So if the lovely SOPA legislation gets passed, here's what would happen to HfS:
- YOU (the taxpayer) would help foot the cost of policing our blogs (they'd have to hire an army of administrators), and if we got a complaint, we could be shut down while we fought it out in court;
- HfS would have to monitor closely every comment on every blog post to make sure it didn't link to anything infringing, or we could be blacked out... we can already sense our competitors rubbing their hands with anticipation.
So, without further ado, here's our security analyst, Jim Slaby, explaining why this legislation is akin to cracking a walnut with a sledgehammer...
If you were surprised to find Wikipedia offline yesterday, you weren’t alone: many Internet users were unaware of the widespread one-day online protest against SOPA and PIPA, two bills before the US Congress designed to fight online media piracy. Participation ranged from outright shutdown to the display of prominent protest messages or symbols. High-profile players included Wikipedia, Craigslist, Google, and many media sites, but thousands of other less-trafficked sites also participated.
What got them up in arms? The Stop Online Piracy Act (SOPA, the US House of Representatives' version of the bill) and the Protect IP Act (PIPA, the US Senate version) are aimed at curbing online piracy of movies, TV programming, music, and other copyrighted content. Largely written by lobbyists for the RIAA, the MPAA, professional sports organizations and media conglomerates (Sony, ESPN, et. al.), its aim is laudable: ensuring that the artists that create original content, broadcasts of professional sporting events, and the companies that distribute them get paid for their work. We at HfS Research feel the sting of piracy ourselves -- at least intellectual piracy, judging from some of our competitor’s eerily familiar-sounding reports – but it’s obvious to us that SOPA and PIPA are going about the problem all wrong.
Critics call the implementation of the legislation grossly heavy-handed: it gives the Justice Department the authority to order a blackout (using Internet domain-name filtering) not only of any website accused of hosting copyrighted content without authorization, but worse: any site that links to such a site. With nothing more than a letter of complaint, copyright holders could force payment networks (like Visa and Paypal) to block payments to such sites. If your corporate website has a blog or discussion forum that accepts comments, a link posted by a user in a comment could offend copyright holders.
To quote The Daily Show’s hilarious illustration of the problem, your site could be shut down for some commenter on one of your blogs linking to a YouTube clip of you dancing in footie pajamas to a Beyoncé song while a rerun of the Bob Newhart Show plays mutely in the background on your TV. (Incidentally, the copyright violation would be the Newhart clip.)
Viewing it in terms of the Constitutional protections of due process and free speech, it’s a disaster: it effectively reverses the hallowed American legal precept of “innocent until proven guilty”. The possibilities for rampant abuse are chilling, as it grants the Feds with virtually unchecked censorship powers. But let’s look at it purely as a commercial proposition. Your corporate website could remain blacked out for extended periods while you fight a copyright suit in court. You’d have to scrutinize every comment posted on every blog or online forum or discussion board on any or your websites to scrub potentially offending links.
For buyers of outsourcing services, you’d have to start renegotiating for contractual protections to ensure that your provider does nothing to get the websites they’re running on your behalf blocked, too. You would have to assume the burden of proof, and all the costs of doing so, to demonstrate that nothing on your websites, and no website any of them even link to, infringe on any legitimate copyright.
HfS Research is all for the protection of copyright holders: we gladly pay for our movies, music, and on-demand reruns of The Wire and Deadwood. And we hope our subscribers aren’t giving pirated copies of our reports to their friends. (Come on: we give you tons of great content for free already!) But in essence, this boils down to an issue of digital rights management (DRM), and in the marketplace, that’s a thorny one. Even Apple, with perhaps more power to move the consumer market toward standards than any other vendor – it effectively killed Flash, forcing Adobe to move to HTML 5 – largely threw in the towel on traditional DRM a few years ago.
In the interest of zealously protecting the interests of copyright holders, SOPA and PIPA trample due process, and in turn place far too much of the economic burden for their enforcement on the vast majority of Internet-connected businesses that don’t engage in piracy. Smarter people than our elected officials in Congress, few of whom seem to have a clue about the workings of the “series of tubes” that is the Internet, need to go back to the drawing board on this problem.
And if you want to hear Jim live discussing the SOPA issues on your business, click here.
Jim Slaby (pictured) is Research Director, Sourcing Security & Risk Strategies. You can view his bio here.