On January 18, the Advisory Committee to the Congressional Internet Caucus held the Seventh Annual State of the Net Conference to discuss current issues and upcoming legislation in 2011. The event brought together industry groups, consumer groups, and government officials for discussions on a variety of topics including protection of intellectual property online. Videos of many of the talks are available here.
John Morton, the Director of Immigration and Customs Enforcement (ICE) addressed the opening plenary, and he described Operation In Our Sites, in which federal judges issued criminal seizure warrants for domain names. In the first phase of Operation In our Sites, they got warrants for eight websites which offered more than 200 movies and 300 TV programs. All of the sites targeted by Operation In Our Sites had been knowingly engaged in the sale of infringing content. In order for ICE to move on a site, they needed to demonstrate for the purpose of seizure that 1) there was a violation of law, and 2) the people running the site knew it, and clearly intended to break the law. The impact of the first round of Operation In Our Sites was unexpectedly big: 81 other sites that had been doing the same thing voluntarily shut themselves down. Morten said that he’d never seen an enforcement action have that kind of a deterrent effect before. Since the seizures, some of the sites have resurfaced, but others have stayed down. For the second round of Operation In Our Sites, they have leads for 130 more sites, which they are investigating. ICE will not seek warrants for each of them, just the ones they believe are truly pirate sites.
Cameron Kelly, General Counsel for the US Department of Commerce spoke next, and his talk focused on the right to privacy. The Department of Commerce issued a green paper last year with a set of policy recommendations for online privacy, and they hope to work with Congress and the rest of the executive branch to put their recommendations into practice. [Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework, December 2010.] Key recommendations are:
- The creation of a Privacy Bill of Rights, which would provide a clear set of guidelines for the enforcement of privacy laws.
- The creation of enforceable codes of conduct developed by multi-stakeholder groups. They should be flexible, and above the minimum required by law.
- Greater engagement with the international privacy community.
Rep. Marsha Blackburn spoke next, and she was critical without being specific of the FCC’s regulation on net neutrality [Regulation | FCC press release]. She blames Congress, both Republicans and Democrats, for not agreeing to a policy and basically punting the issue to the bureaucracy. She supports HR96, which would reassert Congressional jurisdiction of the internet. If it becomes law, the first thing Congress should do with its new authority is correct the FCC overreach on net neutrality. Blackburn argued that conservative legislators should always strive for light regulation, but this is not enough. They also need to figure out how to apply conservative business principles to the internet. She says that the upcoming Congress will be much more active when it comes to the online commercial marketplace.
Blackburn called intellectual property the “primary commodity of the creative economy,” and stressed that IP rights must be enforced as strenuously as material property rights – including internationally. To do this, Congress should pass patent reform with strict deterrence and should pass “rogue website” legislation.
Regarding privacy, the government’s role is not to determine what should be private and what should not. Instead, the government should ensure that individuals know what’s being followed, and it should ensure that individuals are able to protect what you don’t want to share.
The first set of panels in the morning included “Rooting Out Online Copyright Piracy with COICA: Will It Work?” The panel discussed both the feasibility and the appropriateness of the Combating Online Infringement and Counterfeits Act (COICA). The panelists were Daniel Castro from the Information Technology & Innovation Foundation; Dan Kaminsky from Doxpara; Andrew Pincus from Mayer Brown LLP; and David Sohn from the Center for Democracy and Technology. It was moderated by Greg Piper from Warren Communications.
David Sohn said he supports the goal of reducing copyright infringement, but he has serious concerns about COICA’s focus on domain name seizure because any domain name takedown will be quickly circumvented. People can just type in the numeric IP address and bookmark it. Offending sites will still be available, and simple tools will be developed to help people get to the sites.
Additionally, COICA can have a number of unintended consequences that will affect more than just infringing content. If other countries follow example, we’ll end up with a more balkanized internet. There are also serious cost issues.
COICA is often portrayed as only focusing on sites that exist solely for illegal activity, but a reading of the text shows that this is not true. There are sites like DropBox and RapidShare that users can use as they see fit. We could end up seeing COICA or similar enforcement efforts being used against these sites. Furthermore, there is no advance notice, no process, no way for site to defend itself from COICA takedown. There is a real risk that sites with non-infringing uses and bad uses will be taken down, and sites and users will be considered guilty until proven innocent. Cost benefit analysis is needed to make sure that the costs associated with this plan do not outweigh the benefits.
So what are the alternatives? One thing we could do is actually go after the people engaged in the crimes. This is obviously harder when these people are in foreign countries. Ultimately, you’ll need cross-border cooperation to bring large scale international IP infringers to justice. The strategy of focusing on payment systems to try to address this problem is interesting. Most companies offering services allowing website owners to accept online payments use contracts with some kind of clause saying they do not support crimes and reserve the right to cease doing business with criminal sites. To combat online gambling, we went after payments, not domain names.
However, if you look at the big picture, combating copyright infringement is not just about enforcement. The real way to do it is to build legal distribution networks that people like. That would work.
Andrew Pincus acknowledged that COICA won’t stamp out all access to infringing sites, but argued that it is part of a solution to the problem of widespread online piracy. It will make it harder for people to break the law, and everything that will weed out some infringement is helpful. We need to do something to make sure our domestic enforcement is not meaningless. His answer to those who claim it just won’t work is that it is up to them to propose a better solution.
Pincus disagrees with David Sohn’s assertion that legitimate users will be harmed by COICA. It is designed to go after sites that have no other purpose than infringement. The standards it applies are the same standards in found in IP treaties and in our own law. Therefore, it should be uncontroversial. (Pincus also disagrees with David Sohn’s assertion that there is no notice before action is taken under COICA, and recommends reading the text.)
The notion that we should get other countries to assist in law enforcement sounds good, but many countries just don’t arrest the people engaged in piracy. And online piracy abroad is not like theft in the physical world where street corner sales don’t affect you in your home market, because everything is international. Since we can’t extend US law to other countries, we get into financial and intermediary solutions.
Dan Kaminsky introduced himself as an engineer, and said that COICA will not succeed in stopping piracy, because an alternate DNS can be selected in less than 60 seconds. Technologically, COICA does not do much to stop piracy.
Furthermore, the side effects of COICA are dangerous because it will drive people into foreign-hosted servers. Not only will users’ personal data will be more likely to be hacked (like bank accounts), but they will also be linked into our own networks, causing a lot of risk. If users switch nameservers, then network technicians will lose the ability to guarantee the safety of their network. It is somewhat analogous to altering antivirus software to ensure that it would block all pirated content. This would work, but people would stop using antivirus software, causing malware and other Bad Things to spread through networks.
Unilaterally blocking sites can be bad internationally. DNS is a very essential thing for the internet to work. What will happen when other countries follow our example of DNS takedowns, but apply it to blocking other types of content, like political speech? Finally, since COICA involves unilateral action to go after foreign intermediaries and finances, it will invite other countries to go after our intermediaries and finances for reasons they unilaterally determine.
Daniel Castro said that the US needs a fast, flexible response to someone setting up an illegal site for offering copyrighted materials, which is very easy to do. COICA is intended to block them. Although the block is not foolproof, it will work for many people who are less technologically inclined. COICA opponents who say that most users will easily get around a domain name takedown are giving the average net user a lot of credit. Average users might not be able to find the sites. Many people might not want to link up with unknown foreign servers, because of privacy concerns. Then there is the matter of how it would work – the whole US internet population can’t just switch over to Russian servers. How would they handle the traffic? Who’d pay for it? Realistically, some people will switch, but a lot of people won’t switch. The Berkman Center has found that only about 3% of internet users are using circumvention tools or proxies in countries that actively restrict access to content. [see report] Most people are interested in content, not in piracy. If you google “watch Black Swan,” the full movie comes up in the first 10 Google hits. Accessing pirated content is just too easy.