Thursday, December 15, 2011

The Stop Online Piracy Act

Guest Blogger

Nick Bramble

The apparent purpose of section 105 of the Stop Online Piracy Act (SOPA) is to delink access and funding blockage decisions from the presence of a court order, and instead to condition these actions upon the existence of “credible evidence” of infringement and the good faith belief of the provider taking the action. But section 105 suffers from ambiguous references to sections 102 and 103 of SOPA, yields little clarity as to the basic question of when providers may restrict information and financial flows in the absence of a court order and still receive broad legal immunity, and may encourage actions that have little to do with the purpose of the underlying bill. The confusing structure of section 105 is particularly problematic given the possibility for abuse by service providers and others with an interest in labeling competitors as “foreign infringing sites” or “sites dedicated to theft of U.S. property” without judicial oversight.

I.The Text of SOPA § 105

The December 12 amendment to SOPA contains the following provision:

SEC. 105. No cause of action shall lie . . . and no liability for damages to any person shall be granted against, a service provider, payment network provider, Internet advertising service, advertiser, Internet search engine, domain name registry, domain name registrar, entity described in section 101(20)(B), or Internet Protocol Allocation entity . . . for taking the actions described in section 102(c)(2) or section 103(c)(2) with respect to an Internet site, acting in good faith and based on credible evidence, that—

(1) the Internet site is a foreign infringing site, is an Internet site dedicated to theft of U.S. property, or is an Internet site that endangers the public health; and

(2) the action is narrowly tailored and consistent with the entity’s terms of service or other contractual rights, and with the purposes of this title.

Section 105 refers to two different sets of actions. The “actions” in section 102(c)(2) are reasonable measures taken pursuant to a court order by service providers, Internet search engines, payment network providers, and Internet advertising services to block access to and funding of foreign infringing sites.

The “actions” in section 103(c)(2), on the other hand, are reasonable measures taken pursuant to a court order by payment network providers and Internet advertising services to block access to and funding of sites dedicated to the theft of United States property. In a previous draft, section 103 of SOPA made no reference to any requirement for a court order, but the new draft does.

Unlike the sections to which it refers, however, section 105 lacks any requirement for a court order. Instead, the purpose of section 105 is to carve out a wide berth of legal immunity for providers who take the above-listed “actions” in the absence of a court order. Yet the brevity of section 105, especially in comparison to the detailed provisions in sections 102 and 103, results in a section that lends itself to confusion as well as potential mischief.

II. Points of Confusion

As a first point of confusion, the range of providers listed in section 105 is wider than the range of providers identified in sections 102(c)(2) and 103(c)(2). Whereas sections 102 and 103 of SOPA proceed on a provider-by-provider basis and seek to circumscribe the kinds of actions each provider must take to restrict financial and information flows to targeted sites, section 105 simply groups all these providers and actions together, adding several providers that are not even listed in those earlier sections. This raises a series of questions:

· Does SOPA grant every entity listed in section 105—service providers, payment network providers, Internet advertising services, advertisers, search engines, domain name registries, domain name registrars, depository institutions, and Internet Protocol Allocation entities—full immunity to use any of the access-blocking powers listed in sections 102 and 103?

· Alternatively, does section 105 refrain from granting immunity to those providers listed in section 102 but not in section 103—service providers and search engines—when they voluntarily take actions described in section 103 in the absence of a court order?

· Furthermore, when may a domain name registrar such as Go Daddy, which is listed in neither section 102(c)(2) nor section 103(c)(2), take actions against foreign infringing sites or sites dedicated to theft of U.S. property and acquire immunity under section 105?

The first interpretation—allowing all entities to gain immunity for exercising any section 102 or 103 power, even in the absence of a court order—seems to be the clearest interpretation of section 105, as all other interpretations would render the inclusion of domain name registries, registrars, and depository institutions in section 105 nonsensical.

But if the purpose of section 105 is to grant immunity to all listed providers for engaging in any of the actions described in sections 102 and 103, then why does SOPA list these different providers separately in earlier sections? There is a clear principle underlying the decision to include certain providers in section 102 but not in section 103. Section 103, after all, is potentially broader in scope: it requires certain providers to cut off access not just to primary foreign infringers but also to secondary inducers of such infringement and those who have taken steps to foster infringement. As a result, section 103 has been cabined to include only payment network providers and Internet advertising services. This limitation of section 103 to a narrower range of payment and advertising providers is consistent with the “follow the money” approach towards which SOPA has been evolving.

Yet if section 105 immunizes non-financial providers—ISPs such as Comcast, search engines such as Yahoo, registrars such as Go Daddy, and others—from liability for blocking websites that may (or may not, given the loose evidentiary standard) be secondarily or tertiarily responsible for infringement, then section 105 effectively disregards the “follow the money” approach in favor of a kitchen-sink approach where numerous entities are encouraged to act as uncoordinated private enforcement officers.

III. Broader Concerns

Under the “every entity can exercise every power” interpretation of section 105 that is likely to prevail, SOPA transforms the broad power to go after those who induce or foster infringement from a requirement in sections 102 and 103 to an immunized option in section 105. Furthermore, section 105 strips that power of the judicial and procedural safeguards associated with sections 102 and 103, and opens up the private enforcement power to a wide range of providers with competitive and ecosystem-wide interests extending far beyond those of payment and advertising providers.

Granting domain name server operators—which include almost all ISPs—immunity for blocking access to websites that they suspect are secondarily involved in infringement may, then, without any corresponding procedural safeguards, result in pretextual anticompetitive uses of SOPA well beyond the purposes of the law. At the very least, section 105 is likely to yield confusion on the parts of many providers as to when they are immunized from blocking the flow of information or money to targeted sites, and what constraints they must satisfy before they do so.

The immunity provisions currently in section 105 of SOPA should either be eliminated from the text of SOPA or tightly cabined to a narrower range of providers, a more specific range of actions, and robust procedural safeguards.

Nick Bramble is the Law and Media Program Director at the Yale Information Society Project. You can reach him by e-mail at nicholas.bramble at