While the Net Neutrality debate has been in the foreground, Congress has been quietly moving forward legislation that risks fundamentally modifying the liability protection for Internet intermediaries like Facebook, Google, and PayPal, and forever changing the Internet. The proposed legislation has good intentions of stopping sex trafficking, but in an effort to stop a few bad actors the current overly broad version of the bill risks not only stopping the next Internet innovation, but also failing to achieve even this laudable goal.

Where Are We Now: A Legislative Update

As I have written earlier, the House and the Senate version each introduced bills nobly aimed at preventing and fighting sex trafficking. The House bill, FOSTA, was amended during the committee process and these significant changes minimized many of the most concerning elements of the original version of the legislation. The bill still had many flaws including standards that remained vague and did not account for a website’s size, but it was generally applauded as a significant step towards achieving its goal while minimizing the damage to free expression on the Internet. The Senate bill, SESTA, retained many of the concerns of the initial FOSTA bill. Before the House voted, FOSTA was amended to include all elements of SESTA both good and bad. The bill with SESTA attached passed the House and now proceeds to the Senate where a vote is expected next week.

The Continuing Problems of FOSTA/SESTA

According to Internet law professor Eric Goldman, unfortunately the House passed FOSTA now represents the worst of both worlds and could have far reaching implications not just for those engaged in detestable practices but also for advocates, social media, and free speech online more generally. The current version of the bill has also been criticized by many including not only the tech community, but also the prosecutors at the Department of Justice.

There are at least three primary issues remaining in the FOSTA/SESTA legislation as proposed.

First, it could make the problem of identifying and rescuing victims more difficult for advocates. This is for two main reasons. As law professor Ariel Levy pointed out even if the bill succeeds in removing sex trafficking online, it will only push the true perpetrators of these acts further underground making it harder for those seeking to monitor and prosecute such crimes to find victims. It also risks silencing the spread of information to help victims due to broad language in the law and the difficulty companies would have in distinguishing such messages. Finally, the law does not distinguish forced from voluntary transactions. Advocates for sex workers have expressed concerns that the law would prevent the sharing of information that has increased safety.

Second, it could actually make it more difficult for prosecutors to go after perpetrators of these crimes. The Department of Justice letter points out that the vague language such as “participation in a venture” will make it harder to prosecute wrongdoers. As I have previously discussed, prosecutors have the tools and should be encouraged to use them. Mike Masnick recently pointed out that while the bill creates a new crime, it is already illegal to engage in and advertise sex-trafficking. The current vagueness and imposition of new liability on third parties not actively engaged in trafficking could make it harder for prosecutors to use the tools they have to go after the actual traffickers.

Finally, as Rep. Justin Amash questioned in the immediate aftermath of its passage the bill as currently written could easily be interpreted as allowing for ex post facto liability and prosecutions. The version passed by the House expressly allows the prosecution of actions that would have been illegal under the law even if the actions occurred years before its passage. If such provisions were enforced, it’s plausible the courts could find the statute facially unconstitutional.

Potential Solutions

Section 230 immunity has allowed the Internet to flourish for over 20 years. Without such protections, it is unlikely that many user generated communities like social media sites or messaging services would have developed.  Since the Senate has not yet voted on the bill, there is still time to leave Section 230 as it currently functions or for amendments that could minimize the risks described above.

First, as suggested by the Department of Justice letter attention should be given to vague definition of participation to limit the application of the law to only those who actively engage in such acts. The current language means that a search engine, payment processor, or social media site could be found liable for even a single transaction by a user. Clear definitions are particularly important given they impact not only civil liability but also the creation of a new crime.

Second, the intent requirements could be raised to limit the law only to those with truly bad intentions and protect Good Samaritan actors who accidentally make a mistake. The current version has a relatively low requirement for liability. A recent Wall Street Journal editorial pointed out that an attorney would only need to show that the website “should have known” not that they actually knew this behavior was going on in order to bring a lawsuit. As a result, intermediaries are most likely to engage in aggressive censorship. This could result in wrongfully silencing advocates as discussed above. Of course, others could choose not to engage in moderating at all out of a fear that they will be found to have knowledge. Ideally, a provision to protect moderator actions and a heightened mens rea requirement would minimize these risks.

Third, remove any ex post facto applications of the statute. A website could not have taken additional steps to comply with a law that existed prior to its passage, so should only reasonably be held liable for actions that occur since the law’s passage. Even for seemingly innocuous social media websites like Facebook or search engines like Google the new standard would require significantly more resources devoted to monitoring than they already engage in. Given that the law would undo two decades of status quo for moderation, it seems providing intermediaries a few months to insure they have the necessary resources is a reasonable change.

Section 230 has worked to allow the Internet to flourish in ways that could not have been predicted 20 years ago. Any changes to Section 230 liability protection are likely to have far reaching implications for the Internet and innovation. While these changes may be brought with good intentions, they risk fundamentally changing  nature of new communications tools and doing quite a bit more than just targeting bad actors.

The Stop Online Piracy Act (SOPA), a controversial bill before the House of Representatives aimed at combating “rogue websites,” isn’t just about criminal, foreign-based sites that break U.S. intellectual property laws with impunity. Few dispute that these criminal websites that profit from large-scale counterfeiting and copyright infringement are a public policy problem. SOPA’s provisions, however, extend beyond these criminal sites, and would potentially subject otherwise law-abiding Internet intermediaries to serious legal risks.

Before moving forward with rogue websites legislation, it’s crucial that lawmakers take a deep breath and appreciate the challenges at stake in legislating online intermediary liability, lest we endanger the Nozickian “utopia of utopias” that is today’s Internet. The unintended consequences of overbroad, carelessly drafted legislation in this space could be severe, particularly given the Internet’s incredible importance to the global economy, as my colleagues have explained on these pages (1, 2, 3, 4, 5, 6)

To understand why SOPA could be a game-changer for online service providers, it’s important to understand the simmering disagreement surrounding the Digital Millennium Copyright Act (DMCA) of 1998, which grants certain online service providers a safe harbor from liability for their users’ copyright infringing actions. In exchange for these protections, service providers must comply with the DMCA’s notice-and-takedown system, adopt a policy to terminate users who repeatedly infringe, and meet several other conditions. Service providers are only eligible for this safe harbor if they act to expeditiously remove infringing materials upon learning of them. Also ineligible for the safe harbor are online service providers who turn a blind eye to “red flags” of obvious infringement.

The DMCA does not, however, require providers to monitor their platforms for infringing content or design their services to facilitate monitoring. Courts have held that a DMCA-compliant service provider does not lose its safe harbor protection if it fails to act upon generalized knowledge that its service is used for many infringing activities, in addition to lawful ones, so long as the service provider does not induce or encourage users’ infringing activities.

Defenders of the DMCA safe harbor argue that it’s helped enable America’s Internet-based economy to flourish, allowing an array of web businesses built around lawful user-generated content — including YouTube, Facebook, and Twitter — to thrive without fear of copyright liability or burdensome monitoring mandates.

Conversely, some commentators, including UCLA’s Doug Lichtman, argue that the DMCA inefficiently tips the scales in favor of service providers, to the detriment of content creators — and, ultimately, consumer welfare. Pointing to a series of court rulings interpreting the safe harbor’s provisions, critics argue that the DMCA gives online intermediaries little incentive to do anything beyond the bare minimum to stop copyright infringement. Critics further allege that the safe harbor has been construed so broadly that it shields service providers that are deliberately indifferent to their users’ infringing activities, however rampant they may be.

What does SOPA have to do with all of this? Buried in the bill’s 78 pages are several provisions that run a very real risk of effectively sidestepping many of the protections conferred on online service providers by the DMCA safe harbor.

Section 102

Section 102 of SOPA empowers the Attorney General to seek a court order against an allegedly infringing foreign website. Such a court order would, if granted, effectively deny the site access to payment processors, ad networks, and even parts of the domain name system. Under § 102, a foreign, U.S.-directed website is deemed a “foreign infringing site” if:

[T]he owner or operator of such Internet site is committing or facilitating the commission of criminal violations [involving illegal copyright infringement, counterfeiting, or theft of trade secrets] and the Internet site would . . . [therefore] be subject to seizure in the United States . . . if such site were a domestic Internet site.

The part about websites “subject to seizure in the United States” refers to 18 U.S.C. § 2323, which states among other things that “[p]roperty subject to forfeiture” includes:

Any property used, or intended to be used, in any manner or part to commit or facilitate the commission of [criminal copyright or trademark infringement].

This definition of a “foreign infringing site” is enormously troubling. Note the absence of any requirement of actual or constructive knowledge on the part of the site operator, let alone criminal intent. Under § 102, a foreign website built around user-generated content may be deemed an “infringing site” simply because its server has facilitated the criminally infringing acts of a single user — even if the site operator neither induced nor knew of the user’s unlawful activities. While an innocent foreign site operator might eventually be able to persuade a court to vacate an order deeming it a “foreign infringing site,” SOPA imposes an astonishingly low burden on the Attorney General of showing that a site is a “foreign infringing site.” If the bill is enacted as is, foreign websites that contain any user-generated content had better watch out.

SOPA proponents defend § 102 by pointing out that its definition of infringing sites comes straight out of the 2008 PRO-IP Act, which established the aforementioned civil forfeiture provision in 18 U.S.C. § 2323. But this statute’s constitutionality is currently being challenged in federal court by a team of attorneys that includes Stanford law professor and copyright guru Mark Lemley. The law’s breadth raises serious First Amendment concerns since it permits ex parte seizures of entire outlets of speech (e.g., websites) simply because the outlet has been used in some unlawful manner. SOPA may be based on existing law, but why should Congress extend this overbroad provision of the PRO-IP Act to encompass an even broader range of websites? If anything, lawmakers should revisit PRO-IP and narrow its applicability to sites intentionally operated for the purpose of committing or facilitating criminal infringement. Via Techdirt, even Floyd Abrams, a constitutional scholar who represents content companies that strongly back SOPA, conceded in a recent letter to Congress that unanswered questions remain regarding the constitutionality of 18 U.S.C. § 2323.

Section 103

The next section of SOPA, Section 103, isn’t any better. This section provides for private rights holders to seek court orders against U.S.-directed websites — including domestic sites — to deny them access to U.S. payment processors and ad networks. Section 103 deems a website “dedicated to theft of U.S. property” if any of the following conditions are met:

1. [The site] is primarily designed or operated for the purpose of, has only limited purpose or use other than, or is marketed by its operator or another acting in concert with that operator for use in, offering goods or services in a manner that engages in, enables, or facilitates [copyright infringement, circumvention of copyright protection systems, or trademark infringement]; or
2. [The site operator] is taking, or has taken, deliberate actions to avoid confirming a high probability of the use of the . . . site to carry out acts that constitute [copyright infringement or the circumvention of copyright protection systems]; or
3. [The site operator] operates the . . . site with the object of promoting, or has promoted, its use to carry out acts that constitute [copyright infringement or the circumvention of copyright protection systems], as shown by clear expression or other affirmative steps taken to foster infringement.

The first prong of this definition encompasses any website that “has only limited purpose or use other than . . . engag[ing] in, enabl[ing], or facilitat[ing]” copyright infringement, circumvention of copyright protection systems, or trademark infringement. This language comes from 17 U.S.C. § 1201, also known as the DMCA anti-circumvention provisions. Just how “limited” of non-infringing uses must a site have to meet this definition? It’s hard to say. As Rob Pegoraro cheekily observed in a recent Roll Call op-ed, “‘[l]imited’ is one of those wonderfully elastic words — notice the ever-longer yet still ‘limited’ copyright terms granted to artists and creators?” This section of SOPA would be more clear if it relied on the “capable of substantial non-infringing uses” test originally articulated by the U.S. Supreme Court in its famous 1984 Betamax opinion, Sony Corp. v. Universal City Studios, Inc., which has since been interpreted by numerous federal courts in copyright infringement cases.

The second prong of the § 103 definition, which covers websites that take “deliberate actions to avoid confirming a [high probability of infringement],” is perhaps the most worrisome of the three prongs. This language appears to have been lifted directly from a 2011 U.S. Supreme Court decision,  Global-Tech Appliances, Inc. v. SEB S.A. In that case, a patent infringement lawsuit, the Court found the defendant liable for inducement on the grounds that it took willful steps to blind itself of the existence of the patent at suit. The Court held that “willful blindness” exists when (1) a defendant subjectively believes that there is a high probability that a fact exists; and (2) the defendant takes deliberate actions to avoid learning of that fact.

Note, however, that Section 103 omits the first prong of the Global Tech willful blindness test, the subjective belief element. This omission might simply be an oversight — or it could reveal the intent of the bill’s authors to cast aside the subjective knowledge standard (which currently applies to service providers in the context of knowledge for purposes of the DMCA) and replace it with an objective, “reasonable person” standard. If plaintiff bringing a SOPA action is only required to show that a website operator should have known of its users’ infringement from the perspective of a “reasonable” operator, and that the site’s operator acted in some manner that had the effect of contributing to its ignorance of infringing activities by users, a vast array of websites that currently enjoy the protections of the DMCA safe harbor may face significant new legal risks. After all, website operators make design decisions all the time that might foreseeably impact on their awareness (or lack thereof) of user’ potentially infringing activities. Who knows what sort of well-intentioned, albeit deliberate, decisions might amount to”avoiding confirming a high probability” of infringement?

As David Sohn of the Center for Democracy & Technology has pointed out, “[t]his seems like a backdoor way of imposing a monitoring obligation on any website that allows users to post content.”  Temple Law Professor David Post, writing at the Volokh Conspiracy, observed that the bill might make it a “violation of law to keep the prosecutors from ‘confirming’ that you’re violating the law — all the prosecutor has to show, to make you vanish from the Net, is that you’ve somehow tried to keep the prosecutor off of your website!”

Why SOPA Could Endanger the DMCA Safe Harbor

SOPA proponents have dismissed concerns that the bill would risk undermining the DMCA safe harbor. U.S. Register of Copyrights Maria Pallante, testifying in a House Judiciary Committee hearing on SOPA on November 16, told members of Congress that it was extremely unlikely that any actions brought under SOPA would impact websites otherwise shielded by the DMCA safe harbor. Techdirt reports that Viacom executive Stanley Pierre-Louis recently argued that SOPA would not “[expand] the scope of secondary liability claims and [diminish] DMCA protections,” noting that “[t]here is no rule that permits ‘willful blindness’ of obvious wrongdoing under U.S. law, and nothing in the DMCA or any other statute has been deemed to hold otherwise.”

Technically, Pallante and Pierre-Louis are correct; SOPA’s provision at 102(c)(2)(A)(iii) appears to leave existing doctrines of copyright liability vis-à-vis the DMCA safe harbor untouched.

In practice, however, SOPA has the potential to effectively usurp the DMCA safe harbor in important respects. If the bill is enacted, online service providers would face a new worst nightmare: being cut off from payment processors, ad networks, and possibly even Internet service providers. As Eric Goldman recently explained, if a “website goes offline because of cash flow problems caused by the cutoff attributable to a single UGC content item, all of the UGC on that website goes dark because of a single content item.”

To avoid such an outcome, website operators will likely do everything they can to avoid falling under SOPA’s definitions — even if that means going above and beyond the requirements of the DMCA safe harbor. While I’m all for websites voluntarily taking prudent and measured actions to combat unlawful user activities (e.g., YouTube’s Content ID system), there are good reasons to be very skeptical of any legislation that effectively imposes on site operators any duty or obligation to monitor, or facilitate the monitoring of, user activities.

Fair concerns have been raised by thoughtful commentators about the DMCA’s limitations and shortcomings. Those concerns deserve a serious examination in the halls of Congress, and perhaps may even merit some careful, targeted tweaks to the DMCA. But the extraordinary remedies provided contained in SOPA should be reserved for genuine rogue sites that willfully flout U.S. laws with impunity and are beyond the reach of U.S. law enforcement authorities. While there are U.S.-based websites out there that violate copyright and trademark laws, extraordinary remedies (such as “going after the money”) should not be the primary method of penalizing such sites. If a rights holder believes that a domestic website is infringing on its copyright or trademark, the proper means of obtaining recourse is to file a civil lawsuit and, when appropriate, seek injunctive relief. The U.S. Marshals Service is tasked with enforcing civil judgments and other court orders entered against domestic actors by federal courts, and parties may obtain writs of execution to order law enforcement intervention against American individuals or businesses that violate court orders.

We Have To Pass The Bill To Find Out What’s In It

Reasonable people read SOPA’s provisions in very different ways. For instance, Terry Hart, writing at Copyhype, has eloquently defended SOPA’s definitions, arguing that “[t]he actions that would subject a provider to SOPA’s provisions are the same ones that would subject it to a copyright infringement suit under existing law and are actions that would not be protected under DMCA safe harbors.” But while SOPA’s definitions are based largely on well-established, time-tested statutes and precedents, some of the language isn’t as clear-cut as it might seem at first glance, as I explain above.

As a result, it’s tough to predict how SOPA would actually impact online service providers. Federal judges vary widely in the methods they employ in attempting to interpret vague statutes. There is no such thing as stare decisis when it comes to statutory construction; some judges focus on the plain meaning of a statute’s language, while others pour through committee reports and hearing transcripts in hopes of divining the legislature’s true underlying intent.

With apologies to Nancy Pelosi, what this means is that we probably won’t know what’s in SOPA until it’s passed. Even then, only after years of costly litigation will the contours of the bill’s provisions likely begin to approach a state of clarity. Consider that the DMCA, now thirteen years old, continues to engender serious disagreement among federal courts to this day. (For instance, courts disagree on what it means for a service provider to take “volitional acts” that encourage users to engage in infringement.)

SOPA’s potential breadth is especially problematic given that its potential victims are small, entrepreneurial Internet start-ups that lack the resources to pay a team of lawyers to examine their operational decisions for potential SOPA violations. As leading high-tech venture capitalist Fred Wilson has argued, “venture capitalists will think more than twice about putting $3mm of early stage capital into startups if they know that the vast majority of the funds will go to pay lawyers to defend the companies instead of to hire engineers to create and build product.”

Lawmakers Should Tread Carefully

While combating rogue foreign websites that violate U.S. laws flagrantly and with impunity should be a priority for lawmakers, SOPA’s definitions and remedies are simply too broad and too vague in their current form. They would cast a cloud of legal uncertainty over America’s innovative, startup-driven Internet economy. It would be a grave mistake to grant such powerful new tools to Justice Department and rights holders and assume that federal trial judges will interpret SOPA’s provisions as narrowly as is necessary to ensure legitimate Internet companies do not suffer adverse effects.

The recent House Judiciary Committee hearing on SOPA made clear just how much work remains to be done to craft an effective but targeted approach to rogue sites. Serious questions remain unresolved — not only about SOPA’s impact of the DMCA safe harbor, but also about cybersecurity, due process and free speech. Additional hearings are needed to explore these important issues with Internet engineers, law professors, and venture capitalists. Marking up the legislation before the end of 2011 — as Chairman Lamar Smith desires, according to the National Journal — would be a serious mistake.

For more on SOPA and rogue websites legislation; see: 

• Ryan Radia, Preliminary Thoughts  on Stop Online Piracy Act (SOPA)
• Ryan Radia, Congress Should Amend SOPA to Address Cybersecurity, Due Process Concerns
• Ryan Radia, Congress takes another stab at combating Rogue Websites with the PROTECT IP Act
• Ryan Radia, Five Ways Congress Can Fix COICA Copyright Bill
• Joint Letter from Public Interest Groups to the House Judiciary Committee on the Stop Online Piracy Act
• Timothy B. Lee, ArsTechnica, The Stop Online Piracy Act: Big Content’s full-on assault against the Safe Harbor
• Letter from Sens. Ron Wyden, Rand Paul, Jerry Moran, and Maria Cantwell to Congressional Leadership objecting to the PROTECT IP Act
• U.S. Rep. Zoe Lofgren’s Opening Letter on SOPA
• Prof. Eric Goldman, Why I Oppose the Stop Online Piracy Act (SOPA)/E-PARASITES Act
• Prof. David Post, How About Occupy Hollywood?
• Fred Wilson, Protecting The Safe Harbors Of The DMCA And Protecting Jobs
• Terry Hart, SOPA: New remedies for existing liability
• Rob Pegoraro, Online Piracy Act is Copyright Overreach
• Center for Democracy & Technology, The Stop Online Piracy Act: Summary, Problems and Implications
• Sherwin Siy, Public Knowledge, House Version of Rogue Websites Bill Adds DMCA Bypass, Penalties for DNS Workarounds
• Techdirt’s SOPA coverage
• Parker Higgins, Electronic Frontier Foundation, What’s On the Blacklist? Three Sites That SOPA Could Put at Risk
• Corynne McSherry, Electronic Frontier Foundation, SOPA: Hollywood Finally Gets A Chance to Break the Internet
• Larry Downes, TechFreedom, SOPA: Hollywood’s latest effort to turn back time

Last November, I penned an essay on these pages about the COICA legislation that had recently been approved unanimously by the U.S. Senate Judiciary Committee. While I praised Congress’s efforts to tackle the problem of “rogue websites” — sites dedicated to trafficking in counterfeit goods and/or distributing copyright infringing content — I warned that the bill lacked crucial safeguards to protect free speech and due process, as several dozen law professors had also cautioned. Thus, I suggested several changes to the legislation that would have limited its scope to truly bad actors while reducing the probability of burdening protected expression through “false positives.” Thanks in part to the efforts of Sen. Ron Wyden (D-Ore.), COICA never made it a floor vote last session.

Today, three U.S. Senators introduced a similar bill, entitled the PROTECT IP Act (bill text), which, like COICA, establishes new mechanisms for combating Internet sites that are “dedicated to infringing activities.” I’m glad to see that lawmakers adopted several of my suggestions, making the PROTECT IP Act a major improvement over its predecessor. While the new bill still contains some potentially serious problems, on net, it represents a more balanced approach to fighting online copyright and trademark infringement while recognizing fundamental civil liberties.

Some of the major differences between COICA and PROTECT IP include:

• Under COICA, a website would have been deemed “dedicated to infringing activities” if it had no “demonstrable, commercially significant purpose other than” (emphasis added) to facilitate infringing activities. PROTECT IP, however, only covers websites with “no significant use other than” to facilitate infringing activities. This slight change in wording may seem trivial, but it’s actually quite significant, as lots of blogs, forums, and other sites engaged in noncommercial, but still protected, speech that may well have been subject to domain name disabling under COICA would likely be in the clear under PROTECT IP. However, as Public Knowledge’s Sherwin Siy points out, PROTECT IP’s definition of sites “dedicated to infringing activities” remains overly broad, as it doesn’t explicitly exempt online intermediaries that are otherwise protected by the 17 U.S.C. § 512(c) safe harbor. A site operator that is not engaged in direct or willful secondary infringement should be exempt from actions taken under the PROTECT IP Act if the site abides by the DMCA notice and takedown process, has no actual knowledge of infringing activities, does not derive a financial benefit directly attributable to infringement, and does not induce infringement.

• PROTECT IP, unlike COICA, does not categorically deem websites “otherwise subject to civil forfeiture” under 18 U.S.C. § 2323 to be “dedicated to infringing activities.” Given the extraordinary breadth of section 2323, which permits the government to seize any  “property used, or intended to be used, in any manner or part to commit or facilitate the commission of” criminal copyright infringement, it’s a relief that language was removed.

• PROTECT IP requires that the Justice Department or a rights holder, in bringing an action against a site under the statute, attempt to commence an in personam action against the operator of an allegedly infringing website before an in rem action can be brought. From a due process perspective, this change is an improvement over COICA (which only provided for in rem actions), as it’s much more likely that an in personam action will provide a site operator with an opportunity to participate in an adversarial hearing prior to the issuance of a temporary restraining order or preliminary injunction requiring an intermediary to disable service to the site.

• PROTECT IP adds information location tools to the list of intermediaries that are required to disable service or cease linking to a website upon being served with a court order deeming the site “dedicated to infringing activities.” This provision would apply not only to search engines, but also to blogs, chat rooms, and message boards. Like COICA, PROTECT IP also applies to DNS operators, financial transaction providers, and Internet advertising services.

• PROTECT IP allows the Justice Department to take action only against nondomestic domain names. (DHS asserts that it is already empowered to seize domestic domain names in accordance with 18 U.S.C. § 2323, as it has done successfully on numerous occasions in recent months.)

• PROTECT IP contains a new private right of action under which a rights holder may seek a court order against any domain name. Actions initiated by rights holders, if successful, only require ad networks and/or payment processors – but not DNS servers or information location tools – to disable service to infringing sites.

Considering all the changes made to the bill, I’m inclined to disagree with commentators, such as Techdirt’s Mike Masnick, who’ve argued that the PROTECT IP, a.k.a. the “Son of COICA,” is worse than its father. On net, PROTECT IP appears to be less likely to impose incidental burdens on protected expression and more likely to afford website operators a chance to successfully challenge actions brought against their sites.

However, I’m still concerned about several aspects of PROTECT IP. Its private right of action, while limited in scope, may result in small websites whose users frequently post infringing content being targeted by costly, burdensome litigation initiated by rights holders. CDT’s David Sohn elaborates on the risks of creating a private right of action in his superb analysis of the bill.

The voluntary actions clause is also quite troubling, as I’ve argued before and as Wendy Seltzer argues on her blog. While I’m all for voluntary actions in principle, such actions should not override private contracts or terms of service agreements that would otherwise be enforceable.

It’s also unfortunate that the PROTECT IP Act does not include a cost reimbursement section, as I suggested last year, or at least an exemption for small entities. While the bill establishes an affirmative defense for an information location tools that doesn’t comply with an order “by showing that the defendant does not have the technical means to comply . . . without incurring an unreasonable economic burden,” it’s far from clear what exactly court would deem “unreasonable.” News of the Justice Department seeking injunctive relief against a small search site operator for failing to comply with a court order issued under PROTECT IP will have a chilling effect on all kinds of small-time Internet platforms.

As lawmakers consider the PROTECT IP Act in coming weeks and months, they should also revisit 18 U.S.C. § 2323, a civil forfeiture provision enacted in 2008 as part of the PRO-IP Act. This extraordinarily broad statute has recently been criticized by many legal scholars. Rep. Zoe Lofgren, among other legislators, has been very critical of the way in which seizures have been conducted. While seizures are certainly justified in some instances, the statute should be narrowed to include only websites “dedicated to infringing activities,” and it should require the government to attempt to commence in personam actions in all instances. Domain names aren’t movable property — unlike illegal drugs or weapons, there is no risk of a criminal “hiding” a domain name or destroying it before evidence of its illegality can be secured.

Update: The final version of the bill text changed the term “interactive computer service” to “information location tool,” which is a positive change. I’ve changed this essay slightly to reflect the distinction.

In the ongoing copyright debates, areas of common ground are seemingly few and far between. It’s easy to forget that not all approaches to combating copyright infringement are mired in controversy. One belief that unites many stakeholders across the spectrum is that more efforts are needed to educate Internet users about copyright. The Internet has spawned legions of amateur content creators, but not all of the content that’s being created is original. Indeed, a great deal of online copyright infringement owes to widespread ignorance of copyright law and its penalties.

For its part, Google yesterday unveiled “Copyright School” for YouTube users. As Justin Green explains on the official YouTube blog, users whose accounts have been suspended for allegedly uploading infringing content will be required to watch this video and then correctly answer questions about it before their account will be reinstated:

Of course, boiling down the basics of copyright into a four and a half minute video is not an easy task, to put it mildly. (The authoritative treatment of copyright law, Nimmer on Copyright, fills an 11-volume treatise.) Copyright geeks and fans of “remix culture” will appreciate that Google’s video touches on fair use and includes links to in-depth resources for users to learn more about copyright. It will be interesting to see how Google’s effort influences the behavior of YouTube users and the incidence of repeat infringement.

Update: EFF’s Corynne McSherry has an essay up on the Deeplinks blog arguing that YouTube’s Copyright School video omits several important facts about copyright. She raises several very good points, but the unfortunate reality of copyright law is that uploading content that’s not substantially original — even in cases that might constitute fair use — is legally risky, particularly for those who aren’t familiar with copyright law. While I’d love to see YouTube create a follow-up video that explains fair use doctrine in an accessible manner, Google’s decision to urge YouTube uploaders to err on the side of caution is quite reasonable in light of the severity of the statutory penalties for copyright infringement.

Jonathan Frieden (who runs the e-commerce law blog) has a nice, pithy summary of Section 230:

If the “essential published content” is willingly provided by a third-party, the interactive computer service provider publishing that content enjoys the full immunity afforded by Section 230.

Amen, brother! I noted Eric Goldman’s excellent outline about Section 230 back in June. As Adam has noted, Section 230 is about more than just protecting online intermediaries bottom line or even about freeing them to provide the content and services we all take for granted.

Section 230 is the very cornerstone of Internet Freedom, the law that makes possible Robert Nozick’s “framework for utopias”: Online communities (“utopias”) can flourish in their infinite variety only because those who build, host or enable access to such communities (social network operators, search engines, aggregators, etc.) do not have to worry about legal liability for user-generated content. The fundamental difference between Web 1.0 and Web 2.0 lies in the movement of online speech away from individual websites where the speaker was operator to online speech platforms where the potential number of speakers is essentially unlimited. This ongoing shift makes Section 230 more important than ever.

Never before has it been so easy for users to “vote with their feet,” sorting themselves into communities of their own choosing, and not since the the 1890 Census declared the American frontier “closed” has it been been so easy for the individual to start entirely new communities if they don’t like their current options.

Last month, I noted that UCLA Law School professor Doug Lichtman has a wonderful new monthly podcast called the “Intellectual Property Colloquium.” This month’s show features two giants in the field of tech policy — George Washington Law Professor Daniel Solove and Santa Clara Law Professor Eric Goldman –- discussing online privacy, defamation, and intermediary liability. More specifically, in separate conversations, Solove and Goldman both consider the scope of Section 230 of the Communications Decency Act of 1996, which shields Internet intermediaries from liability for the speech and expression of their users. Sec. 230 is the subject of hot debate these days and Solove and Goldman provide two very different perspectives about the law and its impact.

Goldman calls Sec. 230 “pure cyberspace exceptionalism” in the sense that it breaks from traditional tort norms governing intermediary liability. But he argues that this new online version of intermediary liability (which is extremely limited in scope) encourages more robust speech and expression than the older, offline version of liability (which was far more strict). I completely agree with Eric Goldman, but I respect the arguments that Lichtman and Solove raise about the privacy and defamation problems raised by the purist approach that Goldman and I favor.

Goldman also does a nice job dissecting the Roomates.com and Craigslist.com cases. And Lichtman brings up the JuicyCampus.com case during the conclusion. These are important cases for the future of Sec. 230 and online liability. Incidentally, there’s also an interesting conversation between Lichtman and Solove (around the 32:00 mark) about an issue that Alex Harris and Tim Lee have been raising here about the nature of online contracts and the perils of messy EULAs / Terms of Service (TOS).

These are two absolutely terrific conversations. Very in-depth and very highly recommended. Listen here.

[Note: I recently reviewed Daniel Solove’s important new book, Understanding Privacy, here.]