When Rep. Lamar Smith announced the Stop Online Piracy Act last month, he knew it was going to be controversial.
But the Texas Republican probably never anticipated the broad and fierce outcry from Internet users that SOPA provoked over the last week. It was a show of public opposition to Internet-related legislation not seen since the 2003 political wrangling over implanting copy-protection technology in PCs, or perhaps even the blue ribbons appearing on Web sites in the mid-1990s in response to the Communications Decency Act.
Screenshot by Declan McCullagh/CNET)
To learn how SOPA, and its Senate cousin known as the Protect IP Act, would affect you, keep reading. CNET has compiled a list of frequently asked questions on the topic.
Q: What’s the justification for SOPA and Protect IP?
Two words: rogue sites.
That’s Hollywood’s term for Web sites that happen to be located in a nation more hospitable to copyright infringement than the United States is (in fact, the U.S. is probably the least hospitable jurisdiction in the world for such an endeavor). Because the target is offshore, a lawsuit against the owners in a U.S. court would be futile.
The U.S. Chamber of Commerce, in a letter to the editor of the New York Times, put it this way: “Rogue Web sites that steal America’s innovative and creative products attract more than 53 billion visits a year and threaten more than 19 million American jobs.” The MPAA has a section of its Web site devoted to rogue Web sites. Jim Hood, the Democratic attorney general of Mississippi, and co-chair of a National Association of Attorneys General committee on the topic, recently likened rogue Web sites to child porn.
Who’s opposed to SOPA?
Much of the Internet industry and a large percentage of Internet users. An informal poll of its readership by BetaNews found that 95 percent oppose SOPA.
On November 15, Google, Facebook, Twitter, Zynga, eBay, Mozilla, Yahoo, AOL, and LinkedIn wrote a letter to key members of the U.S. Senate and House of Representatives, saying SOPA poses “a serious risk to our industry’s continued track record of innovation and job creation, as well as to our nation’s cybersecurity.” Yahoo has reportedly quit the U.S. Chamber of Commerce over its enthusiastic support for SOPA.
The European Parliament adopted a resolution last week stressing “the need to protect the integrity of the global Internet and freedom of communication by refraining from unilateral measures to revoke IP addresses or domain names.” Rep. Nancy Pelosi, the House Democratic leader, said in a message on Twitter last week that we “need to find a better solution than #SOPA.”
A letter signed by Zoe Lofgren and Anna Eshoo, both California Democrats, and Ron Paul, the Republican presidential candidate from Texas, predicts that SOPA will invite “an explosion of innovation-killing lawsuits and litigation.” Law professors have also raised concerns.
How would SOPA work?
It allows the U.S. attorney general to seek a court order against the targeted offshore Web site that would, in turn, be served on Internet providers in an effort to make the target virtually disappear. It’s kind of an Internet death penalty.
More specifically, section 102 of SOPA says that, after being served with a removal order:
A service provider shall take technically feasible and reasonable measures designed to prevent access by its subscribers located within the United States to the foreign infringing site (or portion thereof) that is subject to the order… Such actions shall be taken as expeditiously as possible, but in any case within 5 days after being served with a copy of the order, or within such time as the court may order.
How is SOPA different from the earlier Senate bill called the Protect IP Act?
Protect IP targeted only domain name system providers, financial companies, and ad networks — not companies that provide Internet connectivity.
Because SOPA is broader, even some companies who liked, or at least weren’t vocally opposed to, the Senate bill aren’t exactly delighted with the House version.
“Verizon continues to look at SOPA, and while it’s fair to say that we have concerns about the legislation, we are working with congressional staff to address those concerns,” a spokesman told us last week.
Tim McKone, ATT’s executive vice president of federal relations, said that “we have been supportive of the general framework” of the Senate bill. But when it comes to SOPA, all ATT would say is that it is “working constructively with Chairman Smith and others toward a similar end in the House.”
What are the security-related implications of SOPA?
One big one is how it interacts with the domain name system and a set of security improvements to it known as DNSSEC.
The idea of DNSSEC is to promote end-to-end encryption of domain names, meaning there’s no break in the chain between, say, wellsfargo.com and its customer. Requiring Internet providers to redirect allegedly piratical domain names to, say, the FBI’s servers isn’t compatible with DNSSEC.
Rep. Dan Lungren, who heads the Homeland Security subcommitteee on cybersecurity, said last week that an “unintended consequence” of SOPA would be to “undercut” the effort his panel has been making to promote DNSSEC.
The Sandia National Laboratories, part of the U.S. Department of Energy, also raised concerns about SOPA last week, saying it is “unlikely to be effective” and will “negatively impact U.S. and global cybersecurity and Internet functionality.” And Stewart Baker, the former policy chief at the Department of Homeland Security who’s now in private practice, warned in an op-ed that SOPA “runs directly counter” to the House’s own cybersecurity efforts.
An analysis (PDF) or Protect IP prepared by five Internet researchers this spring lists potential security problems. Among them: it’s “incompatible” with DNSSEC, innocent Web sites will be swept in as “collateral damage,” and the blacklist can be bypassed by using the numeric Internet address of a Web site. The address for CNET.com, for instance, is currently 18.104.22.168.
What will SOPA require Internet providers to do?
A little-noticed portion of the proposed law, which CNET highlighted on Friday, goes further than Protect IP and could require Internet providers to monitor customers’ traffic and block Web sites suspected of copyright infringement.
“It would cover IP blocking,” says Markham Erickson, head of NetCoalition, whose members include Amazon.com, Google, eBay, and Yahoo. “I think it contemplates deep packet inspection” as well, he said.
The exact requirements will depend on what the removal order says. The Recording Industry Association of America says that SOPA could be used to force Internet providers to block by “Internet Protocol address” and deny “access to only the illegal part of the site.” It would come as no surprise if copyright holders suggested wording to the Justice Department, which would in turn seek a judge’s signature on the removal order.
Deep packet inspection, meaning forcing an Internet provider to intercept and analyze customers’ Web traffic, is the only way to block access to specific URLs.
Are there free speech implications to SOPA?
SOPA’s opponents say so — a New York Times op-ed called it the “Great Firewall of America — and the language of the bill itself is quite broad. Section 103 says that, to be blacklisted, a Web site must be “directed” at the U.S. and also that the owner “has promoted” acts that can infringe copyright.
Here’s how Section 101 of SOPA defines what a U.S.-directed Web site is:
(A) the Internet site is used to provide goods or services to users located in the United States;
(B) there is evidence that the Internet site or portion thereof is intended to offer or provide such goods and services (or) access to such goods and services (or) delivery of such goods and services to users located in the United States;
(C) the Internet site or portion thereof does not contain reasonable measures to prevent such goods and services from being obtained in or delivered to the United States; and
(D) any prices for goods and services are indicated or billed in the currency of the United States.
Some critics have charged that such language could blacklist the next YouTube, Wikipedia, or Wikileaks. Especially in the case of Wikileaks, which has posted internal documents not only from governments but also copyrighted documents from U.S. companies and has threatened to post more, it’s hard to see how it would not qualify for blacklisting.
What has the response to this language been?
Mozilla, which makes the
Firefox Web browser, responded by creating a page saying: “Protect the Internet: Help us stop the Internet Blacklist Legislation.” It warns that “your favorite Web sites both inside and outside the US could be blocked based on an infringement claim.”
Web sites including Wikimedia (as in, Wikipedia) charged that SOPA is an “Internet blacklist bill” that “would allow corporations, organizations, or the government to order an internet service provider to block an entire website simply due to an allegation that the site posted infringing content.” Tumblr “censored” its users’ content streams, and reported that its users averaged 3.6 calls per second to Congress through the company’s Web site–nearly 90,000 total.
With a bit of HTML from AmericanCensorship.org, a Web site supported by the Free Software Foundation, the Electronic Frontier Foundation, and Public Knowledge, hundreds of Web sites “censored” themselves to protest SOPA. Even Rep. Zoe Lofgren, a California Democrat from Silicon Valley, has joined the fight-censorship protest.
For their part, the MPAA has been highlighting an analysis it commissioned from First Amendment lawyer Floyd Abrams, a former MPAA attorney, who concluded SOPA is perfectly constitutional. Here’s another pro-SOPA rebuttal.
Who supports SOPA?
The three organizations that have probably been the most vocal are the Motion Picture Association of America, the Recording Industry Association of America, and the U.S. Chamber of Commerce. A Politico chart shows that Hollywood has outspent Silicon Valley by about ten-fold on lobbyists in the last two years.
Supporters publicized letters from the National Fraternal Order of Police and the International Association of Fire Fighters lending their weight to the Web-blocking idea. Here are more statements from supporters at the time of SOPA’s introduction. And the AFL-CIO sent a representative to testify in support of SOPA at last week’s House hearing.
And in the U.S. Congress?
Support for Protect IP is remarkably broad, and SOPA a little less so. An analysis by the RIAA says that of some 1,900 bills that have been introduced in the Senate, only 18 other bills enjoy the same number of bipartisan cosponsors as Protect IP does.
That puts it in the top 1 percent of most popular bills, at least for this measurement of congressional enthusiasm.
What happens next?
In terms of Protect IP, the Senate Judiciary committee has approved it and it’s waiting for a floor vote. One hurdle: Sen. Ron Wyden, an Oregon Democrat, has placed a hold on the bill.
There are probably enough votes for SOPA be approved by the House Judiciary committee.
Where it goes from there is an open question that depends on where the House Republican leadership stands. Because the House’s floor schedule is under the control of the majority party, the decision will largely lie in the hands of House Speaker John Boehner and his lieutenants.
Another possibility is that there could be further House hearings on the security-related implications of SOPA, a move that would delay a final vote. An aide to House Judiciary chairman Lamar Smith told us last week that that there’s no indication yet as to any further hearings, but don’t be surprised if it happens.