Recently I've gotten a lot of mail from concerned people wondering whether the Obama administration has secreted an "Internet kill switch" into a pending cybersecurity bill. As of yesterday, I can tell them: right needle, wrong haystack.
While it's apparently debatable whether the U.S. government already has the ability to shut sites down, proponents of the just-introduced Combating Online Infringement and Counterfeits Act (PDF) don't want there to be any confusion on the point: if this law is passed, it will. Not in the name of national security, but instead to protect the economic interests of U.S. intellectual property owners.
To put things in context, it's no secret aggressive enforcement by U.S. rightsholders in the entertainment, software, and other industries has driven online traffic in infringing material offshore. In May, the Congressional Anti-Piracy Caucus named China, Russia, Mexico, Canada and Spain -- home of some of the top file-sharing sites -- as its primary Axis of Evil, and of course Sweden, which houses the uber-resilient Pirate Bay, gets an honorable mention on any such list. The legislation introduced yesterday is evidence of a lightbulb going off over someone's head on the enforcement side of this struggle: though the U.S. lacks jurisdiction and control over far-flung Web hosts and ISPs, it has jurisdiction over the registries for the .com (VeriSign), .net (VeriSign), and .org (the Public Interest Registry) domains, and various other TLDs. "Let's use it," the rightsholders have declared.
Under this proposed new law, in light of the dominance of U.S. firms in the domain registry arena, U.S. rightsholders would be able to effectively flip the kill switch on sites offering allegedly infringing material without having to rely on the cooperation of pesky foreign governments and courts. Here's how Keith Kupferschmid, Senior Vice President for Intellectual Property Policy & Enforcement at SIIA, put it:
The legislation not only strengthens the DOJ’s ability to shut down individual domains; it also gives authorities the power to cut piracy off at the source by eliminating critical technical and financial resources. SIIA runs the industry’s most aggressive anti-piracy program, and we believe the legislation introduced today could greatly extend our reach and ability to thwart piracy – especially operations taking place on foreign websites.
Once the Justice Department concurred that a particular site was "dedicated to infringing activities," here's how it would work:
- The U.S. Attorney General institutes an in rem action against the site in question. In rem actions are actions directly against a property interest. Here, the property is the target site's domain name.
- If the domain's registry OR registrar is located within the U.S. (remember, that's all .coms, .nets, and .orgs), the action is to be brought in the local jurisdiction of the registrar or registry (e.g., VeriSign is headquartered in Dulles, VA).
- If the domain's registry or registrar is not located within the U.S., the action may be brought in the District of Columbia.
- Once the action is commenced, the Attorney General can apply for injunctive relief "against the domain name used by an Internet site dedicated to infringing activities, to cease and desist from undertaking any infringing activity...." There's no need for a trial to get the injunction; it can be issued immediately if the court is satisfied with the A.G.'s showing. And there's no call for a jury to be involved in granting the relief; injunctive relief is equitable in nature, and is dispensed by a judge only, no jury.
- Once the injunction issues, it's game over for the target site. If its registry or registrar is within the U.S., the order enjoining use of the domain by the site is simply served on that entity and -- POOF! No more site. The proposed law also anticipates that target sites will scramble for new identities, and makes it easy to expand the injunction to other domain names as needed.
- If the registry and registrar are both outside the U.S. -- and since that excludes all .coms, .nets, and .orgs, for practical purposes these are much smaller fish -- the order may still be used to 1) block access to the site within the U.S. (by directing ISPs to decline to resolve the address), 2) prevent financial transactions providers from completing transactions for U.S. customers, and 3) prevent ad networks from serving ads to the site associated with the blocked domain. These non-domain management-related providers have no incentive to challenge or object to the A.G.'s directives, as they are expressly immunized from liability associated with compliance.
Not being a D.C. insider or much of a policy wonk myself, I honestly don't know what to think about the chances of this proposed legislation becoming law. If it does, it may not remain one for long. Favoring COICA's passage is the fact it is presented as a bipartisan initiative, and Washington seems pretty receptive these days to rightsholders' complaints that their enforcement efforts are hamstrung. On the other hand, this bill is quite a land-grab, or domain-grab is more like it. It makes some sweeping assumptions about the ability and authority of U.S. courts to interfere with international entities, gives scant due to due process, and tosses the longstanding "substantial noninfringing use" principles of Sony v. Universal out the window by specifying only "commercially significant" uses are relevant in determining whether a site is "dedicated to infringement." (On that last point, legislatures can actually toss judicially-decreed wisdom out the window. But still.)
COICA shows that when it comes to enforcement, U.S. intellectual property interests have plenty of bold, creative, and innovative ideas. Though perhaps some of that initiative might be better directed at the business model side of things.
Update #1: Another interesting little tidbit is the bill's requirement that the Attorney General maintain a public list of domain names "that, upon reasonable information and belief, the Department of Justice determines are dedicated to infringing activities but for which the Attorney General has not filed an action under this section." It's like a most wanted list for copyright suspects. Again, with no trial. How'd you like to try to get/keep investors or insurance under those circumstances?
Update #2: Though this bill makes it easier to pursue alleged international infringers than otherwise would be the case, it applies equally to domestic U.S. ones as well. Thus, if this had been on the books when it could be more forcefully argued that YouTube had no "commercially significant purpose or use" beyond distributing infringing works, Keyboard Cat might still be tickling the ivories in obscurity.
More on COICA:
Gautham Nagesh, Bipartisan bill would ramp up anti-piracy enforcement online
Greg Sandoval, Lawmakers want power to shut down 'pirate sites'
Digital Music News, This Is War, Baby: Combating Online Infringement Act Hits the Senate