- About CEI
- Support CEI
Why SOPA Threatens the DMCA Safe Harbor
Why SOPA Threatens the DMCA Safe Harbor
November 18, 2011
Originally published in The Technology Liberation Front
The Stop Online Piracy Act (SOPA), a controversial bill before the House of Representatives aimed at combating “rogue websites,” isn’t just about criminal, foreign-based sites that break U.S. intellectual property laws with impunity. Few dispute that these criminal websites that profit from large-scale counterfeiting and copyright infringement are a public policy problem. SOPA’s provisions, however, extend beyond these criminal sites, and would potentially subject otherwise law-abiding Internet intermediaries to serious legal risks.
Before moving forward with rogue websites legislation, it’s crucial that lawmakers take a deep breath and appreciate the challenges at stake in legislating online intermediary liability, lest we endanger the “utopia of utopias,” as my colleagues have explained time and time again on these pages (1, 2, 3, 4, 5, 6). The unintended consequences of overbroad, carelessly drafted legislation in this space could be severe, particularly given the Internet’s incredible importance to the global economy.
To understand why SOPA could amount a game-changer for online service providers, it’s important to understand the simmering disagreement surrounding the Digital Millennium Copyright Act (DMCA) of 1998, which grants certain online service providers a safe harbor from liability for their users’ copyright infringing actions. In exchange for these protections, service providers must comply with the DMCA’s notice-and-takedown system, adopt a policy to terminate users who repeatedly infringe, and meet several other conditions.
Service providers are only eligible for this safe harbor if they act to expeditiously remove infringing materials upon learning of them. Also ineligible for the safe harbor are online service providers who turn a blind eye to “red flags” of obvious infringement. The DMCA does not, however, require providers to monitor their platforms for user infringement. A service provider that complies with the DMCA safe harbor provisions but also has generalized knowledge that its service is used for many infringing activities, in addition to lawful ones, is shielded from copyright infringement liability so long as it does not induce or encourage users’ infringing acts.
Defenders of the DMCA safe harbor argue that it’s helped enable America’s Internet-based economy to flourish, allowing an array of web businesses built around lawful user-generated content — including YouTube, Facebook, and Twitter — to thrive without fear of copyright liability or burdensome monitoring mandates.
Conversely, some commentators, including UCLA’s Doug Lichtman, argue that the DMCA inefficiently tips the scales in favor of service providers, to the detriment of content creators — and, ultimately, consumer welfare. Pointing to a series of court rulings interpreting the safe harbor’s provisions, critics argue that the DMCA gives online intermediaries little incentive to do anything beyond the bare minimum to stop copyright infringement. Critics further allege that the safe harbor has been construed so broadly that it shields service providers that are deliberately indifferent to their users’ infringing activities, however rampant they may be.
What does SOPA have to do with all of this? Buried in the bill’s 78 pages are several provisions that run a very real risk of effectively sidestepping many of the protections conferred on online service providers by the DMCA safe harbor.
Section 102 of SOPA empowers the Attorney General to seek a court order against an allegedly infringing foreign website. Such a court order would, if granted, effectively deny the site access to payment processors, ad networks, and even parts of the domain name system. Under § 102, a foreign, U.S.-directed website is deemed a “foreign infringing site” if:
[T]he owner or operator of such Internet site is committing or facilitating the commission of criminal violations [involving illegal copyright infringement, counterfeiting, or theft of trade secrets] and the Internet site would . . . [therefore] be subject to seizure in the United States . . . if such site were a domestic Internet site.
Section 102 goes on to specify that a “foreign infringing site” must also be eligible for seizure by the Attorney General were the site domestic. This provision refers to 18 U.S.C. § 2323, which states among other things that “[p]roperty subject to forfeiture” includes:
Any property used, or intended to be used, in any manner or part to commit or facilitate the commission of [criminal copyright or trademark infringement].
This definition of a “foreign infringing site” is enormously troubling. Note the absence of any requirement of actual or constructive knowledge on the part of the site operator, let alone criminal intent. Under § 102, a foreign website built around user-generated content may be deemed an “infringing site” simply because its server has facilitated the criminally infringing acts of a single user — even if the site operator neither induced nor knew of the user’s unlawful activities. While an innocent foreign site operator might eventually be able to persuade a court to vacate an order deeming it a “foreign infringing site,” SOPA imposes an astonishingly low burden on the Attorney General of showing that a site is a “foreign infringing site.” If the bill is enacted as is, foreign websites that contain any user-generated content had better watch out.
SOPA proponents defend § 102 by pointing out that its definition of infringing sites comes straight out of the 2008 PRO-IP Act, which established the aforementioned civil forfeiture provision in 18 U.S.C. § 2323. But this statute’s constitutionality is currently being challenged in federal court by a team of attorneys that includes Stanford law professor and copyright guru Mark Lemley. The law’s breadth raises serious First Amendment concerns since it permits ex parte seizures of entire outlets of speech (e.g., websites) simply because the outlet has been used in some unlawful manner. SOPA may be based on existing law, but why should Congress extend this overbroad provision of the PRO-IP Act to encompass an even broader range of websites? If anything, lawmakers should revisit PRO-IP and narrow its applicability to sites intentionally operated for the purpose of committing or facilitating criminal infringement. Via Mike Masnick, even Floyd Abrams, a constitutional scholar who represents content companies that strongly back SOPA, conceded in a recent letter to Congress that unanswered questions remain regarding the constitutionality of 18 U.S.C. § 2323.
The next section of SOPA, Section 103, isn’t any better. This section provides for private rights holders to seek court orders against U.S.-directed websites — including domestic sites — to deny them access to U.S. payment processors and ad networks. Section 103 deems a website “dedicated to theft of U.S. property” if any of the following conditions are met:
- [The site] is primarily designed or operated for the purpose of, has only limited purpose or use other than, or is marketed by its operator or another acting in concert with that operator for use in, offering goods or services in a manner that engages in, enables, or facilitates [copyright infringement, circumvention of copyright protection systems, or trademark infringement]; or
- [The site operator] is taking, or has taken, deliberate actions to avoid confirming a high probability of the use of the . . . site to carry out acts that constitute [copyright infringement or the circumvention of copyright protection systems]; or
- [The site operator] operates the . . . site with the object of promoting, or has promoted, its use to carry out acts that constitute [copyright infringement or the circumvention of copyright protection systems], as shown by clear expression or other affirmative steps taken to foster infringement.
The scope of websites encompassed by these provisions appears to be potentially vast. The first prong covers any website that “has only limited purpose or use other than” infringement. Just how “limited” of non-infringing uses must a site have to meet this definition? It’s hard to say. As Rob Pegoraro observed in a recent Roll Call op-ed, ”‘[l]imited’ is one of those wonderfully elastic words — notice the ever-longer yet still ‘limited’ copyright terms granted to artists and creators?” This section of SOPA would be more clear if it simply used the “capable of substantial non-infringing uses” test established by the Supreme Court in its famous 1984 Betamax opinion, Sony Corp. v. Universal City Studios, Inc., which has since been interpreted by numerous federal courts in copyright infringement cases.
The second prong of the § 103 definition, which covers websites that take “deliberate actions to avoid confirming a [high probability of infringement],” is perhaps the most worrisome of the three prongs. As David Sohn of the Center for Democracy & Technology has pointed out, “[t]his seems like a backdoor way of imposing a monitoring obligation on any website that allows users to post content.” Temple Law Professor David Post, writing at the Volokh Conspiracy, observed that the bill might make it a “violation of law to keep the prosecutors from ‘confirming’ that you’re violating the law — all the prosecutor has to show, to make you vanish from the Net, is that you’ve somehow tried to keep the prosecutor off of your website!”
This language appears to have been lifted directly from a 2011 U.S. Supreme Court decision, Global-Tech Appliances, Inc. v. SEB S.A. In that case, a patent infringement lawsuit, the Court found the defendant liable for inducement on the grounds that it took willful steps to blind itself of the existence of the patent at suit. The Court held that “willful blindness” exists when (1) a defendant subjectively believes that there is a high probability that a fact exists; and (2) the defendant takes deliberate actions to avoid learning of that fact.
Note, however, that Section 103 omits the first prong of the Global Tech willful blindness test, the subjective belief element. This omission might simply be an oversight — or it could reveal the intent of the bill’s authors to cast aside the subjective knowledge standard (which currently applies to service providers in the context of knowledge for purposes of the DMCA) and replace it with an objective, “reasonable person” standard. If plaintiff bringing a SOPA action is only required to show that a website operator should have known of its users’ infringement from the perspective of a “reasonable” operator, and that the site’s operator acted in some manner that had the effect of contributing to its ignorance of infringing activities by users, a vast array of websites that currently enjoy the protections of the DMCA safe harbor may face significant new legal risks. After all, website operators make design decisions all the time that might foreseeably impact on their awareness (or lack thereof) of user’ potentially infringing activities. Who knows what sort of well-intentioned, albeit deliberate, decisions might amount to”avoiding confirming a high probability” of infringement?
Why SOPA Could Endanger the DMCA Safe Harbor
SOPA proponents have dismissed concerns that the bill would risk undermining the DMCA safe harbor. U.S. Register of Copyrights Maria Pallante, testifying in a House Judiciary Committee hearing on SOPA on November 16, told members of Congress that it was extremely unlikely that any actions brought under SOPA would impact websites otherwise shielded by the DMCA safe harbor. Techdirt reports that Viacom executive Stanley Pierre-Louis recently argued that SOPA would not “[expand] the scope of secondary liability claims and [diminish] DMCA protections,” noting that “[t]here is no rule that permits ‘willful blindness’ of obvious wrongdoing under U.S. law, and nothing in the DMCA or any other statute has been deemed to hold otherwise.”
Technically, Pallante and Pierre-Louis are correct; SOPA’s provisions appear to leave existing doctrines of copyright liability vis-à-vis the DMCA safe harbor untouched.
In practice, however, SOPA has the potential to effectively usurp the DMCA safe harbor in important respects. If the bill is enacted, online service providers would face a new worst nightmare: being cut off from payment processors, ad networks, and possibly even Internet service providers. As Eric Goldman recently explained, if a “website goes offline because of cash flow problems caused by the cutoff attributable to a single UGC content item, all of the UGC on that website goes dark because of a single content item.”
To avoid such an outcome, website operators will likely do everything they can to avoid falling under SOPA’s definitions — even if that means going above and beyond the requirements of the DMCA safe harbor. While I’m all for websites voluntarily taking prudent and measured actions to combat unlawful user activities (e.g., YouTube’s innovative Content ID system), any legislation that effectively imposes on site operators any new duty or obligation to monitor, or facilitate the monitoring of, user activities merits careful consideration and a thorough cost-benefit analysis.
Fair concerns have been raised by commentators about the DMCA’s limitations and shortcomings. Those concerns deserve a serious examination in the halls of Congress, and in some cases may even merit some careful legislative tweaks to the DMCA. But the extraordinary remedies provided contained in SOPA should be reserved for genuine rogue sites that willfully flout U.S. laws with impunity and are beyond the reach of U.S. law enforcement authorities. While there are U.S.-based websites out there that violate copyright and trademark laws, extraordinary remedies (such as “going after the money”) should not be the preferred method of penalizing such sites. If a rights holder believes that a domestic website is breaking copyright or trademark laws, the proper means of obtaining recourse is to file a civil lawsuit and, if appropriate, seek an injunction. The U.S. Marshals Service routinely enforces civil judgments and other orders entered against domestic actors by federal courts, and rights holders may obtain writs of execution to order law enforcement intervention against American individuals or businesses that violate court orders.
We Have To Pass The Bill To Find Out What’s In It
Reasonable people may read SOPA’s provisions in very different ways, to be sure, and it’s impossible to predict how SOPA would, if enacted, actually impact online service providers. Federal judges vary widely in the methods they employ in attempting to interpret vague statutes. There is no such thing as stare decisis when it comes to statutory construction; some judges focus on the plain meaning of a statute’s language, while others pour through committee reports and hearing transcripts in hopes of divining the legislature’s true underlying intent.
Thus, with apologies to Nancy Pelosi, we probably won’t know what’s in SOPA until it’s passed. Even then, only after years of costly litigation will the contours of the bill’s provisions likely begin to approach a state of clarity. Consider that the DMCA, now thirteen years old, is still the subject of substantial disagreement among federal courts. For instance, courts disagree on what it means for a service provider to take “volitional acts” that encourage users to engage in infringement.
SOPA’s lack of clarity is especially problematic given that its potential victims are small, entrepreneurial Internet start-ups that lack the resources to pay a team of lawyers to examine their operational decisions for potential SOPA violations. As leading high-tech venture capitalist Fred Wilson has argued, “venture capitalists will think more than twice about putting $3mm of early stage capital into startups if they know that the vast majority of the funds will go to pay lawyers to defend the companies instead of to hire engineers to create and build product.”
Lawmakers Should Tread Carefully
While new legislation is indeed needed to combat rogue foreign websites that violate U.S. laws flagrantly and with impunity, SOPA’s definitions and remedies are too broad and too vague in their current form. They would cast a cloud of legal uncertainty over America’s innovative, startup-driven Internet economy. It would be a grave mistake to grant enormous discretion to Justice Department and rights holders and assume that federal trial judges will interpret SOPA’s unclear provisions as narrowly as is necessary to protect legitimate Internet companies .
This week’s House Judiciary Committee hearing on SOPA made clear just how much work remains to be done to craft an effective but targeted approach to rogue sites. Serious questions remain unresolved — not only about SOPA’s impact of the DMCA safe harbor, but also about cybersecurity, due process and free speech. Additional hearings are needed to explore these important issues with Internet engineers, law professors, and venture capitalists. Marking up the legislation before the end of 2011 — as Chairman Lamar Smith desires, according to the National Journal – would be a serious mistake.