Wednesday, January 18, 2012

An Updated Analysis: Why SOPA & PIPA Are A Bad Idea, Dangerous & Unnecessary

Okay. A few months back, I wrote up what I called "the definitive" post on why SOPA & PIPA were very bad bills. Some things have changed since then, so I thought it might be useful to do an updated post on the subject. On top of that, one of the key claims by supporters of these bills is that those of us opposed have been spewing false claims to increase the hysteria. While it's true that there is some misinformation making the rounds, I've seen no evidence that it's limited to the anti-SOPA/PIPA crowd. In fact, it appears to be worse on the part of supporters. While some anti-SOPA/PIPA folks may be misinformed about the specifics, they are at least speaking honestly. The pro-SOPA/PIPA forces appear to be deliberately misstating the facts.

So, let's look at the facts. PIPA & SOPA are (now) very similar bills, both with significant problems. In fact, the remaining "differences" in the bills each have serious problems, which is why neither bill is a "better" bill, since both are terrible. The claimed purpose behind these bills is to give both law enforcement and private individuals/companies tools to go after "foreign" websites that are offering infringing (either copyright or trademark) content. The bills offer two ways to do this: via the Attorney General taking action against the sites, or via a "private right of action," in which copyright or trademark holders take direct action themselves against a site they believe is dedicated to infringement.

The bill does require a half-hearted attempt to "contact" the operators of the sites being accused, but if the AG or rightsholders feel they can't reach the owners, they can then go directly after "the site" itself (an "in rem" process, rather than an "in personam"). Following a (literally) one-sided court hearing, a judge can then put the accused site on what is effectively a blacklist. If it's the AG bringing the action, it means that search engines or (under PIPA) "information location tools" -- a broad term that covers an awful lot of the internet -- have to magically figure out ways to block any and all links to the site in question. If it's either the AG or private rightsholders, then payment processors and ad networks would be forced to stop doing business with the sites on the blacklist.

Under both bills, the definitions of what is a "site dedicated" to "infringement" or "theft of US property" are pretty broad and open to abuse. While supporters of the bills love to insist they're narrowly tailored, a simple look at PIPA shows that's wrong. It notes that you can be dedicated to infringement if the key service you offer facilitates infringement. Think about that for a second. Pretty much every user generated content site or communication tool... or... computer, can "facilitate" infringement. Now, supporters of the bill insist that most sites are safe because the bill says that there's "no significant use other than... enabling or facilitating" infringement. But, again, note they're not saying that it has no significant use other than infringement. It says no significant use other than enabling or facilitating infringement. That's pretty much the entire internet there. A site may only rarely be used to infringe, but its primary function can still 'facilitate' infringement.

In addition, SOPA has an anti-circumvention rule, which makes it incredibly risky to provide any kind of service that that accidentally gets you around the blacklist. (VPN provider? Too bad!) Even worse, the anti-circumvention provision is not limited to foreign sites.

The "only impacts foreign sites" claim is also a red herring. It's a favorite of the pro-PIPA/SOPA folks, but it's a lie. While the current bill targets foreign sites, all of the remedies and enforcement require compliance by domestic sites. That's costly. I recognize that policy analysts, lawyers, lobbyists and politicians who have never actually run a business think this stuff is simple, but for those of us who actually run companies, this is terrifying. We now have to worry about staying in compliance with a broad law that's almost impossible to comply with in any realistic manner. In our debate yesterday, the US Chamber of Commerce's Steve Tepp insisted that there was "no liability" for any domestic site. This is ridiculous. What he meant was no direct monetary liability. Leave it to an out of touch policy guy to think that it's only a liability if there's the potential to cost you money in court. The liability is in the possibility of being dragged to court over this. It's in the possibility of facing additional punishment/sanctions for failing to obey an impossible-to-obey court order to cut off certain users. That is a tremendous liability.

There are additional provisions that are troubling, including SOPA's inclusion of "felony streaming" provisions, that could lead to jail time for those who lip synch over songs and put that up in a YouTube video, or those who embed infringing YouTube videos on their own site. PIPA does not have that directly, but there is a companion bill in the Senate that has similar things.

So why, specifically, are these two bills so bad:
  1. They will not do anything to solve the problem. This is the biggest point. In the past 35 years, dating back to the 1976 Copyright Act, the legacy content industries have gone back to Congress an astounding sixteen times and gotten them to expand copyright law in some form or another to deal with their own inability to adapt. That's just about every two years. And what has any of it done to reduce the amount of infringement? Nothing. Absolutely nothing. But now this is suddenly the magic bullet?

    More to the point, multiple studies have shown that "piracy" is almost always a "service" issue -- in that people resort to infringing options when no good options exist. A detailed four-year study on this issue around the globe found, consistently, that infringement was never an "enforcement" issue -- but exclusively a business model issue. Provide services that give people what they want, and watch piracy decline. Lots of people have shown the industry how this works, and they still ignore it. A perfect example is how Valve Software saw lots of piracy in Russia -- a hotbed of infringement -- and used that as free market research to establish a presence in Russia, which is now a huge moneymaker for them. Not by "enforcing" against infringers, but by offering a better legitimate service.

  2. Putting massive liability and compliance costs on startups will hinder the most necessary innovation and jobs. As described above, these bills work by making tech companies responsible for creating/policing the blacklist. That's expensive and daunting. Many startups won't even bother to work on innovative services because the legal fees will just be too high. Others will simply start elsewhere. At a time when startups are the only net creator of jobs these days, do we really want to burden them all with significant new compliance costs and liability? These bills are jobs and innovation killers.

  3. These bills go against American principles of freedom of speech. Over 100 law professors -- including one of the most respected Constitutional scholars, Laurence Tribe -- have made this point repeatedly. Creating a blacklist is not where the US should be going -- and it specifically goes against our messaging to other countries on the importance of an open internet and basic internet freedoms. Sure, supporters of the bills will point out that censoring "political speech" is different than censoring sites that have some infringing content, but that ignores reality. We've seen oppressive regimes abuse copyright law to oppress dissidents. SOPA & PIPA give those regimes the perfect cover story for doing more of that: just claim they violated copyright law, and the US says it's just dandy to censor and suppress speech.

  4. The immunity provisions in the bill sneak through broad powers by pretending they're "voluntary." Supporters insist that these bills will only be used against the worst of the worst. But they're purposely ignoring the broad immunity provisions in the bill -- and the history of similar immunity provisions. The immunity provisions basically say that, if you become aware of a site that may be infringing, you will get full immunity if you take the actions prescribed in the bill (i.e., cutting them off). As we've seen with the DMCA, such a grant of immunity means that if you hear of a site that is accused, you are very, very likely to cut them off, just to make sure you retain that immunity. Why risk it otherwise? Only a few sites may stand up to the worst abuses. The rest will want to make sure they don't have any future legal fight and will quickly cut the site off -- at which point there's no real recourse.

  5. These bills will be abused. Just like every copyright law that's been passed. It's common knowledge that the DMCA is widely abused to take down content that is not infringing. But, at least with the DMCA it's targeted at specific content. With SOPA, entire sites will be taken down. Supporters insist that a "court reviews" these, and so there's no worry there. Tell that to, the blog that was incorrectly seized and censored for over a year with no due process under existing law (something we should definitely be revisiting). How can we say the new law won't be abused when the old law is already regularly abused?
This is not a "theoretical" problem. This is not a "hypothetical" issue. These are not exaggerations. This is what's in the bill today. And it's all a huge problem.

Yes, the DNS blocking provisions of the original bills made these even worse, but delaying (not removing) these provisions doesn't fix all of those other problems.

As for some of the misinformation -- including the claims that SOPA would be used to take down US sites -- well, that's the supporters' own damn fault. They pushed to make SOPA so bad that that absolutely was the case with the original bill, and only changed after massive pushback from the online community. If they hadn't pushed to include that in the first place, perhaps this wouldn't be an issue. But, really, worrying about the takedown of American sites is an issue that's separate from SOPA/PIPA... in that it's already allowed under US law. Just witness the Dajaz1 case we mentioned above... and worry about the fact that we didn't have this day of protest before the ProIP Act was approved, which sneakily allowed that to happen.

These bills do not solve the problem, because they're targeting the wrong problem. And, to make matters worse, they do so in a way that creates tremendous collateral damage. This is no way to regulate.

Permalink | Comments | Email This Story



No comments:

Post a Comment