The Senate's controversial Protect IP Act, which would significantly expand both public and private enforcement of online copyright and trademark infringement, is returning to center stage.
That was the message yesterday from U.S. Rep. Bob Goodlatte (R-Va.), who led a town hall meeting yesterday in Palo Alto, Calif. Goodlatte, a leader in Congress on technology policy, told a crowd of over a hundred that the House is working on its own version of the Senate bill.
Protect IP passed unanimously out of committee in May and now awaits a full floor vote. Goodlatte acknowledged that the Senate version is opposed by tech industry leaders and leading venture capitalists.
"The Senate bill was strongly critiqued," Goodlatte said, "and rightly so." He said the House is working on its own version, which he promised would be "quite different."
In particular, Goodlatte said the House bill, like its Senate counterpart, will focus on new legal tools for law enforcement and private parties to combat infringing and counterfeit goods. But Goodlatte said he agreed that these tools, and how they are used, must not interfere with the practices of "legitimate businesses" that are not violating the law.
The House bill will be introduced in the next few weeks, and hearings will be scheduled for mid-September, Goodlatte said.
Serious defects in the Senate's draft
As one of Protect IP's many critics, I'm relieved that the House intends to correct serious defects in the most recent version. The Senate bill, introduced by Sen. Patrick Leahy (D-Vt.), was flawed, incomplete, and included dangerous provisions that could unintentionally interfere with both the business and technical evolution of the Web. These are serious costs, and they came with almost no offsetting benefits.
As drafted, Protect IP has little chance of reducing the current level of online copyright and trademark abuse, or of shutting down "rogue" Web sites that profit from illegal trade in films, music, and knock-off products. That's largely because the bill focuses on operators outside the U.S. But U.S. law enforcement agencies have no authority to shut down foreign Web sites, which may not even be violating laws in their own countries.
Instead, Protect IP authorizes a variety of techniques to cut off access to banned sites. These include court orders forcing search engines and other sites to remove hyperlinks to banned domains. They also include requiring domain name servers to misdirect clicks on such links to warning pages about possible violation of U.S. law. Ad networks and financial transaction processors would also be prohibited from doing business with the banned sites.
These indirect approaches may be the only way for U.S. courts to disrupt traffic from non-U.S. sites. But they all have dangerous unintended consequences. Leading Internet engineers, for examples, argue that manipulating the Domain Name System (which resolves URLs to the actual IP address of the site) could splinter the DNS process, weakening this critical Internet resource.
A group of over a hundred legal academics, at the same time, has written an open letter to Congress, insisting that Protect IP would likely violate First Amendment protections against "prior restraints" on speech. By blocking U.S. users from reaching Web sites in other countries, the academics also argue, Protect IP undermines U.S. efforts to stop other countries from blocking access for their own citizens to Web sites deemed offensive for political reasons.
It's also not clear that any new law is required. Unlicensed copying of movies and music is undeniably a feature of the Internet today, as are sites selling knock-off goods including clothing and medication. These illegal activities should be stopped. But existing enforcement mechanisms, such as the "notice and takedown" provisions of the Digital Millennium Copyright Act, have made great strides in controlling unlicensed distribution.
While imperfect, these tools have proven effective and efficient. Much of the notice and takedown process on sites including YouTube and eBay, for example, has been automated, with copyright and trademark holders providing reference files that can be checked against user-posted content.
Perhaps that's one reason that rights holders are finally coming to terms with the tremendous potential of digital distribution, as evidenced by the rapid growth of cloud-based content licensing services from Apple, Spotify, Hulu, Amazon.com, and others. The more legal and cost-effective options consumers have, the less likely any but the most marginal illegal businesses will survive.
There is also growing concern that federal law enforcement agencies are abusing the power they already have to enforce copyright and trademark. Under provisions of the 2008 PRO-IP Act, for example, the Department of Homeland Security has recently begun "seizing" domain names of domestically registered sites it believes are engaged in unlawful activities. In every case, DHS has asked courts to treat the seizures as emergencies, allowing them to misdirect Web site traffic without giving notice or an opportunity for hearing to the domain's registered user.
(The first legal challenge to this practice, filed by a Spanish domain registered in the U.S., is now being considered.)
Five essential changes
The best solution to Protect IP's deficiencies would be for Congress to ignore the Senate bill altogether. But as the House prepares its own version of the law, here are five essential changes to Protect IP that would greatly reduce unnecessary risks to the Internet ecosystem:
1. Don't destabilize the domain name system. Since U.S. law enforcement agents cannot easily "seize" the domain of a site registered outside the U.S., Protect IP tries to trick Internet users into believing the banned site has disappeared. Courts can order domain name system servers to reroute URL requests for a banned foreign site to a government warning site instead. But the banned site would still exist, accessible by its IP address or through a DNS server that wasn't covered by the court order. (There are as many as a million worldwide DNS servers today.)
Cutting off a website by forcing DNS servers to incorrectly resolve a URL will badly damage the integrity of the DNS system. Protect IP allows such tampering for any "nonauthoritative" domain name server, but never defines "nonauthoritative." Most analysts assume this means ISPs rather than higher-level domain registries and registrars. But even if that's true, law enforcement agents will likely apply this provision only to the largest ISPs. Doing so could splinter the DNS system, undermine efforts to authenticate URLs, and encourage users to abandon domain names in favor of entering a site's IP address directly.
2. Leave search engines and hyperlinks out. In addition to misdirecting DNS requests, Protect IP allows law enforcement agencies to order providers of any "information location tool" to remove hyperlinks and other references to a banned non-U.S. site. The definition of "information location tool" is much broader than just search engines, including "services" that provides a "directory, index, reference, pointer, or hypertext link."
In theory, that means a court could order the removal of any reference to the banned site from any Internet service in the U.S., including links in user comments and blog posts. In practice, law enforcement would likely serve these orders only on large search engines and indices, leaving users with the prospect of uncertain and inconsistent search and linking results. This provision would significantly damage the integrity of search, indexing and linking--foundations of the Web that are as valuable as the domain name system.
3. No private enforcement. Protect IP added provisions to an earlier draft that allow private parties to enforce some of the new protections without any criminal proceeding by the Department of Justice. What's more, the newly added private enforcement provisions apply to Web sites registered in the U.S. as well as to foreign sites.
But rights holders already have effective and carefully tailored tools for dealing with infringement on sites registered in the U.S.--no new law is required. For foreign Web sites, enforcement efforts should be left solely to the Department of Justice. Private enforcement would only encourage large media companies to bully foreign sites through U.S.-based ad networks and credit card companies that serve them. These providers have little incentive to defend the rights of their customers.
4. Correct ongoing abuses by DHS. Any new law to expand enforcement of U.S. copyrights and trademarks to foreign Web sites should first correct ongoing abuses of existing law. DHS's "Operation in Our Sites" has demonstrated the danger to due process of allowing the government to seize domain names under civil forfeiture laws, which sidesteps procedural safeguards including proof beyond a reasonable doubt. The invocation of emergency seizure provisions has also been abused, allowing DHS to seize domains without any notice or hearing.
Before expanding the power of federal law enforcement agents to apply these potent legal weapons through domain name servers, information location tools, ad networks, and financial transaction processors serving banned foreign sites, Congress must reign in DHS's dubious interpretation of existing law. Protecting copyrights and trademarks is an important goal; but the rule of law can't be suspended in the process.
5. Clearly define "rogue" Web site. Responding to criticism of last year's bill, Protect IP's authors made significant changes to the definition of an "Internet site dedicated to infringing activities." But the new definition--actually there are several of them--conflicts with existing law. The Senate bill is still too broad. And if it already existed, it arguably would have allowed law enforcement agents to shut down or disrupt YouTube and other services early in their existence.
Protect IP continues to grasp for a definition that would address the most abusive Web sites, including sites that index unauthorized movie torrents, those that appear to sell licensed copies of movies and music but which are not in fact licensed to do so, and sites claiming to sell branded goods that are actually counterfeits. The current definition, however, goes far beyond the intended "rogue" sites and introduces ambiguities that will generate long and expensive litigation for years to come.
What's left? What's better?
The least controversial provisions of Protect IP would force U.S.-based ad networks and payment processors to cut ties to banned Web sites. Assuming those provisions were applied to truly criminal enterprises after a fair hearing, interrupting the flow of revenue seems a reasonable response.
Unfortunately, this will likely only lead genuinely rogue Web sites to shift their business to ad networks and payment processors outside the reach of U.S. law. For marginal enterprises, these provisions might help curb infringing activities, especially those that appear to be legitimate.
But there are better ways to protect U.S. interests in copyright and trademark than passing any version of Protect IP. Congress' goal, after all, is to extend efforts to combat infringement and counterfeiting to non-U.S. sites. However, that should be a matter first and foremost of foreign policy and of the U.S. Trade Representative. If other countries are not abiding by trade agreements and treaty requirements to protect U.S. interests, the U.S. should work through global trade organizations and use the threat of sanctions to improve compliance.
That, in any event, seems a far more promising approach than trying to trick Internet users in the U.S. into believing offending sites aren't actually there. Quite simply, Protect IP won't work. People who are determined to find illegal content and products will have little trouble adjusting. At the same time, the sleight-of-hand authorized by Protect IP could irreparably damage the engineering elegance that has made the Internet so successful.
Let's hope lawmakers in the House really did get that message and are drafting a bill that deals only with the few foreign Web sites that truly deserve to be shut down, and does so without undermining the best features of today's Web. We'll find out soon enough.
Yesterday's event was the first of the Congressional Internet Caucus' "State of the Net West" public discussions. Other events, all featuring leading members of Congress, are scheduled over the next few months.