Friday, November 25, 2011

SOPA and the "Middle School Detention Problem": Congress should learn a lesson from Righthaven

Remember in middle school when the teacher would give everybody detention because one or two people were talking out of turn?  The teacher would even prod the class on learning to watch out for one another.  In fact, I found that out as a sub: one kid could ruin an entire class and get me banned from the school.  That potential analogy forms the heart of what is so unsettling to the Website- authorship-and-hosting community about SOPA in the House (and to some extent, the similar Protect-IP in the Senate). 

Visitors are urged to read carefully the written comments by Google’s General Counsel on Copyright, Katherine Oyama, before the Judiciary Committee Nov. 16, here

Here’s the heart of what she says from my perspective.  Any website or service (publishing  or video platform, or shared hosting, or e-commerce site) can be exposed to being “tackled” upon a complaint from just one copyright (or perhaps trademark) owner.  The actions that could occur include domain name(s) revocation, suspension of payments from credit card companies or other processors,  disconnection from advertisers, removal from search engine results, or outright termination of service (as with a typical TOS violation).  A complainant can get a court or government agency to use whatever means is necessary to render the site inoperable if just one element (or user) of the site invokes a complaint, regardless of the rest of the site.  The multiplicity of potential remedies seems to stem from a belief that various methods may be needed to fight rogue overseas sites, but as the bill is written they could apply to domestic sites too. 

That would seem to mean that a site needs (as a practical matter, even if not legally directed) to preview the activities of its customers, to reduce the risk that one customer could get it taken down.  This sounds like a warped application of the Biblical idea of being “your brother’s keeper”.  In theory, this could sound as though YouTube might believe it would have to review every video before being put up, because one infringing video could get it all taken down. This existential “threat” may seem very unlikely in practice, and of course it would be impossible for YouTube to do this.  But YouTube’s management has to make a conscious policy decision about what “risk” it can take with its shareholder’s money.  (In a publicly traded, fiduciary environment, it’s legally obligated to do so.) (Oyama, at one point, suggests that YouTube might not have come into existence had SOPA, as drafted now, been in effect in 2004; perhaps the same could be said about Blogger and Wordpress earlier.)

There are a couple other wrinkles.  One is the end-around of the DMCA Safe Harbor, or Digital Millennium Copyright Act provisions that allow service providers to preclude downstream liability if they honor takedown notices.  As Google points out, having complied with the DMCA procedures would not necessarily “save” a site brought down by SOPA.  It’s true that SOPA does have a counter-notice procedure (similar to DMCA) and requires some review by a court or government when an order is contested.  But now this would be necessary to save the entire site, not just one posting. 

It should be noted that even now the DMCA Safe Harbor does not necessarily protect an individual web self-publisher from litigation. We know that from the summary lawsuits filed against bloggers in the past two years by copyright troll Righthaven.  No, Safe Harbor protects “providers”, or those who publish materials submitted by others, and only with proper registration with the Copyright office.  

That invokes still another grim possibility, however, that “trolls” will bring frivolous actions against service providers or smaller e-commerce sites with the intention of extorting settlements, in a manner reminiscent of Righthaven.  Lawyers say that SOPA replaces a "adversarial" process with an "ex parte" risk.

There is a lot of discussion (particularly in Google’s comments) about “technically feasible” ( a phrase that sounds evasively vague) means being expected of sites to preclude illegal activities by customers or users  -- particularly to prevent, or to prevent "access" to "illegal sites" from their plaforms.  This concept may have also generated a lot of speculation that SOPA "directly" requires preemptive monitoring (as well as mandating it in practice between of the "misbehavior veto" problem).  It has even led to talk that sites or blogs could be brought down for hyperlinking to illegal sites (or does the TF requirement only apply to higher level providers?) .  The language of Section 102, when I read it, suggests to me that normally sites and providers have five days after being served notice to block access, although they're supposed to "harder".   The notion that this could apply to normal sites and blogs prospectively sounds very unlikely to me: in general, a blogger when linking to an article on another site has no conceivable way of knowing if that site is somehow, in a downstream (mathematically connected manner) involved in infringement somewhere else in the US. (I could add a caveat to that statement, though.  Some anti-virus companies, especially Webroot when running on newer Mozilla platforms, inform users that they are navigating to sites known to be associated with malware.  Other sites, my MyWOT, warn users about sites known to have unethical business practices even without malware.   It’s not hard to imagine this sort of screening at the browser level being viewed as “technically feasible” and bloggers being told they must use it (at least if notified of a problem).  (Embeds, which are really "just" links according to EFF, could raise interesting questions under SOPA).

In my own case, I probably have limited exposure.  I monitor comments on blogs, and on (my main site, originally called, since 1997) I publish readers’ comments only in one specific subdirectory, after monitoring.  But in theory my shared web hosting provider could perceive unknown risk from me and all other shared hosting providers.  (I’m up for renewal in 2013.)  SOPA also raises still another question in my mind: could pro-active monitoring somehow make one more liable for downstream infringement, for missing an infraction? Maybe it’s actually safer not to monitor. It’s hard to tell. 

Since around 1996, the Internet has been based on user self-publishing and, by and large, freedom from downstream liability to service providers for either torts (libel) or copyright or trademark infringement, outside of some limited areas (Safe Harbor).  This environment does promote a degree of “amateurism” which some people do not agree with.  Also, the open environment invites cyber-abuse, as I covered on recent posts (Anderson Cooper shows).  Some people may also fear that “low cost” or no cost competition from bloggers (not infringement, just competition itself) harms the established media businesses and costs jobs.  In this environment, some in Congress may believe that the “open environment” should go away, and that “newbies” should be forced to compete in the world in a more conventional fashion, as in the past. It’s hard for me to tell from this legislation if that is what they believe (some comments by the US Chamber of Commerce were disturbing and Anderson Cooper has recently criticized what amateur activity on the web opens the world up to).  It also seems that most in Congress do not really understand how the Internet works.  There are many lawful business models (often related to private or public holding) on the Internet, and they can come into conflict.  

There’s a final personal experience lesson, referring back to an incident when I was subbing, described here July 27, 2007.  In that case, I mentioned my doaskdotell site to a staff member in discussing a political issue (at the time, campaign finance reform), and suddenly the school came down on me because someone thought that two files on the site (out of over 1000) compromised my own reputation.  Again, the presence of one problematic object on a site renders the entire site or operation legally vulnerable. I haven’t forgotten this lesson.

 I'm still wondering: when should I pay for someone else's sins?  I guess if I take advantage of the process that allowed the sin, maybe?  We all live in a community.

Update: Nov. 27

The New York Times has a reasonable editorial and proposed solution "Going After the Pirates" here.  I'll come back to the proposals here soon.

No comments: