|Even internet giant Google is opposed to the SOPA legislation, which has been recently suspended [GALLO/GETTY]|
Editor’s note: This article was first posted by Professor Zittrain on his blog Future of the Internet on December 2, 2011. Even with President Obama’s threat of veto, the bill may resurface in Congress at a later date. The following article gives a highly detailed breakdown of the bill and how it will affect the nature and use of the internet.
Cambridge, Massachusetts – This article is a guide to the Stop Online Piracy Act as proposed in the United States House of Representatives. Stop Online Piracy Act (SOPA), HR 3261, 112th Cong. (2011). It represents our notes as we sought to understand exactly what it does and how it does it – along with our corresponding sense for why its principal mechanisms make for poor law. Our aim is for this analysis to be useful to anyone wanting to understand the act – whatever their point of view may be on technology or intellectual property policy.
According to its advocates, SOPA will strengthen copyright in the United States by establishing a number of public and private tools to hinder infringement by international “rogue” sites previously unreachable by US law. The act also includes a number of independent provisions targeting the sale and dissemination of prescription drugs and military materials and equipment.
1. Copyright enforcement against websites, foreign & domestic
The bulk of SOPA is a set of public and private mechanisms intended to give US copyright holders tools to combat offshore infringers. The attorney general’s office, when armed with a court order (the granting of which doesn’t appear to have a standard beyond the act’s definitions – the court “may” grant an order when requested (Id., at § 102(c)), and will be able to demand the elimination of access and funding to infringing sites on behalf of copyright holders. When acting alone, copyright holders can use these mechanisms to cut off funding.
Public remedies (HR 3261, 112th Cong. § 102 (2011))
SOPA gives tools to the US attorney general to combat “foreign infringing sites”. (Id., at § 102). The definition of this term is unusual; a site with a domain name registered outside the US (eg through a non-US domain name registrar) seems to count as “foreign”, even if it’s run by an US company and hosted on US soil (Id., at § 101(5)-101(8)). As an initial matter, the site must be “US directed”, although virtually all sites not actively blocking US IPs would fall under this category. (See id. at § 102(a)(1)).
Infringement does not need to be direct, and instead, may be imputed on sites that merely “facilitat[e] the commission” of copyright infringement (Id. at § 102(a)). The order can ask the operator of the targeted site to “cease and desist from undertaking any further activity as a foreign infringing site” (Id. at § 102(b)(5)), and then the attorney general can send additional copies of the order to “similarly situated entities” with permission of the court – that is, others can fall under the court’s power without previously having been given notice of a proceeding against them (Id. at § 102(c)(1)).
But these provisions are likely not the real force of the law, as fully overseas infringing sites may try to ignore a US court order. The law’s real force is focused domestically. Once a foreign infringing site has been made the subject of a court order, the attorney general may apply the court order, not only at the site, but at US companies that occupy the space between the infringing site and the end user’s browser – specifically, service providers, search engines, payment network providers, and advertising networks (Id. at § 102(c)(2)).
The court order may require these entities to take all “technically feasible and reasonable measures” to prevent access or payments to foreign infringing sites. Those intermediaries would, it appears, not have been given notice or otherwise involved in the proceeding by which the attorney general obtained the original order that would then bind them.
There are a number of specifics mentioned in the bill as “technically feasible and reasonable measures”. (HR 3261 at § 102(c)). For service providers, this includes “measures designed to prevent the domain name of the foreign infringing site (or portion thereof) from resolving to that domain name’s IP address” (Id. at § 102(c)(2)(A)(i)).
DNS blocking is one of the techniques that China uses to prevent access to dissident websites, and has serious technical ramifications. Sandia National Laboratories published a letter, after being asked for comment, characterising the proposed DNS filtering as “whack-a-mole”. ISOC also released a paper detailing how DNS blocking would undermine the internet architecture. Under a SOPA-based order, internet search engines are to prevent an allegedly infringing site from being served to users as a direct hypertext link (Id. at § 102(c)(2)(B)).
Payment providers (such as MasterCard or PayPal) must stop completing payment to the payment account used by the site (Id. at § 102(c)(2)(C)). Finally, advertisers must complete three separate actions: cut off any ads that they were serving to the site, cut off any advertisements for the site served on other websites, and finally, cut off payments stemming from advertisements (Id. at § 102(c)(2)(D)).
SOPA critics point to the vagueness of the phrase “technically feasible and reasonable measures” when questioning the burden the act will place on intermediaries. An elephant in the room is whether this requirement would necessitate active monitoring of all content to prevent access to previously noticed infringing sites and/or content.
It is notable that payment providers and advertising companies alone are explicitly exempt from having a “duty to monitor” future infringing activity (HR 3261 at 102(c)(2)(D)(ii)). The act is silent on whether service providers and search engines have a duty to monitor, which, by implication, may be said (and surely would be argued) to render such a duty.
SOPA encourages such a broad reading by granting immunity to parties who act to limit access to copyrighted materials and by reserving the possibility of litigation for parties that fail to act (See id. at § 102(c)(5)(A)). The attorney general may bring an action for injunctive relief – essentially a further court order – against third parties for not complying with the first court order (Id. at § 102(c)(4)(A)(i)).
Injunctive relief may also be sought against any entity that provides a product or service designed (or marketed) to circumvent the procedures proposed under SOPA. Relief is to be limited to injunctive mechanisms, and SOPA by itself does not appear to impute infringement on a non-complying service provider, search engine, or payment network.
Still, when faced with immunity for action or litigation against the Justice Department for inaction, it is plausible that technology companies would be highly motivated to over-censor. Worse, the kinds of circumvention tools supported within human rights communities – and by the US government as part of its internet freedom initiatives against authoritarian censorship – are precisely the tools targeted for elimination under SOPA.
The overwhelming controversy regarding SOPA’s public remedies (that is, those initiated by the attorney general rather than a private party) regards the provision allowing a court to order a service provider – essentially an unwitting middleman – to take all “technically feasible and reasonable measures” to block an infringing site (Id. at § 103).
The act’s most fervent critics often point to this element when stating that SOPA has the potential to kill the internet as we know it, placing the fate of interoperability in the hands of technically unsophisticated judges. Only slightly less fervent critics note that this provision would align US federal internet policy with China and like-minded regimes.
While the current statute is limited to copyright infringement, the concern is that it establishes an architecture for widespread – indeed, nationwide – technical implementations of censorship.
Private remedies (HR 3261, 112th Cong. § 103 (2011))
SOPA further provides what it calls a “Market-Based System to … Protect US Property” (HR 3261 at § 103). This “market-based system” is a private mechanism by which an IP holder can pressure payment network providers and internet advertising services to cease all transactions with “sites dedicated to theft of US property”.
This private remedy does not use the “foreign infringing sites” terminology from the public mechanism (Id. at § 102(a)). Here the ultimate infringers are described as sites “dedicated to theft of US property” (Id. at § 103).
The statutory definition goes beyond what the label colloquially suggests. For example, a site may be branded as “dedicated to theft of US property” if it simply “is taking, or has taken, deliberate actions to avoid confirming a high probability” of the use of the site for copyright infringement (Id. at § 103(a)(ii)).
A US copyright holder can therefore approach a payment processor or advertising network and demand that it do whatever is technically feasible and reasonable to prevent and block sites it deems “dedicated to theft of US property” (Id. at § 103). Unlike in the public remedy, the copyright holder can only seek to cut off payments from payment providers and advertisers.
The threshold for a private corporation giving such a notice is presumably lower than the court order standard in the public remedy. As such, this is arguably SOPA’s most powerful element and one positioned to be applied in a particularly over-broad way.
Under the Digital Millennium Copyright Act of 1998, which has an analogous private system of notice-and-takedown, there are countless well-intentioned actors, yet some rights-holders have nonetheless over-reached (both intentionally and unintentionally).
Under SOPA, payment and advertising companies will have a tremendous incentive to co-operate with a stream of private requests for reasons such as the inconvenience of, or inability to, evaluate the rights-holders’ claims. Unlike the public remedy, the private remedy allows the alleged infringer to provide counter-notification to the third party, after which the third party can presumably decide whether or not to comply (HR 3261 at § 103(b)(5)).
It is important to note that SOPA provides a cause of action, including attorney’s fees, for parties damaged by a knowing, material misrepresentation made in conjunction with the private enforcement mechanisms’ notice and counter-notice provision. Still, the third party must comply within five calendar days from the initial notice (Id. at § 103(b)).
The turnaround time, taking into account legal advice and the alleged infringer’s counter-notice, is extremely tight. Any intellectual property counsel can attest that those limits will be difficult to navigate, especially without exempting holidays and weekends, which turn out to be when such notices are often sent.
As with the public remedy, the payment and advertising companies are immune from liability if they cut off funding to a site or entity in accordance with SOPA. Should a payment or advertising company not comply, the rights-holder may then seek “injunctive relief” against the non-complying third party (Id. at § 103(c)).
Issues common to both public and private remedies
Industry lobbyists and other supporters argue that SOPA is designed specifically to combat “foreign rogue sites”. The image they draw is of brazenly obviously illegal sharing and downloading, such as The Pirate Bay and its brethren. Yet “foreign infringing sites” and sites “dedicated to the theft of US property” could include almost any website registered outside of the United States that allows user-generated content.
Requiring third parties in the US to take all “technically feasible and reasonable” efforts to block such sites, prospectively in some cases, is equally vague. If this legislation were only aimed at the Pirate Bays of the world, the language could and would be much tighter. In many instances, statutory language is vague for a reason: to afford maximum leverage by one party intent on invoking a law over whoever is subject to the law.
Immunity for voluntary action
Even without instigation by the attorney general or rights-holders, alleged infringers may find their sites blocked and their funding cut off without any sort of due process. SOPA grants payment providers, internet search engines, advertising services, service providers, and domain name registries’ immunity from suit for voluntarily acting in a manner consistent with the public and private mechanisms against a site that they “reasonably believe” is a foreign infringing site or dedicated to the theft of US property (HR 3261 at § 104).
Likewise, payment providers, internet search engines, advertising services, service providers and domain name registries are also not liable for taking action against sites they believe are “endangering public health” (Id. at § 105).
2. “Notorious foreign infringers” and US investors ((HR 3261, 112th Cong. § 107 (2011))
The US IP Enforcement Coordinator, along with various agency heads, will identify “notorious foreign infringers” who are causing “significant harm to holders of IP rights in the US”, soliciting suggestions from the public and rights holders (Id. at § 107(a)(1)).
This information will be made into a report to Congress, which will examine and analyse various methods of combating IP rights violations, including and up to prohibiting such sites from raising capital in the United States (Id. at § 107(b)(5)).
While SOPA does not directly prohibit such investment, the spectre of such a ban may lead to a chill in investor confidence in countless internet startups, even those that may only distantly be thought of as enabling copyright infringement, such as social networks or content creation platforms.
3. Amendments to existing criminal copyright laws
Criminal penalties for streaming (HR 3261, 112th Cong. § 201 (2011))
While most of SOPA’s IP treatment revolves around the third-party-based enforcement mechanisms outlined above, the act also does refine a number of existing IP laws. Most notable among the many changes, SOPA calls for the criminalisation of public performance copyright infringement (HR 3261 at § 201).
This provision is specifically targeted at digital streaming and provides criminal penalties for streaming copyrighted material with ten or more views and a retail value of $2,500 (Id. at § 201(b)). This sweeping and vague change could categorise millions of US computer users as criminals.
Prosecutorial discretion thus determines whether these long prison terms are applied fairly. The colourful advocacy at http://freebieber.org/ is, at its core, pointing out the implications of this inexplicably broad provision: the videos that teenage Justin Bieber posted of himself singing songs by his favourite artists do indeed appear to qualify as felonies under the act. This is a particular irony, since those videos launched Bieber’s career as a musician – exactly the people the act is intended to protect.
Additional criminal penalties (HR 3261, 112th Cong. § 202-203 (2011))
SOPA amends 18 USC. § 2320 to add the importation, export, or participation in the manufacture of counterfeit drugs to the list of criminal activities (Id. at § 202(1)(a)(iii)). It also increases the penalties for the production or distribution of counterfeit products that result in serious bodily harms from twenty years to life in prison (Id. at § 202(2)(a)).
SOPA further increases the penalties for manufacturing or distributing counterfeit goods to the military – or doing so in a way that may harm national security (Id. at § 202(3)).
SOPA also amends 18 USC § 1831(a) to increase penalties for individuals or organisations committing economic espionage (Id. at § 203).
4. Protecting IP rights abroad
In what would potentially be a significant increase in the United States diplomatic corps and its activities, SOPA requires the secretaries of state and of commerce to ensure diplomatic missions or embassies have “adequate resources” to pursue “aggressive support of enforcement action against violations of intellectual property” (HR 3261 at § 205). It would further require the diplomatic corps to make best efforts to see that foreign countries honour existing intellectual property treaties (Id. at § 205(a)(2)).
Under SOPA, special intellectual property attachés hired by the director of the Patent and Trademark Office will work from within embassies or diplomatic missions to advance United States intellectual property policy goals in general and specifically to reduce intellectual property infringement (Id. at § 205(b)).
Others have weighed in on why SOPA makes for poor public policy and is an ill-considered technical intervention. In this paper we’ve hewed closely to simply reviewing it as legal doctrine. On those terms, its vague language and undue granting of law-like powers to private parties without sufficient public protections make it worthy of a firm “no” vote. SOPA is both overly strong and overly broad; overly strong in the collection of remedies provided, and overly broad for the problems it is attempting to take on.
The joint Harvard Law School/Stanford Law School January term course will present its “Ideas for a Better Internet” for a second year on the Stanford campus on the evening of January 17 – if you’re in the Bay area, you are welcome to attend. Reception at 5:30 pm PST, and programme at 6:00 pm. Details available at http://www.i4bi.net.
Jonathan Zittrain is a member of the boards of the Electronic Frontier Foundation and the Internet Society. Both organisations have weighed in on this bill. However, the opinions expressed above are his own.
He is a renowned legal scholar and Professor of law at Harvard Law School and Harvard’s Kennedy School of Government. He is also Professor of Computer Science at the Harvard School of Engineering and Applied Sciences. Professor Zittrain was also a co-founder of the Berkman Center for Internet & Society at Harvard University.
A version of this article first appeared on Future of the Internet.
The views expressed in this article are the authors’ own and do not necessarily reflect Al Jazeera’s editorial policy.