses. And the history here is instructive: copyright holders have frequently responded to new technologies with legal challenges, from the VCR to the mp3 player and many since.
By effectively painting a big target on the back of online communications platforms, SOPA would chill online expression as well. To protect themselves from the new legal risks, online services and websites would need to build in new capabilities for monitoring and policing user behavior. Newer, smaller online communications tools might be unable to bear the costs of doing that and never get off the ground. Communications that would qualify as “fair use” under copyright law, and anything else with even a whiff of legal uncertainty, would likely get booted from mainstream sites.
Pervasive monitoring would also undermine the privacy of user communications. SOPA would make it very risky for any online service to offer privacy features. Offering any kind of encrypted communications channel would be a non-starter.
Moreover, it isn’t just websites that would be required to police user behavior. The bill ropes in ISPs as well, directing them to “prevent access” to targeted sites. Having ISPs sift through all user traffic requires the same kind of privacy robbing “deep packet inspection” that has proved highly unpopular in the advertising context.
Finally, SOPA directs ISPs to interfere with the Internet’s mechanism for looking up Web addresses. As a tactic for preventing users from accessing piracy sites, that simply won’t work. For example, users would still be able to enter an I.P. address manually or install a browser plug-in that will always know where to look for the site. But messing with the Internet’s address lookup system carries significant technical and cybersecurity consequences.
Beyond all these immediate shortcomings, passage of SOPA would set a dangerous international precedent. It would signal that the United States believes that when governments have a concern that content posted somewhere on the Internet violates domestic law, they should look to online communications platforms as points of control. If other countries follow the U.S. example in pursuit of whatever domestic goals they may have-–be it fighting infringement, hate speech, or political dissent-–it will lead directly to a balkanized Internet.
When the House Judiciary Committee held a hearing on the bill last week, one congressional supporter dismissed the opposition, saying, "The obstinate opposition since the day [SOPA was introduced] is really about the bottom line. Sites that specialize in stolen goods attract lots of users and lots of ads." But that claim rings hollow given the broad array of groups aligned against the bill. And as the hearing cast a spotlight on the issue, the Internet lit up in a major display of grassroots protest.
Congress should heed the warning. Of course reducing online piracy is an important goal. But Congress needs to find ways of pursuing that goal that don’t risk so much collateral damage.