A Site By Any Other Name…
Violating due process is one thing, but violating web standards… well that’s another story.
The Department of Homeland Security (DHS) recently began protecting America’s shores from threats of a different kind: online copyright infringement. In the days before the Superbowl, the agency set out to enforce the “express written consent of the NFL” provision attached to most broadcasts by slamming the iron fist of the law down on six sports-streaming sites. This is troubling on multiple levels. As the Vololkh Conspiracy’s David Post put it:
There’s a good reason we don’t generally allow agents of the State to march into judge’s chambers and deprive people of their property without an adversary hearing, viz., they’re likely to make errors that can be difficult to correct ex post.
And that’s exactly what happened when the Feds seized riojadirecta.org.However, the law in the area is a bit more nuanced than a single form can satisfy. Riojadirecta did not actually host any infringing content — it merely aggregated links to such content — potentially invoking the safe harbor provisions of the copyright act. 1 Compounding the issue, Spanish Courts had found the Spanish-based site to be perfectly legal, just a few months prior.
Seizures of this type are nothing new. Back in November, DHS commandeered some 80 bit torrent domains (PDF) as part of the broader “Operation In Our Sites”. One such site, dajaz1.com, a music blog dedicated to hip-hop, was claimed to have infringed on music copyrights, however it was later revealed that the music in question was provided to the site by music industry executives. Despite this revelation, DHS made no apparent move to look into the case or restore the domain, and
the site remains down to this day.
Part of the problem may stem from law enforcement being out of touch with today’s trends. Even the agent in charge of the investigation referred to the infringing material as “a bit torrent,” suggesting a sophomoric understand of just what exactly was being seized.
More worrisome, however, is the fact that the statute cited to authorize such seizures, 18 U.S.C. § 2323, provides no safeguard to prevent such errors from occurring 2 nor does it prohibit its expanded use. 3 As Sen. Ron Wyden (D-OR) argued:
In contrast to ordinary copyright litigation, the domain name seizure process does not appear to give targeted websites an opportunity to defend themselves before sanctions are imposed… I worry that domain name seizures could function as a means for end-running the normal legal process in order to target websites that may prevail in full court. The new enforcement approach used by Operation In Our Sites is alarmingly unprecedented in the breadth of its potential reach.
Even looking beyond the due process issues and to the underlying copyright infringement, simply put, the government’s efforts fail to solve the problem. In Riojadirecta’s case, for example, the site used Twitter to [direct users to one of its five other domains] rending the seizure a moot point. The problem is that the government is not seizing the infringing material, but rather, an alias for the network address of a site that in many cases, only contains links to infringing material. It would be as if DHS seized my cell phone number because my friends could use it to call and find out the location of a weekly poker game — the game would still take place, I would just get a new phone number.
The most upsetting part, at least for the web developer in me, has to be the seizure notice itself. Putting text in images like that has to be up there with using Comic Sans. While I do not expect DHS to hire a legion of designers and developers to make an HTML5 seizure notice (although that would be awesome), some in-document text would go a long way to making the web a whole lot less ugly. 4 Additionally, it looks like their policy has changed since the initial seizures, however, at least as late as November, DHS was placing Google Analytics and Piwik tracking codes on its seized domains, arguably in violation of OMB memorandum M-10–22 (PDF).
As seen in the recent Wikileaks domain shell game, its clear that domain servers are the weak link in the online content-delivery chain. When the state can no longer seize something that represent the forefront of our ability to communicate with one another (decentralized information sharing) and replace it with a technology the web collectively deprecated with the rise of CSS (sites which rely on .GIFs to render text), legality and politics aside, the internet will undoubtedly be a better place.
17 U.S.C. § 512(d). ↩
The relevant provisions of § 2323 allow for the forfeiture of “(A) Any article, the making or trafficking of which is, prohibited under section 506 of title 17″ prohibiting “willful copyright infringement” and “(B) Any property used, or intended to be used, in any manner or part to commit or facilitate the commission of an offense referred to in subparagraph (A).” ↩
As Post noted back then, and even more relevant now in light of Egypt’s recent flipping of its internet kill switch, “our ability to defend the principle of the single global internet – the internet where all of humanity has equal access to knowledge and ideas, the internet that looks the same to, and allows free and unfettered communication between, users located in Shanghai and Seattle and Santiago, free of locally imposed censorship regimes – will be deeply compromised by [seizures of this kind], which would enshrine in U.S. law for the first time the contrary principle: that all countries have a right to insist on the removal of content, wherever located, from the global internet in service of the exigencies of local law.” (Quoting a letter he authored criticizing the Senate’s Combating Online Infringements and Counterfeits Act). ↩
Beyond being reminiscent of Geocities (and most of the ’90s), text in images is not machine readable, a requirement of section 508 (codified at 29 U.S.C. § 794(d)) . That means that neither screen readers nor search engines can accurately parse the site’s content. ↩
If you enjoyed this post, you might also enjoy:
- Securing the Status Quo
- Towards a More Agile Government
- Why open source
- 19 reasons why technologists don't want to work at your government agency
- 15 rules for communicating at GitHub
- Why everything should have a URL
- Ten ways to make a product great
- Four characteristics of modern collaboration tools
- Twelve tips for growing communities around your open source project
- How I over-engineered my home network for privacy and security
- How I re-over-engineered my home network for privacy and security
Ben Balter is Chief of Staff for Security at GitHub, the world’s largest software development platform. Previously, as a Staff Technical Program manager for Enterprise and Compliance, Ben managed GitHub’s on-premises and SaaS enterprise offerings, and as the Senior Product Manager overseeing the platform’s Trust and Safety efforts, Ben shipped more than 500 features in support of community management, privacy, compliance, content moderation, product security, platform health, and open source workflows to ensure the GitHub community and platform remained safe, secure, and welcoming for all software developers. Before joining GitHub’s Product team, Ben served as GitHub’s Government Evangelist, leading the efforts to encourage more than 2,000 government organizations across 75 countries to adopt open source philosophies for code, data, and policy development. More about the author →