Embed Size (px)
Citation preview
This article was downloaded by: [Georgia Tech Library]On: 15 November 2014, At: 23:25Publisher: RoutledgeInforma Ltd Registered in England and Wales Registered Number: 1072954 Registeredoffice: Mortimer House, 37-41 Mortimer Street, London W1T 3JH, UK
International Review of Law,Computers & TechnologyPublication details, including instructions for authors andsubscription information:http://www.tandfonline.com/loi/cirl20
The US SOPA and PIPA - a EuropeanperspectiveSandra Schmitz aa Interdisciplinary Centre for Security, Reliability and Trust ,University of Luxembourg , 4, rue Alphonse Weicker, L-2721,LuxembourgPublished online: 21 Mar 2013.
To cite this article: Sandra Schmitz (2013) The US SOPA and PIPA - a Europeanperspective, International Review of Law, Computers & Technology, 27:1-2, 213-229, DOI:10.1080/13600869.2013.764141
To link to this article: http://dx.doi.org/10.1080/13600869.2013.764141
PLEASE SCROLL DOWN FOR ARTICLE
Taylor & Francis makes every effort to ensure the accuracy of all the information (the“Content”) contained in the publications on our platform. However, Taylor & Francis,our agents, and our licensors make no representations or warranties whatsoever as tothe accuracy, completeness, or suitability for any purpose of the Content. Any opinionsand views expressed in this publication are the opinions and views of the authors,and are not the views of or endorsed by Taylor & Francis. The accuracy of the Contentshould not be relied upon and should be independently verified with primary sourcesof information. Taylor and Francis shall not be liable for any losses, actions, claims,proceedings, demands, costs, expenses, damages, and other liabilities whatsoever orhowsoever caused arising directly or indirectly in connection with, in relation to or arisingout of the use of the Content.
This article may be used for research, teaching, and private study purposes. Anysubstantial or systematic reproduction, redistribution, reselling, loan, sub-licensing,systematic supply, or distribution in any form to anyone is expressly forbidden. Terms &Conditions of access and use can be found at http://www.tandfonline.com/page/terms-and-conditions
The US SOPA and PIPA 2 a European perspective
Sandra Schmitz∗
Interdisciplinary Centre for Security, Reliability and Trust, University of Luxembourg,4, rue Alphonse Weicker, L-2721, Luxembourg
(Received 13 November 2012)
According to US House Judiciary Chairman Lamar Smith, ‘the theft of Americanintellectual property costs the American economy over $100 billion annually . . . andthousands of jobs’. Both houses of the US congress have been working oncorresponding bills intending to give the US government and copyright holders moreeffective tools to curb access to so-called rogue websites that disseminate copyright-infringing content, especially those registered outside the US. Following a wake ofprotest, the Protect IP Act (PIPA) by the Senate and its counterpart in the House ofRepresentatives, the Stop Online Piracy Act (SOPA), were postponed ‘until there iswider agreement on a solution’. This paper examines how the bills tried to strengthenthe ability of US law enforcement and copyright holders to fight online trafficking incopyrighted intellectual property and counterfeit goods. It will also outline the recentdevelopments and assess the implications that the bills have for freedom of speechonline and cybersecurity, not only in the US but also in Europe.
Keywords: IPR enforcement; content blocking; Internet policy
Introduction
On January 18, a number of Internet sites including the English language version ofWikipedia turned black as a demonstration of their opposition to the Stop Online PiracyAct (SOPA).1 Jimmy Wales, founder of Wikipedia, defended the blackout as ‘a broadglobal message that the Internet as a whole will not tolerate censorship in response tomere allegations of copyright infringement’.2
Especially due to the Wikipedia blackout, SOPA became the talk of the town, not onlyin the US but also in Europe. Although the blocking action was purposely not complete –users could access Wikipedia content from their smartphones and other mobile devices orby disabling Javascript – the blackout raised global awareness of the US legislative pro-jects. Besides SOPA, which is a US House of Representatives initiative, the US Senatehad been discussing an almost identical bill named Preventing Real Online Threats to Econ-omic Creativity and Theft of Intellectual Property Act of 2011, short Protect IPAct and evenshorter PIPA .3
Both bills were the result of lobbying of the so-called ‘content industry’, primarily theHollywood movie industry and record labels, which argue they are suffering economic lossfrom the fact that pirated content is easily available on the worldwide web.4 They reflect theUS Government’s policy of strengthening enforcement of IP rights internationally – out-lined in the 2010 Joint Strategic Plan on Intellectual Property.5
# 2013 Taylor & Francis
∗Email: [email protected]
International Review of Law, Computers & Technology, 2013Vol. 27, Nos. 1–2, 213–229, http://dx.doi.org/10.1080/13600869.2013.764141
Dow
nloa
ded
by [
Geo
rgia
Tec
h L
ibra
ry]
at 2
3:26
15
Nov
embe
r 20
14
The US IP Enforcement Coordinator identified the use of foreign-based and foreign-controlled websites and web services to infringe American IP rights as a growingproblem that also undermines the national security of the US.6 While, for example, inrelation to copyright the Digital Millennium Copyright Act of 1998 (DMCA) proved effec-tive against copyright-infringing content on US-based websites, legal actions are con-sidered more difficult against websites outside the reach of US law. As US jurisdictionhas its limits when it comes to enforcement abroad, IP enforcement calls for a coordinatedand comprehensive plan to address this.
The bills aim to crack down on international infringement of US IP rights by restrictingaccess to sites that host or facilitate the trading of pirated content. Their main targets are socalled ‘rogue’ overseas sites such as torrent hub ‘The Pirate Bay’, which are a trove forillegal downloads and against which the US content industry finds it particularly difficultto take action or enforce US judgements.
As the servers of (in)famous ‘The Pirate Bay’ are physically located in Sweden, thenewly proposed acts aim at ‘cutting off the oxygen’7 by requiring US search engines, adver-tising networks and other providers to withhold their services in relation to such websites.As regards a search engine, this would mean that websites flagged as ‘rogue’ would notappear within the search results. Financial companies such as PayPal would have to stopprocessing payments.
SOPA and PIPA are also supported by the pharmaceutical industry as they also aim tocut off the sale of counterfeit drugs to US residents by sellers from third countries. The sameapplies to other counterfeit products.
While, previously, so-called net activists fought their battle against Internet contentblocking initiatives more or less on their own, this was the first time that they gotmassive public backup by Internet giants such as Google, Wikipedia and co. Clearly theprotection of IP is a worthy goal, but the question is always at which cost. This paper exam-ines whether the perception of the general public, namely that SOPA and PIPA introducecensorship and constitute a threat to Internet freedom, is well founded. It will also lookat the fate of similar initiatives.
Background to SOPA and PIPA
SOPA and PIPA tackled the issue of enforcement of US laws against websites outside thejurisdiction of US courts by cutting off infringing websites from US-based funding,meaning that payment services do not forward any money and advertising services arerequired to cease providing their services to the offending website. In addition, visibilityof these websites was to be cut off. With accessibility and visibility being essential in anever-expanding net, this clearly could ruin a business.
Although the proposed legislation was US-American, it would have had a deep impacton websites around the world as many of the major search engines, payment services andsocial networking sites are based in the US.
The legislation was supposed to fill an alleged loophole for illegal content providerswhich act from outside US jurisdiction. While content may be physically located outsidethe US, the major payment services are currently not. Requiring third parties to cease pro-viding services to an ‘infringing’ site had already been tested in practice and proved partlysuccessful in the case of WikiLeaks. WikiLeaks as such could not be stopped from provid-ing access to leaked secret dossiers when it moved its content to a Swedish storage provider,but WikiLeaks suffered a severe loss in revenue when payment system providers stoppedservicing WikiLeaks.8
214 S. Schmitz
Dow
nloa
ded
by [
Geo
rgia
Tec
h L
ibra
ry]
at 2
3:26
15
Nov
embe
r 20
14
The first bill in the series leading to SOPA and PIPA has been the Senate’s CombatingOnline Infringement and Counterfeits Act (COICA) in September 2010. COICA wasintended to target sites that have ‘no demonstrably commercially significant purpose’other than providing access through downloading, streaming, or linking to unauthorisedmaterials (§2(a)(1)(A)). COICA empowered the Attorney General (AG) to petition for acourt order that would oblige domain name service (DNS) providers in the US to stop resol-ving the domain, or, if the domain is registered with a DNS provider that is outside thescope of US jurisdiction, require that ISPs to take reasonable measures to prevent thedomain name from resolving to the offending site (§2(e)). In addition, ‘financial transactionproviders’ and advertising providers would have been required to cease servicing an offend-ing site (§2(e)(2)(B)). The initial version of COICA also set forth that the AG maintains ‘apublic listing of domain names that, upon information and reasonable belief, the Depart-ment of Justice determines are dedicated to infringing activities but for the AG has notfiled an action’ (§2(j)(1)). No evidence of infringing activities was required to becomesubject to the blacklist.9 COICA was not enacted into law, but has in 2011 been rewrittenas PIPA. Shortly after the introduction of PIPA, the House of Representatives presentedSOPA as a counterpart to the Senate proposal.
However, as the protests against SOPA and PIPA were remarkable effective, none of thebills might ever be turned into law. PIPA has already been voted out of the Senate JudiciaryCommittee in September. A vote on SOPA had been scheduled for 23 January 2012, but dueto the public protest and a White House statement that it will not support SOPA,10 consider-ation of SOPA is put on hold ‘until there is wider agreement on a solution’.11 Irrespective oftheir fate, it is worth looking at the bills in order to understand why they were deemed tofail.
In detail: PIPA
PIPA does in large parts replicate the provisions in COICA regarding actions against roguewebsites operated and registered outside the US. It sets forth ad personam and in remactions against websites if they are ‘dedicated to infringing activities’.
According to §2(7) an Internet site is ‘dedicated to infringing activities’ if it ‘(A) has nosignificant use other than engaging in, enabling, or facilitating’ copyright infringement, cir-cumventing technology controlling access to copyrighted works, or selling or promotingcounterfeit goods or services, or ‘(B) is designed, operated, or marketed’ and used ‘forengaging in, enabling, or facilitating’ such activities’.
§3 of PIPA authorises the AG to commence an in personam action against a registrant ofa nondomestic domain name12 used by an Internet site ‘dedicated to infringing activities’, oran owner or operator of such a website. If neither of these persons can be found or have noaddress within the US, the AG may commence an in rem action against the domain nameitself. Upon application by the AG, a court may issue a temporary restraining order or aninjunction against the nondomestic domain name, registrant, owner, or operator to ceaseand desist further infringing activity if the nondomestic domain name is used within theUS to access an Internet site dedicated to infringing activities directing business to US resi-dents and harming US IP right holders.
§3(d)(2) also directs the AG to identify and provide advance notice to operators of non-authoritative domain name system servers, financial transaction providers, Internet advertis-ing services, and providers of information location tools (including search engines, onlinedirectories, and other indexes with hypertext links or referrals to online locations), whoseaction may be required to prevent infringing activities. Being served with a copy of an
International Review of Law, Computers & Technology 215
Dow
nloa
ded
by [
Geo
rgia
Tec
h L
ibra
ry]
at 2
3:26
15
Nov
embe
r 20
14
order, operators of non-authoritative domain name system servers are in general required totake the ‘least burdensome technically feasible and reasonable measure designed to preventthe domain name described in the order from resolving to that domain name’s IP address’ (§3(d)(2)(A)). Financial transaction providers will be required to take ‘reasonable measures,. . ., designed to prevent, prohibit, or suspend its service from completing payment trans-actions involving customers located within the US’ and the respective rogue website(§3(d)(2)(B)). Similarly Internet advertising services are required to take ‘technically feasibleand reasonable measures, . . ., designed to prevent its service from providing advertisementsto the Internet site [in question]’ and ‘ cease making available advertisements for that site’, orsimilar services enlisted (§3(d)(2)(C)). Finally, providers of information local tools will haveto take ‘technically feasible and reasonable measures,. . ., to (i) remove or disable access to theInternet site associated with the domain name set forth in the order, or (ii) not serve a hypertextlink to such Internet site’ (§ 3(d)(2)(D)).
In contrast to COICA, §4 of PIPA also introduces a private right of action for IP rightowners harmed by an Internet site that is dedicated to infringing activities; they may com-mence an in personam or in rem action similar to §3 PIPA.13
PIPA also sets forth provisions regarding those service providers that may be required totake the preventative measures described above. Service providers that comply with a courtorder are granted immunity; if a service provider knowingly and wilfully fails to complywith a court order, the relevant claimant may bring an action for injunctive relief againstthat provider. Additionally service providers may intervene in commenced actions andrequest modifications, suspensions, or terminations of related court orders (§4).
Immunity from claims for damages is granted to any financial transaction provider orInternet advertising service that voluntarily takes action ‘in good faith and based on credibleevidence’ because it believes that an Internet site is an Internet site dedicated to infringingactivities or endangering public health (§5).
Finally §7 sets forth that the application of the Act shall be monitored by Congress.Accordingly, a number of reports have to be submitted by several bodies, e.g. the AGhas to publish procedures to receive information from the public about rogue websitesand develop a process to coordinate enforcement activities with other law enforcementagencies and report annually to the Congress on actions taken under the Act. Also, areport regarding the Act’s enforcement and effectiveness, the burden on intermediariesand the application to emerging technologies has to be submitted to Congress by the Reg-ister of Copyrights.
In detail: SOPA
The SOPA bill is very similar to the Senate’s PIPA bill. However, in comparison with theSenate proposal, which only targets sites that are ‘dedicated to infringing activities’ with noother significant purposes beyond copyright or trademark infringement, SOPAs definitionof an infringing site is broader and includes sites that merely ‘facilitat[e] the commission’of copyright infringement (§102(a)). Any such site must also be used to conduct businessdirected to US residents, or must otherwise demonstrate ‘the existence of minimum contactssufficient for the exercise of personal jurisdiction’ over the owner or operator of the site(§101(23)).14
According to §102, the AG may commence an in personam action against the registrantof a domain name or the owner or operator of a foreign infringing website, or if they cannotbe found or have no US address, he may commence an in rem action against the foreign siteor the domain name used by the site (§102(b)).
216 S. Schmitz
Dow
nloa
ded
by [
Geo
rgia
Tec
h L
ibra
ry]
at 2
3:26
15
Nov
embe
r 20
14
Like under PIPA, the AG may serve a copy of a court order to US-based entities that‘occupy the space’15 between an infringing site and an US end-user’s browser, namelyservice providers (defined in §101(22) as operators of non-authoritative domain namesystem servers), search engines, payment network providers, and Internet advertising ser-vices (§102(c)(2)). Similar to the regulation in PIPA, these providers and services may berequired to take ‘technically feasible and reasonable measures’ designed to prevent theaccess or stop payments to the foreign infringing website. The bill mentions a number ofmeasures as technically feasible and reasonable. In detail, for service providers the billspecifically states that measures barring access include measures designed to prevent the res-olution of the domain name of the foreign website to the domain name’s IP address(§102(c)(2)(A)). A search engine shall prevent the infringing site from being served asdirect hypertext link (§102(c)(2)(B)). A payment network provider is required to prevent,prohibit, or suspend its service from completing payment transactions involving customerslocated within the US or subject to the jurisdiction of the US and the respective paymentaccount subject to the court order (§102(c)(2)(C)). An advertising service shall conductthree separate actions: (I) prevent its service from providing advertisements to or relatingto the foreign infringing site; (II) cease making available advertisements for the site, orpaid or sponsored search results, links, or other placements that provide access to suchsite; and (III) cease providing or receiving compensation for advertising or related servicesto, from, or in connection with such foreign infringing site (§102(c)(2)(D)). The AG maybring an action for injunctive relief against third parties for non-compliance with the courtorder, and against providers of circumvention tools (§102(c)(4)(A)).
The sanctions either relate to the website as such or an infringing portion thereof. Com-pliance with the court order by the service providers is required no later than 5 days afterbeing served with a copy of the order or within a certain time ordered by the court.
In contrast to PIPA, Internet advertising services and payment network providers areexplicitly exempted from a duty to monitor future activities (§§ 102(c)(2)(C)(ii) and102(c)(2)(D)(ii)). There is however no reference as to whether service providers orsearch engines have a duty to monitor.
§102(c)(4)(A)(ii) allows the AG to bring an action for injunctive relief against any sitethat provides products or services that could help users to circumvent or bypass themeasures described above.16
SOPA further grants IP right holders the right to demand payment network providersand Internet advertising services to cut off all transactions with ‘sites dedicated to theftof US property’ by way of a notice and takedown procedure similar to the one incorporatedin the DMCA (§103).17 This system is referred to as a ‘market-based system to protect U.S.customers and prevent U.S. funding of sites dedicated to theft of U.S. property’. The privateremedy does not restate the term ‘foreign infringing site’ used in the previous section, butrather focuses on the severe infringers whose sites are dedicated to copyright infringements.According to the statutory definition a site is ‘dedicated to theft of U.S. property’ if it ‘istaking, or has taken, deliberate actions to avoid confirming a high probability’ of the useof the site for copyright infringement (§103(a)(ii)).
Payment service providers and advertising services have to comply with the initial noti-fication within five calendar days (§103(b)). In case the third party does not comply with thenotice and takedown, a right holder may seek injunctive relief against the non-complyingparty (§103(c)).
Immunity from lawsuits and claims for damages is granted to any service provider that‘voluntarily block[s] access to or end[s] financial affiliation with an Internet site’ that theyreasonable believe to be a foreign infringing site or a site dedicated to theft of US property
International Review of Law, Computers & Technology 217
Dow
nloa
ded
by [
Geo
rgia
Tec
h L
ibra
ry]
at 2
3:26
15
Nov
embe
r 20
14
(§104), or endangering public health (§105). Hence, even without being notified, theseservice providers may cease from providing their services.
The House of Representatives also took into account that websites may not respond tothe court orders or notices. Pursuant to §107, the US IP Enforcement coordinator identifies‘notorious foreign infringers’ that are causing ‘significant harm to holders of IP rights in theUS’ and report this information to Congress. Congress will then examine and analysemethods to combat IP rights infringements. Potential measures include prohibiting suchsites from raising capital in the US (§107(b)(5)).
SOPA also amends existing criminal copyright laws, most notably it introduces a crim-inal penalty for streaming (§201).18 In addition, §205 introduces policy mechanisms to‘defend IP rights abroad’.19
The main differences between PIPA and SOPA
Although PIPA and SOPA share the same goals and most provisions are in essence verysimilar, the bills are not identical. Both bills focus on foreign rogue websites, establishingsystems to cut off funding and access of these sites, but the details of the bills differ. First ofall, their interpretation of ‘rogue websites’ differs significantly. SOPA utilises a very broaddefinition, extending its applicability to any site that facilitates copyright infringement.Considering that facilitating may only require the provision of a tool that could be usedfor illegal purposes, the potential application of SOPA is enormous and may include alluser-generated content (UGC) sites. In contrast, PIPA is limited to sites with ‘no significantuse other than’ copyright infringement. Thus, PIPA could only extend to websites that areobviously providing illegal content.
SOPA contains a sanction for IP right holders who ‘knowingly materially misrepresent’an infringement by ‘making them liable for damages incurred by the misrepresentation’(§103(b)(6)). PIPA does not penalise copyright holders for making false claims of infringe-ments. A sanction however may serve as a deterrent to false claims and prevent unwarrantedassertions of infringements.
SOPA also grants blanket immunity to a wider range of entities who voluntarily decideto cut off access or funding of suspected infringing Internet sites, while PIPA restrictsimmunity to advertising networks and financial transaction providers.
The drawbacks of the bills
Whereas previous legal attempts to ban illegal content merely targeted the offendingcontent as such, the new set of bills targets offending websites by restricting access toentire sites or portions thereof as well as cutting off funding of these websites. Fierce oppo-sition came from content creators such us the Wikipedia community,20 free speech organ-isations such as the Electronic Frontier Federation,21 free software authors,22 and other webcompanies23 as well as the public.24 Generally, two severe side-effects were identified,namely a chilling effect on websites containing UGC and an impact on the critically funda-mental Internet architecture and security.
‘Overcensoring’: threatening a free and open Internet
Both bills contain a number of provisions that may lead to censorship – in terms of ‘over-censoring’ and preventing access to perfectly legal content. If service providers wererequired to prevent the resolution of the domain name of a website to that domain
218 S. Schmitz
Dow
nloa
ded
by [
Geo
rgia
Tec
h L
ibra
ry]
at 2
3:26
15
Nov
embe
r 20
14
name’s IP address, this might result in blocking access to an enormous amount of perfectlylawful content.
Particular domains can be blocked by manipulating the domain name resolution byremoving or modifying its records of the IP address for a particular DNS name25 (so-called DNS name blocking or filtering). Instead of resolving the domain name to an IPaddress, an invalid response along the lines of ‘host not found’ will be given.
A user may also be directed to an IP address defined by the ISP that in actuality does notcorrespond to the DNS name. This makes all content hosted within a particular domaininaccessible.26
The scheme is a low-cost scheme even where thousands of domain names are blocked,and thus also fulfils the requirement of a reasonable measure.
However, a major drawback of DNS blocking is that it - like IP blocking – does notdistinguish between a large website as such and only parts thereof.27 Thus, it is a hardlyfeasible solution for blocking specific content on, for example, facebook.com.
Research in relation to DNS blocking has shown that those who really want to evadeInternet filters can do so with relatively little effort.28 Websites are still accessible bytyping the numeric IP address into one’s browser.
Further, the in rem actions may come at the cost of free speech as a ‘foreign infringingInternet site’ does not necessarily consist only of infringing content. They are regularly notmere archives of infringing works29 and in fact, the major part is often legal. YouTube forexample has been a regular target for notice and takedown requests under the DMCA, butone would not argue that You Tube is a ‘rogue website’ in general. Basically, all UGCwebsite are at risk to be categorised as rogue sites. If law enforcement seizes those websites,they necessarily block access to a large volume of legal data. As long as no court fairlyassesses both sites of the story – namely the impact on free speech and the alleged copy-right infringement – IP rights will prevail over free speech. Although IP rights are recog-nised as human rights under the US constitution30 and also in several internationaltreaties,31 they never per se prevail over free speech.32
Under SOPA not just service providers will be served with a court order against aninfringing foreign websites. Search engines, advertising networks and payment processorsalso have to cut off doing business with an allegedly infringing website. Compliance with acourt order by any service providers is required no later than 5 days after being served witha copy of the order or within a certain time ordered by the court. This means that – afterbeing served with a copy of the court order – advertising services such as, for example,Google AdSense or payment network providers such as PayPal would not be allowed todo business with the infringing foreign website. There is a presumption that partiesserved with a copy of the court order would comply and limit access to the materials inquestion as well as refrain from doing business with the operators/owners of the site.SOPA, for example, encourages monitoring by service providers and search engines bygranting immunity to parties who act to comply with the order and by reserving possiblelitigation for those who fail to act (see §102(c)(5)(A) of SOPA). As mentioned before,SOPA explicitly exempts payment network providers and advertising companies alonefrom having a duty to monitor. One may thus argue that service providers and searchengines are under such duty.
Such a framework opens the doors for abuse and motivates overcensoring. A foreigninfringing site could basically include any website from outside the US that containsUGC. The allegation of copyright infringements becomes a powerful tool because wholewebsites may bear the consequences.
International Review of Law, Computers & Technology 219
Dow
nloa
ded
by [
Geo
rgia
Tec
h L
ibra
ry]
at 2
3:26
15
Nov
embe
r 20
14
In the past, commercial entities or organisations have also tried to use copyright law inorder to prevent and/or ban the publication of internal documents. An example of howcopyright was used to ban the publication of a work of public interest is that of Scientology.Scientology tried to prevent the publication of its manual on the eight different OperatingThetan levels, arguing that the leakage constituted a ‘wholesale copyright infringement’.33
WikiLeaks, which was responsible for the leakage of the Scientology manual and a numberof other internal documents, is a perfect candidate to be banned from the result lists ofsearch engines, or to be subject to access blocking orders. PayPal – well aware of thatfact – no longer forwards money to WikiLeaks. As the law stands today, WikiLeakscould be safe from US copyright enforcement by moving to a ‘safe’ state and this iswhere SOPA steps in: WikiLeaks would be severely affected by the measures underSOPA, even if based in a country outside the US.
The market-based system to protect US property, i.e. the notice and takedown procedureforeseen in §103 of SOPA, sets a low threshold for IP right holders to demand to cease fromprocessing payments to allegedly infringing sites. A similar notice and takedown systemproved successful under the DMCA. However, research has shown that the notice and take-down procedure is open for bogus notifications and thus abuse.34 An alleged right holderbecomes in a way a censor when demanding the removal of content that he (falsely)claims to be illegal. Not having the legal expertise of a court or legally-trained person,there is a presumption that payment and advertising services rather comply with arequest to cut off payments or services than investigate the legal basis. In the interest ofavoiding lawsuits or due to the mere inability to evaluate a claim, the incentive tocomply with a notification is high.
The immunity standard for service providers in §104 of SOPA further encouragesindustry-maintained private blacklists.35 As SOPA grants immunity to those service provi-ders that voluntarily take action against sites they consider to be ‘rogue sites’, industry-maintained blacklists are a very likely scenario. The service providers may take down orstop serving revenue to sites as long as they ‘reasonably believe’ them to engage in offend-ing activities. Reasonable belief is a very low standard. Considering the broad definition offoreign infringing site, the standard for immunity as such is also very low and leads topotential abuse. Alleged infringers may be sanctioned without any judicial oversight.
Another likely scenario is that the right holders interests’ associations that were mas-sively involved in pushing the legislation forward, may set up their own blacklists. Interme-diaries then may find themselves obliged or under pressure to act in order to avoid negativeconsequences.
It has already been reported that less than a month after publication of PIPA, an adver-tising firm, whose clients include some of the biggest names in the entertainment business,developed a blacklist of more than 2000 sites to which it would not provide ads.36 The listcontained torrent sites that provide the technology for file sharing. Notably, file sharing assuch is not illegal.
User-generated content: challenging a participatory web
SOPA’s definition of an infringing site includes sites that merely ‘facilitat[e] the commis-sion’ of copyright infringement. This is a very wide approach that puts all UGC websitesat risk.
Taking into account the number of copyright infringement cases in the US in relation toUGC platforms such as for example the Lenz case,37 websites such as YouTube may beconsidered as an Internet site dedicated to the theft of US property – only because it
220 S. Schmitz
Dow
nloa
ded
by [
Geo
rgia
Tec
h L
ibra
ry]
at 2
3:26
15
Nov
embe
r 20
14
facilitates the making available of copyrighted works. YouTube is a for-profit, commercialwebsite, which generates revenues by selling advertisements (on its own behalf and forthose who post their videos on the website). Undeniably, YouTube has hosted and stillhosts copyrighted materials whose use is unauthorised by the respective right holders.The ease with which YouTube users can publicly make available videos to a vast audience,lowers the threshold for many users to upload files ignoring the so-called synchronisationright, the right to use music in timed-relation to video images, which is an exclusive rightheld by the composition copyright owner.38
Under §102(c)(4)(A)(ii) of SOPA the AG may also bring an action for injunctive reliefagainst websites that simply provide information how users may circumvent ‘censorship’tools. Although the information may actually be posted by a third party, the website fac-tually also provides the content. There is no requirement that injunctive relief may onlybe granted against a website if the content constitutes own content. Thus, basically anysite containing UGC would have to monitor their site for products and services to circum-vent or bypass access restrictions. A service that potentially falls within the scope of thisprovision would for example be a list of IP addresses of blocked sites in the form ofnumeric addresses, which still allows access in the case of DNS filtering. It may be astep too far to conclude that anyone who writes or distributes privacy or anonymisation soft-ware or proxies could be negatively affected.39 However, it is difficult to presume where theline could be drawn.
For sure is that under the proposed regimes, websites allowing the upload of UGC willbecome the direct addressee of actions or blocking orders. This bears the risk that providersof UGC content may resort to pro-active control of content, which again is not in their inter-est as this involves massive costs and from a legal point of view; this will also exempt themfrom the liability provisions of the DMCA. For social media providers, this could be theend.
The bills also have the potential to ruin successful businesses that in the past have beenheld legal by courts. If one takes the example of sharehosters, which undeniably providemeans to commit massive copyright infringements, the mere fact that they provide themeans is not sufficient to outlaw them. Rapidshare, a Swiss sharehoster, has recentlyonce more been declared legal by a German court;40 Under SOPA, Rapidshare could never-theless be cut off from advertising revenues. The crux is that although Rapidshare providesa service that is considered legal elsewhere, it will be dried out from funding. The fact thatRapidshare may file a counternotice is no real remedy as payment processors and advertis-ing networks are not obliged to follow it.
Due process concerns: threatening fair proceedings
According to both bills, an in rem action against a foreign infringing site could be enforcedeven if the owner or operator of that domain name was not given notice that a case has beenfiled.41 Injunction may thus be granted after ex parte proceedings, where only a one-sidedhearing and presentation of evidence (of the AG or a private plaintiff) takes place.
Providers or operators of alleged ‘rogue websites’ will only get to know that they fallwithin that category, if for example their payment service provider does not forward pay-ments any longer or advertisements disappear from their website. They do not need to beheard before an order is passed. This violates basic principles of due process: the ownersor operators of alleged ‘rogue sites’ are deprived of their property without a fair hearing,or more precisely, even the opportunity to be heard.42 The absence of adversary proceedings
International Review of Law, Computers & Technology 221
Dow
nloa
ded
by [
Geo
rgia
Tec
h L
ibra
ry]
at 2
3:26
15
Nov
embe
r 20
14
violates the general rule that governmental action suppressing speech requires a judicialdecision in an adversary proceeding.43
Due process rules may also not be observed, if service providers are encouraged toblock foreign websites that they themselves consider to be illegal. As mentioned before,industry-maintained blacklists sanction alleged infringers without judicial oversight. Thesticking point is that no judicial approval is required before action.
Cybersecurity: undermining the critical Internet structure
Besides the criticism in terms of the legal implications, the bills also faced severe criticismfrom the tech community.44 Their major concern was that requiring service providers to baraccess to foreign websites may break the Internet’s core technical infrastructure.
Both bills proposed DNS blocking:45 service providers would be obliged to manipulatethe domain name resolution. The domain name system routes traffic on the Internet andtranslates cryptic IP addresses into names like YouTube.com, which are easier to remem-ber than mere sequences of numbers. DNS blocking would block that translation. Thisblocking mechanism is however easy to circumvent, the websites are still accessible bytyping the numeric IP address into the address field. DNS blocking would certainlycause a delay in retrieving an Internet site because each time a user tries to access awebsite, the blocking system would have to check whether the requested website wason the blacklist.
In addition, the fundamental interconnection principle, which lies at the very heart of theInternet, would be at risk, if countries decide unilaterally who can find what on the Internet.The principle of domain name universality requires that all domain name servers, irrespec-tive of their location, will return the same answer when queried with respect to an Internetaddress.46 This core principle would be undermined if domain name servers ceased resol-ving specific domain names to the respective IP address. According to a technical study byexperts in the field of network security, DNS blocking indeed poses a serious threat tocybersecurity.47 DNS is one of the protocols upon which almost every other protocoland most applications rely upon to operate correctly.
Furthermore, DNS blocking would break ongoing attempts to make the Internet moresecure against malicious use.48 It would for example render the planned security protocolDomain Name System Security Extensions (DNSSEC)49 inoperable. DNSSEC is intendedto make the illegal use of computers, for example by Trojans via a DNS changer,impossible.
As relates DNS blocking, even the White House declared that DNS blocking poses arisk to cybersecurity, and legislation that drives users to dangerous, unreliable DNSservers must be avoided.50
Owing to the severe criticism, Republican Lamar Smith, initiator of SOPA, as well asDemocrat Patrick Leahy, initiator of PIPA, announced that they will exclude DNS blockingfrom their projects.51 Smith’s proposed amendment changes the language around DNSblocking: Instead of requiring that service providers ‘take technically feasible and reason-able measures designed to prevent access by its subscribers . . . including measuresdesigned to prevent the domain name of the foreign infringing site . . . from resolving tothat domain name’s Internet Protocol address’, the revised version would require theservice provider to implement ‘the least burdensome, technically feasible, and reasonablemeans’ to bar access to foreign infringing sites.52 How Internet service providers shallprevent access to rogue sites remains unclear.
222 S. Schmitz
Dow
nloa
ded
by [
Geo
rgia
Tec
h L
ibra
ry]
at 2
3:26
15
Nov
embe
r 20
14
What do SOPA and PIPA mean for Europe?
The above analysis shows that although the bills target ‘rogue’ websites directed at US resi-dents, they are designed to have an extra-territorial effect. The bills clearly have an impacton European website operators. Hence, the risks outlined above also apply to EuropeanInternet sites. They are not shielded from the collateral damage that may arise and maybe affected by the broad scope of the bills.
First of all, the US claims jurisdiction over the property of non-US sites. The bills allowfor court orders requiring service providers to block sites and Internet search engines to stoplinking to it. Irrespective of the severe sanction of content blocking, in an ever-growingweb, linking is essential for an Internet site to be found. Considering that most searchengines are US-based, they would comply with an order. Search engines such as Googlewould be obliged to stop linking to content that infringed US laws. Even Chinesecontent blocking (‘the Great Firewall of china’) does not require content to be blockedfor users outside of China. But this is exactly what SOPA and PIPA do: irrespective ofthe location of the user, search engines would not link to the allegedly infringingcontent. Thus, US law would apply directly to third-state citizens outside the jurisdictionof the US.
Should a website operator wish to challenge a court order, he would necessarily have toconsent to the jurisdiction of US courts.
Taking into account how easy copyright holders may succeed in cutting off funding ofalleged sites, there is a risk that this tool might be abused to dry out competitors. This mighteven happen where there is only little nexus to the US as the notion of US-directed is inter-preted broadly.
The provisions, which in some situations shield misuse from legal consequences poten-tially affect legitimate non-US sites. Consequently, European-based site operators wouldneed to actively monitor their content to ensure that they do not host content that infringesUS intellectual property, if they are likely to be accessed from the US.
What is happening is that the US government forces compliances with US IP laws onEurope. From a European point of view, this is unbearable. Europeans have to comply withdomestic laws and may be bound by international treaties and agreements, but not unilateralUS initiatives. However, the US IP enforcement strategy seems to be the export of its rulesto other countries, including European countries. A further approach of US IP enforcementcould recently be witnessed in Spain. Spain’s recent anti-piracy legislation, the Ley Sinde,53
is the direct result of US threats of retaliation.54
A tough climate for anti-piracy legislation
Against this background, anti-piracy initiatives are carefully watched by the public.Shortly after the protests against SOPA took place, equally extensive protests were heldagainst the multilateral Anti-Counterfeiting Trade Agreement (ACTA)55 which also aimsat combating the proliferation of counterfeiting and online piracy within the globaleconomy. As of now, ACTA seems to share the fate of PIPA and SOPA. The Agreementwas rejected by the European Parliament on 4 July 2012, by 478 votes to 39, with 165abstentions.56 Its rejection means that neither the EU nor its individual member statescan join the Agreement. With the EU and its Member States’ rejection of ACTA the Agree-ment is not dead on an international level as the EU is considered to be a single negotiatingparty and ratification by six parties to the negotiations is sufficient for the agreement tocome into force.
International Review of Law, Computers & Technology 223
Dow
nloa
ded
by [
Geo
rgia
Tec
h L
ibra
ry]
at 2
3:26
15
Nov
embe
r 20
14
Similar to the Manager’s Amendment to SOPA, the most controversial enforcementmeasures proposed in the initial stages of the negotiations of ACTA have been narroweddown or abandoned in its final version. Accordingly, the final version of ACTA does notrequire the parties to introduce ‘Three Strikes Laws’ as discussed during negotiations.This however neither silenced the protests, nor prevented the negative vote in the EuropeanParliament. One of the major points of criticism was and still is that ACTA contains anumber of broad and vague provisions.57 Art. 27 I of ACTA, for example, provides thatthe parties to ACTA shall ensure that civil and criminal enforcement proceedings are avail-able under their domestic law, including expeditious remedies to prevent infringements andremedies that constitute a deterrent to further infringements. As concerns the enforcementproceedings, ACTA encourages ‘cooperative efforts with the business community’. Thereis no explanation what is actually meant by this and thus leads to speculations by its critics.Accordingly, this obligation has been interpreted as legitimising and promoting the policingand even sanctioning of alleged infringers outside the regular judicial frameworks.58
Similar to the concerns expressed regarding SOPA and PIPA, it is feared that alleged infrin-gers will be sanctioned without judicial oversight. This is one of the core concerns whenprivate actors are involved in the enforcement of IP rights. Obviously, businesses have tobe profitable and hence, may not be interested – from an economic point of view – ininvestigating alleged infringements any further once they are notified of an infringement.In the light of the costs and efforts involved inter alia for further investigations, it islikely that even legal materials will be taken down. As long as policymakers do notspecify what they consider as ‘cooperative efforts with the business community’, such anotion leaves plenty of room for speculations.
Finally, the most problematic premise for ACTAs success was the secrecy of its nego-tiations.59 The negotiators ignored that such an important agreement, which has a broadimpact in the digital age, cannot be negotiated behind closed doors with minimal non-indus-try input.60 Controversial parts of the confidential draft version were subsequently leaked tothe public,61 and largely influenced the perception of the Agreement by the general public.In a nutshell, ACTA was perceived as ‘jeopard[ising] free speech by prioritising private-sector repressive measures aimed at copyright protection over the fundamental rights toprivacy and freedom of communication . . . without guarantees of due process and equalityof arms’.62 These fears are very similar to the ones expressed against PIPA and SOPA.Although neither PIPA nor SOPA were negotiated in secrecy, the lawmakers learnt fromthe protest around the bills that in order to gain the support of the public, drawing uplaws relating to IP enforcement in a digital context requires transparency and the partici-pation of the public rather than one-sided lobbying of the entertainment industry. Thus,on the day of the Wikipedia blackout, a bipartisan group of US lawmakers introducedthe Online Protection and Enforcement of Digital Trade Act (OPEN) and asked forpublic contribution so that the Act ‘becomes a digital citizen’s bill of rights’.63 Whetherthis project where everyone can comment, criticise and collaborate will be successfuland lead to a feasible result remains to be seen. However, its starting point is more prom-ising than that of ACTA, PIPA and SOPA, as it allows a non-industry input on a broad basis.
New proposals relating to IPR enforcement in the digital environment are also on theirway in the European Union. The EU Commission intended to publish a revised draftversion of the Intellectual Property Rights Enforcement Directive (IPRED), which isintended to be fit for the digital age, in autumn 2012.64 However, in the current toughclimate for Anti-Piracy legislation, it seems that the Commission is not in a hurry topublish the draft bill. Being faced with protests all around and with the rejection ofACTA in Parliament, the Commission decided to extend its review of IPRED1 and
224 S. Schmitz
Dow
nloa
ded
by [
Geo
rgia
Tec
h L
ibra
ry]
at 2
3:26
15
Nov
embe
r 20
14
postpone the publication of an IPRED2 draft. It remains to be seen whether IPRED2 willconstitute ACTA 2.0 as feared by the net community. In the light of the current develop-ments, it seems rather unlikely that IPRED2 will introduce an ACTA 2.0 through theback door.
Conclusion
Online copyright and trademark infringements are undeniably serious problems presentingdifficult challenges for law and society. However, the approaches taken in SOPA and PIPAlead to equally serious problems and have the potential to put the stability and security ofthe Internet at risk. Rather than constituting an effective and balanced approach to tackleonline IPR infringements, SOPA and PIPA bear a lot of potential for collateral damage.Although an amendment to SOPA addressed the issues described above, the previously dis-cussed break of the Internet addressing system as well as the broad definition of rogue web-sites led to a strong public opposition to any such initiative and ultimately to the death of thebills. However, similar initiatives are not just on the Congress’s agenda. Solutions are alsosought after on an international level. For similar reasons as the US bills and its secret nego-tiations, the multilateral agreement ACTA seems to have failed.
It is important that any new approach observes that enforcing copyright through privateparties is a sensitive issue and that any enforcement needs sufficient mechanisms of legalreview. An appropriate balance needs to be ensured between IPR enforcement and the fun-damental rights of users and website operators. The pitfalls of SOPA, PIPA and ACTA haveto be avoided. It seems that the European Commission has recognised this when it decidedto postpone the publication of a new draft of IPRED.
Ultimately, we need tools to fight piracy and counterfeiting globally, while at the sametime preserve an open Internet. We do not need a battle of legal orders to which SOPA andPIPA might have let us.
AcknowledgementThe research of Sandra Schmitz is funded by the National Research Fund of Luxembourg (fnr.lu).
Notes1. H.R. 3261, 112th Congress (2011), available online at http://www.gpo.gov/fdsys/pkg/BILLS-
112hr3261ih/pdf/BILLS-112hr3261ih.pdf. SOPA was initially entitled ‘the Enforcing and Pro-tecting American Rights Against Sites Intent on Theft and Exploitation Act’ (E-PARASITEAct).
2. Barnett, Emma. 2012. Wikipedia founder Jimmy Wales defends SOPA protest blackout. TheTelegraph, 17 January 2012. http://www.telegraph.co.uk/technology/wikipedia/9020053/Wikipedia-founder-Jimmy-Wales-defends-SOPA-protest-blackout.html (accessed 12 July2012).
3. S.968, 112th Congress (2011), available online at http://www.gpo.gov/fdsys/pkg/BILLS-112s968rs/pdf/BILLS-112s968rs.pdf.
4. The bills are supported by predominately media companies and associations such as the MotionPicture Association of America and the Recording Industry Association as well as such thathave an interest in banning counterfeit goods entering the US market like the NBA, NFL orMLB.
5. Executive Office of the President of the United States, US Intellectual Property EnforcementCoordinator, ‘Joint Strategic Plan on Intellectual Property Enforcement’. http://www.whitehouse.gov/sites/default/files/omb/assets/intellectualproperty/intellectualproperty_strategic_plan.pdf (accessed 12 July 2012).
International Review of Law, Computers & Technology 225
Dow
nloa
ded
by [
Geo
rgia
Tec
h L
ibra
ry]
at 2
3:26
15
Nov
embe
r 20
14
6. Ibid., 14.7. Pepitone, Julianne. 2012. SOPA explained: what it is and why it matters. CNN.com, 17 January
2012. http://money.cnn.com/2012/01/17/technology/sopa_explained/ (accessed 12 July 2012).8. For a summary of the events leading to WikiLeaks moving its content to Sweden and the denial
of service by payment services see Benkler, Yochai. 2011. WikiLeaks and the PROTECT-IPAct: a new public-private threat to the Internet commons. Daedalus 140, no. 4: 156 et seq.
9. Ibid., 161.10. The White House announced that it would not support a bill that reduces free speech and implies
cybersecurity risks or which undermines the dynamic, innovative global net. See Espinel, Vic-toria, Aneesh Chopra, and Howard Schmidt. 2012. Combating online piracy while protecting anopen and innovative Internet: official White House response to stop the E-PARASITE Act.https://wwws.whitehouse.gov/petition-tool/response/combating-online-piracy-while-protecting-open-and-innovative-internet (accessed 12 July 2012).
11. Committee on the Judiciary. 2012. Statement from Chairman Smith on Senate delay of vote onPROTECT IP Act. http://judiciary.house.gov/news/01202012.html?scp=2&sq=lamar smith&st¼ cse (accessed 12 July 2012).
12. The notion of ‘nondomestic domain name’ refers to a domain name for which the domain nameregistry that issued the domain name and operates the relevant top level domain, and the regis-trar for the domain name, are located outside the US (§2 (10) of PIPA).
13. Upon commencing an action, the qualifying plaintiff shall also provide notice to financial trans-action providers and Internet advertising services as they may be required to take action (§ 3(d)).In contrast to an action commenced by the AG, there will be no notification of operators of non-authoritative domain names or information location tool providers.
14. It has been assumed that all websites that do not actively block US IP addresses would be USdirected in the sense of §101(23), see Zittrain, Jonathan, Albert, Kendra, Solow-Niederman,Alicia. 2011. A close look at SOPA. The future of the Internet. http://futureoftheinternet.org/reading-sopa (accessed 12 July 2012).
15. Ibid.16. This provision is not limited to foreign websites but applies to all websites.17. Unlike the action available to the AG and analogous to the DMCA, this private remedy foresees
a counter notification by the alleged infringer to the payment or advertising service provider,after which the provider can decide whether or not to comply, see §103(b)(5).
18. Streaming is a criminal offence if at least ten public performances took place by means of digitaltransmission of one or more copyrighted works during a 180-day period and having a total retailvalue of more than $2500 (§ 201(b)).
19. For example, the Secretary of State and of Commerce will be required to provide adequateresources are available at US diplomatic missions or embassies to ensure ‘aggressive supportfor enforcement action against violation of intellectual property rights’ (§205).
20. Barnett, Emma. 2012. Wikipedia founder Jimmy Wales defends SOPA protest blackout. TheTelegraph, 17 January 2012. http://www.telegraph.co.uk/technology/wikipedia/9020053/Wikipedia-founder-Jimmy-Wales-defends-SOPA-protest-blackout.html (accessed 12 July2012).
21. The Electronic Frontier Federation called the proposal ‘disastrous’ (see McSherry, Corynne.2011. Disastrous IP legislation is back – and it’s worse than ever. Electronic Frontier Foun-dation. https://www.eff.org/deeplinks/2011/10/disastrous-ip-legislation-back-%E2%80%93-and-it%E2%80%99s-worse-ever (accessed 12 July 2012)) and runs a campaign to ‘Stop theInternet blacklist bills – strike against censorship’ in response to SOPA and PIPA, seehttps://action.eff.org/o/9042/p/dia/action/public/?action_KEY=8173.
22. Confer the Free Software Foundation’s initiative to stop the bills at http://www.fsf.org/blogs/community/stop-the-internet-blacklist-legislation.
23. AOL Inc., eBay Inc., Facebook Inc., LinkedIn C. Google Inc., Mozilla Corp., Twitter Inc.,Yahoo! Inc., and Zynga Game Network. 2011. Open letter to key members of the U.S.Senate and House of Representatives. http://politechbot.com/docs/sopa.google.facebook.twitter.letter.111511.pdf (accessed 12 July 2012).
24. For a list of opponents of the bills as of December 2011, see http://www.net-coalition.com/wp-content/uploads/2011/12/Opposition_Dec16.pdf.
25. The DNS is the system that associates a domain name (such as: www.uni.lu) with the IP address(such as: 158.64.76.51) that ISPs use to route traffic to the web server that is operating the
226 S. Schmitz
Dow
nloa
ded
by [
Geo
rgia
Tec
h L
ibra
ry]
at 2
3:26
15
Nov
embe
r 20
14
website in question. ISPs operate DNS servers that their customers’ computers automaticallycall upon to identify which IP address corresponds to a particular DNS name. This is necessaryin order to resolve the website in question.
26. Clayton, Richard. 2005. Anonymity and traceability in cyberspace: Technical Report no. 653.University of Cambridge, Computer Laboratory. http://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-653.pdf (accessed 12 July 2012), 118.
27. Ibid.28. Roberts, Hal, Zuckerman, Ethan, York, Jillian, Faris, Robert, and Palfrey, John. 2010. 2010 cir-
cumvention tool usage report. The Berkman Center for Internet & Society. http://cyber.law.harvard.edu/sites/cyber.law.harvard.edu/files/2010_Circumvention_Tool_Usage_Report.pdf(accessed 12 July 2012).
29. Sellars, Andrew. 2011. Seized sites: the in rem forfeiture of copyright-infringing domain names.http://dx.doi.org/10.2139/ssrn.1835604 (accessed 12 July 2012).
30. Art. 1, Sec. 8, cl 8 of the US Constitution.31. Art. 27.2 of the Universal Declaration of Human Rights states that: ‘Everyone has the right to
the protection of the moral and material interests resulting from any scientific, literary or artisticproduction of which he is the author’. Art. 17.2 of the European Charter of Fundamental Rightsstates that intellectual property shall be protected.
32. Bonadio, Enrico. 2011. File sharing, copyright and freedom of speech. European IntellectualProperty Review 33, no. 10: 619–631.
33. Park, Michael. 2008. Watchdog web site draws legal threats from Scientologists, Mormons.FoxNews.com, 19 June 2008. http://www.foxnews.com/story/0,2933,368315,00.html (accessed12 July 2012).
34. The thesis that Internet service providers are more likely to remove alleged illegal material thanto question complaints has been proven by an empirical research conducted by Oxford research-ers in 2004 on Notice and Takedown procedures. The researchers investigated how InternetService Providers make use of notice and take down by making a complaint by email toseveral Internet Service Providers about alleged copyright infringement on a website whichthey had previously uploaded and which contained perfectly legal material. See: Ahlert, Chris-tian, Marsden, Chris, and Yung, Chester. 2004. How ‘liberty’ disappeared from cyberspace: themystery shopper tests Internet content self-regulation. http://www.rootsecure.net/content/downloads/pdf/liberty_disappeared_from_cyberspace.pdf (accessed 12 July 2012).
35. Benkler, Yochai. 2011. WikiLeaks and the PROTECT-IP Act: a new public-private threat to theInternet commons. Daedalus 140, no. 4: 154–164, 162.
36. Sweney, Mark. 2011. WPP blacklists more than 2,000 US websites. The Guardian, 8 June 2011.http://www.guardian.co.uk/media/2011/jun/08/wpp-groupm-sir-martin-sorrell?INTCMP=SRCH (accessed 12 July 2012); see also Benkler, Yochai. 2011. WikiLeaks and the PROTECT-IPAct: a new public-private threat to the Internet commons. Daedalus 140, no. 4: 154–164 162.
37. Lenz v. Universal Music Corp, 572 F. Supp. 2d 1150 (N.D. Cal. 2008).38. Leadsinger, Inc. v. BMG Music Publishing, 512 F. 3d 522 at 527 (9th Circuit 2008).39. As presumed by Timm, Trevor. 2012. How PIPA and SOPA violate White House principles sup-
porting free speech and innovation | electronic frontier foundation. Electronic Frontier Foun-dation. https://www.eff.org/deeplinks/2012/01/how-pipa-and-sopa-violate-white-house-principles-supporting-free-speech (accessed 12 July 2012)). The EFF even goes that far toargue that this includes organisations that are funded by the State Department to create circum-vention software to help democratic activists get around authoritarian regimes’ online censor-ship mechanisms. SOPA would then not only institute the same practices as these regimes,but would essentially outlaw the tools used by activists to circumvent censorship in countrieslike Iran and China.
40. OLG Hamburg, Decision of 14.03.2012 – 5 U 87/09, available online at http://tlmd.in/u/1356.41. Cf. §102(b)(2) of SOPA. The same applies under PIPA.42. See also Lemley, Mark, Levine, David, and Post, David. 2011. Don’t break the Internet. Stan-
ford Law Review Online 64: 34–38. http://www.stanfordlawreview.org/online/dont-break-internet (accessed 12 July 2012), 36.
43. CDT v Pappert, 337 F.Supp.2d, at 667. See also Allison, John, Baker, Brook, Bambauer, Derek,et al. 2011. Professors’ letter in opposition to ‘Preventing Real Online Threats to EconomicCreativity and Theft of Intellectual Property Act of 2011’. http://blogs.law.stanford.edu/newsfeed/files/2011/07/PROTECT-IP-letter-final.pdf (accessed 12 July 2012), 2 et seq.
International Review of Law, Computers & Technology 227
Dow
nloa
ded
by [
Geo
rgia
Tec
h L
ibra
ry]
at 2
3:26
15
Nov
embe
r 20
14
44. Higgins, Parker, and Eckersley, Peter. 2011. An open letter from Internet engineers to the U.S.Congress. Electronic Frontier Foundation. https://www.eff.org/deeplinks/2011/12/internet-inventors-warn-against-sopa-and-pipa (accessed 12 July 2012).
45. See §102(c)(2)(A) of SOPA and § 3(d)(2)(A) of PIPA.46. Lemley, Mark, Levine, David, and Post, David. 2011. Don’t break the Internet. Stanford Law
Review Online 64: 35. http://www.stanfordlawreview.org/online/dont-break-internet (accessed12 July 2012).
47. Crocker, Steve, Dagon, David, Kaminsky, Dan, McPherson, Danny, and Vixie, Paul. 2011.Security and other technical concerns raised by the DNS filtering requirements in thePROTECT IP Bill. http://domainincite.com/docs/PROTECT-IP-Technical-Whitepaper-Final.pdf (accessed 12 July 2012).
48. Lemley, Mark, Levine, David, Post, David. 2011. Don’t break the Internet. Stanford LawReview Online 64: 35. http://www.stanfordlawreview.org/online/dont-break-internet (accessed12 July 2012).
49. DNSSEC is a new technology designed to add confidence and trust to the Internet. DNSSECensures that DNS data are not modified by anyone between the data provider and the consumer.
50. Espinel, Victoria, Chopra, Aneesh, and Schmidt, Howard. 2012. Combating online piracy whileprotecting an open and innovative Internet: official White House response to stop the E-PARA-SITE Act. https://wwws.whitehouse.gov/petition-tool/response/combating-online-piracy-while-protecting-open-and-innovative-internet (accessed 12 July 2012).
51. On 12 December 2011, Lamar Smith offered an amendment to SOPA, which does not onlychange the definition of a rogue website but also addresses some of the issues discussedbefore (Amendment in the Nature of a Substitute to H.R. 3261 offered by Mr. Smith of Texas,available online at http://judiciary.house.gov/hearings/pdf/HR%203261%20Managers%20Amendment.pdf). According to the amendment rogue websites are such that are primarilydesigned or operated for the purpose of, having only limited purpose or use other than, or mar-keted primarily for use in illegal activity; or being operated with the object of inducing suchviolations. This approach is much more narrow than the previous one which referred to websiteswhose owner or operator is committing or facilitating criminal violations. The amendment alsoproposes a kill switch that allows a provider to not carry out an order on a finding that it would‘impair the security or integrity of the system’ (§102(d)(2)(B) and §2(a)(5) of H.R. 3261 Man-ager’s Amendment). Therewith Smith responds to the fear that DNSSEC would be put at harm ifthere was a requirement to direct or redirect users to another site. Smith also seeks to clarify thatany action against rogue sites refers to foreign sites that are beyond the reach of US law,meaning that they are located overseas, or are unreachable domestically and whose owner oroperator is located outside the US (Cf. §101(a)(23) and §103(a)(1)(A)(ii) of H.R. 3261 Man-ager’s Amendment).
52. Ibid.53. Ley 2/2012, de 4 de marzo, de Economıa Sostenible, available online at http://www.boe.es/boe/
dias/2011/03/05/pdfs/BOE-A-2011-4117.pdf.54. Rush, Dominic. 2012. US pressured Spain to implement online piracy law, leaked files shows.
The Guardian, 5 January 2012. http://www.guardian.co.uk/technology/2012/jan/05/us-pressured-spain-online-piracy (accessed 12 July 2012).
55. For the full text of ACTA cf. http://register.consilium.europa.eu/pdf/en/11/st12/st12196.en11.pdf.
56. European Parliament. 2012. ACTA before the European Parliament. Press Release Ref. no.20120217BKG38488 of 4 June 2012, http://www.europarl.europa.eu/news/en/pressroom/content/20120217BKG38488/ht (accessed 12 July 2012).
57. Cf. D’Erme, Roberto, Geiger, Christophe, Große Ruse-Khan, Henning, Heinze, Christian,Jaeger, Thomas, et al.. 2011. Opinion of European academics on anti-counterfeiting trade agree-ment. Journal of Intellectual Property, Information Technology and E-Commerce Law 2, no.1:65–72.
58. European Digital Rights. 2012. ACTA fact sheet. http://www.edri.org/ACTAfactsheet (accessed12 July 2012).
59. Only following the eighth round of negotiations, a draft version of ACTA has been released. Forfurther information on the negotiations see Yu, Peter. 2011. Six secret (and now open) fears ofACTA. Southern Methodist University Law Review 64: 978 et seq. and 1011 et seq.
228 S. Schmitz
Dow
nloa
ded
by [
Geo
rgia
Tec
h L
ibra
ry]
at 2
3:26
15
Nov
embe
r 20
14
60. Yu, Peter. 2011. Six secret (and now open) fears of ACTA. Southern Methodist University LawReview 64: 1018.
61. Meller, Paul. 2010. Leaked ACTA draft reveals plans for Internet clampdown. Computerworld,21 February 2010. http://computerworld.co.nz/news.nsf/news/leaked-acta-draft-treaty-reveals-plans-for-internet-clampdown (accessed 12 July 2012).
62. European Digital Rights. 2012. ACTA fact sheet. http://www.edri.org/ACTAfactsheet (accessed12 July 2012).
63. See http://keepthewebopen.com/.64. See European Commission. 2012. Proposal for a revision of the Directive on the enforcement of
intellectual property rights (Directive 2004/48/EC). Available online at http://ec.europa.eu/governance/impact/planned_ia/docs/2011_markt_006_review_enforcement_directive_ipr_en.pdf.
International Review of Law, Computers & Technology 229
Dow
nloa
ded
by [
Geo
rgia
Tec
h L
ibra
ry]
at 2
3:26
15
Nov
embe
r 20
14
