Thursday, April 27, 2006

Minors and potential legislation that could affect ISPs and adult bloggers

ISP's, at least it seems from looking at all the literature, typically have little liability for what their customers do (unless they are in a position to know about it, which would mean that they should not edit or monitor their customers proactively in many circumstances). That's good for the speaker because there is relatively little practical likelihood of a judgment against a service provide in most circumstances, so relatively little chance that the indemnification would kick in (as noted above). (ISPs carefully word their TOS documents on all this.) We have concerns about calls in Congress and state legislatures to make companies more accountable for what minors do online, since there have been so many reported problems with minors attracting "bad adults" online. While there can be some structural protections (requiring a credit card to get service, or some kind of parental consent process) devised, it is important that legislators tread very carefully, or all speakers (including adults) could be exposed to much larger liability risks and "chilling effects." One positive step could be for companies offering "social networking sites" to become more proactive in offering services with restricted audiences (in the style of VPNs and intranets), so that teens, parents and teachers can communicate without exposure to "the outside world" and potential "danger". The management of chatrooms is also an important issue here.

Of course, we already know from COPA and several other bills in Congress that balancing the freedom of adult speakers and self-publishers, and parents with the practical difficulties of watching their kids, is a delicate political and ethical issue.

Keep up with Electronic Frontier Foundation on this (the bloggers rights pages especially)

(May 2006)
I asked an attorney involved with the litigation on COPA this question:

Does COPA imply any potential "downstream" civil liability to ISP's? Here is what I notice in the text:

``(d) Obligations of Interactive Computer Service.--A
provider of interactive computer service shall, at the time
of entering an agreement with a customer for the provision of
interactive computer service and in a manner deemed
appropriate by the provider, notify such customer that
parental control protections (such as computer hardware,
software, or filtering services) are commercially available
that may assist the customer in limiting access to material
that is harmful to minors. Such notice shall identify, or
provide the customer with access to information identifying,
current providers of such protections.''.
Generally, I thought that ISP's are not supposed to be liable for what customers do (all of them say this in their "terms of service" and most of them now have little-known indemnification clauses in their service agreements), I thought, although this seems like a point that some people could nibble at. On EFF's web site I find discussion of section 230 in the 1997 CDA:

http://www.eff.org/bloggers/lg/faq-230.php

"No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider."

Is that still true under COPA? I have seen very little discussion of this that I recall in all of the opinions and briefs so far.

His answer:

The short answer to your question is no. ISPs are specifically carved out from liability by section 231(b) of the statute:

``(b) Inapplicability of Carriers and Other Service
Providers.--For purposes of subsection (a), a person shall
not be considered to make any communication for commercial
purposes to the extent that such person is--

``(1) a telecommunications carrier engaged in the provision
of a telecommunications service;

``(2) a person engaged in the business of providing an
Internet access service;

``(3) a person engaged in the business of providing an
Internet information location tool; or

``(4) similarly engaged in the transmission, storage,
retrieval, hosting, formatting, or translation (or any
combination thereof) of a communication made by another
person, without selection or alteration of the content of the
communication, except that such person's deletion of a
particular communication or material made by another person
in a manner consistent with subsection (c) or section 230
shall not constitute such selection or alteration of the
content of the communication.