SAN FRANCISCO--David Ulevitch is an entrepreneur who built his business, OpenDNS, around providing better ways for customers and companies to deal with Internet domain names.
"The legislation has the potential to create the great firewall of America," Ulevitch, 29, told CNET in an interview today.
SOPA, which was introduced last month in the House of Representatives to applause from the Motion Picture Association of America and other large content holders, is designed to make allegedly piratical Web sites virtually disappear from the Internet. It allows the Justice Department to serve court orders on Domain Name System (DNS) providers, including OpenDNS, requiring them to pretend that the so-called rogue Web site doesn't exist.
The legislation, which was the subject of a House hearing yesterday, "creates a tremendous amount of liability for ISPs and service providers like mine to become the censorship arm of the Department of Justice, which is not a position we want to be in," Ulevitch says. (See CNET's roundup of related stories.)
OpenDNS claims more than 30 millions users--including 40,000 schools and 3,000 enterprise customers--have switched to its domain name servers to improve performance and benefit from anti-phishing technology. (DNS servers translate alphanumeric domain names like CNET.com into the numeric addresses actually used by computers, in this case 22.214.171.124. The speedier the servers, the quicker that Web pages appear.)
OpenDNS isn't pro-piracy, Ulevitch says. "We do not support it--we think that artists should be protected and that content creators should be protected."
But SOPA is written so broadly that it will invite abuses and weaken DNS, he believes. "We look at it as encumbering innovation," he says. There's "such collateral damage and so little benefit."
Ulevitch is in a unique position to comment on SOPA: OpenDNS, of which he's the chief executive, was the first company formed around the idea of building better DNS services.
But he's not alone in worrying about SOPA's implications: earlier today, Sandia National Laboratories, part of the U.S. Department of Energy, warned that the measure is "unlikely to be effective" and will "negatively impact U.S. and global cybersecurity and Internet functionality." At yesterday's House hearing, Rep. Dan Lungren, who heads the Homeland Security subcommittee on cybersecurity, warned that SOPA would undercut efforts to secure DNS. (The Motion Picture Association of America disagrees.)
A spokeswoman for Rep. Lamar Smith, the chairman of the House Judiciary committee and SOPA sponsor, did not respond to queries today about the security implications of the legislation and whether a hearing would be held on the topic.
If SOPA turns out to be sufficiently onerous, Americans will simply switch to using offshore DNS providers that will offer encrypted links, Ulevitch predicts. (CloudFloor, for instance, is headquartered in the U.K.'s Channel Islands.) Or U.S. entrepreneurs will move offshore.
"We can reincorporate as a Cayman Islands company and offer the same great service and reliability and not be a U.S. company anymore," says Ulevitch, who located his headquarters in the south of Market area of downtown San Francisco, a stone's throw from the city's light rail station.
Ulevitch felt strongly enough about the peril that SOPA could pose to the Internet industry that he trekked to Washington, D.C. a few weeks ago to meet with members of Congress.
"It was clear that this is an issue that everybody on Capitol Hill is familiar with," he said. "Everybody on the Hill knows about Protect IP and SOPA," he said, referring to the Senate version that was approved by a committee earlier this year and is awaiting a floor vote. A Politico chart shows that Hollywood spends 10 times as much on lobbyists as tech companies do.
On the other hand, familiarity doesn't equate to opposition. "Everything they were hearing from people who came to their door every day is fervent support" for SOPA, Ulevitch says. "There was nobody sitting on the other side of the table opposing it...The amount of perspective and influence we have in DC is essentially non-existent. it's not serving us well anymore."
Probably the most detailed analysis of the DNS-related problems caused by an Internet death penalty was one (PDF) prepared by five Internet researchers this spring. Among the problems they list with that approach: it's "incompatible" with DNSSEC, a DNS security technology; innocent Web sites will be swept in as "collateral damage,"; and the blacklist can be bypassed by not using DNS and instead typing in the numeric Internet address of a Web site.
The paper was authored by Steve Crocker, a longtime member of the Internet Engineering Task Force; David Dagon, a post-doctoral researcher at Georgia Institute of Technology; security researcher Dan Kaminsky; Verisign Chief Security Officer Danny McPherson; and Paul Vixie, chairman of the Internet Systems Consortium and principal author of popular versions of the BIND DNS server software.
Ulevitch is not optimistic about the likelihood of Congress understanding and acting on the criticisms: "It's easy to legislate technology. It's almost impossible to get it right and have it be effective."