In the ongoing debate over SOPA, PIPA, and rogue websites legislation, most commentators have focused on what Congress should and shouldn’t do to combat these sites. Less attention, however, has been paid to the underlying assumption that these rogue websites represent a public policy problem. While no one has defended websites that defraud consumers by deceptively selling them fake pharmaceuticals and other counterfeit goods, many consumers who frequent “rogue websites” do so for the express purpose of downloading copyright infringing content.

As Julian Sanchez explains over on Cato-at-Liberty, how the latter category of rogue websites (including The Pirate Bay and, until last week, MegaUpload) affects the U.S. economy and social welfare is hotly contested in the economic literature:

[I]t’s become an indisputable premise in Washington that there’s an enormous piracy problem, that it’s having a devastating impact on U.S. content industries, and that some kind of aggressive new legislation is needed tout suite to stanch the bleeding. Despite the fact that the [GAO] recently concluded that it is “difficult, if not impossible, to quantify the net effect of counterfeiting and piracy on the economy as a whole,” our legislative class has somehow determined that . . . this is an urgent priority. Obviously, there’s quite a lot of copyrighted material circulating on the Internet without authorization, and other things equal, one would like to see less of it. But does the best available evidence show that this is inflicting such catastrophic economic harm—that it is depressing so much output, and destroying so many jobs—that Congress has no option but to Do Something immediately? Bearing the GAO’s warning in mind, the data we do have doesn’t remotely seem to justify the DEFCON One rhetoric that now appears to be obligatory on the Hill. The International Intellectual Property Alliance . . . actually paints a picture of industries that, far from being “killed” by piracy, are already weathering a harsh economic climate better than most, and have far outperformed the overall U.S. economy through the current recession.

Julian makes several great points, and his essay is well worth reading in its entirety.

Nevertheless, in my view, rogue websites dedicated to the infringement of U.S. copyrights pose a public policy problem that merits not only serious congressional attention, but also prompt (albeit prudent) legislative action. While I’m relieved that the flawed SOPA and PIPA bills seem unlikely to pass in their current forms, I also think it would be unwise for Congress to dither on rogue sites legislation for years in search of “credible data” about how such sites impact our economy.

Why am I urging policymakers act without “all the facts?” Two reasons. First, I’m quite skeptical that we’ll obtain anything resembling dispositive data on the question of how rogue websites impact consumer welfare in the foreseeable future. Countless academics have spent years seeking to understand how often consumers download content on rogue websites, how frequently consumers substitute unlawful content for the lawful kind, and the extent to which copyright infringement indirectly benefits creators by inducing greater overall content consumption. Yet reliable data on these topics remains the stuff of dreams.

Second, the ease with which U.S. consumers can and do access near-perfect infringing copies of movies, songs, television shows, and video games gives rise to a reasonable presumption that we’d probably be better off if Congress were to throw up at least some carefully-constructed roadblocks to obstruct rogue sites. That’s because if such roadblocks are erected, the consumers most likely to shift from unlawful to lawful consumption of content are also the same consumers who are most likely to benefit social welfare (and the U.S. economy) if they pay more for the content they value and enjoy.

Imagine two hypothetical “pirates” (or users who frequently infringe on copyrighted works, if you prefer less loaded terminology). Pirate #1 is a broke college sophomore with a subsidized ultra-fast broadband connection and eons of spare time on his hands. While this pirate lacks the disposable income to pay for content at virtually any price, he’s perfectly willing to spend hours on end sitting hunched over a laptop in his dorm room scouring various Web forums for links to his favorite TV shows and movies, most of which are available unlawfully on cyberlockers, Bittorrent, Usenet, etc.

Pirate #2 is a 30-something, tech-savvy mid-career IT professional with plenty of disposable income. Even though he owns a Blu-ray player and could afford to buy or rent several discs per month, he instead opts to download Blu-ray image files on his 50Mbps Verizon FiOS connection and watches them on a laptop hooked up to his high-def television. Using his Mastercard, he spends $10 a month to subscribe to a popular Seychelles-based content search website that enables him to find picture-perfect movie rips in seconds. Although he has the means to pay for content, he sees no reason to bother with physical discs, DRM, and platform restrictions given that pirated content is so much cheaper, and virtually as accessible. While he ultimately purchases some of the content he acquires unlawfully, attending the occasional live concert and theatrical performance, he only does so occasionally. He has few moral qualms about his behavior; with millions of other consumers paying for the content he enjoys, what difference can one more legitimate purchaser make? (Julian correctly observes that some individuals who “sample” music through illicit outlets ultimately spend more money on artists because they’re more likely to attend live performances. However, given the growing prevalence of free and lawful sources of music “samples,” and considering that piracy’s effects on creators of other types of content (e.g. movies, TV shows, video games) is far less ambiguous, the “file sharing actually benefits artists” hypothesis is hardly persuasive).

Turning back to the issue of rogue sites legislation, a law that serves only to make it impossible for Pirate #1 (and the millions in America like him) to access infringing content won’t do anybody much good. Content creators won’t get paid more, as Pirate #1 has no money, while the aggregate utility society derives from artists’ expressive works will decrease. Instead of enjoying movies and music acquired unlawfully, Pirate #1 will simply find another, presumably inferior, way to spend his free time. It’s a no-win situation.

But a law that makes it impossible for Pirate #2 (and the millions like him) to access infringing content would almost certainly benefit content creators — and society at large. No longer able to download movies, TV shows, and video games illegally, Pirate #2 might consume less overall content, but he’ll also pay for a lot more lawfully-acquired content. He’ll spend less of his disposable income on goods and services other than content, meaning some legitimate businesses will experience a decline in revenue. But since Pirate #2′s overall spending habits will more closely match his true consumption preferences, society’s aggregate resources will likely end up being allocated more efficiently than before .

The virtue of a “follow the money” approach to rogue websites is that it’s likely to curb piracy by users like Pirate #2, who are already willing and able to pay for legitimate content. Users who have a credit card and use it to pay for infringing content — or for services that facilitate access to infringing content — presumably have at least some disposable income to spend on expressive works. While rogue websites legislation is likely to leave many, if not most, websites that facilitate piracy unaffected, disabling U.S. payment services from doing business with a handful of especially popular offshore piracy sites will frustrate users. Many of these users will simply seek out alternatives, but some users will give up and “go legitimate.” By driving piracy further underground, such a law might cause users like Pirate #1 to spend more of their relatively worthless time seeking out infringing content. But this is the Internet we’re talking about; the determined user will find what he seeks, no matter the roadblocks lawmakers throw up.

Whether a targeted law aimed at combating offshore rogue sites’ revenue sources would, on net, measurably benefit the U.S. economy is far from certain. But even a law that has greater-than-even odds of improving aggregate social welfare by the equivalent of a few hundred million dollars amounts to a step in the right direction. In a world of uncertainty, we all make decisions with harshly limited knowledge every day. All else equal, making highly-informed decisions is vastly superior to educated guesses, but educated guesses are often the best feasible option.

In an ideal world, of course, Congress would be focused on far more crucial legislative priorities than combating rogue websites, such as solving the entitlement mess, fixing America’s overly litigious legal system, reining in the ever-growing regulatory state, and even reforming the Copyright Act to reduce the insanely long term of copyright protection. But given that both the House and Senate Judiciary Committees, which handle copyright legislation, seem more focused on undermining our liberty and prosperity than on enhancing it — from data retention to employment verification mandates to the PATRIOT Act renewal — passing a consensus rogue websites bill may be the best of all feasible outcomes this session of Congress.

If lawmakers act swiftly but carefully — holding a handful of additional hearings, focusing on crafting legislation that Silicon Valley can tolerate (if not embrace), and emphasizing a transparent process — there may still be hope for prudent rogue websites legislation this session. And that could be a good thing.

By Berin Szoka, Geoffrey Manne & Ryan Radia

As has become customary with just about every new product announcement by Google these days, the company’s introduction on Tuesday of its new “Search, plus Your World” (SPYW) program, which aims to incorporate a user’s Google+ content into her organic search results, has met with cries of antitrust foul play. All the usual blustering and speculation in the latest Google antitrust debate has obscured what should, however, be the two key prior questions: (1) Did Google violate the antitrust laws by not including data from Facebook, Twitter and other social networks in its new SPYW program alongside Google+ content; and (2) How might antitrust restrain Google in conditioning participation in this program in the future?

The answer to the first is a clear no. The second is more complicated—but also purely speculative at this point, especially because it’s not even clear Facebook and Twitter really want to be included or what their price and conditions for doing so would be. So in short, it’s hard to see what there is to argue about yet.

Let’s consider both questions in turn.

Should Google Have Included Other Services Prior to SPYW’s Launch?

Google says it’s happy to add non-Google content to SPYW but, as Google fellow Amit Singhal told Danny Sullivan, a leading search engine journalist:

Facebook and Twitter and other services, basically, their terms of service don’t allow us to crawl them deeply and store things. Google+ is the only [network] that provides such a persistent service,… Of course, going forward, if others were willing to change, we’d look at designing things to see how it would work.

In a follow-up story, Sullivan quotes his interview with Google executive chairman Eric Schmidt about how this would work:

“To start with, we would have a conversation with them,” Schmidt said, about settling any differences.

I replied that with the Google+ suggestions now hitting Google, there was no need to have any discussions or formal deals. Google’s regular crawling, allowed by both Twitter and Facebook, was a form of “automated conversation” giving Google material it could use.

“Anything we do with companies like that, it’s always better to have a conversion,” Schmidt said.

MG Siegler calls this “doublespeak” and seems to think Google violated the antitrust laws by not making SPYW more inclusive right out of the gate. He insists Google didn’t need permission to include public data in SPYW:

Both Twitter and Facebook have data that is available to the public. It’s data that Google crawls. It’s data that Google even has some social context for thanks to older Google Profile features, as Sullivan points out.

It’s not all the data inside the walls of Twitter and Facebook — hence the need for firehose deals. But the data Google can get is more than enough for many of the high level features of Search+ — like the “People and Places” box, for example.

It’s certainly true that if you search Google for “site:twitter.com” or “site:facebook.com,” you’ll get billions of search results from publicly-available Facebook and Twitter pages, and that Google already has some friend connection data via social accounts you might have linked to your Google profile (check out this dashboard), as Sullivan notes. But the public data isn’t available in real-time, and the private, social connection data is limited and available only for users who link their accounts. For Google to access real-time results and full social connection data would require… you guessed it… permission from Twitter (or Facebook)! As it happens, Twitter and Google had a deal for a “data firehose” so that Google could display tweets in real-time under the “personalized search” program for public social information that SPYW builds on top of. But Twitter ended the deal last May for reasons neither company has explained.

At best, therefore, Google might have included public, relatively stale social information from Twitter and Facebook in SPYW—content that is, in any case, already included in basic search results and remains available there. The real question, however, isn’t could Google have included this data in SPYW, but rather need they have? If Google’s engineers and executives decided that the incorporation of this limited data would present an inconsistent user experience or otherwise diminish its uniquely new social search experience, it’s hard to fault the company for deciding to exclude it. Moreover, as an antitrust matter, both the economics and the law of anticompetitive product design are uncertain. In general, as with issues surrounding the vertical integration claims against Google, product design that hurts rivals can (it should be self-evident) be quite beneficial for consumers. Here, it’s difficult to see how the exclusion of non-Google+ social media from SPYW could raise the costs of Google’s rivals, result in anticompetitive foreclosure, retard rivals’ incentives for innovation, or otherwise result in anticompetitive effects (as required to establish an antitrust claim).

Further, it’s easy to see why Google’s lawyers would prefer express permission from competitors before using their content in this way. After all, Google was denounced last year for “scraping” a different type of social content, user reviews, most notably by Yelp’s CEO at the contentious Senate antitrust hearing in September. Perhaps one could distinguish that situation from this one, but it’s not obvious where to draw the line between content Google has a duty to include without “making excuses” about needing permission and content Google has a duty not to include without express permission. Indeed, this seems like a case of “damned if you do, damned if you don’t.” It seems only natural for Google to be gun-shy about “scraping” other services’ public content for use in its latest search innovation without at least first conducting, as Eric Schmidt puts it, a “conversation.”

And as we noted, integrating non-public content would require not just permission but active coordination about implementation. SPYW displays Google+ content only to users who are logged into their Google+ account. Similarly, to display content shared with a user’s friends (but not the world) on Facebook, or protected tweets, Google would need a feed of that private data and a way of logging the user into his or her account on those sites.

Now, if Twitter truly wants Google to feature tweets in Google’s personalized search results, why did Twitter end its agreement with Google last year? Google responded to Twitter’s criticism of its SPYW launch last night with a short Google+ statement:

We are a bit surprised by Twitter’s comments about Search plus Your World, because they chose not to renew their agreement with us last summer, and since then we have observed their rel=nofollow instructions [by removing Twitter content results from "personalized search" results].

Perhaps Twitter simply got a better deal: Microsoft may have paid Twitter $30 million last year for a similar deal allowing Bing users to receive Twitter results. If Twitter really is playing hardball, Google is not guilty of discriminating against Facebook and Twitter in favor of its own social platform. Rather, it’s simply unwilling to pony up the cash that Facebook and Twitter are demanding—and there’s nothing illegal about that.

Indeed, the issue may go beyond a simple pricing dispute. If you were CEO of Twitter or Facebook, would you really think it was a net-win if your users could use Google search as an interface for your site? After all, these social networking sites are in an intense war for eyeballs: the more time users spend on Google, the more ads Google can sell, to the detriment of Facebook or Twitter. Facebook probably sees itself increasingly in direct competition with Google as a tool for finding information. Its social network has vastly more users than Google+ (800 million v 62 million, but even larger lead in active users), and, in most respects, more social functionality. The one area where Facebook lags is search functionality. Would Facebook really want to let Google become the tool for searching social networks—one social search engine “to rule them all“? Or would Facebook prefer to continue developing “social search” in partnership with Bing? On Bing, it can control how its content appears—and Facebook sees Microsoft as a partner, not a rival (at least until it can build its own search functionality inside the web’s hottest property).

Adding to this dynamic, and perhaps ultimately fueling some of the fire against SPYW, is the fact that many Google+ users seem to be multi-homing, using both Facebook and Google+ (and other social networks) at the same time, and even using various aggregators and syncing tools (Start Google+, for example) to unify social media streams and share content among them. Before SPYW, this might have seemed like a boon to Facebook, staunching any potential defectors from its network onto Google+ by keeping them engaged with both, with a kind of “Facebook primacy” ensuring continued eyeball time on its site. But Facebook might see SPYW as a threat to this primacy—in effect, reversing users’ primary “home” as they effectively import their Facebook data into SPYW via their Google+ accounts (such as through Start Google+). If SPYW can effectively facilitate indirect Google searching of private Facebook content, the fears we suggest above may be realized, and more users may forego vistiing Facebook.com (and seeing its advertisers), accessing much of their Facebook content elsewhere—where Facebook cannot monetize their attention.

Amidst all the antitrust hand-wringing over SPYW and Google’s decision to “go it alone” for now, it’s worth noting that Facebook has remained silent. Even Twitter has said little more than a tweet’s worth about the issue. It’s simply not clear that Google’s rivals would even want to participate in SPYW. This could still be bad for consumers, but in that case, the source of the harm, if any, wouldn’t be Google. If this all sounds speculative, it is—and that’s precisely the point. No one really knows. So, again, what’s to argue about on Day 3 of the new social search paradigm?

The Debate to Come: Conditioning Access to SPYW

While Twitter and Facebook may well prefer that Google not index their content on SPYW—at least, not unless Google is willing to pay up—suppose the social networking firms took Google up on its offer to have a “conversation” about greater cooperation. Google hasn’t made clear on what terms it would include content from other social media platforms. So it’s at least conceivable that, when pressed to make good on its lofty-but-vague offer to include other platforms, Google might insist on unacceptable terms. In principle, there are essentially three possibilities here:

1. Antitrust law requires nothing because there are pro-consumer benefits for Google to make SPYW exclusive and no clear harm to competition (as distinct from harm to competitors) for doing so, as our colleague Josh Wright argues.
2. Antitrust law requires Google to grant competitors access to SPYW on commercially reasonable terms.
3. Antitrust law requires Google to grant such access on terms dictated by its competitors, even if unreasonable to Google.

Door #3 is a legal non-starter. In Aspen Skiing v. Aspen Highlands (1985), the Supreme Court came the closest it has ever come to endorsing the “essential facilities” doctrine by which a competitor has a duty to offer its facilities to competitors. But in Verizon Communications v. Trinko (2004), the Court made clear that even Aspen Skiing is “at or near the outer boundary of § 2 liability.” Part of the basis for the decision in Aspen Skiing was the existence of a prior, profitable relationship between the “essential facility” in question and the competitor seeking access. Although the assumption is neither warranted nor sufficient (circumstances change, of course, and merely “profitable” is not the same thing as “best available use of a resource”), the Court in Aspen Skiing seems to have been swayed by the view that the access in question was otherwise profitable for the company that was denying it. Trinko limited the reach of the doctrine to the extraordinary circumstances of Aspen Skiing, and thus, as the Court affirmed in Pacific Bell v. LinkLine (2008), it seems there is no antitrust duty for a firm to offer access to a competitor on commercially unreasonable terms (as Geoff Manne discusses at greater length in his chapter on search bias in TechFreedom’s free ebook, The Next Digital Decade).

So Google either has no duty to deal at all, or a duty to deal only on reasonable terms. But what would a competitor have to show to establish such a duty? And how would “reasonableness” be defined?

First, this issue parallels claims made more generally about Google’s supposed “search bias.” As Josh Wright has said about those claims, “[p]roperly articulated vertical foreclosure theories proffer both that bias is (1) sufficient in magnitude to exclude Google’s rivals from achieving efficient scale, and (2) actually directed at Google’s rivals.” Supposing (for the moment) that the second point could be established, it’s hard to see how Facebook or Twitter could really show that being excluded from SPYW—while still having their available content show up as it always has in Google’s “organic” search results—would actually “render their efforts to compete for distribution uneconomical,” which, as Josh explains, antitrust law would require them to show. Google+ is a tiny service compared to Google or Facebook. And even Google itself, for all the awe and loathing it inspires, lags in the critical metric of user engagement, keeping the average user on site for only a quarter as much time as Facebook.

Moreover, by these same measures, it’s clear that Facebook and Twitter don’t need access to Google search results at all, much less its relatively trivial SPYW results, in order find, and be found by, users; it’s difficult to know from what even vaguely relevant market they could possibly be foreclosed by their absence from SPYW results. Does SPYW potentially help Google+, to Facebook’s detriment? Yes. Just as Facebook’s deal with Microsoft hurts Google. But this is called competition. The world would be a desolate place if antitrust laws effectively prohibited firms from making decisions that helped themselves at their competitors’ expense.

After all, no one seems to be suggesting that Microsoft should be forced to include Google+ results in Bing—and rightly so. Microsoft’s exclusive partnership with Facebook is an important example of how a market leader in one area (Facebook in social) can help a market laggard in another (Microsoft in search) compete more effectively with a common rival (Google). In other words, banning exclusive deals can actually make it more difficult to unseat an incumbent (like Google), especially where the technologies involved are constantly evolving, as here.

Antitrust meddling in such arrangements, particularly in high-risk, dynamic markets where large up-front investments are frequently required (and lost), risks deterring innovation and reducing the very dynamism from which consumers reap such incredible rewards. “Reasonable” is a dangerously slippery concept in such markets, and a recipe for costly errors by the courts asked to define the concept. We suspect that disputes arising out of these sorts of deals will largely boil down to skirmishes over pricing, financing and marketing—the essential dilemma of new media services whose business models are as much the object of innovation as their technologies. Turning these, by little more than innuendo, into nefarious anticompetitive schemes is extremely—and unnecessarily—risky.

The Fragmentation Claim

For some, the problem isn’t so much about antitrust but about the fragmentation of the web. John Battelle claims that tensions between search engines and social networking platforms threaten our culture, and we need a “public commons” for social data to set things right. In the abstract (and the real world is never “in the abstract”), the claim has appeal: the Web users of today might, in some sense, be better off if Facebook, Google, Twitter, and Bing could all just “get along” and share social content among themselves seamlessly so that users could find content from any major social media platform on Google (or Bing, for that matter). Instead of facing a choice among major search engines that each only offer a fragment of potentially relevant social networking content, users in this Social Commons Utopia would choose search engines based on the quality of the algorithm, or other features—not on which social networks the search engine indexes. Meanwhile, users active in multiple social networks would enjoy a one-stop shop for searching content shared by their friends.

That all sounds well and good, but it misses the forest for the trees. The question isn’t simply about consumer welfare in a static snapshot of today’s marketplace. From that myopic perspective, commoditizing search might make a lot of sense. But of course, what’s ultimately important is that search keeps evolving to become more social and more … who knows what else the future will bring? Achieving a static “utopia” might end up killing the contentious rivalry that fuels the evolution of the market in ways that dramatically outweigh any short-term gains for consumers. Incorporating a realistic appreciation for that into a court-ordered “reasonable” deal is a Sisyphean task—yet another reason why courts are (and should be) likely to err on the side of extreme caution about meddling here.

To be sure, a “public commons” for social data is an interesting idea, and it may well make sense someday. But how would such a regime, if implemented tomorrow, affect social networking firms looking to grow and innovate? Unlike Microsoft and Google, both among the world’s most profitable companies, Facebook and Twitter are still trying to figure out how to effectively monetize their massive user platforms. Inking creative deals to sell access to social data to search engines, or to other entities such as advertisers, is a logical way to generate the income that social networking companies need. This sort of arrangement may offend diehard believers in information commons, but it should seem perfectly natural to those who recognize that, to serve consumers, web companies need to innovate not just in new technologies but in strategies for monetizing those technologies.

Conclusion

Do we really want to live in a world where companies like Google have to wait to launch innovative new features until they’ve worked out how to to ensure that their competitors get to participate—on their competitors’ terms? This kind of “open access” requirement would be catastrophic for innovation. Even forcing companies to clearly define their terms of access on day one would essentially be equivalent to requiring them to file a rate tariff as if they were an old regulated utility—a recipe for stagnation, not innovation. Condemning Google to antitrust purgatory for failing to accept competitors’ offers to participate when those offers don’t even exist is nothing if not premature.

Yesterday, TechFreedom, the Competitive Enterprise Institute, Americans for Job Security, and Americans for Limited Goverment sent a joint letter (pdf) to U.S. House Judiciary Committee Chairman Lamar Smith and Ranking Member John Conyers urging them not to rush deliberations on the Stop Online Piracy Act (SOPA). The Committee is set to hold markup on the bill on Thursday, December 15, less than three days after SOPA’s sponsors released a manager’s amendment containing major changes to the lengthy bill.

In their letter, the free market groups note that members have yet to hear testimony from experts versed in the bill’s implications for cybersecurity, free speech, due process, Internet governance, innovation, and job creation. The letter follows in its entirety:

Dear Chairman Smith and Ranking Member Conyers:

As public interest groups dedicated to free enterprise and property rights, we strongly support legislative efforts to ensure the meaningful protection of copyrights and trademarks. Yet we have also raised serious concerns about the unintended consequences of the Stop Online Piracy Act (SOPA), consistent with our general skepticism of all Internet regulation. While we applaud the manager’s amendment proposed by Chairman Smith, there simply has not been time to properly evaluate its real-world consequences. Although the proposed changes would indeed improve the bill, they leave several legitimate objections unaddressed. Thus, we urge Members of the Committee not to report the bill to the full House until these concerns have been resolved through further hearings and a second markup.

Enforcing copyrights online is an extremely provocative issue: witness the massive grassroots campaign mounted in recent weeks against so-called “Internet censorship,” as allegedly provided for by SOPA. Underlying this opposition to the bill is profound public skepticism about the unintended consequences of enhanced copyright enforcement in terms of collateral damage to legitimate expression and innovation. This skepticism has been galvanized by recent high-profile mistakes involving the improper seizure of innocent websites by federal officials in “Operation In Our Sites.”

If SOPA is ultimately enacted, any public perception that Congress failed to carefully balance the competing interests of copyright enforcement, free speech, due process, and Internet freedom will further erode public support not only for Congress, but also for copyright itself. The erosion of public respect for copyright is a primary factor behind the dramatic increase in infringement in recent years. Even a perfect bill cannot cure this cultural problem, to be sure, but ill-considered legislation can exacerbate it. If the widespread conflation of copyright enforcement with censorship is to be dispelled, SOPA must be refined carefully through a transparent process, with ample time for deliberation and consideration of all relevant expertise.

However, since SOPA was introduced in October, the Committee has held just one hearing on the bill. To date, no Internet engineers have testified as to the bill’s implications for the Domain Name System (DNS). Rep. Dan Lungren expressed his frustration about the absence of such experts at that hearing, stating that “[i]f we’re going to [report SOPA] we ought to at least talk about it. … Saying we’re not going to take a position or we’re not experts on this is upsetting.” Similarly, no law professors have testified as to the bill’s constitutional concerns, and no venture capitalists have testified as to how it would impact Internet start-ups at home and abroad. No Internet governance experts or U.S. diplomats have testified as to how our “going it alone” approach to DNS filtering might undermine U.S. efforts to maintain the current multi-stakeholder system of Internet governance as an alternative to control by the ITU or another inter-governmental bureaucracy.

The manager’s amendment proposed by Chairman Smith would improve SOPA in important respects. In particular, the proposed changes to section 103 would substantially reduce the likelihood that law-abiding sites based around user-generated content might face adverse judgments in actions brought by private rights holders. The amendment would also exempt most domestic websites from SOPA’s private right of action.

Despite this amendment, however, many aspects of the bill remain hotly contested among major technology firms, Internet engineers, legal scholars, and venture capitalists. Critics have noted, among other objections, that section 102 still encompasses a vast range of legitimate foreign websites, and includes domain name remedies that may endanger U.S. policy goals on Internet governance and cybersecurity. Whatever the merits of these concerns, the Committee simply has not spent enough time on this legislation to properly address the complex and important issues at stake.

Although the bill’s sponsors have worked to address such concerns through the manager’s amendment, that amendment — made public only three days before Thursday’s scheduled markup of the bill — is a complex proposal spanning over 14,000 words. It raises a slew of new questions that the Committee cannot, in good faith, resolve in markup without the benefit of expert witnesses. Thus, the Committee will not yet be in a position to report to the entire House a complete legislative proposal based on a thorough factual and legal record.

Therefore, we urge the Committee to schedule further hearings in early 2012 on the bill as amended in Thursday’s markup. These hearings should include the kind of experts mentioned above, and be followed by an additional markup scheduled far enough in advance to allow careful consideration of proposed amendments. There is ample time in the legislative calendar to move this legislation to the floor in early 2012, reconcile House and Senate versions, and enact a final bill.

Whatever rogue websites legislation Congress ultimately adopts will profoundly impact the development of the Internet as a vehicle for innovation, expression, and democratization — for better and worse. If the public perceives this copyright legislation to be the product of a hasty and opaque process, respect for copyrights and trademarks will be diminished, not enhanced.

Sincerely,

Berin Szoka TechFreedom

Ryan Radia Competitive Enterprise Institute

Stephen DeMaura  Americans for Job Security

William Wilson Americans for Limited Government

The Stop Online Piracy Act (SOPA), a controversial bill before the House of Representatives aimed at combating “rogue websites,” isn’t just about criminal, foreign-based sites that break U.S. intellectual property laws with impunity. Few dispute that these criminal websites that profit from large-scale counterfeiting and copyright infringement are a public policy problem. SOPA’s provisions, however, extend beyond these criminal sites, and would potentially subject otherwise law-abiding Internet intermediaries to serious legal risks.

Before moving forward with rogue websites legislation, it’s crucial that lawmakers take a deep breath and appreciate the challenges at stake in legislating online intermediary liability, lest we endanger the Nozickian “utopia of utopias” that is today’s Internet. The unintended consequences of overbroad, carelessly drafted legislation in this space could be severe, particularly given the Internet’s incredible importance to the global economy, as my colleagues have explained on these pages (1, 2, 3, 4, 5, 6)

To understand why SOPA could be a game-changer for online service providers, it’s important to understand the simmering disagreement surrounding the Digital Millennium Copyright Act (DMCA) of 1998, which grants certain online service providers a safe harbor from liability for their users’ copyright infringing actions. In exchange for these protections, service providers must comply with the DMCA’s notice-and-takedown system, adopt a policy to terminate users who repeatedly infringe, and meet several other conditions. Service providers are only eligible for this safe harbor if they act to expeditiously remove infringing materials upon learning of them. Also ineligible for the safe harbor are online service providers who turn a blind eye to “red flags” of obvious infringement.

The DMCA does not, however, require providers to monitor their platforms for infringing content or design their services to facilitate monitoring. Courts have held that a DMCA-compliant service provider does not lose its safe harbor protection if it fails to act upon generalized knowledge that its service is used for many infringing activities, in addition to lawful ones, so long as the service provider does not induce or encourage users’ infringing activities.

Defenders of the DMCA safe harbor argue that it’s helped enable America’s Internet-based economy to flourish, allowing an array of web businesses built around lawful user-generated content — including YouTube, Facebook, and Twitter — to thrive without fear of copyright liability or burdensome monitoring mandates.

Conversely, some commentators, including UCLA’s Doug Lichtman, argue that the DMCA inefficiently tips the scales in favor of service providers, to the detriment of content creators — and, ultimately, consumer welfare. Pointing to a series of court rulings interpreting the safe harbor’s provisions, critics argue that the DMCA gives online intermediaries little incentive to do anything beyond the bare minimum to stop copyright infringement. Critics further allege that the safe harbor has been construed so broadly that it shields service providers that are deliberately indifferent to their users’ infringing activities, however rampant they may be.

What does SOPA have to do with all of this? Buried in the bill’s 78 pages are several provisions that run a very real risk of effectively sidestepping many of the protections conferred on online service providers by the DMCA safe harbor.

Section 102

Section 102 of SOPA empowers the Attorney General to seek a court order against an allegedly infringing foreign website. Such a court order would, if granted, effectively deny the site access to payment processors, ad networks, and even parts of the domain name system. Under § 102, a foreign, U.S.-directed website is deemed a “foreign infringing site” if:

[T]he owner or operator of such Internet site is committing or facilitating the commission of criminal violations [involving illegal copyright infringement, counterfeiting, or theft of trade secrets] and the Internet site would . . . [therefore] be subject to seizure in the United States . . . if such site were a domestic Internet site.

The part about websites “subject to seizure in the United States” refers to 18 U.S.C. § 2323, which states among other things that “[p]roperty subject to forfeiture” includes:

Any property used, or intended to be used, in any manner or part to commit or facilitate the commission of [criminal copyright or trademark infringement].

This definition of a “foreign infringing site” is enormously troubling. Note the absence of any requirement of actual or constructive knowledge on the part of the site operator, let alone criminal intent. Under § 102, a foreign website built around user-generated content may be deemed an “infringing site” simply because its server has facilitated the criminally infringing acts of a single user — even if the site operator neither induced nor knew of the user’s unlawful activities. While an innocent foreign site operator might eventually be able to persuade a court to vacate an order deeming it a “foreign infringing site,” SOPA imposes an astonishingly low burden on the Attorney General of showing that a site is a “foreign infringing site.” If the bill is enacted as is, foreign websites that contain any user-generated content had better watch out.

SOPA proponents defend § 102 by pointing out that its definition of infringing sites comes straight out of the 2008 PRO-IP Act, which established the aforementioned civil forfeiture provision in 18 U.S.C. § 2323. But this statute’s constitutionality is currently being challenged in federal court by a team of attorneys that includes Stanford law professor and copyright guru Mark Lemley. The law’s breadth raises serious First Amendment concerns since it permits ex parte seizures of entire outlets of speech (e.g., websites) simply because the outlet has been used in some unlawful manner. SOPA may be based on existing law, but why should Congress extend this overbroad provision of the PRO-IP Act to encompass an even broader range of websites? If anything, lawmakers should revisit PRO-IP and narrow its applicability to sites intentionally operated for the purpose of committing or facilitating criminal infringement. Via Techdirt, even Floyd Abrams, a constitutional scholar who represents content companies that strongly back SOPA, conceded in a recent letter to Congress that unanswered questions remain regarding the constitutionality of 18 U.S.C. § 2323.

Section 103

The next section of SOPA, Section 103, isn’t any better. This section provides for private rights holders to seek court orders against U.S.-directed websites — including domestic sites — to deny them access to U.S. payment processors and ad networks. Section 103 deems a website “dedicated to theft of U.S. property” if any of the following conditions are met:

1. [The site] is primarily designed or operated for the purpose of, has only limited purpose or use other than, or is marketed by its operator or another acting in concert with that operator for use in, offering goods or services in a manner that engages in, enables, or facilitates [copyright infringement, circumvention of copyright protection systems, or trademark infringement]; or
2. [The site operator] is taking, or has taken, deliberate actions to avoid confirming a high probability of the use of the . . . site to carry out acts that constitute [copyright infringement or the circumvention of copyright protection systems]; or
3. [The site operator] operates the . . . site with the object of promoting, or has promoted, its use to carry out acts that constitute [copyright infringement or the circumvention of copyright protection systems], as shown by clear expression or other affirmative steps taken to foster infringement.

The first prong of this definition encompasses any website that “has only limited purpose or use other than . . . engag[ing] in, enabl[ing], or facilitat[ing]” copyright infringement, circumvention of copyright protection systems, or trademark infringement. This language comes from 17 U.S.C. § 1201, also known as the DMCA anti-circumvention provisions. Just how “limited” of non-infringing uses must a site have to meet this definition? It’s hard to say. As Rob Pegoraro cheekily observed in a recent Roll Call op-ed, ”‘[l]imited’ is one of those wonderfully elastic words — notice the ever-longer yet still ‘limited’ copyright terms granted to artists and creators?” This section of SOPA would be more clear if it relied on the “capable of substantial non-infringing uses” test originally articulated by the U.S. Supreme Court in its famous 1984 Betamax opinion, Sony Corp. v. Universal City Studios, Inc., which has since been interpreted by numerous federal courts in copyright infringement cases.

The second prong of the § 103 definition, which covers websites that take “deliberate actions to avoid confirming a [high probability of infringement],” is perhaps the most worrisome of the three prongs. This language appears to have been lifted directly from a 2011 U.S. Supreme Court decision, Global-Tech Appliances, Inc. v. SEB S.A. In that case, a patent infringement lawsuit, the Court found the defendant liable for inducement on the grounds that it took willful steps to blind itself of the existence of the patent at suit. The Court held that “willful blindness” exists when (1) a defendant subjectively believes that there is a high probability that a fact exists; and (2) the defendant takes deliberate actions to avoid learning of that fact.

Note, however, that Section 103 omits the first prong of the Global Tech willful blindness test, the subjective belief element. This omission might simply be an oversight — or it could reveal the intent of the bill’s authors to cast aside the subjective knowledge standard (which currently applies to service providers in the context of knowledge for purposes of the DMCA) and replace it with an objective, “reasonable person” standard. If plaintiff bringing a SOPA action is only required to show that a website operator should have known of its users’ infringement from the perspective of a “reasonable” operator, and that the site’s operator acted in some manner that had the effect of contributing to its ignorance of infringing activities by users, a vast array of websites that currently enjoy the protections of the DMCA safe harbor may face significant new legal risks. After all, website operators make design decisions all the time that might foreseeably impact on their awareness (or lack thereof) of user’ potentially infringing activities. Who knows what sort of well-intentioned, albeit deliberate, decisions might amount to”avoiding confirming a high probability” of infringement?

As David Sohn of the Center for Democracy & Technology has pointed out, “[t]his seems like a backdoor way of imposing a monitoring obligation on any website that allows users to post content.”  Temple Law Professor David Post, writing at the Volokh Conspiracy, observed that the bill might make it a “violation of law to keep the prosecutors from ‘confirming’ that you’re violating the law — all the prosecutor has to show, to make you vanish from the Net, is that you’ve somehow tried to keep the prosecutor off of your website!”

Why SOPA Could Endanger the DMCA Safe Harbor

SOPA proponents have dismissed concerns that the bill would risk undermining the DMCA safe harbor. U.S. Register of Copyrights Maria Pallante, testifying in a House Judiciary Committee hearing on SOPA on November 16, told members of Congress that it was extremely unlikely that any actions brought under SOPA would impact websites otherwise shielded by the DMCA safe harbor. Techdirt reports that Viacom executive Stanley Pierre-Louis recently argued that SOPA would not “[expand] the scope of secondary liability claims and [diminish] DMCA protections,” noting that “[t]here is no rule that permits ‘willful blindness’ of obvious wrongdoing under U.S. law, and nothing in the DMCA or any other statute has been deemed to hold otherwise.”

Technically, Pallante and Pierre-Louis are correct; SOPA’s provision at 102(c)(2)(A)(iii) appears to leave existing doctrines of copyright liability vis-à-vis the DMCA safe harbor untouched.

In practice, however, SOPA has the potential to effectively usurp the DMCA safe harbor in important respects. If the bill is enacted, online service providers would face a new worst nightmare: being cut off from payment processors, ad networks, and possibly even Internet service providers. As Eric Goldman recently explained, if a “website goes offline because of cash flow problems caused by the cutoff attributable to a single UGC content item, all of the UGC on that website goes dark because of a single content item.”

To avoid such an outcome, website operators will likely do everything they can to avoid falling under SOPA’s definitions — even if that means going above and beyond the requirements of the DMCA safe harbor. While I’m all for websites voluntarily taking prudent and measured actions to combat unlawful user activities (e.g., YouTube’s Content ID system), there are good reasons to be very skeptical of any legislation that effectively imposes on site operators any duty or obligation to monitor, or facilitate the monitoring of, user activities.

Fair concerns have been raised by thoughtful commentators about the DMCA’s limitations and shortcomings. Those concerns deserve a serious examination in the halls of Congress, and perhaps may even merit some careful, targeted tweaks to the DMCA. But the extraordinary remedies provided contained in SOPA should be reserved for genuine rogue sites that willfully flout U.S. laws with impunity and are beyond the reach of U.S. law enforcement authorities. While there are U.S.-based websites out there that violate copyright and trademark laws, extraordinary remedies (such as “going after the money”) should not be the primary method of penalizing such sites. If a rights holder believes that a domestic website is infringing on its copyright or trademark, the proper means of obtaining recourse is to file a civil lawsuit and, when appropriate, seek injunctive relief. The U.S. Marshals Service is tasked with enforcing civil judgments and other court orders entered against domestic actors by federal courts, and parties may obtain writs of execution to order law enforcement intervention against American individuals or businesses that violate court orders.

We Have To Pass The Bill To Find Out What’s In It

Reasonable people read SOPA’s provisions in very different ways. For instance, Terry Hart, writing at Copyhype, has eloquently defended SOPA’s definitions, arguing that “[t]he actions that would subject a provider to SOPA’s provisions are the same ones that would subject it to a copyright infringement suit under existing law and are actions that would not be protected under DMCA safe harbors.” But while SOPA’s definitions are based largely on well-established, time-tested statutes and precedents, some of the language isn’t as clear-cut as it might seem at first glance, as I explain above.

As a result, it’s tough to predict how SOPA would actually impact online service providers. Federal judges vary widely in the methods they employ in attempting to interpret vague statutes. There is no such thing as stare decisis when it comes to statutory construction; some judges focus on the plain meaning of a statute’s language, while others pour through committee reports and hearing transcripts in hopes of divining the legislature’s true underlying intent.

With apologies to Nancy Pelosi, what this means is that we probably won’t know what’s in SOPA until it’s passed. Even then, only after years of costly litigation will the contours of the bill’s provisions likely begin to approach a state of clarity. Consider that the DMCA, now thirteen years old, continues to engender serious disagreement among federal courts to this day. (For instance, courts disagree on what it means for a service provider to take “volitional acts” that encourage users to engage in infringement.)

SOPA’s potential breadth is especially problematic given that its potential victims are small, entrepreneurial Internet start-ups that lack the resources to pay a team of lawyers to examine their operational decisions for potential SOPA violations. As leading high-tech venture capitalist Fred Wilson has argued, “venture capitalists will think more than twice about putting $3mm of early stage capital into startups if they know that the vast majority of the funds will go to pay lawyers to defend the companies instead of to hire engineers to create and build product.”

Lawmakers Should Tread Carefully

While combating rogue foreign websites that violate U.S. laws flagrantly and with impunity should be a priority for lawmakers, SOPA’s definitions and remedies are simply too broad and too vague in their current form. They would cast a cloud of legal uncertainty over America’s innovative, startup-driven Internet economy. It would be a grave mistake to grant such powerful new tools to Justice Department and rights holders and assume that federal trial judges will interpret SOPA’s provisions as narrowly as is necessary to ensure legitimate Internet companies do not suffer adverse effects.

The recent House Judiciary Committee hearing on SOPA made clear just how much work remains to be done to craft an effective but targeted approach to rogue sites. Serious questions remain unresolved — not only about SOPA’s impact of the DMCA safe harbor, but also about cybersecurity, due process and free speech. Additional hearings are needed to explore these important issues with Internet engineers, law professors, and venture capitalists. Marking up the legislation before the end of 2011 — as Chairman Lamar Smith desires, according to the National Journal – would be a serious mistake.

For more on SOPA and rogue websites legislation; see: 

• Ryan Radia, Preliminary Thoughts  on Stop Online Piracy Act (SOPA)
• Ryan Radia, Congress Should Amend SOPA to Address Cybersecurity, Due Process Concerns
• Ryan Radia, Congress takes another stab at combating Rogue Websites with the PROTECT IP Act
• Ryan Radia, Five Ways Congress Can Fix COICA Copyright Bill
• Joint Letter from Public Interest Groups to the House Judiciary Committee on the Stop Online Piracy Act
• Timothy B. Lee, ArsTechnica, The Stop Online Piracy Act: Big Content’s full-on assault against the Safe Harbor
• Letter from Sens. Ron Wyden, Rand Paul, Jerry Moran, and Maria Cantwell to Congressional Leadership objecting to the PROTECT IP Act
• U.S. Rep. Zoe Lofgren’s Opening Letter on SOPA
• Prof. Eric Goldman, Why I Oppose the Stop Online Piracy Act (SOPA)/E-PARASITES Act
• Prof. David Post, How About Occupy Hollywood?
• Fred Wilson, Protecting The Safe Harbors Of The DMCA And Protecting Jobs
• Terry Hart, SOPA: New remedies for existing liability
• Rob Pegoraro, Online Piracy Act is Copyright Overreach
• Center for Democracy & Technology, The Stop Online Piracy Act: Summary, Problems and Implications
• Sherwin Siy, Public Knowledge, House Version of Rogue Websites Bill Adds DMCA Bypass, Penalties for DNS Workarounds
• Techdirt’s SOPA coverage
• Parker Higgins, Electronic Frontier Foundation, What’s On the Blacklist? Three Sites That SOPA Could Put at Risk
• Corynne McSherry, Electronic Frontier Foundation, SOPA: Hollywood Finally Gets A Chance to Break the Internet
• Larry Downes, TechFreedom, SOPA: Hollywood’s latest effort to turn back time

This afternoon the Stop Online Piracy Act (H.R. 3261) was introduced by Rep. Lamar Smith of the House Judiciary Committee. This bill is a companion to the PROTECT IP Act and S.978, both of which were reported by the Senate Judiciary Committee in May.

There’s a lot some to like about the bill, but I’m uneasy about some quite a few of its provisions. While I’ll have plenty to say about this bill in the future, for now, here are a few preliminary thoughts:

• The bill’s definition of “foreign infringing sites” at p. 10 borrows heavily from 18 U.S.C. § 2323, covering any site that commits or facilitates the commission of criminal copyright infringement and would be subject to civil forfeiture if it were U.S.-based. Unfortunately, the outer bounds of 18 U.S.C. § 2323 are quite unclear. The statute, which was enacted only a few years ago, encompasses “any property used, or intended to be used, in any manner or part to commit or facilitate” criminal copyright infringement. While I’m all for shutting down websites operated by criminal enterprises, not all websites used to facilitate crimes are guilty of wrongdoing. Imagine a user commits criminal copyright infringement using a foreign video sharing site similar to YouTube, but the site is unaware of the infringement. Since the site is “facilitating” criminal copyright infringement, albeit unknowingly, is it subject to the Stop Online Piracy Act?
• Section 103 of the bill, which creates a DMCA-like notification/counter-notification regime, appears to lack any provision encouraging ad networks and payment processors to restore service to a site allegedly “dedicated to theft of U.S. property” upon receipt of a valid counter-notification and when no civil action has been brought. The DMCA contains a safe harbor protecting service providers who take reasonable steps to take down content from liability, but the safe harbor only applies if service providers promptly restore allegedly infringing content upon receipt of a counter notification and when the rights holder does not initiate a civil action. Why doesn’t H.R. 3261 include a similar provision?
• The bill’s private right of action closely resembles that found in the PROTECT IP Act. Affording rights holders a legal avenue to take action against rogue websites makes sense, but I’m uneasy about creating a private right of action that allows courts to issue such broad preliminary injunctions against allegedly infringing sites. I’m also concerned about the lack of a “loser pays” provision.
• Section 104 of the bill, which provides immunity for entities that take voluntary actions against infringing sites, now excludes from its safe harbor actions that are not “consistent with the entity’s terms of service or other contractual rights.” This is a welcome change and alleviates concerns I expressed about the PROTECT IP Act essentially rendering certain private contracts unenforceable.
• Section 201 of the bill makes certain public performances via electronic means a felony. The section contains a rule of construction at p. 60 that clarifies that intentional copying is not “willful” if it’s based on a good faith belief with a reasonable basis in law that the copying is lawful. Could this provision cause courts to revisit the willfulness standard discussed in United States v. Moran, in which a federal court found that a defendant charged with criminal copyright infringement was not guilty because he (incorrectly) thought his conduct was permitted by the Copyright act?

Hot-tempered police offers, pushover judges, and vague laws make for a dangerous combination. In July, a controversy erupted in Renton, Washington (a Seattle suburb) when the town’s police department launched a legal assault on an anonymous YouTube user for merely uploading a few sarcastic videos poking fun at the department’s scandals.

Last week’s blockbuster LinkedIn IPO valued the company at nearly $9 billion, surprising many investors, especially given the company’s initial valuation of about $4 billion. While some analysts have pointed to LinkedIn’s valuation as evidence that we may be headed into another tech bubble (a la 2000), it’s important to remember that major tech IPOs remain far less frequent in comparison to their heyday in the dot com boom. While there are many good reasons behind the recent reduction in IPO frequency, ill-conceived public policies have distorted the decision-making process of thriving startups.

In an op-ed in tomorrow’s Investor’s Business Daily, Jacque Otto and I elaborate on this argument:

Silicon Valley is teeming with budding startups whose user bases and valuations are skyrocketing. As these companies seek breathing room to grow, they will face a tough decision: stay private, seek out a buyer or go public.

Making this complex choice all the more challenging is government uncertainty. Filing for an initial public offering is harder than ever due to the onerous regulations and burdensome laws Washington has handed down over the past decade. Microsoft’s $8.5 billion purchase of Skype surprised analysts, many of whom had predicted Skype would seek an IPO or a deal with Facebook or Google.

Meanwhile, Facebook has kept quiet in face of speculation over whether it might file for an IPO. So far, the social networking giant has focused on raising capital privately. Given the risks of going public in this environment, Facebook’s decision is understandable.

While some tech firms — including LinkedIn, Kayak and Demand Media — have gone public or filed for IPOs in the past year, many others — including Hulu, Zynga, and Twitter — are reportedly leaning against going public this year. Some of these may be acquired, as happened with AdMob, a mobile advertising startup rumored to be pondering an IPO until Google bought it for $750 million in 2009.

Why do tech companies appear more reluctant to go public today than they were during the tech sector’s heyday of the early 2000s?

While many factors are at play, new regulations on the finance sector and heavy-handed legislation enacted since the dot-com boom deserve much of the blame. Raising capital through an IPO is especially tough, discouraging startups from seeking to go public. This increases the attractiveness of raising capital through private sources or by being acquired by a bigger firm.

The Sarbanes-Oxley Act, enacted in 2002 after the Enron scandal, has been devastating for investors and promising startups. The law’s onerous mandates on public companies have forced many nascent companies to forget about or delay going public.

Read the rest of the piece here.

Social widgets, such as the now-ubiquitous Facebook “Like” button and Twitter “Tweet” button, offer users a convenient way to share online content with their friends and followers. These widgets have recently come under scrutiny for their privacy implications. Yesterday, The Wall Street Journal reported that Facebook, Twitter, and Google are informed each time a user visits a webpage that contains one of the respective company’s widgets:

Internet users tap Facebook Inc.’s “Like” and Twitter Inc.’s “Tweet” buttons to share content with friends. But these tools also let their makers collect data about the websites people are visiting. These so-called social widgets, which appear atop stories on news sites or alongside products on retail sites, notify Facebook and Twitter that a person visited those sites even when users don’t click on the buttons, according to a study done for The Wall Street Journal.

It wasn’t exactly a secret that social widgets “phone home.” However, the Journal’s story shed new light on how the firms that offer social widgets handle the data they glean regarding user browsing habits. Facebook and Google reportedly store this data for a limited period of time — two weeks and 90 days, respectively — and, importantly, the data isn’t recorded in a way that can be tied back to a user (unless, of course, the user affirmatively decides to “like” a webpage). Twitter reportedly records browsing data as well, but deletes it “quickly.”

Assuming the companies effectively anonymize the data they glean from their social widgets, privacy-conscious users have little reason to worry. I’m not aware of any evidence that social widget data has been misused or breached. However, as Pete Warden reminded us in an informative O’Reilly Radar essay posted earlier this week, anonymizing data is harder than it sounds, and supposedly “anonymous” data sets have been successfully de-anonymized on several occasions. (For more on the de-anonymization of data sets, see Arvind Narayanan and Vitaly Shmatikov’s 2008 research paper on the topic).

While these social widgets may well pose no real threat to privacy, some especially privacy-sensitive users might be wary of the risk of being “tracked” by a social networking service, however small that risk may be. Such concerns aren’t totally unreasonable — if, say, the browsing data collected by Facebook or Google were to be breached and subsequently de-anonymized and tied to authenticated (logged-in) users by malicious actors, the resulting privacy harms could be quite serious.

Fortunately for privacy-conscious users, there are several ways to stop social widgets from collecting data about your browsing habits. As the Journal points out, you can simply log out of your Twitter or Facebook account prior to visiting other websites. Other methods include clearing out your cookies or using your browser’s privacy mode when visiting social networking sites. And, of course, there’s always the “nuclear option” of deleting your social networking accounts entirely.

Perhaps the most convenient, slick way to avoid social widgets is to simply use a browser add-on that selectively disables cross-site requests from Facebook, Twitter, and Google. The WSJ profiled one such add-on, Disconnect, which is compatible with Chrome, Firefox, and Safari.

If you’re a Firefox user, the popular add-on NoScript also offers a robust and effective mechanism for blocking social widgets. To do so, you’ll need to paste a few lines of code in NoScript’s Application Boundaries Enforcer (ABE), a powerful module that allows users to establish custom rules governing scripts and cross-site requests. If you’ve got NoScript installed (get it here), simply go to the ‘Options’ menu, select the ‘Advanced’ tab, then the ‘ABE’ subtab:

After checking the ‘Enable ABE’ box, select the USER Ruleset, then paste in the following lines:

Site .facebook.com .fbcdn.net facebook.net
Accept from SELF
Accept from .facebook.com .fbcdn.net facebook.net
Deny INCLUSION

Site .twitter.com
Accept from SELF
Accept from .twitter.com
Deny INCLUSION

Site .google.com googleapis.com
Accept from SELF
Accept from .google.com
Deny INCLUSION

Then hit ‘Refresh’ and ‘OK’ and you’re all set. If you’ve done this correctly, you should no longer see Facebook, Twitter, or Google widgets. To verify that no data is being transmitted to the companies, install and run HTTP traffic analyzer Fiddler then visit a webpage featuring social widget. If no HTTP request is transmitted to a social networking service, you’re in the clear. Note that this technique also doesn’t affect the functionality of Twitter, Facebook, or Google, so you can still use each of these services with full functionality. If you want to block other social widgets, simply add additional lines to ABE in NoScript in the same manner as above including the domains of the services you wish to block.

As this post hopefully illustrates, privacy-conscious users aren’t helpless; extant technological solutions can address many privacy concerns already, while more robust tools are constantly emerging. As for Facebook, Twitter, and Google, it’s hard to fault them for responding to user demands. Statistics indicate that social widgets are immensely valuable and popular among users, so activating them by default is a sensible decision.

I’d like to see these firms offer a mechanism for authenticated users to opt out of social widget data collection entirely. Greater transparency regarding how the data sets are anonymized would also be welcome. Meanwhile, privacy-conscious users can take matters into their own hands by opting out manually.

Last November, I penned an essay on these pages about the COICA legislation that had recently been approved unanimously by the U.S. Senate Judiciary Committee. While I praised Congress’s efforts to tackle the problem of “rogue websites” — sites dedicated to trafficking in counterfeit goods and/or distributing copyright infringing content — I warned that the bill lacked crucial safeguards to protect free speech and due process, as several dozen law professors had also cautioned. Thus, I suggested several changes to the legislation that would have limited its scope to truly bad actors while reducing the probability of burdening protected expression through “false positives.” Thanks in part to the efforts of Sen. Ron Wyden (D-Ore.), COICA never made it a floor vote last session.

Today, three U.S. Senators introduced a similar bill, entitled the PROTECT IP Act (bill text), which, like COICA, establishes new mechanisms for combating Internet sites that are “dedicated to infringing activities.” I’m glad to see that lawmakers adopted several of my suggestions, making the PROTECT IP Act a major improvement over its predecessor. While the new bill still contains some potentially serious problems, on net, it represents a more balanced approach to fighting online copyright and trademark infringement while recognizing fundamental civil liberties.

Some of the major differences between COICA and PROTECT IP include:

• Under COICA, a website would have been deemed “dedicated to infringing activities” if it had no “demonstrable, commercially significant purpose other than” (emphasis added) to facilitate infringing activities. PROTECT IP, however, only covers websites with “no significant use other than” to facilitate infringing activities. This slight change in wording may seem trivial, but it’s actually quite significant, as lots of blogs, forums, and other sites engaged in noncommercial, but still protected, speech that may well have been subject to domain name disabling under COICA would likely be in the clear under PROTECT IP. However, as Public Knowledge’s Sherwin Siy points out, PROTECT IP’s definition of sites “dedicated to infringing activities” remains overly broad, as it doesn’t explicitly exempt online intermediaries that are otherwise protected by the 17 U.S.C. § 512(c) safe harbor. A site operator that is not engaged in direct or willful secondary infringement should be exempt from actions taken under the PROTECT IP Act if the site abides by the DMCA notice and takedown process, has no actual knowledge of infringing activities, does not derive a financial benefit directly attributable to infringement, and does not induce infringement.

• PROTECT IP, unlike COICA, does not categorically deem websites “otherwise subject to civil forfeiture” under 18 U.S.C. § 2323 to be “dedicated to infringing activities.” Given the extraordinary breadth of section 2323, which permits the government to seize any  “property used, or intended to be used, in any manner or part to commit or facilitate the commission of” criminal copyright infringement, it’s a relief that language was removed.

• PROTECT IP requires that the Justice Department or a rights holder, in bringing an action against a site under the statute, attempt to commence an in personam action against the operator of an allegedly infringing website before an in rem action can be brought. From a due process perspective, this change is an improvement over COICA (which only provided for in rem actions), as it’s much more likely that an in personam action will provide a site operator with an opportunity to participate in an adversarial hearing prior to the issuance of a temporary restraining order or preliminary injunction requiring an intermediary to disable service to the site.

• PROTECT IP adds information location tools to the list of intermediaries that are required to disable service or cease linking to a website upon being served with a court order deeming the site “dedicated to infringing activities.” This provision would apply not only to search engines, but also to blogs, chat rooms, and message boards. Like COICA, PROTECT IP also applies to DNS operators, financial transaction providers, and Internet advertising services.

• PROTECT IP allows the Justice Department to take action only against nondomestic domain names. (DHS asserts that it is already empowered to seize domestic domain names in accordance with 18 U.S.C. § 2323, as it has done successfully on numerous occasions in recent months.)

• PROTECT IP contains a new private right of action under which a rights holder may seek a court order against any domain name. Actions initiated by rights holders, if successful, only require ad networks and/or payment processors – but not DNS servers or information location tools – to disable service to infringing sites.

Considering all the changes made to the bill, I’m inclined to disagree with commentators, such as Techdirt’s Mike Masnick, who’ve argued that the PROTECT IP, a.k.a. the “Son of COICA,” is worse than its father. On net, PROTECT IP appears to be less likely to impose incidental burdens on protected expression and more likely to afford website operators a chance to successfully challenge actions brought against their sites.

However, I’m still concerned about several aspects of PROTECT IP. Its private right of action, while limited in scope, may result in small websites whose users frequently post infringing content being targeted by costly, burdensome litigation initiated by rights holders. CDT’s David Sohn elaborates on the risks of creating a private right of action in his superb analysis of the bill.

The voluntary actions clause is also quite troubling, as I’ve argued before and as Wendy Seltzer argues on her blog. While I’m all for voluntary actions in principle, such actions should not override private contracts or terms of service agreements that would otherwise be enforceable.

It’s also unfortunate that the PROTECT IP Act does not include a cost reimbursement section, as I suggested last year, or at least an exemption for small entities. While the bill establishes an affirmative defense for an information location tools that doesn’t comply with an order “by showing that the defendant does not have the technical means to comply . . . without incurring an unreasonable economic burden,” it’s far from clear what exactly court would deem “unreasonable.” News of the Justice Department seeking injunctive relief against a small search site operator for failing to comply with a court order issued under PROTECT IP will have a chilling effect on all kinds of small-time Internet platforms.

As lawmakers consider the PROTECT IP Act in coming weeks and months, they should also revisit 18 U.S.C. § 2323, a civil forfeiture provision enacted in 2008 as part of the PRO-IP Act. This extraordinarily broad statute has recently been criticized by many legal scholars. Rep. Zoe Lofgren, among other legislators, has been very critical of the way in which seizures have been conducted. While seizures are certainly justified in some instances, the statute should be narrowed to include only websites “dedicated to infringing activities,” and it should require the government to attempt to commence in personam actions in all instances. Domain names aren’t movable property — unlike illegal drugs or weapons, there is no risk of a criminal “hiding” a domain name or destroying it before evidence of its illegality can be secured.

Update: The final version of the bill text changed the term “interactive computer service” to “information location tool,” which is a positive change. I’ve changed this essay slightly to reflect the distinction.

POLITICO reports that a bill aimed at combating so-called “rogue websites” will soon be introduced in the U.S. Senate by Sen. Patrick Leahy. The legislation, entitled the PROTECT IP Act, will substantially resemble COICA (PDF), a bill that was reported unanimously out of the Senate Judiciary Committee late last year but did not reach a floor vote. As more details about the new bill emerge, we’ll likely have much more to say about it here on TLF.

I discussed my concerns about and suggested changes to the COICA legislation here last November; the PROTECT IP Act reportedly contains several new provisions aimed at mitigating concerns about the statute’s breadth and procedural protections. However, as Mike Masnick points out on Techdirt, the new bill — unlike COICA — contains a private right of action, although that right may not permit rights holders to disable infringing domain names. Also unlike COICA, the PROTECT IP Act would apparently require search engines to cease linking to domain names that a court has deemed to be “dedicated to infringing activities.”

For a more in-depth look at this contentious and complex issue, check out the panel discussion that the Competitive Enterprise Institute and TechFreedom hosted last month. Our April 7 event explored the need for, and concerns about, legislative proposals to combat websites that facilitate and engage in unlawful counterfeiting and copyright infringement. The event was moderated by Juliana Gruenwald of National Journal. The panelists included me, Danny McPherson of VeriSign, Tom Sydnor of the Association for Competitive Technology, Dan Castro of the Information Technology & Innovation Foundation, David Sohn of the Center for Democracy & Technology, and Larry Downes of TechFreedom.

CEI-TechFreedom Event: What Should Lawmakers Do About Rogue Websites? from CEI Video on Vimeo.

User-driven websites — also known as online intermediaries — frequently come under fire for disabling user content due to bogus or illegitimate takedown notices. Facebook is at the center of the latest controversy involving a bogus takedown notice. On Thursday morning, the social networking site disabled Ars Technica’s page after receiving a DMCA takedown notice alleging the page contained copyright infringing material. While details about the claim remain unclear, given that Facebook restored Ars’s page yesterday evening, it’s a safe bet that the takedown notice was without merit.

Understandably, Ars Technica wasn’t exactly pleased that its Facebook page — one of its top sources of incoming traffic — was shut down for seemingly no good reason. Ars was particularly disappointed by how Facebook handled the situation. In an article posted yesterday (and updated throughout the day), Ars co-founder Ken Fisher and senior editor Jacqui Cheng chronicled their struggle in getting Facebook to simply discuss the situation with them and allow Ars to respond to the takedown notice.

Facebook took hours to respond to Ars’s initial inquiry, and didn’t provide a copy of takedown notice until the following day. Several other major tech websites, including ReadWriteWeb and TheNextWeb, also covered the issue, noting that Ars Technica is the latest in a series of websites to have suffered from their Facebook page being wrongly disabled. In a follow-up article posted today, Ars elaborated on what happened and offered some tips to Facebook on how it could have better handled the situation.

It’s totally fair to criticize how Facebook deals with content takedown requests. Ars is right that the company could certainly do a much better job of handling the process, and Facebook will hopefully re-evaluate its procedures in light of this widely publicized snafu. In calling out Facebook’s flawed approach to dealing with takedown requests, however, Ars Technica doesn’t do justice to the larger, more fundamental problem of bogus takedown notices.

As Mike Masnick explains on Techdirt, U.S. federal laws strongly discourage online intermediaries from trying to figure out if takedown notices are legitimate or not. If Facebook were to refuse to comply with a copyright takedown notice that subsequently turned out to be meritorious, it would lose its safe harbor provided for in 17 U.S.C. § 512(c). Should Facebook err in its judgment, therefore, it would potentially be on the hook for harsh copyright infringement penalties. In effect, the DMCA incentivizes what Masnick describes as “massive overreactions” by online intermediaries.

That’s not to say that there aren’t some simple steps Facebook could take to combat bogus takedown notices without exposing itself to additional liability, especially in “easy” cases, as Ars and others have argued. Verifying that takedown notices are associated with valid email addresses is one such step that Facebook apparently does not currently employ. Facebook could also be more responsive to users whose content has been disabled, at least when the content in question is highly visible.

Perhaps more importantly, Facebook should adopt a system for enabling users who believe their content has been wrongly disabled to file a counter notification. YouTube, for instance, has a slick online system that lets users challenge wrongful takedown requests. Under 17 U.S.C. § 512(g), an online service provider may restore previously-disabled content between 10 and 14 days after receipt of a valid counter notification if the content owner hasn’t initiated legal proceedings. It’s odd that Facebook hasn’t adopted an online counter notification system, especially given that service providers are shielded from liability if they respond to counter notices in accordance with section 512(g).

While it would be great if Facebook were to manually and thoroughly screen all user complaints and requests, expecting online intermediaries to pay for a live human being — say, an intellectual property lawyer or a paralegal — to vet the legal merits of each takedown notice is simply unreasonable. Facebook has more than 600 million active users, but a mere 2,000 or so employees (although that number may soon grow substantially). That’s over 300,000 users per employee!

And let’s not forget that Facebook is a free service. The company generated a scant $4 of revenue per user in 2010. Facebook’s going to have to do a much better job of monetizing its platform before we can reasonably expect it to vet legal requests on its users’ behalf. Even Google — with a head count and revenue more than ten times Facebook’s — is frequently chastised for not doing enough to identify bogus or otherwise invalid takedown notices. Based on some of the “horror stories” that have been reported recently, Ars Technica is lucky that Facebook restored its page within a day of its removal.

Even if Facebook improves its system, however, the underlying problem of bogus takedown notices is probably here to stay — that is, until Congress acts. Reopening the legislative debate over the DMCA is a risky gambit, but at least in theory, Congress could improve the statute by adopting some relatively minor tweaks.

First, the DMCA should do more to deter parties from filing invalid or bad faith DMCA takedown notices. Courts rarely punish parties for filing illegitimate takedown notices, as it is very difficult in practice to show  that a notice was filed in bad faith. All in all, the overwhelming majority of incidents of bogus takedown notices go unpunished, as I’ve discussed before on these pages.

Wendy Seltzer of Princeton’s Center for Information Technology Policy chronicled the chilling effects of DMCA takedown abuses in a recent Harvard Journal of Law & Technology article. She suggests a few legislative fixes to 17 U.S.C. § 512(f) to better balance the interests of users and rightsholders:

The law should require greater diligence: declarations on penalty of perjury to match those required by the respondent, and perhaps even a bond against erroneous claims. . . . Strengthening the counter-suit provisions could encourage a plaintiffs’ bar to take up these cases as private attorneys general. Stiffening the penalties against claimants who obtained takedowns through misrepresentation of infringement would encourage claimants to verify and support their claims of infringement or penalize them for failure to do so rather than allowing them to shift that burden to service providers and posters.

Congress should also create a safe harbor, notice-and-takedown system for online trademark infringement, as Elizabeth Levin has argued. While copyright takedown notices receive most of the attention in the IP debates, there’s no DMCA-esque process established in statute to provide for online intermediaries to disable and repost allegedly trademark-infringing content.

Consumers are buying more and more stuff from online retailers located out-of-state, and state and local governments aren’t happy about it. States argue that this trend has shrunk their brick and mortar sales tax base, causing them to lose out on tax revenues. (While consumers in most states are required by law to annually remit sales taxes for goods and services purchased out of state, few comply with this practically unenforceable rule).

CNET’s Declan McCullagh recently reported that a couple of U.S. Senators are pushing for a bill that would require many Internet retailers to collect sales taxes on behalf of states in which they have no “nexus” (physical presence).

In his latest Forbes.com column, “The Internet Tax Man Cometh,” Adam Thierer argues against this proposed legislation. He points out that while cutting spending should be the top priority of state governments, the dwindling brick and mortar tax base presents a legitimate public policy concern. However, Thierer suggests an alternative to “deputizing” Internet retailers as interstate sales tax collectors:

The best fix might be for states to clarify tax sourcing rules and implement an “origin-based” tax system. Traditional sales taxes are already imposed at the point of sale, or origin. If you buy a book in a Seattle bookstore, the local sales tax rate applies, regardless of where you “consume” it. Why not tax Net sales the same way? Under an origin-based sourcing rule, all sales would be sourced to the principal place of business for the seller and taxed accordingly.

Origin-based taxation is a superb idea, as my CEI colleague Jessica Melugin explained earlier this month in the San Jose Mercury News in an op-ed critiquing California’s proposed affiliate nexus tax:

An origin-based tax regime, based on the vendor’s principal place of business instead of the buyer’s location, will address the problems of the current system and avoid the drawbacks of California’s plan. This keeps politicians accountable to those they tax. Low-tax states will likely enjoy job creation as businesses locate there. An origin-based regime will free all retailers from the accounting burden of reporting to multiple jurisdictions. Buyers will vote with their wallets, “choosing” the tax rate when making decisions about where to shop online and will benefit from downward pressure on sales taxes. Finally, brick-and-mortar retailers would have the “even playing field” they seek.

Congress should exercise its authority over interstate commerce and produce legislation to fundamentally reform sales taxes to an origin-based regime. In the meantime, California legislators should resist the temptation to tax those beyond their borders. Might we suggest an awards show tax?

Origin-based sourcing is not without its detractors, but the arguments against it are weak. R. David L. Campbell, for instance, responds to Thierer’s Forbes.com column by claiming that origin-based taxation amounts to “taxation without representation,” because it would result in some consumers paying sales taxes despite having no say over the elected officials who established such taxes.

That’s true, but so what? Consumers who buy from retailers located out-of-state are already impacted by laws in those states all the time. For instance, DC residents cannot buy wine and have it shipped to them from any Pennsylvania-based retailer due to that state’s laws, even though the District of Columbia has fairly permissive laws regarding direct-to-consumer wine shipments from out-of-state.

Cconsumers who buy online also pay all sorts of indirect taxes. Consider that major electronics retailer Newegg.com, which is incorporated in California, paid $22m in state corporate income taxes in 2008. A big chunk of that $22m was passed on to out-of-state consumers who have no say over California tax rates. While most Newegg.com customers can’t vote in California, many of the firm’s thousands of employees can. The company is also better positioned than thousands of dispersed citizens to lobby state legislators for a favorable business climate.

Campbell also brings up the SSTP (Streamlined Sales Tax Project), an effort launched back in 2000 by a group states to establish a cooperative sales tax regime. While the project’s objective to “streamline” sales taxes is laudable in theory, it turns out — unsurprisingly — that getting dozens of state governments to get behind a simple, uniform, reciprocal sales tax regime is quite challenging in practice.

Joseph Henchman, the Tax Foundation’s Vice President of Legal & State Projects, discussed the project’s massive shortcomings in his 2009 testimony before the Maryland Legislature [emphasis in original]:

The SSTP already abandoned the notion of taxing like transactions alike when they adopted “destination sourcing” for online sales, but permitted states to adopt “origin sourcing” for intrastate sales. This in effect requires Internet companies to collect sales taxes based on where their customer is located, but allows brick-and-mortar stores to collect sales taxes based on where the store is located. In this way, the SSTP prevents a level playing field between Internet business and brick-and-mortar businesses.

Coupled with the SSTP’s non-worry about reducing the number of jurisdictions . . . full implementation of the SSTP at this time, without serious reforms, could result in a serious and inequitable burden on e-commerce. . . . The SSTP has not accomplished its mission. The SSTP should look again at serious simplification efforts before declaring themselves a success and seeking to expand state taxing power. . . . Neither the wholesale adoption nationwide of uniform sales tax statutes, nor the development of a working alternative that provides the certainty needed for long-term investment, are likely in the foreseeable future.

While the SSTP has made some progress in the last couple of years, it continues to encounter resistance from state governments, and sales taxes remain exceedingly complex.

Congress could address the issue in a far simpler manner by enacting legislation that provides for origin-based taxation. Dr. Michael S. Greve, the John G. Searle Scholar at the American Enterprise Institute (and the Chairman of the Competitive Enterprise Institute) wrote a superb study in 2003, Sell Globally, Tax Locally, in which he articulates the case for origin-based taxation in painstaking detail. Greve discusses the importance of tax competition and dismisses the “race to the bottom” argument on pages 26 to 28:

By rendering sellers indifferent to the local tax, destination-based taxation minimizes tax competition. Under an origin-based regime, in contrast, sellers in a low-tax jurisdiction enjoy a competitive advantage. States and countries will seek to attract firms by offering a low tax rate. As jurisdictions attempt to stem the flight of business firms into lowtax jurisdictions, sales taxes will spiral downward. If sellers are perfectly mobile and transaction costs (such as shipping cost) are negligible, the equilibrium tax rate—all else equal—is zero. This “race to the bottom” argument is the sum and substance of the case for destination-based taxation and the true reason why governments consistently and vociferously oppose origin-based taxation. But the argument is unpersuasive.

First of all, all else is not in fact equal. We would probably see the zero-tax equilibrium if sellers were entirely free to designate their home state, or to designate their place of incorporation as their home state. The principal-place-of-business rule, in contrast, disciplines the sellers’ choices. As already suggested, sales taxes are one element in a bundle of services and obligations that are offered by each jurisdiction. A jurisdiction that provides an educated labor force, an excellent infrastructure, a favorable regulatory environment, a sensible and efficient judicial system, or sufficient “quality of life” benefits may be able to exact a sales tax or its economic equivalent. . . . An unattractive jurisdiction that drives up the cost of doing business, meanwhile, will be unable to compensate those selfinflicted disadvantages by becoming a “sales tax haven.”

More fundamentally, one cannot assume that the downward pressure on tax competition necessarily translates into a race to the bottom. Under certain (heroic) assumptions, tax competition may compromise local governments’ ability to finance public goods; in that event, the race is to the bottom. But . . . it is equally plausible . . . to welcome tax competition as a much-needed discipline and countervailing force to local rent-seeking and interest group exploitation. Under these more realistic assumptions, tax competition reduces the “political residuum” that is available to local politicians for purposes of redistribution—without, at the same time, compromising local governments’ abilities to levy taxes, akin to user fees, to finance public goods.

It is true that destination-based systems also curtail some tax competition. The local tax mix, including the sales tax, will be a factor in the citizens’ (though not firms’) locational decisions. . . . In many cases, though, firms may be more responsive to changes in the local tax structure—and to advantageous changes in “foreign” jurisdictions—than are individual citizens. A 2-percent local sales tax hike may not induce an individual to move. . . . That same increase, though, may have a rather dramatic effect on firms’ locational decisions.

States compete for citizens and firms on any number of margins—environmental regulation, labor regulation, business and income taxes. All elements of the regulatory and tax environment operate as factors for local firms. Countless government decisions provide firms with competitive advantages or disadvantages and, at the margin, shape business decisions to locate in a given state or locality.

Amen.

Like Milton, I’m very worried about the political vulnerabilities that might arise if the wireless sector grows more concentrated. Still, I think it’s a big mistake to legitimize one repressive incarnation of coercive state power (antitrust intervention) to reduce the likelihood that another incarnation (information control) will intensify. This approach is not only defeatist, as Hance argues, but it also requires a tactical assessment that rests on several dubious assumptions.

First, Milton overestimates the marginal risk that the AT&T – T-Mobile deal will pave the way for an information control regime. The wireless market isn’t static; the disappearance of T-Mobile as an independent entity (which may well occur regardless of whether this deal goes through) hardly means we’re forever “doomed” to live with 3 nationwide wireless players. With major spectrum auctions likely on the horizon, and the possibility of existing spectrum holdings being combined in creative ways, the eventual emergence of one or more nationwide wireless competitors is quite possible — especially if, as skeptics of the AT&T – T-Mobile deal often argue, the wireless market underperforms in the years following the acquisition.

More importantly, network operators, like almost all Internet gatekeepers, face mounting pressure from their users not to facilitate censorship, surveillance, and repression. Case in point: AT&T is a leading member of the Digital Due Process coalition (to which I also belong) that’s urging Congress to substantially strengthen the 1986 federal statute that governs law enforcement access to private electronic communications. Consider that AT&T’s position on this major issue is officially at odds with the official position of the same Justice Department that’s currently reviewing the AT&T – T-Mobile deal. Would a docile, subservient network operator challenge its state overseers so publicly?

Or take Google. Arguably, it’s an enormously important gatekeeper — in many respects, it’s an even greater “chokepoint” than any single network operator — but the firm has held strong against substantial pressures from the U.S. government to facilitate censorship and surveillance. (See, e.g.: Google’s successful 2006 challenge to a Justice Department request seeking search query logs; Google’s recent refusal to remove DUI apps from its Android market; Google’s widely noted hesitance toward censoring search results absent a lawfully issued takedown request; Google’s 2010 joint amicus brief urging a federal district court to reject a Justice Department subpoena seeking to compel Yahoo! to disclose the contents of a user’s opened emails).

I could go on. The point is that large network operators are often willing to vigorously resist — both in private and in public — governmental demands that they facilitate information control. Working in cahoots with unpopular governmental actors is terrible PR; some major players seem to think it’s bad for business, too.

It’s often overlooked that antitrust intervention deprives us of beneficial competitive reactions to business deals — even deals that, viewed in isolation, appear to be “harmful.” The consequence of the AT&T – T-Mobile deal won’t simply be the two companies operating as a single entity; the deal will also force rivals to respond in unforeseeable ways that will tend to benefit consumers and fuel innovation. As Hance reminds us, this virtuous cycle of Schumpeterian creative destruction is fundamental to the long-term evolution of markets. When government blocks proposed business arrangements, it contributes to stasis — and static markets tend to be much easier to regulate and control than relatively dynamic markets.

To be sure, if the combination of AT&T and T-Mobile exacerbates political pressures for imposing a network information control regime, we cyber-libertarians should fight back vigorously. Turning to antitrust intervention to keep markets relatively unconcentrated — and, hence, more difficult to regulate — is a mistake.

If you welcome the growing pressures for regulating business arrangements in the high-tech sector, an emboldened antitrust regime is just what the doctor ordered.

In the ongoing copyright debates, areas of common ground are seemingly few and far between. It’s easy to forget that not all approaches to combating copyright infringement are mired in controversy. One belief that unites many stakeholders across the spectrum is that more efforts are needed to educate Internet users about copyright. The Internet has spawned legions of amateur content creators, but not all of the content that’s being created is original. Indeed, a great deal of online copyright infringement owes to widespread ignorance of copyright law and its penalties.

For its part, Google yesterday unveiled “Copyright School” for YouTube users. As Justin Green explains on the official YouTube blog, users whose accounts have been suspended for allegedly uploading infringing content will be required to watch this video and then correctly answer questions about it before their account will be reinstated:

Of course, boiling down the basics of copyright into a four and a half minute video is not an easy task, to put it mildly. (The authoritative treatment of copyright law, Nimmer on Copyright, fills an 11-volume treatise.) Copyright geeks and fans of “remix culture” will appreciate that Google’s video touches on fair use and includes links to in-depth resources for users to learn more about copyright. It will be interesting to see how Google’s effort influences the behavior of YouTube users and the incidence of repeat infringement.

Update: EFF’s Corynne McSherry has an essay up on the Deeplinks blog arguing that YouTube’s Copyright School video omits several important facts about copyright. She raises several very good points, but the unfortunate reality of copyright law is that uploading content that’s not substantially original — even in cases that might constitute fair use — is legally risky, particularly for those who aren’t familiar with copyright law. While I’d love to see YouTube create a follow-up video that explains fair use doctrine in an accessible manner, Google’s decision to urge YouTube uploaders to err on the side of caution is quite reasonable in light of the severity of the statutory penalties for copyright infringement.

The Competitive Enterprise Institute and TechFreedom are hosting a panel discussion this Thursday featuring intellectual property scholars and Internet governance experts. The event will explore the need for, and concerns about, recent legislative proposals to give law enforcement new tools to combat so-called “rogue websites” that facilitate and engage in unlawful counterfeiting and copyright infringement.

Video of the event will be posted here on TechLiberation.com.

Space is very limited. To guarantee a seat, please register for the event by emailing nciandella@cei.org.

In the latest example of big government run amok, several politicians think they ought to be in charge of which applications you should be able to install on your smartphone.

On March 22, four U.S. Senators sent a letter to Apple, Google, and Research in Motion urging the companies to disable access to mobile device applications that enable users to locate DUI checkpoints in real time. Unsurprisingly, in their zeal to score political points, the Senators—Harry Reid, Chuck Schumer, Frank Lautenberg, and Tom Udall—got it dead wrong.

Had the Senators done some basic fact-checking before firing off their missive, they would have realized that the apps they targeted actually enhance the effectiveness of DUI checkpoints while reducing their intrusiveness. And had the Senators glanced at the Constitution – you know, that document they swore an oath to support and defend – they would have seen that sobriety checkpoint apps are almost certainly protected by the First Amendment.

While Apple has stayed mum on the issue so far, Research in Motion quickly yanked the apps in question. This is understandable; perhaps RIM doesn’t wish to incur the wrath of powerful politicians who are notorious for making a public spectacle of going after companies that have the temerity to stand up for what is right.

Google has refused to pull the DUI checkpoint finder apps from the Android app store, reports Digital Trends. Google’s steadfastness on this matter reflects well on its stated commitment to free expression and openness. Not that Google’s track record is perfect on this front – it’s made mistakes from time to time – but it’s certainly a cut above several of its competitors when it comes to defending Internet freedom.

Advance Publicity & DUI Checkpoints

Trying to keep the locations of DUI checkpoints secret is bad public policy. Contrary to the Senators’ assertion that “applications that alert users to DUI checkpoints” are “harmful to public safety,” there is zero evidence that publicizing sobriety checkpoints contributes to drunk driving accidents.

If anything, advance publicity actually saves lives. DUI checkpoints aren’t primarily about catching drunk drivers, but about deterring drunk driving in the first place. When drivers know that police have set up checkpoints nearby, they’re likely to think twice about getting behind the wheel. Instead, they might hail a cab or catch a ride from a sober friend.

The California Supreme Court recognized in Ingersoll v. Palmer that DUI checkpoints are designed to deter drunk driving:

The stated goals of several law enforcement agencies explicitly point to deterrence as a primary objective of the checkpoint program. The Burlingame manual described the objectives of its program, noting the historical use of roving patrols as the principal law enforcement response to the drunk driving problem… Two major goals of the checkpoint as stated in the manual were to increase public awareness of the seriousness of the problem and to increase the perceived risk of apprehension.

The Ingersoll court further stated with regard to the checkpoints that, “advance publicity is important to the maintenance of a constitutionally permissible sobriety checkpoint. Publicity both reduces the intrusiveness of the stop and increases the deterrent effect of the roadblock.”

California is not alone in focusing on the deterrent effect of DUI checkpoints. In 1990, shortly after the U.S. Supreme Court upheld the constitutionality of certain kinds of DUI checkpoints in Michigan Department of State Police v. Sitz, the National Highway Traffic Safety Administration (NHTSA) published a document (PDF) laying out guidelines for police in conducting sobriety checkpoints. NHTSA’s model sobriety checkpoint guidelines include the following section:

C. ADVANCE NOTIFICATION 1. For the purpose of public information and education, this agency will announce to the media that checkpoints will be conducted. 2. This agency will encourage media interest in the sobriety checkpoint program to enhance public perception of aggressive enforcement, to heighten the deterrent effect and to assure protection of constitutional rights.

Indeed, police departments routinely publicize information about DUI checkpoints in local newspapers and other media outlets. Many police officers think such publicity is beneficial to law enforcement. Take Indiana State Police Sgt. Dave Burstein, who brushed off the Senators’ concerns about DUI checkpoint apps, saying to local news affiliate WXIN-TV, “Let everybody know they’re there because the whole idea is to get voluntary compliance.”

Regulation Through Intimidation

The Senators’ letter isn’t just uninformed and irresponsible, it’s also arrogant – a prime example of regulation through intimidation. When politicians want to dictate behavior but know they cannot lawfully legislate or regulate it, a widely favored tactic is to demonize the target by sending a threatening letter accompanied by a vitriolic press release. When that doesn’t get the job done, politicians hold congressional hearings to publicly rake the alleged wrongdoers over the coals. This reprehensible strategy has long been used to suppress constitutionally protected speech in ways that, if legislated, would almost certainly be overturned by courts on First Amendment grounds. As former U.S. Senator Paul Simon warned in 2003:

I have no problem with holding hearings and putting on pressure. But the problem with holding hearings and putting on pressure is that most of the members have no sensitivity on the First Amendment…The only oath we take says that we promise to support and defend the Constitution of the United States against all enemies, foreign and domestic. The domestic enemies of the Constitution are often on the floor of the House and the Senate.

In a free society, it is unacceptable for a handful of Senators to attempt to dictate mobile app store decisions without a floor vote or any judicial oversight. Lawmakers’ function is to make laws, not exploit their bully pulpit to try to coerce private businesses into doing their bidding. If voters let these politicians get away with going after DUI checkpoint apps, which politically unpopular apps will be next? A ban on apps that locate abortion clinics? A ban on apps that locate handgun dealers? It’s a scary slippery slope, as ACT’s Morgan Reed reminds us.

If Reid, Schumer, Lautenberg, and Udall want to examine a serious threat to public safety, they should look in the mirror. Meanwhile, they should leave mobile app stores alone. The Washington Times nailed it in a recent editorial:

Real drunk drivers deserve severe punishment, but the best way to catch them is to respect the Fourth Amendment. Instead of having cops stand around behind barricades interrogating soccer moms, have them patrol the streets looking for evidence of impaired driving. It works. In the meantime, high-tech companies ought to email these senators a free Constitution app for their smart phones.

Amen.

The smartphone is arguably one of the most empowering and revolutionary technologies of the modern era. By putting the processing power of a personal computer and the speed of a broadband connection into a device that fits in a pocket, smartphones have revolutionized how we communicate, travel, learn, game, shop, and more.

Yet smartphones have an oft-overlooked downside: when they end up in the wrong hands, they offer overreaching agents of the state, thieves, hackers, and other wrongdoers an unparalleled avenue for uncovering and abusing the volumes of sensitive personal information we increasingly store on our mobile phones.

Over on Ars Technica, I have a long feature story that examines the constitutional and technical issues surrounding police searches of mobile phones:

Last week, California’s Supreme Court reached a controversial 5-2 decision in People v. Diaz (PDF), holding that police officers may lawfully search mobile phones found on arrested individuals’ persons without first obtaining a search warrant. The court reasoned that mobile phones, like cigarette packs and wallets, fall under the search incident to arrest exception to the Fourth Amendment to the Constitution.

California’s opinion in Diaz is the latest of several recent court rulings upholding warrantless searches of mobile phones incident to arrest. While this precedent is troubling for civil liberties, it’s not a death knell for mobile phone privacy. If you follow a few basic guidelines, you can protect your mobile device from unreasonable search and seizure, even in the event of arrest. In this article, we will discuss the rationale for allowing police to conduct warrantless searches of arrestees, your right to remain silent during police interrogation, and the state of mobile phone security.

You can read the full essay on Ars Technica here. And while you’re at it, I highly recommend watching this informative YouTube video that explains why it’s not a good idea to talk to police:

Amazon made headlines last week when it abruptly cut off service to Wikileaks, allegedly on the grounds that the site had violated Amazon’s terms of acceptable use. However, Amazon’s supposedly “voluntary” decision came less than 24 hours after Amazon received a phone call from Senate Homeland Security Committee staff (at the behest of Sen. Joe Lieberman) inquiring about the firm’s relationship with Wikileaks. According to a report in The Guardian, Amazon’s decision to terminate service to Wikileaks was a “reaction to heavy political pressure.”

That’s not all. Glenn Greenwald reported last week on Salon.com that another Internet company, Tableau Software, also decided to disable service to Wikileaks because of pressure from Joe Lieberman. Unlike Amazon, Tableau admitted that its decision was directly prompted by pressure from Lieberman. From Tableau’s statement:

Our decision to remove the data from our servers came in response to a public request by Senator Joe Lieberman, who chairs the Senate Homeland Security Committee, when he called for organizations hosting WikiLeaks to terminate their relationship with the website.

It’s difficult to see Joe Lieberman’s “public request” as anything but a thinly-veiled threat. Case in point: In addition to his staffers’ phone calls, Lieberman went on MSNBC last week, stating bluntly, “we’ve got to put pressure on any companies … which provide access to the Internet to Wikileaks.”

As Chairman of the Senate Homeland Security Committee, Lieberman is in a uniquely powerful position to push for legislation that might harm private firms like Amazon. He can also hold Congressional hearings, which frequently turn into public spectacles and garner massive media coverage. A company’s CEO enduring a congressional grilling on Capitol Hill can significantly impact that firm’s public image — and, in some cases, its stock price as well. While no individual Senator has the power to enact laws, promulgate rules, or enforce regulations, a single crusading politician can arguably cause cognizable harm to any U.S. company that pushes back against “requests” to suppress unfavorable content.

How does this implicate the First Amendment? As EFF’s Rainey Reitman and Marcia Hofmann pointed out on the DeepLinks blog, “The First Amendment to the Constitution guarantees freedom of expression against government encroachment — but that doesn’t help if the censorship doesn’t come from the government.”

There’s an important caveat to this point, however: When government coerces private entities into suppressing protected speech, it can trigger First Amendment scrutiny. Via my colleague (and First Amendment guru) Hans Bader:

In First Amendment cases, not only the party bound by a settlement or regulation, but also people whose speech or access to information is affected by it, have the right to challenge its restrictions.  (See Korb v. Lehman, 919 F.2d 243 (4th Cir. 1990) (A private employee could sue a government official under the First Amendment for pressuring his private employer to fire him for his speech, even though private employers can voluntarily terminate employees for their speech when the employer is not operating under government pressure); and Truax v. Raich, 239 U.S. 33 (1916) (The Supreme Court held a state government liable under the Constitution for pressuring a private employer to fire a private employee based on his being an alien, even though his employer could have voluntarily dismissed him without violating any law)).

Of course, as an elected legislator, Lieberman enjoys fairly broad First Amendment rights to express his own political views. As the Supreme Court ruled in Bond v. Floyd:

The manifest function of the First Amendment in a representative government requires that legislators be given the widest latitude to express their views on issues of policy.

While Lieberman’s tirade against Wikileaks was certainly related to matter of public policy, was he actually expressing an opinion on policy? Or was he simply threatening private firms for facilitating the dissemination of speech he didn’t like? Legislators rightly enjoy broad leeway to speak their minds about legislative matters and criticize their political opponents, but should a legislator’s own First Amendment rights enable him to trample the First Amendment rights of private citizens engaged in political discourse?

If the First Amendment doesn’t protect Sen. Lieberman’s attack on Wikileaks, he may still be immune from suit. Under the doctrine of qualified immunity, government officials including legislators cannot be held personally liable or forced to stand trial for committing unlawful actions in their official, non-legislative capacity unless they violate “clearly established law.” Legislators also enjoy absolute immunity for actions they undertake in a legislative capacity.

As the former Connecticut Attorney General, Sen. Lieberman should have known full well that his actions were directly antithetical to Wikileaks’ First Amendment rights. As such, a court might find that his conduct is not covered by qualified immunity. Consider, for instance, this excerpt from a ruling by the Eighth Circuit in Zilich v. Longo (34 F.3d 359):

We also agree with the findings of the district court that Zilich’s First Amendment right of free speech was “clearly established” for qualified immunity purposes. The law is well settled in this Circuit that retaliation under color of law for the exercise of First Amendment rights is unconstitutional, and “retaliation claims” have been asserted in various factual scenarios.

Even if Lieberman is covered by qualified immunity, however, Wikileaks might still be able to obtain an injunction to prevent Lieberman from making any further statements pressuring private companies to terminate service to Wikileaks. While this wouldn’t undo the harm the site has already suffered on account of Lieberman’s “public request,” it would still mark an important symbolic victory for Wikileaks — and for the First Amendment.

A crucial question in determining whether Wikileaks has grounds for a First Amendment claim against Lieberman is whether the site’s ongoing dissemination of the 250,000 leaked cables is protected by the First Amendment. On one hand, Julian Assange may be guilty of violating the Espionage Act of 1917, as Sen. Dianne Feinstein argues forcefully in an op-ed in today’s The Wall Street Journal. On the other hand, the Wikileaks website may well enjoy the same First Amendment protection that the publication of the Pentagon Papers was found by the Supreme Court to enjoy in New York Times Co. v. United States. Via the WSJ Law Blog, which recently interviewed Jack Balkin of Yale Law School:

On the First Amendment question, Balkin said most First Amendment lawyers would say that preventing the publication of material “is justified only where absolutely necessary to prevent almost immediate and imminent disaster. It’s an extremely high standard.” Balkin said that the standard for exacting criminal punishment or winning a civil injunction after publication, as might be the situation in the WikiLeaks case, is less settled. “But one assumes the standard is going to be very very high too.”

An interesting 2005 opinion from the Eighth Circuit (Dossett v. First State Bank, 399 F.3d 940) suggests that Wikileaks might even have a case against Amazon as well, depending on the specific nature of the interactions between Amazon and Sen. Lieberman’s office. Under 42 U.S.C. § 1983, private entities may face civil action if they conspire with government to deprive anybody within U.S. jurisdiction of their constitutional rights. Under Dossett, if Amazon “willfully participated with state officials and reached a mutual understanding concerning the unlawful objective of a conspiracy,” Wikileaks may be able to collect damages for harm it incurred due to Amazon’s termination of its service.

Whether Lieberman’s actions are legal or not — and whatever you think about Wikileaks in general — his efforts to coerce private companies to terminate service to Wikileaks should deeply concern anybody who cares about free speech. As Glenn Greenwald put it:

That Joe Lieberman is abusing his position as Homeland Security Chairman to thuggishly dictate to private companies which websites they should and should not host — and, more important, what you can and cannot read on the Internet — is one of the most pernicious acts by a U.S. Senator in quite some time.

Unfortunately, this is just the latest instance of a politician “thuggishly” pressuring a private firm to stifle speech. A few months ago, I wrote about a group of state attorneys general successfully bullying Craigslist into terminating its legal “adult services” section. And back in 2008, I wrote about former New York Attorney General Andrew Cuomo strong-arming Usenet providers into shutting down dozens of newsgroups in their entirety simply because they contained a handful of illegal files.

A victory for Wikileaks against Joe Lieberman would set a powerful precedent discouraging thuggish politicians from campaigning against Internet sites protected by the First Amendment.

By Ryan Radia and Wayne Crews

Today, the European Commission opened a formal antitrust investigation into Google to probe allegations that the firm rigged its search engine to discriminate against rivals. This intervention in the online search market, however, will distort the market’s evolution, discourage competitors from innovating, and ultimately hurt consumers.

Google isn’t a monopoly now, but the more it tries to become one, the better it will be for us all. When capitalist enterprises strive to earn a bigger market share, rival firms are forced to respond by trying to improve their offerings. Even if Google is delivering biased search results, it is only paving the way for competitors to break into the search market.

The European Commission is wrong to assume that Google possesses monopoly power. Google accounts for just 6 percent of all dollars spent on advertising in Europe. And even loyal Google users regularly find websites through competing search engines like Bing or through social websites like Facebook and Twitter.

Before resorting to tired old competition laws, European policy makers should remember that the Internet economy is hardly understood by anybody—including by regulators. We are in terra incognita; no one knows how information markets will evolve. But one thing is for sure: Online search technology cannot evolve properly if it is improperly regulated. Why make risky investments in hopes of revolutionizing Internet markets if marvelous success means regulation and confiscation?

The real threat to consumers is not from successful high-tech firms like Google, but from overreaching government interventions into competitive market processes. As economists have documented in scholarly journals, antitrust intervention is especially problematic in the information age, because it severely underestimates the critical role of innovation in dynamic high-tech markets.

In the information age, ingenuity—not market power—is the key to success. America’s high-tech sector is strewn with former market leaders who were no match for the relentless forces of creative destruction. Rapid, unpredictable change is the hallmark of the modern digital economy. Google may be on top in many high-tech markets today, but it won’t stay there for long unless it keeps innovating and delivering a superior search product.

On November 18, the Senate Judiciary Committee unanimously approved the “Combating Online Infringements and Counterfeits Act” (COICA). The bill would enable the U.S. Attorney General to obtain a court order disabling access to web domains that are “dedicated to infringing activities.”

These “rogue websites” are a real problem, as the website Fight Online Theft explains, so it’s a good thing that Congress is working to address them. However, some of COICA’s provisions raise profound constitutional concerns, and the bill lacks adequate safeguards to protect against the unwarranted suspension of Internet domain names, as the website Don’t Censor the Net argues. The bill also doesn’t provide a mechanism for website operators targeted by the Attorney General to defend their site in an adversary judicial proceeding. This week, a group of over 40 law professors submitted a letter to the U.S. Senate arguing that COICA, in its current form, suffers from “egregious Constitutional infirmities.”

To address these concerns, CEI is urging Congress to amend COICA to provide for more robust safeguards, including:

• ŸProviding a meaningful opportunity for Internet site operators to challenge before a federal court an Attorney General’s assertion that their site is “dedicated to infringing activities” prior to the suspension of their domain name;

• Requiring that the Attorney General, upon commencing an in rem action against a domain name, make a reasonable and good faith effort to promptly notify the site’s actual operator of the action;

• Clarifying the definition of an Internet site “dedicated to infringing activities” to ensure that websites with nontrivial lawful uses that facilitate infringing acts by third parties will not face domain name suspension if their operators:
  • Comply with legitimate takedown requests from rightsholders;
  • Do not receive a financial benefit directly attributable to infringing activities;
  • Do not design their site primarily for the purpose of facilitating infringing activities; and
  • Do not induce infringing activities.

• Instructing the Department of Justice and federal prosecutors not to request that domain name registrars, registries, or service providers suspend domain names that have not been deemed to be “dedicated to infringing activities,” or otherwise unlawful, by a federal court; and

• Requiring the Department of Justice to compensate domain name registrars, registries, and service providers for any reasonable costs they incur in the course of disabling access to infringing domain names.

EDIT 11/24/10: After reviewing in greater detail the amended version of the bill (PDF), I’d like to suggest a sixth change:

• Eliminating the “Voluntary Actions” clause, which grants blanket immunity from civil liability to any domain name registry, registrar, financial provider, or ad service that “voluntarily” disables a website that it reasonably believes to be dedicated to infringing activities.

The FCC proposed new rules today aimed at combating wireless “bill shock,” a term that describes mobile subscribers getting hit with overage charges they didn’t anticipate. The proposed rules would require wireless providers to create a system for alerting customers when they are about to incur extra usage charges for voice, text, data, or roaming.

I can certainly see why some consumers may be frustrated with wireless pricing practices. But this frustration hardly constitutes evidence that the mobile marketplace is actually failing. Yes, mobile carriers sometimes make mistakes, and they probably need to do more to ensure their customers understand how overage charges work.

Competitive forces, however, are far better equipped than federal regulators to punish providers that engage in genuinely harmful practices. And if the federal government must “do something” about bill shock, educating mobile subscribers about where to locate and track their usage information is a far better approach than prescriptive, burdensome federal regulation.

Hypocritically, even as the FCC tries to reign in bill shock, its own policies are harming consumers far more than any wireless industry practices. The FCC has again and again put off spectrum auctions that would enable mobile providers to offer better services at lower prices. As a result, consumers are suffering to the tune of billions of dollars each year. Economists Thomas Hazlett and Roberto Munoz published a study last year in which they concluded that U.S. wireless prices would decline by 8% if the FCC were to allocate an additional 60mhz of spectrum to mobile telephony.

If the FCC truly cares about wireless subscribers, rather than simply grandstanding against competitive (if imperfect) mobile carriers, the Commission’s top priority should be to aggressively free up the airwaves.

Last week, I had the pleasure of discussing net neutrality with James Boyle, a Duke Law Professor and the co-founder of the Center for the Study of the Public Domain, and Paul Jones, the director of ibiblio, on WUNC’s The State of Things radio program. Our hour-long discussion touched on a number of important tech policy topics, and I highly recommend giving the show a listen (download the MP3 here) if you’re interested in hearing the insights of two very thoughtful scholars and critics of cyber-libertarianism.

I’m a big admirer of Boyle and Jones, who’ve both done a lot of excellent work studying copyright and public domain in the information age. While I don’t share their views on the merits of net neutrality regulation — or, perhaps, of government regulation in general — there’s much common ground between us on many issues, including intellectual property, free speech, and government surveillance.

For folks who don’t want to spend an hour listening to our discussion, I’ve typed up a brief summary of the questions we attempted to tackle in our discussion and the various arguments we raised. My apologies if I’ve mischaracterized any arguments or statements  — if you want to know what was actually said, go listen to the whole interview!

• What role should government play in regulating the Internet? I argue its proper role is to enforce voluntary arrangements (Terms of Service) and, when appropriate, enforce civil judgments against firms that have broken their promises. Boyle, on the other hand, argues that government should enforce not only contracts but also net neutrality rules because last-mile Internet service is a natural monopoly and consumers often don’t understand what they’re getting, which means that socially desirable contracts aren’t likely to emerge. I respond by citing Thomas DiLorenzo’s critique of the natural monopoly hypothesis and pointing out that government has obstructed ISP competition by allocating spectrum inefficiently and imposing excessive costs on wireline ISPs through burdensome rights-of-way and franchising rules.

• Why did Google retreat on its commitment to net neutrality in joining with Verizon to exempt wireless services from neutrality regulation? Boyle argues it’s because Google realized the future of communications is mobile and believed it needed to compromise with Verizon (America’s biggest wireless carrier). Jones points out that the Google-Verizon proposal isn’t a business agreement, but a compromise designed to address the conflicting interests of various stakeholders. I argue that Google recognized that government discrimination among competing business models and platforms is a greater danger to consumers than provider discrimination, and that real innovation occurs when we allow ‘walled gardens’ such as the iPhone to co-evolve with open platforms like Android — the “Yin and Yang” of innovation, as Bret Swanson puts it. Boyle argues that proprietary platforms and exclusionary deals between content and service providers hinder disruptive innovation and digital generativity. He cites the financial crisis as an example of inadequate regulation resulting in bad outcomes that might have not have occurred had there been greater oversight.

• Does collusion among large, powerful Internet corporations help or harm consumers and innovation? Jones cites Adam Smith’s The Wealth of Nations in arguing that, without government regulation, mega-corporations will collude and carve up the marketplace, hindering innovation and progress. I argue that leaving companies free to try to “carve up markets” actually spurs beneficial competitive responses and promotes destructive market entry, even if the process isn’t always pretty. I argue that the forces arrayed against today’s major companies–competitors, consumers, suppliers, downstream partners–make it impossible for any entity or group of entities to engage in any truly abusive practices without suffering harsh punishment.

• Will entrepreneurs and innovators even be able to get off the ground if corporations have unlimited control over Internet applications and content? I argue that government policies, such as the DMCA’s anti-circumvention provisions, are a major part of the problem because they distort natural market outcomes and prop up bad business models. Boyle agrees that these provisions are seriously problematic, calling DMCA a “lawyers’ full employment act.” He points out that many of the most important innovations of the last couple of decades — Google, Facebook, Twitter, and so forth — came about precisely because of the Internet’s openness and dynamism. I argue that the openness that characterizes the Internet is indeed desirable in many ways, but that voluntary institutions can offer open platforms without being forced to do so by government. I point out that network operators who hinder the value of the content that traverses their pipes do so at their own peril, and that infrastructure and content companies actually have a symbiotic relationship, rather than an adversarial one. Jones argues that because many ISPs are also content companies, they have an incentive to privilege their own content at the expense of competing offerings. I point out that consumer demand for Internet video outlets (i.e. YouTube and Hulu) deters providers from slowing down Internet-delivered content. Boyle argues that the continued existence of the open Internet is crucial in ensuring that the ‘walls’ that enclose walled gardens don’t grow too tall.

• Shouldn’t we treat the Internet like a public utility — a road on which all can travel? I argue that treating the Internet like a public utility, like we already treat roads, raises the dilemma of the tragedy of the commons. I point out that many private roads already exist today without the ‘tollbooths’ that neutrality advocates fear. Jones points out that the real tragedy is one of unregulated commons which lack adequate rules. Boyle argues that the economics of physical property (scarce goods) cannot readily be mapped to networks and calls the Internet a “comedy of the commons” (borrowing from Carol Rose). I argue that government-run commons have a poor track record, from highways to the wi-fi band, and that the success of network industries requires smart investment and innovation that government isn’t well-equipped to deliver. Boyle argues that not all resources must be owned if they’re to be efficiently utilized, citing the emergence of free trade with India and China in the 1700s and the subsequent collapse of state-chartered trading monopolies. Boyle argues that tomorrow’s “next great thing” may never emerge if the openness of today’s Internet isn’t enshrined in regulation.

If you store sensitive files on your personal computer which law enforcement authorities wish to examine, they generally cannot do so without first obtaining a search warrant based upon probable cause.  But what if you store personal information online—say, in your Gmail account, or on Dropbox? What if you’re a business owner who uses Salesforce CRM or Windows Azure? How secure is your data from unwarranted governmental access?

Both the U.S. Senate and the House of Representatives are investigating these crucial questions in two separate hearings this week.  Congress hasn’t overhauled the privacy laws governing law enforcement access to information stored with remote service providers since 1986.  The Electronic Communications Privacy Act (ECPA), the key federal law governing electronic privacy, has grown increasingly out of touch with reality as technology has evolved and Americans have grown increasingly reliant on cloud services like webmail and social networking.  As a result, government can currently compel service providers to disclose the contents of certain types of information stored in the cloud without first obtaining a search warrant or any other court order requiring the scrutiny of a judge.

Thus, the Competitive Enterprise Institute has joined with The Progress & Freedom Foundation, Americans for Tax Reform, Citizens Against Government Waste, and the Center for Financial Privacy and Human Rights in submitting a written statement to the U.S. Senate and House Judiciary Committees urging Congress to reform U.S. electronic privacy laws to better reflect users’ privacy expectations in the information age.  The groups also belong to the Digital Due Process coalition, a broad array of public interest organizations, businesses, advocacy groups, and scholars who are working to strengthen U.S. privacy laws while also preserving the building blocks of law enforcement investigations.

ECPA Statement (House Judiciary Subcommittee on the Constitution, Civil Rights, and Civil Liberties)

As the Internet evolves and new data collection technologies emerge, privacy concerns are increasingly in the spotlight. Few doubt that these concerns are, in many cases, legitimate. The major point of contention is which institutions in society are best equipped to address the privacy challenges of the information age. While a number of privacy scholars point to stricter federal regulation as the answer, others are very skeptical of granting government a more expansive role in safeguarding sensitive information on the Internet.

In this week’s issue of Advertising Age, Carolyn Homer and I have a guest column in which we discuss the role of market institutions in addressing privacy concerns:

A series of recent high-profile privacy gaffes involving internet firms such as Google, Microsoft and Facebook has spurred a public outcry for stronger privacy protections. Politicians in Congress have responded with a slew of blustering letters, hearings, and legislative threats. On July 19, Rep. Bobby Rush, D-Ill., introduced a sweeping privacy bill in the House of Representatives, and Sen. John Kerry, D-Mass., has pledged to introduce a similar bill in the Senate. This legislation would stifle the dynamic internet economy and targeted advertising while doing little to improve consumer privacy. Mr. Rush’s bill, titled the Best Practices Act, would give the Federal Trade Commission broad new powers to regulate nearly any organization that routinely collects even basic data about individuals, including phone numbers and email addresses. The bill would empower the FTC to dictate businesses’ data security practices, perform extensive compliance audits, and even restrict which kinds of information firms can collect and how long they can store it. This approach may sound sensible, but it ignores the crucial role of responsible data collection in the information age. Limiting such practices will impede e-commerce and endanger free internet content backed by advertising. The internet’s ubiquitous information sharing is a feature, not a bug.

Responsible private-data collection has revolutionized the information economy over the past two decades. E-commerce and online advertising sustain over 3 million U.S. jobs and $300 billion in annual economic activity, according to a 2009 study by two Harvard Business School professors. Strict privacy mandates could decimate this industry. This has already happened in the European Union. According to a recent Massachusetts Institute of Technology paper, after the EU implemented a data-privacy law in 2002, the effectiveness of online advertising fell 65%. Rigid federal regulations are especially detrimental to small, entrepreneurial start-ups. The Best Practices Act exempts databases with information on fewer than 15,000 individuals, but today many small businesses maintain databases much larger than that. Consider Diaspora, a privacy-oriented social-networking site founded by four New York University students, which already has more than 30,000 followers on the microblogging service Twitter. The site has yet to launch — but under Mr. Rush’s legislation, it would face strict FTC rules from day one. Sharing sensitive information online always entails some risk. But that does not mean we should stop sharing information entirely, nor that companies should be prohibited from using volunteered information. Rather, privacy risks should be combated by educating users about the information they proffer and the trustworthiness of the websites they visit.

Despite the recent privacy hysteria, most companies have a solid privacy track record. Countless firms now hold billions of individual data points, yet breaches are infrequent. Corporate investment in data security continues to grow rapidly. Mistakes do happen, of course, but firms usually fix them quickly to avoid consumer outrage. Competitive markets are not perfect, but they are self-correcting — unlike government. Putting the feds in charge of micromanaging private-data collection practices will do little to safeguard privacy. Indeed, the federal government’s own track record on privacy is hardly reassuring. Consider the Patriot Act, the recent scandal over the storage of full body images, or the Justice Department’s push to access cellphone locational data without a warrant. Ironically, Mr. Rush’s bill exempts all government agencies, leaving Americans vulnerable to further government abuses. We do need stronger privacy safeguards, but Washington does not offer our salvation. Privacy-enhancing technologies continue to be developed in response to growing consumer demand. Legislative interference is at best hypocritical, and at worst destructive to the internet economy.

Chalk up another victim to unwarranted political intimidation by state attorneys general. On Friday evening, Craigslist, which has long been under intense pressure to crack down on sex crimes, replaced its adult services section in the U.S. with a black censor bar. This move comes on the heels of a scathing letter sent to Craigslist by seventeen state AGs insinuating that Craigslist is culpable for the “victimization of children.” While the state attorneys general are likely celebrating victory this holiday weekend, all they’ve really done is to stifle free speech online and complicate efforts by law enforcement authorities to go after the real bad guys — you know, the ones who are forcing kids into sex slavery.

This isn’t the first time states have publicly attacked Craigslist for its involvement in sex crimes. Various AGs been trying to intimidate the site into eliminating avenues of adult content for years, as Alex Harris and Jim Harper have chronicled on these pages. In response to state AGs’ relentless saber-rattling, Craigslist made several major changes last year aimed at curbing illegal postings. The site shut down its notorious “erotic services” section and began charging $10 for every posting made to the adult services section. Craigslist even began manually screening all posts submitted to the adult services section. Since May 2009, over 700,000 postings have been rejected.

Apparently none of these concessions were enough for state AGs, always eager to score political points. Despite the safeguards Craigslist implemented last year, users continued to use the site in the commission of sex crimes. This is hardly surprising; given the sheer volume of user submissions and the increasingly complex measures taken by criminals to obfuscate their unlawful solicitations, some illegal postings are bound to circumvent any filtering regime. Now that Craigslist has censored its adult services section, former users of the section will invariably flock to other sites, as has happened every single time a major Bittorrent site has been taken offline or crippled by litigation. Craigslist is just one of many, many websites on the Internet that’s frequented by criminals, after all. From popular sites like Google and Yahoo! to small blogs that accept user comments, nearly any site that allows user submissions can be used to break the law.

Such websites generally aren’t legally liable for crimes committed by their users, as courts across the country have held time and time again (1,2,3,4). That’s because when Congress overhauled America’s telecom laws in 1996, it enacted the Communications Decency Act, which grants “providers” of “interactive computer service” immunity from state criminal prosecution for illegal content posted by users. Thus, while prosecutors can and do pursue criminal charges against individuals who post illegal content to Craigslist, they can’t go after Craigslist itself, as long as the site complies with enforceable governmental requests and promptly removes content it knows to be illegal.

This legal provision, known as Section 230, has been crucial to the growth of the Internet as we know it. As Adam Thierer aptly put it last year, it’s the “cornerstone of Internet Freedom.” Section 230 has enabled website operators to offer an array of incredible user-driven offerings without fear of being sued or jailed for their users’ unlawful actions. Without it, “Web 2.0″ sites like YouTube, Digg, and Reddit might never have gotten off the ground. Monitoring user submissions can be enormously burdensome, especially for smaller sites like WashingtonWatch.com, a popular user-centric site operated and owned by the Cato Institute’s Jim Harper. Were these sites liable for the content of their users’ postings, they likely wouldn’t even accept them in the first place.

Congress established this protection in order to “to maintain the robust nature of Internet communication and, accordingly, to keep government interference in the medium to a minimum,” as the U.S. 4th Circuit Court of Appeals concluded in its forceful 1997 opinion in Zeran v. America Online, Inc. In their assault on Craigslist, state attorneys general ignore Congress’s clear intent in establishing Section 230 — to keep government’s hands off the Internet.

To be sure, Section 230 does have a downside, as Craigslist itself has underscored time and time again. Illegal user postings can result in tragedy, as was the case for AK and MC, two girls who took out ads in The Washington Post and The San Francisco Chronicle last month recounting their experiences as victims of sex crimes facilitated through Craigslist. Despite Section 230′s flaws, however, the alternative is far worse.

Many, if not most, postings on Craigslist’s adult services section were perfectly legal, and until Friday thousands of individuals relied on the section to find consenting adults with whom to fulfill their intimate desires. In pressuring Craigslist to censor the section, state AGs have essentially stifled the free speech rights of thousands of individuals. Criminals will simply migrate to even shadier websites, further hindering efforts by law enforcement to put child sex traffickers behind bars.

It’s 2010, and nearly 5 billion devices worldwide are now connected to the Internet — a freely accessible, unfiltered, unauthenticated worldwide network. As long as such a network exists, it’s all but inevitable that it will have a seedy underbelly. Law enforcement officials should investigate sex crimes against children committed using the Internet and aggressively prosecute suspected child sex traffickers. Trying to intimidate interactive websites like Craigslist, however, is the wrong approach.

Earlier this week, The Daily Show’s Jon Stewart summed up the debate over net neutrality by stating, “On one side [are] those who want the marketplace to remain a wide open market of ideas, and on the other side [is] a larger group who have no idea what net neutrality means.”

Stewart may have been joking, but he was right about one thing – many folks are confused about what net neutrality actually is and what it would mean for Internet users.

That’s why I decided to enter the America’s Got Net video contest, sponsored by the Open Internet Coalition, a pro-net neutrality trade association.  In a short video entitled, “The Open Internet and Lessons from the Ma Bell Era,” I explain how mandating net neutrality would endanger the networks of tomorrow and insulate entrenched firms from competition. Enjoy!

Recent revelations about Microsoft’s internal debate over Internet Explorer’s handling of tracking cookies, as chronicled by The Wall Street Journal earlier this month, have prompted harsh criticism from self-described privacy groups, who’ve called on Congress to investigate Microsoft’s actions. But as Jim Harper pointed out in an excellent WSJ essay, Web users stand to lose a great deal if online tracking is squelched by the hand of government. Data gathering on the Internet is largely harmless, and individually targeted advertising coexists with robust privacy safeguards.

Over on AOLNews.com, my colleague Carolyn Homer discusses these privacy tradeoffs, arguing that Microsoft and other Internet firms have a strong incentive to set privacy defaults that align with their users’ preferences. She points out that most consumers are, in practice, quite willing to live with allegedly “pervasive” tracking in exchange for the enormous benefits that targeted advertising makes possible. While many surveys and polls indicate consumers are very worried about their privacy, the actual decisions that consumers make every day tell a very different story (as documented extensively by Berin Szoka). From Carolyn’s piece:

A body of research reveals a sizable disparity between how much people say they value privacy and how willing they are to actually protect it. In a 2003 Duke Law Journal article, Michael Staten and Fred Cate found that fewer than 10 percent of users exercise their right to opt out and share less. Conversely, if given the opposite choice, fewer than 10 percent of users elect to opt in and share more. The vast middle is apparently indifferent. If consumers were required to affirmatively opt in before sharing data, the Internet’s prevailing advertising-based business model would be decimated. The effectiveness of online advertising in Europe, for example, fell 65 percent after the European Union in 2002 required a blanket opt-in system. For more than a decade, the Internet has thrived on the assumption that most people believe it is a fair trade to receive free content in exchange for viewing ads. Mere advertisements shouldn’t be equated with gross privacy violations.

She goes on to discuss how privacy settings are evolving as consumer preferences adapt to new technologies and firms experiment with new ways to use and collect data. You can read the rest over at the AOL News website.

Today, China renewed Google’s license to do business in the country, reports The Washington Post. The announcement means that Google will maintain its presence in the country for the foreseeable future. Google will likely meet criticism, but this is good news nonetheless for Chinese Internet users.

The rapidly unfolding Google-China saga has made headline after headline since January, when Google announced that it had suffered an intrusion originating in China. In March, after months of internal debate and heavy public criticism, Google shut down its China-based search engine Google.cn, redirecting all queries to its Hong Kong-based Google.com.hk site. Late last month, Google reactivated some of its China-based services and has continued to operate in China, albeit on a limited basis.

Operating in China has long been a headache for Google, due to the Chinese government’s notorious disregard for Internet freedom, embodied by its infamous “Great Firewall of China.” China surveils all Internet traffic that traverses its borders and attempts to block its citizens from accessing information sources which the government considers unfavorable. China also gleans data from its network to identify and retaliate against political dissidents.

Human rights advocates have long derided Google and other U.S. tech companies, such as Microsoft and Yahoo, for doing business in China. China requires all search engines operating in the country to censor a broad range of information, like photos of the 1989 Tiananmen Square massacre. Critics contend that complying with the Chinese government’s oppressive demands is unethical and that facilitating censorship and suppression is morally unacceptable on its face.

Such criticisms, however principled, miss the forest for the trees. If Google were to cease its Chinese operations entirely, the result would be one less U.S. Internet firm accessible to Chinese citizens. While Google is the worldwide search leader, in the Chinese search market Google lags behind Baidu, a search company based in China. Baidu’s market share increased after Google shut down its China-based search site. If Google were to pull out of China entirely, chances are Baidu would pick up many more users.

Why is this troubling? Because Baidu has a long history of complying with the Chinese government’s demands, and has never publicly repudiated the regime’s oppressive practices.

American firms that operate in China do so begrudgingly, often repudiating the state’s human rights violations and, at times, even pushing back when they believe the government has gone too far. Google in particular has struggled over the ethical dilemma posed by China. Before 2005, Google had not formally entered the Chinese market at all, partially on human rights grounds. And after its servers were hacked from within China in late 2009, Google was reportedly on the verge of pulling out of China entirely.

The complicity of U.S. tech firms in China’s oppressive practices has also spurred attacks from politicians looking to score political points. At a recent hearing, Rep. Chris Smith (R-N.J.) accused Microsoft of “enabling tyranny” in China. And Senator Dick Durbin (D-Ill.) is pushing for federal legislation to regulate the practices of U.S. companies that do business in non-democratic nations.

Such saber-rattling will only make problems worse. Undermining the autonomy of private U.S. corporations to make their own business decisions only discourages constructive business engagement with China. Worse, American politicians’ lambasting of China actually emboldens the Chinese regime, which plays upon nationalist sentiments to garner public support.

American businesses, on the other hand, are in a far better position to criticize Chinese censorship. Google and Microsoft are household names in China. And it is far more difficult for the Chinese government to demonize American technology firms than the U.S. government.

Yes, China has a horrendous human rights record, but it isn’t the only nation in the world whose government routinely tramples human rights. In the flawed world we live in, to expect businesses to operate only in nations that truly respect their citizens’ human rights is wishful thinking. Neither Google nor any other American company enjoys facilitating Chinese oppression. But given the available alternatives, is pulling out really a superior option? Is relegating Chinese citizens to patronizing solely Chinese firms actually conducive to improving human rights?

In the long run, disengaging China will not encourage its government to grant greater political freedoms to its people. Commerce between the U.S. and China facilitates wealth creation and opens up new economic opportunities in both countries. In China, that new wealth, along with corresponding new opportunities, help expand the country’s middle class, bringing subsistence farmers into cities and, thus, closer to the global economy.

For China to become a politically and economically freer nation, a sizable middle class is a crucial factor. While Google, Microsoft, and Yahoo may not seem to be making China any freer now, they can only help in the long run.

Facebook has had a tough month. The site’s latest round of privacy changes, implemented last month, spurred stiff backlash — not just from so-called privacy advocates, but also from several U.S. Senators. Facebook CEO Mark Zuckerberg shot back with an op-ed in The Washington Post, as Braden discussed here yesterday.

I’ve had much to say about Facebook’s past privacy controversies (1, 2, 3, 4, 5), but what really sticks out about the latest anti-Facebook backlash is who’s leading the charge: U.S. Senator Chuck Schumer.

Seriously, of all people, Chuck Schumer should be the last to criticize Facebook’s privacy practices. That’s because Schumer is leading the push in Congress to establish a biometric national identification regime. If Schumer had his way, all Americans, including U.S. citizens, wishing to legally work in this country would be required by law to obtain a national ID card! Compared to this highly invasive potential exercise of the state’s coercive power, concerns about Facebook’s privacy practices seem downright trivial.

I elaborated on Schumer’s hypocrisy and discussed the problems surrounding federal regulation of online privacy in an op-ed that recently appeared on Townhall.com:

Hypocrisy in politics is nothing new. But Senator Charles Schumer (D-N.Y.) set a new standard for it last week when he and three of his colleagues attacked social networking giant Facebook over its privacy practices. In a scathing letter, the senators demanded that Facebook change certain features to give users greater “control over their information.” The real threat to privacy, however, comes not from innovative companies like Facebook, but from posturing politicians. The controversy began last month when Facebook unveiled several new changes and features. Under the new privacy policy, Facebook user profiles are linked to the popular websites Yelp, Pandora, and Microsoft’s Docs.com by default. Users can opt out of these “social plug-ins.” Facebook also made all users’ likes and interests publicly visible, with no opt-out. These changes angered some users and sparked uproar in the blogosphere. Naturally, politicians saw this controversy as a chance to score political points by getting involved. Sen. Schumer and company asked federal regulators to “recommend” privacy guidelines for social networking sites, and are reportedly on the verge of introducing legislation to regulate online privacy. One moment, Sen. Schumer implores Facebook to change its privacy policies. The next, he’s leading the push in Congress to require all Americans to have national ID cards. Unlike social networking sites, which are entirely voluntary, Americans will not be able to “opt out” of Schumer’s national ID scheme. (Schumer’s proposal even requires citizens’ biometric information, like an iris scan or fingerprint.) Perhaps Sen. Schumer could use a dose of his own privacy medicine. …

You can read the rest of the piece here.