PROTECT IP Act

By , May 19, 2011.

A good bill just got better. On May 12, Senator Patrick Leahy and other Senate Judiciary Committee members introduced the Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act (PROTECT IP Act). The text of the bill is available here.

The bill is designed to advance two goals: enhancing the enforcement against overseas rogue websites and taking the profit out of piracy. It allows those ad servers and payment processors who only want to count legitimate businesses as their customers to cut off service to rogue sites without risking liability, and it encourages providers that are less inclined to cut off customers using their services for illegitimate purposes to act more responsibly.

This legislation is important in ensuring that laws protecting the progress of the arts and sciences keep up with the rapid progress of digital communications. A wide cross-section of the public recognizes this importance. In A Broad Coalition Indeed!, Kate Spence of the MPAA lists a few of the many organizations, unions, and trade associations that support the bill. The Copyright Alliance provides links to public statements in support of the bill in Join the Chorus: Voices Against Digital Theft. And, just a few days ago, forty-two state Attorneys General announced their support of the bill.

The PROTECT IP Act is a substantial rewrite of last session’s Combating Online Infringement and Counterfeits Act (COICA). The impact of provisions on existing secondary liability doctrine and the DMCA is made more explicit. Procedural protections for operators of web sites and third-party providers served with orders under the act are beefed up. Most notable is the addition of a private right for action under the law, though court orders by an individual rights holder are limited to financial service providers and advertising providers — court orders requiring search engines and domain name system servers to block access to a web site can only be made in actions initiated by the Attorney General, and even then are limited only to nondomestic domain names.

Perhaps one of the biggest changes from COICA is PROTECT IP’s requirement for the Attorney General or rightsholder to file a personal action against a registrant of a rogue site before proceeding against the domain name. Under COICA, the Attorney General could go straight to an in rem action against the domain name. The provision:

(2) IN REM.—If through due diligence the Attorney General is unable to find a person described in subparagraphs (A) or (B) of paragraph (1), or no such person found has an address within a judicial district of the United States, the Attorney General may commence an in rem action against a nondomestic domain name used by an Internet site dedicated to infringing activities.

Note that this provision is the same under both sections 3 and 4 of the Act; that is, an individual rights holder can only pursue a claim under the Act against a personal defendant. In rem actions remain solely within the Attorney General’s power.

It’s also worth noting that this provision is reminiscent of the language of the Anticybersquatting Consumer Protection Act, passed in 1999 as part of the Trademark Act.

(A) The owner of a mark may file an in rem civil action against a domain name in the judicial district in which the domain name registrar, domain name registry, or other domain name authority that registered or assigned the domain name is located if— … (ii) the court finds that the owner— (I) is not able to obtain in personam jurisdiction over a person who would have been a defendant in a civil action under paragraph (1); or (II) through due diligence was not able to find a person who would have been a defendant in a civil action under paragraph (1). 115 USC § 1125(d)(2).

The PROTECT IP Act includes a provision for the development of guidelines, largely similar to a provision in COICA, for the Department of Justice, law enforcement agencies, and intellectual property rights holders regarding the implementation of the act. It also provides for two separate reports to measure the effectiveness of the bill after it is enacted:

(1) REPORT ON EFFECTIVENESS OF CERTAIN MEASURES.—Not later than 1 year after the date of enactment of this Act, the Secretary of Commerce, in coordination with the Attorney General, the Secretary of Homeland Security, and the Intellectual Property Enforcement Coordinator, shall conduct a study and report to the Committee on the Judiciary of the Senate and the Committee on the Judiciary of the House of Representatives on the following:

(A) An assessment of the effects, if any, of the implementation of section 3(d)(2)(A) [required actions for operators of nonauthoritative domain name system servers] on the accessibility of Internet sites dedicated to infringing activity.

(B) An assessment of the effects, if any, of the implementation of section 3(d)(2)(A) on the deployment, security, and reliability of the domain name system and associated Internet processes, including Domain Name System Security Extensions.

(C) Recommendations, if any, for modifying or amending this Act to increase effectiveness or ameliorate any unintended effects of section 3(d)(2)(A).

(2) REPORT ON OVERALL EFFECTIVENESS.— The Register of Copyrights shall, in consultation with the appropriate departments and agencies of the United States and other stakeholders—

(A) conduct a study on—

(i) the enforcement and effectiveness of this Act; and

(ii) the need to modify or amend this Act to apply to emerging technologies; and

(B) not later than 2 years after the date of enactment of this Act, submit a report to the Committee on the Judiciary of the Senate and the Committee on the Judiciary of the House of Representatives on—

(i) the results of the study conducted under subparagraph (A); and

(ii) any recommendations that the Register may have as a result of the study.

Cut and Paste

Anyone reading the proposed bill will be struck by the similarities between sections 3 and 4. I was curious about how closely the two mirrored each other, so I worked up a side-by-side comparison, which I’ve included below in a PDF. Differences are highlighted in red, while language only appearing in one of the sections is highlighted in yellow.

[scribd id=55679464 key=key-p1p2uj8th023u48ugcs]

After comparing the two sections like this, my curiousity was piqued even further. As you can see, aside from the fact that the first section deals with nondomestic domains, which only the Attorney General can proceed against, while the second deals with all domains, which the Attorney General or rights holders can proceed against, the vast majority of the provisions are exact duplicates. Even more curious, there are a tiny number of insubstantial differences in the two — compare (3)(d)(C)(ii), (3)(d)(3), (3)(e)(3), and (3)(f)(2)(A) to (4)(d)(2)(B)(ii), (4)(d)(3), (4)(e)(3), and (4)(f)(2)(A). If these sections were simply cut and paste, we would expect zero differences in the similar language; if they were written independently, we should expect differences throughout the same provisions. But instead, the language is identical except in four (that I’ve found) instances.

My larger question is, why is the bill drafted in this way? I agree that juggling the differences between the two provisions might result in some inelegant language, but separating them out like this — resulting in lengthy, duplicative provisions — seems like far less elegant drafting. My best guess is that there is a substantive reason for drafting the law in this fashion, but I’m hard-pressed to think of exactly what the reason would be. Planning for severability to mitigate the effects of a court striking down any provision in the future? That still doesn’t strike me as especially convincing, though, so I’d be interested to hear thoughts from my readers on this.

References

Combating Online Infringement

By , November 22, 2010.

This past week, the Senate Judiciary Committee unanimously approved the Combating Online Infringement and Counterfeits Act (COICA, S.3804). The bill is targeted toward websites whose central activity is dedicated to infringement. It allows for seizure of the domain names of such sites when they are located in the US, and it requires service providers, advertising providers, and financial transaction providers to take reasonable measures to prevent their services from being used by such sites located outside the US.

COICA was introduced by Senator Patrick Leahy and cosponsored by seven Republican and eleven Democratic senators. Along with the unanimous approval by the Judiciary Committee, the bill has wide support among labor unions, business and trade organizations, and companies.

But as with any effort to promote the progress of the useful arts and sciences, the Judiciary Committee’s approval has set off a fresh round of cries that the “sky is falling” on free speech, internet freedom, and due process. Those who believe that copyright should benefit everyone except those who actually create the stuff that enriches our lives are ramping up their rhetoric of “blacklists” and “censorship.”

I wrote previously about COICA. Since it is moving closer to becoming law, I thought it merited some more attention to clear up some of the misunderstandings surrounding the bill. Specifically, I wanted to take a closer look at why COICA is needed and what it does.

Why COICA is Needed

The last bit of US legislation to substantively address online infringement was the Digital Millennium Copyright Act (DMCA), which was passed twelve years ago. The web was still in its infancy — Google was a month old when the bill passed. Since then, content industries have struggled to find ways to reduce internet piracy. The recording industry at first targeted intermediaries such as Napster and Grokster, moving next to its much-publicized lawsuits against individual filesharers, a campaign that ended nearly two years ago. More effective methods are needed.

Comic book artist and writer Colleen Doran provides a first-hand account of the effects online piracy has had on small creators and why legislation like COICA is needed. In The ‘Real’ Victims of Online Piracy, published in The Hill’s Congress Blog last Wednesday, she writes:

I spent the last two years working on a graphic novel called Gone to Amerikay, written by Derek McCulloch for DC Comics/Vertigo. It will have taken me 3,000 hours to draw it and months of research. Others have contributed long hours, hard work and creativity to this process. But due to shrinking financing caused by falling sales in the division, these people are no longer employed.

The minute this book is available, someone will take one copy and within 24 hours, that book will be available for free to anyone around the world who wants to read it. 3,000 hours of my life down the rabbit hole, with the frightening possibility that without a solid return on this investment, there will be no more major investments in future work.

[…]

Everyone gets paid – manufacturers of computers, iPads, electricity, bandwidth – everyone except the creators of content.

It costs big bucks to finance these pirate sites. Major advertisers and open source ad providers like Google pay them.

Congress is moving on a bill that promises to cut funding for pirates, and the usual suspects who have become accustomed to getting whatever they want online without paying for it are crying foul.

Both Bob Pisano, president of the MPAA, and the Global Intellectual Property Center have also recently written about the detriment of online piracy to creators and consumers and how COICA helps address the difficulties and challenges of enforcing copyright online.

Others have noted the specific need for encouraging advertising providers to block their services from rogue pirate sites, sites that often rely primarily on ad revenue for their profits. As Patrick Ross points out, advertising providers may be reluctant to block such sites since it would mean giving up market share or subject them to liability. COICA solves these problems by clearly identifying sites with primarily illegal purpose and extending legal immunity to service providers who take reasonable and technically feasible measures to block service to those sites.

The idea for a bill like COICA has been percolating for some time now. The Information Technology & Innovation Foundation identified a need for the types of policies enshrined in COICA in December 2009 in its report Steal These Policies: Strategies for Reducing Digital Piracy. From the executive summary:

Other approaches, however, such as blocking websites, may require governmental approval before industry can act. Toward this end, there is a need for a process by which the federal government, with the help of third parties, identifies websites and organizations around the world that are materially engaged in piracy so that ISPs and search engines can block them, advertising networks and other companies can refuse to place ads with them, and banks and credit card companies can refuse to process payments to them.

What COICA Does

The Combating Online Infringement and Counterfeits Act targets the worst of the worst infringing sites — what have been called “rogue websites.” These sites offer little except access to first-run movies, entire television series, or album after album of music. The bill refers to these sites as “dedicated to infringing activities.” “Infringing activities” includes:

offering or providing access to, without the authorization of the copyright owner or otherwise by operation of law, copies of, or public performance or display of, works protected by title 17, in complete or substantially complete form, by any means, including by means of download, transmission, or otherwise, including the provision of a link or aggregated links to other sites or Internet resources for obtaining such copies for accessing such performance or displays.

A site is “dedicated” to such activities if, “when taken together, such activities are central to the activity of the Internet site or sites accessed through a specific domain name.”

COICA would provide the US Attorney General with the authority to commence in rem proceedings against the domain name of a web site that is dedicated to infringing activities. Most civil litigation involves someone suing someone else — an in personam proceeding. A proceeding in rem, by contrast, is against specific property — often represented in court by the owner of the property as a third-party claimant. Aside from the difference in who’s suing whom, in rem and in personam proceedings are, by and large, the same: they are commenced in the same courts, subject to the same rules of evidence and rules of civil procedure, and end up in trial if not resolved before then.

Along with federal court rules and constitutional limitations that apply to all in rem proceedings, domain name forfeiture proceedings under COICA are governed by Title 18, §983 of the US Code, General Rules for Civil Forfeiture Proceedings. These provide, among other things, that the government has the burden of establishing by a preponderance of the evidence that the property is indeed subject to forfeiture — that is, the Attorney General has to prove to the judge that the web site is “dedicated to infringing activities.” They also explicitly provide for an “innocent owner” defense where the owner of the property had no knowledge that it was used for illegal purposes.

Upon commencement of the in rem proceeding, the court may issue a temporary restraining order, preliminary injunction, or permanent injunction against the domain name. These types of court orders are governed by existing law. To get a preliminary injunction, for example, the Attorney General “must establish that he is likely to succeed on the merits, that he is likely to suffer irreparable harm in the absence of preliminary relief, that the balance of equities tips in his favor, and that an injunction is in the public interest.” 1Winter v. Natural Resources Defense Council, Inc., 129 S. Ct. 365, 374 (2008).

Any order granted against a domestic domain is then served on the domain name registrar or registry, which is required to suspend operation and lock the domain name. Orders granted against non-domestic domains are to be served on service providers, financial transaction providers, and online advertising providers. Those providers are then required to take reasonable measures to prevent their own services from being used by the web site associated with the domain name.

In my previous post on COICA, I mentioned some of the advantages such a proceeding has over other methods of enforcing copyright in the online realm. I also mentioned how COICA is not really a significant departure from existing law. It is more an optimization of existing law to address some of the most difficult challenges of online piracy.

Asset forfeiture has played an important role in law enforcement for centuries. Today, in the US, asset forfeiture is typically available either as part of sentencing for a criminal defendant or separately through an administrative or civil in rem proceeding. Civil forfeiture authority, however, is not inherent; it must be provided through legislation. 2LII Backgrounder on Forfeiture.

Forfeiture of infringing materials and property used to commit or facilitate the commission of copyright infringement is already provided for by law. This past summer, US authorities carried out Operation in Our Sites, an initiative that, among other things, resulted in the seizure of seven domain names for websites engaged in online piracy.

COICA is not the first law to expressly allow for civil forfeiture of domain names via in rem proceedings: the Anticybersquatting Consumer Protection Act (ACPA, 1999) provides for them as well. Provisions in COICA involving situs and venue mirror those found in ACPA.

Financial service providers and online advertising providers who provide services to sites dedicated to infringing activities already exists in the law. Last month, luxury goods manufacturer Gucci got a permanent injunction against two financial service providers that provided services to websites selling counterfeit goods. Not long after that, on October 29th, Warner Bros. and Disney won damages and an injunction against Triton Media, a company responsible for placing advertising on sites dedicated to copyright infringement.

Essentially, COICA sets forth an expressly defined procedure for reducing online piracy through civil forfeiture of domain names, as opposed to an ad hoc approach that could be cobbled together under existing law. In addition, it establishes clear safeguards to ensure the process is effective and legally sufficient. It gives clear guidelines to third-party operators like financial transaction providers and advertising providers so that they are assured of knowing what is expected of them as legitimate businesses while also providing immunity from liability resulting in technically feasible and reasonable measures to block sites operating outside of the law.

Later this week, I’ll take a closer look at some of the criticisms and concerns that have been raised over COICA.

References

COICA Doodle Doom

By , October 01, 2010.

Proposed anti-piracy legislation is currently making its way through Congress and causing quite a stir online. Called the Combating Online Infringement and Counterfeits Act (COICA), the bill, like nearly every proposed IP legislation in the last decade, will, according to its opponents, surely result in a 1984-style government where all of our rights are harshly crushed by a freedom-hating police state. It has been described as “fundamentally a censorship bill” by the president of the Computer and Communications Industry Association. It “will risk fragmenting the Internet’s global domain name system,” according to a group of 80 internet engineers, and “create an environment of tremendous fear and uncertainty for technological innovation.”1 HuffPo warns it “would be a tremendous blow to free speech on the Internet.” The EFF agrees: “This is a censorship bill that runs roughshod over freedom of speech on the Internet” and “is designed to undermine basic Internet infrastructure.”

Maybe I’m not cynical enough to accept these apocalyptic predictions at face value. Maybe I don’t think the government is hellbent on shredding the Constitution at any opportunity it gets. And maybe, just maybe, I don’t think the creators who devote their lives to entertaining, enlightening, and enriching us, the millions of technical and administrative workers who help them, and the businesses that aid in disseminating their works around the world are ready to destroy the Internet to get a couple more bucks.

Let’s take a closer look at this bill and see if we can’t separate the rhetoric from the reality.

COICA

The Combating Online Infringements and Counterfeits Act was introduced in the Senate on September 20, 2010, by Patrick Leahy, along with six Republican and nine Democratic cosponsers. The bill was subsequently amended, but debate was postponed until after Congress’s current recess.

Supporters of the bill include the US Chamber of Commerce, IATSE, Screen Actors Guild, Directors Guild of America, American Federation of Television and Radio Artists, Viacom, and the Motion Picture Association of America. This past week, Jeff Price, Founder and CEO of TuneCore – a service dedicated to providing digital distribution to independent artists – publicly added his support to COICA.

COICA, as its name suggests, addresses the challenge of managing widespread piracy online. It creates a streamlined procedure for in rem actions against the domain names of sites “dedicated to infringing activities.” When first introduced, the bill provided for the creation of a list of infringing sites by the Attorney General; that provision has been removed from the most recent amended version.

Domain Names

I’m hardly a computer expert, so what follows is the first-grade version of domain names. Domain names are those website addresses we’re all familiar with: www.facebook.com, www.youtube.com, www.copyhype.com, etc. – what you type into your browser to get to a particular site. Every computer that connects to the Internet is given a numerical IP address. Domain names make it easier to connect to the site you want without having to know the specific IP address of the server or computer that the site is hosted on at the moment. This is made possible by domain name registries, which keep a database of domain names and their corresponding IP addresses.

Remove the domain name from the registry and anyone who tries to go to the site gets an error message, or something that looks like this:

Civil Forfeiture

As the illustration above indicates, domain names are treated as any other property that can be seized and forfeited as a matter of law. Asset forfeiture is an important tool in law enforcement. A bank robber can, as part of his sentence, be required to hand over his loot. This type of forfeiture can be referred to as an in personam order – the order to forfeit the assets is a result of a case against a specific person. Less familiar, but perhaps equally as important, is civil forfeiture.

In a civil forfeiture case, the objectives are the same: to recover the proceeds of the crime and the property used to facilitate it; but the procedure is different. Instead of bringing an action against a person (in personam) as part of a criminal case, the action is brought against the property (in rem). In other words, it is a civil case in which the Government is the plaintiff, the property is the defendant, and the persons objecting to the forfeiture are intervenors called “claimants.” This is why civil forfeiture cases — in the United States at least — have such unusual names, such as United States v. $160,000 in U.S. Currency, or United States v. Contents of Account Number 12345 at XYZ Bank Held in the Name of Jones.2

Civil forfeiture against domain names makes sense in addressing online piracy. In many cases, the owner of the domain may be unclear due to the ease of falsifying registration information, or the owner may be difficult to find. Criminal prosecution against the site owners may not be in the interests of justice. And often, these sites are nothing more than their domain name and a collection of links – quick to setup and easy to operate. Traditional criminal prosecution is too costly and ineffective against this widespread digital piracy.

Old Dog, New Tricks

The most ironic part of the complaints that this bill will censor or break the Internet is that in rem procedures against domain names are nothing new. The image above shows one example of a domain name being removed. The in rem action this bill describes is not something the DoJ could not do before. All this bill does is streamline the process. It specifies how to determine issues like the situs of a domain name, the proper jurisdiction for bringing these actions, and appropriate venue – issues that have largely developed through case law.3

Contrary to fears that this bill will result in the takedown of YouTube4 or any number of other sites,5 COICA is aimed only at the most egregious pirate websites, like the ones taken down during this past summer’s anti-piracy initiative Operation In Our Sites – sites which were replaced with the graphic shown above. Fears that the MPAA or RIAA could muscle the DoJ into expanding the definition of sites “dedicated to infringing activity” past the plain meaning of the statute’s text are unfounded; one need only look at the history of criminal copyright prosecution to see there is no evidence that this bill would be used against anything other than the most clearly infringing sites.

In short, the ease and scale of online piracy requires more effective legal tools to manage. The rhetoric against COICA is overblown; the reality is that it offers improvements on one such tool that may better protect the rights of creators.