Stop the Stop Online Piracy Act!

by on November 1, 2011 · 4 comments

For CNET today, I have a long analysis and commentary on the “Stop Online Piracy Act,” introduced last week in the House. The bill is advertised as the House’s version of the Senate’s Protect-IP Act, which was voted out of Committee in May.

It’s very hard to find much positive to say about the House version. While there’s considerable evidence its drafters heard the criticisms of engineers, legal academics, entrepreneurs and venture capitalists, their response was unfortunate.

Engineers pointed out, for example, that court orders requiring individual ISPs to remove or redirect domain name requests was a futile and dangerous way to block access to “rogue” websites. Truly rogue sites can easily relocate to another domain, or simply have users access them with their IP address and bypass DNS altogether.

There are millions of DNS servers, according to Verisign, so getting all of them to make the change would be impossible, splintering the system. And redirecting DNS requests is some sense introducing a bug in the system, one that is inconsistent with upcoming security measures aimed at protecting users from being hijacked.

But all the drafters of SOPA seemed to have heard was the part about “futile.” Their response has been to make the DNS provisions vaguer and more open-ended, in hopes that whatever mechanisms the rogue sites come up with to evade the law will also be illegal.  Blocking is now extended not just to “parasite” sites but to a “portion thereof,” for example.

And the Attorney General can now apply for injunctive relief against any “entity” that provides “a product or service designed or marketed for the circumvention or bypassing of measures” taken in response to an earlier court order.

Similar efforts are found throughout SOPA, particularly in the felony streaming provision, and the private right of action (or what the bill calls the “market-based system”) for private enforcement of copyright and trademark abuses.  Where clarity isn’t possible, the drafters have opted for vagueness, open-ended definitions, and hedges.  Even the term “including” is defined, to be clear that it means “including but not limited to.”

The point to criticism of Protect-IP was instead that it was impossible to regulate technology that is changing so quickly, and that any effort to do so would only prove obsolete on arrival.  As previous efforts from CAN-SPAM to ECPA and back make clear, you cannot future-proof legislation aimed at specfiic features of emerging technologies.

That, unfortunately, is exactly what SOPA tries to do.  And beyond making the legislation clumsy and imprecise, the intentional vagueness greatly increases the potential for unintended consequences.  I describe several unintentionally dangerous examples from SOPA in the CNET piece; other analysts have done the same in pieces listed at the end of this post.

Two good things I found in the 79-page draft:

1.  The failure of Protect-IP to define “nonauthoritative domain name server” has been addressed.  That term is now defined, and the definition looks correct to me.

2.  SOPA recognizes, at least, the better approach to solving the problem of foreign websites that blatantly violate copyright and trademark.  Near the back, Section 205 calls on the State and Commerce Departments to make enforcement of existing international law and treaties regarding information products and services a priority.  This includes the assignment of new attaches dedicated to information products.

Would that SOPA started and ended with this provision, there would be little basis to fault its drafters.  If the problem SOPA is attempting to solve, after all, is the scourge or foreign websites that distribute movies, music, and counterfeit goods without a license (often pretending to be legitimate), then surely the solution is one of foreign and trade policy and not micromanaging Internet protocols.

Instead, we have a bill that treats all U.S. consumers as guilty until proven innocent, and hands Hollywood the keys to the inner workings of the Internet.  Just what they’ve always wanted.

 

Worth reading:

 

  • http://srynas.blogspot.com/ Steve R.

    Hey, I can agree with the conclusion! I have had a long term difficulty reconciling the goal of the TLF to keep politicians out of regulating technology while seeing that many of the posts have unfortunately been in favor of increased legislation that is clearly biased towards protecting businesses at the expense of the consumer.

    An issue of particular concern, that seems to have failed to surface, is third party responsibility. For example: “Engineers pointed out, for example, that court orders requiring individual ISPs to remove or redirect domain name requests was a futile and dangerous way to block access to “rogue” websites.”(emphasis added) I fail to understand how some entities seem to believe that an  ISP can be forced to intercede in a transaction between two parties. That raises concerns related to snooping and due process without appropriate judicial oversight. 

    Fundamentally it should be wrong for one person (“A”) in a transaction to go directly to the middleman (ISP) and demand that the other party (“B”) be deprived for whatever reason that “A” asserts. Essentially this forces the ISP to act as a private police force for “A” were “B” is deprived of any defense. Given the fact that some seem to believe that ISP can be forced to act as a private police force for the benefit on one party to a transaction, our economic system is moving away from the free-market and towards corporatism.

  • http://techliberation.com/author/berinszoka/ Berin Szoka

    It really pains me to say it, Steve, after you’ve spent so much time relentlessly heckling us here at the TLF and giving us so little credit for our shared skepticism about regulation, but… well said.  

  • http://srynas.blogspot.com/ Steve R.

    Thank-you very much.  I have enjoyed reading your posts.

  • Pingback: The Stop Online Piracy Act: A Blacklist by Any Other Name Is Still a Blacklist « News Worldwide

Previous post:

Next post: