Ron Wyden, senator from Oregon, released a very insightful letter yesterday in support of the SOPA blackout.
Protect IP (PIPA) and the Stop Online Piracy Act (SOPA) are a step towards a different kind of Internet. They are a step towards an Internet in which those with money and lawyers and access to power have a greater voice than those who don’t. They are a step towards an Internet in which online innovators need lawyers as much or more than they need good ideas. And they are a step towards a world in which Americans have less of a voice to argue for a free and open Internet around the world.
See the full letter on Sen. Wyden's site.
Yesterday, I made a post about the PROTECT-IP Act, explaining in some detail why it's such a dangerous proposition. But if you're like me, maybe you're tired of hearing second-hand arguments. You're not scared of a little legalese, and you want to check out the original source, Senate resolution 968 itself. Well, great! That's what this blog is really (or at least tries to be) about, and that's what I'm going to do in this post.
I have two goals here. For one thing, I'm trying to correct some of the misinformation that may be floating around on the web about PIPA. But I also want to make the point that laws aren't as scary as you might think. When you take a good, close look at them, it's not that hard to understand what is being said — sure, not well enough to argue them in court (unless you're a lawyer), but you can get a pretty decent sense of what is and isn't allowed.
This comes with two standard disclaimers:
PIPA, for all the fuss people have been saying about it, really just builds on existing copyright laws. So it makes sense to start by examining those laws, which are contained in title 17 of the United States Code.
Title 17 is a very long document, but there are three short parts that are especially relevant for interpreting PIPA. First, section 106 (or in the standard notation, 17 U.S.C. §106) defines six rights that are reserved to the holder of a copyright:
Subject to sections 107 through 122, the owner of copyright under this title has the exclusive rights to do and to authorize any of the following:
(1) to reproduce the copyrighted work in copies or phonorecords;
(2) to prepare derivative works based upon the copyrighted work;
(3) to distribute copies or phonorecords of the copyrighted work to the public by sale or other transfer of ownership, or by rental, lease, or lending;
(4) in the case of literary, musical, dramatic, and choreographic works, pantomimes, and motion pictures and other audiovisual works, to perform the copyrighted work publicly;
(5) in the case of literary, musical, dramatic, and choreographic works, pantomimes, and pictorial, graphic, or sculptural works, including the individual images of a motion picture or other audiovisual work, to display the copyrighted work publicly; and
(6) in the case of sound recordings, to perform the copyrighted work publicly by means of a digital audio transmission.
In short: copying, modification, distribution, public performance or display, and broadcasting all require the copyright holder's consent. If you do any of these things without having permission from the copyright holder, this is defined by section 501 as copyright infringement.
(a) Anyone who violates any of the exclusive rights of the copyright owner as provided by sections 106 through 122 or of the author as provided in section 106A (a), or who imports copies or phonorecords into the United States in violation of section 602, is an infringer of the copyright or right of the author, as the case may be.
In addition to the six actions mentioned above, it's also illegal to provide specific information that allows someone else to bypass technological measures which prevent them from infringing copyright. For example, the contents of DVDs are encrypted, and distributing the software that allows people to break the encryption and use the DVD is illegal — unless you have permission from whoever owns the copyright on the DVD contents. Section 1201 has the details. It's kind of long, but here are some of the important parts:
(a) Violations Regarding Circumvention of Technological Measures.
(1)
(A) No person shall circumvent a technological measure that effectively controls access to a work protected under this title....
....
(2) No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that—
(A) is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title;
(B) has only limited commercially significant purpose or use other than to circumvent a technological measure that effectively controls access to a work protected under this title; or
(C) is marketed by that person or another acting in concert with that person with that person’s knowledge for use in circumventing a technological measure that effectively controls access to a work protected under this title.
and so on. (If you're about to complain that I'm taking this out of context, great! Go read it yourself.)
The laws I've listed above, sections 501 and 1201, are referenced by the PROTECT-IP Act in its definition of "internet site dedicated to infringing activities." The following text occurs in section 2 of the bill:
(7) the term 'Internet site dedicated to infringing activities' means an Internet site that--
(A) has no significant use other than engaging in, enabling, or facilitating the--
(i) reproduction, distribution, or public performance of copyrighted works, in complete or substantially complete form, in a manner that constitutes copyright infringement under section 501 of title 17, United States Code;
(ii) violation of section 1201 of title 17, United States Code; or
(iii) sale, distribution, or promotion of goods, services, or materials bearing a counterfeit mark, as that term is defined in section 34(d) of the Lanham Act; or
(B) is designed, operated, or marketed by its operator or persons operating in concert with the operator, and facts or circumstances suggest is used, primarily as a means for engaging in, enabling, or facilitating the activities described under clauses (i), (ii), or (iii) of subparagraph (A);
This definition winds up being the legal basis for the enforcement procedures in later sections of the bill. In other words, if you get sued or prosecuted under PIPA, it will be because you allegedly violated one of these existing laws, 17 U.S.C. §501 or §1201. This is why, in my previous post, I wrote that PIPA doesn't add anything new to copyright infringement — for ordinary citizens, it doesn't make anything illegal that wasn't already illegal. It does require certain behaviors from ISPs, DNS providers, payment gateways, and advertisers, but we'll get to that later.
What PIPA does do is drastically increase the allowable penalties for having copyrighted material hosted on your site. This is one of the parts that many people find particularly objectionable about it (and SOPA).
At issue is the fact that a lot of websites these days get much of their content from contributions by their users. And it's possible that some of those contributions are infringing material. Under the direct interpretation of 17 U.S.C. §501, the website hosting the content is legally liable for this, because by hosting the content and allowing others to download it, they are either distributing it or publicly displaying it, perhaps depending on how technically-minded you are.
Currently, the law that governs the consequences of online copyright infringement is the Digital Millennium Copyright Act. It's gotten its fair share of complaints, but it's nowhere near as restrictive as SOPA and PIPA. One of the main reasons the DMCA has been considered tolerable is codified in 17 U.S.C. §512, of which an excerpt follows:
(c) Information Residing on Systems or Networks At Direction of Users.—
(1) In general.— A service provider shall not be liable for monetary relief, or, except as provided in subsection (j), for injunctive or other equitable relief, for infringement of copyright by reason of the storage at the direction of a user of material that resides on a system or network controlled or operated by or for the service provider, if the service provider—
(A)
(i) does not have actual knowledge that the material or an activity using the material on the system or network is infringing;
(ii) in the absence of such actual knowledge, is not aware of facts or circumstances from which infringing activity is apparent; or
(iii) upon obtaining such knowledge or awareness, acts expeditiously to remove, or disable access to, the material;
(B) does not receive a financial benefit directly attributable to the infringing activity, in a case in which the service provider has the right and ability to control such activity; and
(C) upon notification of claimed infringement as described in paragraph (3), responds expeditiously to remove, or disable access to, the material that is claimed to be infringing or to be the subject of infringing activity.
This snippet is part of what is known as the Online Copyright Infringement Liability Limitation Act, at least according to Wikipedia. Most people just call it the safe harbor provision. Essentially, it means that if you're operating an online service on which somebody has uploaded material that infringes copyright, you're not legally liable for the infringement, as long as you take the material offline upon receiving a proper notice. This puts the primary responsibility for avoiding copyright infringement on the users who upload it, not on the host. It allows sites like Facebook, Wikipedia, and Reddit (and millions of others) to exist without having to actively monitor the material uploaded by their users for copyright violations.
Under PIPA, it's a whole different story. This bill doesn't contain anything analogous to the DMCA safe harbor provision. What it does contain is the following piece, in section 3, which allows the U.S. Attorney General to obtain a court order calling for legal action against a foreign site (more on this later) suspected of copyright infringement.
(1) IN GENERAL- On application of the Attorney General following the commencement of an action under this section, the court may issue a temporary restraining order, a preliminary injunction, or an injunction, in accordance with rule 65 of the Federal Rules of Civil Procedure, against the nondomestic domain name used by an Internet site dedicated to infringing activities, or against a registrant of such domain name, or the owner or operator of such Internet site dedicated to infringing activities, to cease and desist from undertaking any further activity as an Internet site dedicated to infringing activities, if--
(A) the domain name is used within the United States to access such Internet site; and
(B) the Internet site--
(i) conducts business directed to residents of the United States; and
(ii) harms holders of United States intellectual property rights.
Note that all of the following measures can be imposed based on only a court order. Not a full trial. All that is needed is for a judge to sign off on it.
Later on in the section, PIPA specifies the actions that can be taken against alleged copyright infringers:
(d) Required Actions Based on Court Orders-
(2) REASONABLE MEASURES- After being served with a copy of an order pursuant to this subsection:
(A) OPERATORS-
(i) IN GENERAL- An operator of a nonauthoritative domain name system server shall take the least burdensome technically feasible and reasonable measures designed to prevent the domain name described in the order from resolving to that domain name's Internet protocol address....
This requires operators of DNS nameservers to remove all DNS records of the infringing domain, so the site can't be accessed by name. For example, if the DNS records for this site were removed, www.ellipsix.net would no longer resolve to my server's IP address, 69.164.216.133, and you would have to know those numbers in order to access this site. If the nameservers that hold these records are not under U.S. jurisdiction, ISPs would be required to present "fake" DNS records which lead you to the wrong website when you type the domain name into your browser. This would be a Bad Thing because the way DNS works, servers all over the world have to sync up with each other, and trust that they are in sync. PIPA's DNS provisions would break that, and instead require that U.S.-based DNS servers provide different information from foreign servers, which could potentially wreak havoc on the system. Besides, in practice, it's pretty easy to register another domain name for any given site, which makes this particular countermeasure fairly ineffective.
(B) FINANCIAL TRANSACTION PROVIDERS- A financial transaction provider shall take reasonable measures, as expeditiously as reasonable, designed to prevent, prohibit, or suspend its service from completing payment transactions involving customers located within the United States and the Internet site associated with the domain name set forth in the order.
This prohibits banks and other financial institutions (like PayPal) from brokering transactions between anyone in the United States and the infringing site. If this provision were invoked on an online business, it would completely shut down their ability to operate within the U.S. Or, applied to a nonprofit foundation, it cuts off their ability to receive donations from Americans.
(C) INTERNET ADVERTISING SERVICES- An Internet advertising service that contracts with the Internet site associated with the domain name set forth in the order to provide advertising to or for that site, or which knowingly serves advertising to or for such site, shall take technically feasible and reasonable measures, as expeditiously as reasonable, designed to--
(i) prevent its service from providing advertisements to the Internet site associated with such domain name; or
(ii) cease making available advertisements for that site, or paid or sponsored search results, links or other placements that provide access to the domain name.
This subparagraph prohibits online advertising agencies from displaying ads on the infringing site, and from displaying ads for the infringing site. Like the previous item, this would drastically limit an online business's ability to reach out to potential customers, and it also prevents sites of all sorts from gaining revenue by displaying ads. This is a reasonable tactic to take against websites that truly are devoted to infringing activities, because advertisements are often how they make their money. But without the proper procedures to ensure that it doesn't get misused, it's a dangerous provision.
(D) INFORMATION LOCATION TOOLS- An service provider of an information location tool shall take technically feasible and reasonable measures, as expeditiously as possible, to--
(i) remove or disable access to the Internet site associated with the domain name set forth in the order; or
(ii) not serve a hypertext link to such Internet site.
This last subparagraph requires search engines and similar sites, potentially including anything that links to other sites (i.e. any website in existence) to remove from their listings any results for the infringing site. Outside of China, most (useful) content on the web is found through U.S.-based search engines, specifically Google, Bing, and Yahoo. Forcibly removing a site from all their results will flat-out kill it.
Of course, as with the advertising clause, if a true copyright infringement site gets hit with this, then good, the law is working. But in a case of mistaken identity, overzealous prosecution, or judicial corruption (rare, but it happens), if a non-infringing site like Wikipedia is removed from search engine results, the consequences will be pretty disastrous. Just think, what would it be like if today's Wikipedia blackout were permanent, and you couldn't get around it by hitting Esc at the right time?
There are similar provisions in section 4 which allow the copyright holder (in addition to the Attorney General) to take similar actions. But there are a couple of key differences:
Still, that's a pretty heavy hammer to hit a site with. It may not take them entirely offline, at least not directly, but it does cut off the site's financial support, and any website that's reasonably popular needs that financial support to survive.
In sections 3 and 4, PIPA specifies that the U.S. Attorney General or a copyright holder can initiate legal action against a website they allege to be infringing copyright. But that's not the end of it. Section 5(a) goes beyond that and actually encourages financial institutions and advertising services to proactively cut off websites for suspected copyright violations by providing them with legal immunity for doing so.
(a) In General- No financial transaction provider or Internet advertising service shall be liable for damages to any person for voluntarily taking any action described in section 3(d) or 4(d) with regard to an Internet site if the entity acting in good faith and based on credible evidence has a reasonable belief that the Internet site is an Internet site dedicated to infringing activities.
In other words, as long as they act with a "reasonable belief" that the website is "dedicated to infringing activities", the financial institution or ad provider suffers no legal consequences for terminating their relationship with the site, regardless of whether the alleged copyright infringement turns out to be valid or not. There are a couple of problems with this: first of all, it encourages what is effectively virtual vigilante justice, in which websites are subject to disciplinary action, with legal force, but without going through the full process of the American justice system. But perhaps more worrying is the fact that "reasonable belief" can be twisted to mean all sorts of things. Admittedly I can understand Congress's motivation to give companies some flexibility to stamp out online copyright infringement — but when you have the ability to completely "bury" a website, that ability needs to be strictly controlled.
PIPA uses the phrase "nondomestic domain name" in several places, especially in section 3, which (if you remember) specifies the actions that the Attorney General can bring against foreign sites with a court order. Some supporters of the bill argue that this provision prevents it from being used against, for lack of a better term, "good" websites — the ones that are obviously not copyright infringers, and are just trying to make the internet a better place.
But there's a problem with that. Look at the definition in section 2:
(9) the term 'nondomestic domain name' means a domain name for which the domain name registry that issued the domain name and operates the relevant top level domain, and the domain name registrar for the domain name, are not located in the United States;
The internet is a global network, where boundaries between different countries often get blurred. It's not at all uncommon that a website uses a domain name from one country, a registrar in a different country, and a hosting service in yet another country. For example, a lot of major websites operate URL shorteners whose domain names, like bit.ly, are registered with foreign registrars to take advantage of various two-letter country codes. All of those qualify as nondomestic for purposes of PIPA. On the other hand, a website registered with a U.S. domain name won't necessarily operate in the U.S. In particular, the major top-level domains like .com and .net are operated by American registrars. Many sites thus qualify as domestic under PIPA even though the U.S. government ostensibly no jurisdiction over them.
Besides all that, the fact is that many internet companies have multinational operations. Domain name registrars can have servers in many different countries, and can distribute their operations among these servers in various ways, which potentially allows the domains they host to be considered either domestic or nondomestic depending on when a court order is issued against them. Many larger websites themselves have operations in multiple countries — they may host files on content delivery networks which have servers around the world, and they may hold multiple domain names registered in different countries. Example: Google holds google.com, google.ca, google.co.uk, and a whole bunch of others. All of this makes it pretty murky to determine whether any given website is actually considered domestic or nondomestic, and there's no guarantee that the answer you get will really make sense.
So what are we going to do about all this? If you agree that these bills would be dangerous for the internet, contact your senators and representatives and ask them to vote against SOPA (H.R. 3261) and PROTECT-IP (S. 968)! Information on how to do that is all over the web, especially on several of the major websites which are blacked out today:
The full text of each bill can always be accessed through the Library of Congress:
You can also have a look at some other posts I've written about these bills
As I recently posted, SOPA and PIPA, the bills that represent the next step in the media industries' war on piracy (or, to be fair, what they call piracy), have been getting increasing amounts of attention. And it's bringing results: just yesterday, the Stop Online Piracy Act (SOPA) was pulled from consideration in the House of Representatives.
While this is a big win for the internet, it's only part of the battle, because the PROTECT-IP Act (PIPA), a nearly identical bill, is still scheduled for a vote in the Senate on January 24, a week from today. So it's still not too late to contact your senators and ask them to oppose the bill! Wikipedia has also joined the cause, pledging to black out its site tomorrow to raise awareness.
A friend of mine recently made a post about SOPA on the FreshySites blog which I think shows how some of the information about what these bills do has been distorted as it's traveled around the web. With the blackouts of Wikipedia, Reddit, and other sites poised to draw a lot of public attention to the bills, I thought this would be an opportune time to clarify exactly why PIPA is so bad.
Contrary to what some people are saying, PIPA does not actually change the definition of copyright infringement. It doesn't make anything illegal that wasn't illegal before (except for certain companies, but more on that later). What it does do is drastically increase the penalties you face if you are infringing copyright. Currently, under the DMCA, if someone asserts that copyrighted material is available on your site, you can take the material off the site. As long as you do this promptly upon receiving the proper sort of request, you're not responsible for the copyright infringement. If the person who originally posted it doesn't believe that the copyright violation is really a violation at all, they can file a counter-notice to say so; then it goes to court, and the copyright holder has to prove that the copyright violation is real.
Under PIPA, that whole procedure changes. If someone asserts that copyrighted material is available on your site, according to subsections 3(d) and 4(d) of PIPA, they can get a court order requiring the following
Additionally, if your site is “foreign” (you’re using a web host or DNS registrar in another country):
Even though the restrictions only apply to companies that operate in the US, that still cuts you off from Google, Bing, Yahoo, PayPal, Visa, MasterCard, and most banks, not to mention your whole site is inaccessible from anywhere in America — all based on the accusation that you were hosting copyright material. Even if it wasn’t under your control (say, one of your site's users uploaded it), you still suffer the consequences.
The other thing to complain about is that in section 5, PIPA encourages websites, ISPs, DNS resolvers, search engines, etc. to proactively blacklist sites that they suspect might be in violation of the act. So, for example, Google can remove your website from their search listings, or PayPal can arbitrarily close your account, or so on, and as long as they claim a reasonable belief (whatever that means) that your site was infringing copyrights, you have no recourse against them. To some extent, this is already possible, since most of these sites’ terms of service include a provision that they may terminate your account for any or no reason. But those provisions don't have the legal force of the US Justice Department behind them. Right now, Google isn't required to remove a site from their search index just because the government says the site is violating copyright. PIPA would change that. Hopefully, you can see how this opens up a huge potential for abuse.
I've written a couple of posts about SOPA and PIPA, the copyright legislation currently making its way through Congress, and the widespread efforts to stop it. There's some good news on that front: these pieces of legislation have been attracting increasing amounts of media attention lately, and Congress is beginning to respond. The DNS blocking provisions of the bill have been pulled (for now, at least), removing a threat to one of the foundations of the internet, and over in the Senate, influential senators are asking for a vote on PIPA (the PROTECT-IP Act) to be postponed so the bill can be further reviewed and possibly amended. Additionally, the White House has issued an official response to two petitions calling for President Obama to veto any of this legislation that does pass through Congress, and while he hasn't promised to do so, it does show that the administration is at least thinking about the implications this legislation would have for free expression online.
But the war against SOPA and PIPA is not over yet, in part because a lot of people just don't know all this is happening. To raise awareness, Reddit will be proceeding with a planned "blackout" of the site this Wednesday, in which the normal content will be replaced by an educational message about PIPA/SOPA. Several other sites will be following suit, including Minecraft, ICanHazCheezburger (the whole network of meme sites), BoingBoing and Rasberry Pi. Wikipedia is soliciting contributor input on whether to join as well. If you're a website owner, consider "blacking out" your own site on January 18 to join in the protest.
If you believe, like I do, that these bills are too open-ended and should not be passed, there's still time and reason to contact your senators and representatives. PIPA is scheduled to come up for a vote on January 24, which is just over a week away, and the more calls and letters the senators get, the more likely they are to vote against it. And even though the vote on SOPA has been indefinitely postponed, it still constitutes a looming threat to internet freedom. Don't hesitate to let Congress know who they are supposed to be representing!
The Mozilla Foundation, the group behind Firefox, is organizing another campaign against the PROTECT-IP Act. This time, they're asking voters to call the Senate next Tuesday (they don't give a date, but I'm guessing this is tomorrow) to register their opposition to the act.
As I've previously written, PROTECT-IP is a bill designed to discourage distribution of copyrighted material online. It would greatly expand the actions that the government is allowed to take with respect to websites or online services that are suspected of being involved in this distribution. There is a widespread concern that the powers granted by this bill are too easily abused, and that they will be ineffective. If you believe, as I do, that this is going too far, please consider contacting your representatives in Congress to let them know.
Thanks to campaigns like last week's American Censorship day, computer users around the United States (and beyond) have been sitting up and paying attention to two bills regarding online copyright infringement that are now working their way through Congress: SOPA and PROTECT-IP. There is a lot of hype about how the law represented by these bills would be a terrible affront to free speech, and it may or may not be right, but as usual when it comes to legal matters, many people don't have the knowledge to judge for themselves. With this blog post and possibly others like it, I'm trying to get relevant information out there so we can all make more informed decisions.
(Full disclosure: I am personally opposed to the passage of SOPA/PROTECT-IP, but I've tried not to let that bias come through too strongly.)
Back in the days before internet use was so widespread, media redistribution was not a major problem. If you wanted to share a song or a video with someone, you had to physically lend them a tape, CD, or DVD. Yes, it was possible to make copies of media, but it required specialized equipment, and more importantly, it took time and effort for ordinary people to do. Media distributors, namely the record companies and movie studios, were largely the only ones with the resources to do this efficiently on a large scale.
With the advent of computers, and specifically high-speed internet access, that's no longer true. Now, in order to share some information with someone, you no longer need to hand off an actual physical object. Instead, all your computer needs to do is transfer the state of some transistors (your RAM) into electrical signals in a wire (your modem or network card), basically just shift some electrons around. This is a highly repetitive task, exactly the kind of thing computers can do very efficiently. In other words, copying large amounts of information has suddenly become quick and easy enough that individuals can do it.
To most people, this is a good thing. The entire purpose of the internet is to allow individuals to disseminate information widely: blog posts, tweets, personal photos, status updates, news articles, academic publications, advertisements, and all sorts of other types of content all benefit from having as many people see them as possible. But computers don't distinguish between different kinds of content the way humans do, so technologically speaking, any system that lets people share their blog posts and tweets and so on can be used just as well for sharing music and movies. This represents a problem for the multimedia industry's traditional business model, where they make money from each copy of a CD or DVD that gets sold.
In response, the representative trade organizations for the music and movie industries, the RIAA and MPAA respectively, have used various tactics to try to stop movies and music from being shared between people.
One tactic the media organizations have tried is making computers "smart" enough to pick out copyrighted content from all other internet traffic and stop it in transit. This is called "deep packet inspection" because rather than examining only the header data of each IP packet, which tell where the packet is from and where it's going, computers look "deeper" into the packet, at its actual content. This system requires the coorperation of the tier-1 internet service providers, because they are the ones who control the computers that manage all the data sent over the internet. There was a large public outcry against this system because of the potential for abuse; once the technology to look into packet contents comes into common use for one reason (like catching copyright violations), it becomes almost trivially easy for someone with the right kind of access to use it for another purpose (like silencing political opposition). ISPs have also generally opposed the idea because, although they do use deep packet inspection under limited circumstances, checking every packet that passes through their system requires a lot of computational power. Besides, the use of deep packet inspection to detect copyrighted material in transit was easily nullified by encrypting data before sending it out over the internet, using services like Tor or the SSL encryption that's built into every browser and most web servers.
When technological measures proved impractical, the media industries shifted their focus from the ISPs to the "online service providers," sites like YouTube or Facebook which actually host user-submitted content that may include music or movie files. To do so, they used the provisions of the Digital Millennium Copyright Act, a 1998 law that governs copyright protection for files and digital data.
Normally, copyright law holds any person or organization which distributes copyrighted material accountable for that distribution. However, there is a piece of the DMCA called the Online Copyright Infringement Liability Limitation Act, commonly known as the "safe harbor provision," which specifies that an online service provider is not legally liable for infringing material uploaded by its users, as long as they remove the content once notified of it.
The safe harbor provision is what allows sites like YouTube to operate; effectively, they get to pass the legal "blame" for copyright infringement on to their users.
The DMCA does, in principle, allow anyone to get any content taken off a particular website, but only temporarily. A key feature of this procedure is that whenever something gets "flagged" as copyright infringement, the person who uploaded it has to be notified, and has the option to respond and get the content restored. Plus, if a takedown notice turns out to be invalid and it's not just an honest mistake, there are (supposed to be) consequences for the sender of the notice, which discourages sending frivolous DMCA takedown notices.
In addition to sending takedown notices to hosting proviers, the RIAA and MPAA also attempted to directly track down users who are publishing copyrighted content and threaten legal action against them. Unlike a large company (YouTube), an individual internet user often doesn't have the resources to fight a court battle to demonstrate that he (or she) isn't doing anything illegal. So most of the time, when random Joe Schmoe gets a notice from the RIAA or MPAA that he's been caught illegally distributing copyrighted material and is getting served with a lawsuit unless he settles for $XXX, he's just going to pay up.
This technique, though kind of sleazy, probably would have been more or less acceptable if it were only used on serious, confirmed copyright infringers. But it went much further than that. The media companies decided to "outsource" the work of tracking down and notifying copyright infringers to a separate company, MediaDefender. MediaDefender, in turn, started using automatic computer programs to detect uploaders of copyrighted content and send out infringement notices. As I alluded to earlier, computer programs aren't smart enough to reliably tell when they've found true copyright infringement and when they haven't. Perhaps you can see where this is going: MediaDefender sent out a lot of threatening letters to people who had done nothing wrong, and in some cases not to people at all. There are stories circulating on the internet about how some researchers got a settlement offer sent to their printer.
The reason this happened is that it's actually very difficult to make the connection between the uploading of a copyrighted file and the real person responsible for it. The way MediaDefender and companies like it typically locate copyright infringers is by connecting to the BitTorrent network and attempting to download a movie. When you use BitTorrent to download something, you have access to the IP addresses of all the other computers you're downloading it from. Each of those is uploading the file, which qualifies as illegal distribution. Or so MediaDefender assumed.
There are a few ways this argument can go wrong, though, which they typically forget to check. For one thing, in some cases the file they were downloading was not even copyrighted material, or if it was, the copyright was not owned by one of MediaDefender's clients. They often checked only based on the name, not by examining the content of the file to see if it was what they thought it was. Secondly, some uploaders connect to the BitTorrent network through a proxy server, or something like Tor. In this case, the IP address the downloader sees is that of the proxy server, which legally is not responsible for the content passing through it.
After the stories went public and people saw how unreliable the techniques for identifying copyright infringers were, the RIAA and MPAA bowed to public pressure and stopped using MediaDefender's services.
The latest entry in the war on copyright infringement is the bill known as either SOPA or PROTECT-IP, or more recently the E-PARASITE Act, and yes, those acronyms are exactly as stupid as they sound. All three names refer to more or less the same thing; SOPA or E-PARASITE is the version being considered by the House of Representatives, and PROTECT-IP is the version originally proposed by the Senate. These bills are intented to expand on the DMCA, and generally they provide additional means by which copyright owners (meaning the large media companies) can have content removed from being available online.
But they don't stop there. Rather than just providing for the removal of copyrighted content, as the DMCA did, these bills contain procedures that would basically cripple any website accused of facilitating the distribution of copyrighted material. If SOPA/PROTECT-IP passes, it becomes illegal for any US-based company to advertise on such a website, provide it with a domain name, or allow any payments to be made to it.
Remember, the reason people are concerned about this is not that they want to avoid paying for DVDs. The problem is twofold:
If nothing else, consider that the list of people and companies who are opposed to SOPA and PROTECT-IP includes everyone from Google to Visa to the technology chief of the European Union to even the Vice President (sort of... indirectly). I'd say they have to have some valid points.
In closing, since one of the core themes of this blog is going to the original source, I'd encourage you to look at the actual text of each bill and put some thought into just how good or bad it would be for economic, artistic, and scientific development. Here are the links again, as of the time of posting:
To see current information on the status of each bill, head to the Library of Congress legislative information site and search for the bill number, either HR 3261 or SR 968.