Little introduction is needed to the furore that has resulted from two pieces of US anti-piracy legislation. The Stop Online Piracy Act (“SOPA”) and its sister bill “Protect IP [Intellectual Property] Act (“PIPA”) started out with the backing of Silicon Valley, the White House and – perhaps less helpfully – Rupert Murdoch. Yet they now find themselves very much in the dark as they are shelved by the US Senate in the aftermath of the high profile “black out” by Wikipedia and other sites.
As the bills temporarily rest in Davy Jones’s Locker, we are left to consider whether the protests were a misconceived overreaction to an important step towards combating copyright theft online or an important step in the protection of the free Internet? And if this legislation was not the way to do it, how can the right balance be struck in future?
SOPA and PIPA in a nutshell
Both SOPA and PIPA were broadly similar in their scope and application. SOPA, the bill put forward by the Senate, also made it illegal to stream unauthorized copyright content. Fundamentally however, both bills sought to prevent US companies from providing funding, advertising, links or any other assistance to foreign sites that “engage in, enable, or facilitate” pirated material. They also provided for a private cause of action both for the owner of the copyright material and the Attorney General against the foreign site. It would not matter that the foreign website was not making a profit from the material; a simple link would be sufficient to fall within the scope of the legislation. Furthermore, while the individual or company could not go after a search engine for failing to remove a link to the offending site, the Attorney General could. Moreover, an individual or company could sue a credit card company which failed to cut off payment services to a pirate website on the basis that it was then facilitating the act.
The bills also allowed the Attorney General to instigate individual prosecutions against copyright thieves based abroad under the same terms of those who “engage in, enable, or facilitate”. The Justice Department could also seek a court order to shut down foreign sites that “engage in, enable, or facilitate” copyright theft. This in turn would extend to US based intermediaries: search engines, Internet service providers, payment providers, and advertisers who would all be required to take “reasonable and technologically feasible steps” to comply with these orders. In practice, this would mean anything from removing a link to blocking advertising or payment services to a website.
What was all the fuss about?
The bills were narrow in their focus but broad in their application. There are often difficulties in identifying and punishing the real perpetrators of copyright infringement or IP theft, particularly when they are based abroad. Laws already exist against web-piracy but there are further difficulties in pursuing criminal or civil actions against those individuals or companies. The US is never one to shy away from seeking extradition of offenders once they have been identified, as the 23 year old British founder of the TV Shack website recently found out. Yet these sites may exist for several years and cost copyright owners many millions of dollars while a criminal case is built up. It is with that in mind that the US decided to go after the intermediaries; the global corporations as well as the small US-based ones; the credit card companies and the online payment sights in an effort to limit the damage and reduce distribution.
Companies like Google and Wikipedia were most concerned at the implications for free speech and information sharing online. However, there is the additional, related question of how effective the new provisions would really be at stopping the most blatant violators of copyright law, compared with the collateral damage inflicted on the rest of the Internet.
It is helpful to consider a hypothetical example to illustrate the potential reach of the legislation. Facebook is a site based in the US. It is directed – in part – at US users. It is therefore within the scope of the legislation. Now imagine that the user in question is based in Norway, with no US users on his friend list but whose privacy settings are such that it may be possible for those based in the US to access uploaded material on his page. The Attorney General could take direct action against him. However, the Justice Department would also be entitled to order Facebook, as a site based in the US and directed at US users, to remove links to the content on other users pages, or even remove to it completely.
For this type of regulation to work, there is necessarily a heavy degree of state monitoring and intrusion. While SOPA expressly states that there is no duty on the part of payment providers or advertisers to monitor activity, the same is conspicuously not said of search engines and does not mean that the state will be keeping close watch over the Internet.
Of course, taking action in any case is discretionary; the Justice Department may consider it disproportionate to order such action in relatively small cases. This is not a solution. Firstly, it is unsatisfactory and dangerous to rely on the common sense of state officials to save overly broad and ill defined legislation. Some of the charges brought under the Providing Material Support for Terrorism offence created by the second Bush Administration stir up some particularly uncomfortable memories of this.
Secondly, SOPA and PIPA provided for private causes of action. These would not only be available against websites hosting pirated content but also extend to payment processors and advertisers. Furthermore, the Attorney General would be able to pursue civil action against a search engine that failed to remove a link to the content. From a practical standpoint, it is easier for American-based copyright holders to pursue civil litigation against American-based corporations. The risk of such litigation is therefore high and has a detrimental effect on trade and e-commerce. Indeed, there is a real risk that in attempting to preserve one aspect of the American economy, substantial damage is caused to another.
The companies targeted by SOPA and PIPA are big and they have global reach but they are not the source of the problem. This is the lazy way to legislate.
The EU approach: Scarlet Extended SA v SABAM
The EU’s digital agenda commissioner, Neelie Kroes, is the latest to add her voice to the anti-SOPA movement. This is unsurprising. The EU staunchly protects the protection of personal data and undoubtedly would have concerns over an intrusive system of regulation such as that proposed by SOPA and PIPA. Furthermore, the EU takes the view that the proper approach to web privacy is one of balance.
Scarlet Extended SA v SABAM Case C-70/10, 24 November 2011, concerned Scarlet’s (an internet service provider) refusal to install a system for filtering electronic communications which use file-sharing software in order to prevent any file sharing which would infringe copyright. SABAM, a Belgian management company responsible for authorising the use by third parties of musical works of authors, composers and editors had reason to believe that users of Scarlet’s services were unlawfully downloading SABAM’s works through “peer to peer” file sharing. The Belgian courts granted an injunction against Scarlet, requiring it to take measures to prevent this copyright infringement from continuing. Scarlet appealed to the Brussels Court of Appeal alleging that this injunction was not in conformity with EU law because it imposed a general monitoring requirement contrary both to Directive 2000/31/EC on electronic commerce, and with fundamental rights. It was this question which was referred to the CJEU for a preliminary ruling.
In its Judgment, the CJEU held that the terms and scope of any injunctions granted by a member state to a copyright holder against a third party intermediary such as an Internet service provider is a matter for national law. Crucially, however, such injunctions must not run contrary to the limitations set out by EU law, particularly the prohibition in the electronic commerce Directive pursuant to which national authorities must not adopt measures which would amount to a monitoring requirement on the part of internet service providers. Any injunction that did this would be an infringement of the applicable fundamental rights (freedom to conduct a business, protection of personal data, freedom to receive and impart information). Further, while the right to intellectual property is also enshrined in the Fundamental Charter, it is not absolute and must therefore be balanced against other Charter rights.
The CJEU also pointed out that an injunction such as this would inevitably result in the infringement of Scarlet’s customers’ data protection rights because of the need to collect and identify the IP addresses of all its users.
Taking all of the above into consideration, the CJEU found that the proposed injunction did not strike a fair balance between the right to intellectual property and the rights of freedom to conduct business, protection of personal data, and to receive and impart information.
This is useful guidance, although it does not help the US in its quest for comprehensive copyright regulation. What is clear, however, is that if SOPA and PIPA do go ahead in the future, the EU is likely to have some serious concerns at least in relation to the data protection rights of its citizens.
Is effective protection against copyright theft possible in the Internet age?
It is trite that an author, who creates an original work, generally owns the rights to that work. It is equally trite that reproducing the work on a website or making it available for download – either free of charge or for a fee – without the permission of the author is an infringement of copyright. Interestingly, the entertainment industry – or at least the non-executive portion of it – is not universally opposed to this type of sharing. Indeed, the recently indicted “Megaupload” group had a number of Hollywood supporters. There is also the usual debate over how much loss web piracy actually causes, although the Megaupload site alone is alleged to have caused the entertainment industry $500 million in lost revenue. It is not a controversial proposition that those who steal the ideas and works of others repeatedly and on a widespread scale, for considerable financial benefit, should face the appropriate sanctions.
At the other end of the spectrum is an individual uploading a video of him singing another artist’s song without the artist’s permission. The individual gets little to no financial benefit from this and the financial loss to the artist is negligible. Yet, the idea is stolen all the same. That theft continues every time that video is reposted or a link to it shared. It is unlikely that criminal proceedings are going to be brought against the individual in that case. Nevertheless, SOPA and PIPA proposed to shut down access to all types of copyright theft (as long as the perpetrator was based abroad) by targeting every associated host site or intermediary, regardless of knowledge or intent.
It is not possible to devise a system of Internet regulation that comprehensively prevents and attacks copyright theft at both ends of the spectrum without heavily restricting the information available on the Internet. Any system of regulation such as that proposed by SOPA and PIPA would also necessitate a heavy degree of state monitoring of the Internet. There are not only issues of free speech but of data protection, which have not been properly thought through.
Already, there are attempts to push an alternative to SOPA and PIPA through Congress. The Online Protection and Enforcement of Digital Trade Act (“OPEN”) was proposed in the House and the Senate last week and proposes empowering the US Federal Trade Commission with the ability to enforce online piracy laws. It is essentially a watered down version of the previous two bills and, while currently enjoying the support of Internet companies has met with dissatisfaction amongst media companies which feel it is too soft on piracy laws. While still going after foreign websites “directed at US users” it does not appear to go much beyond that which is already provided for in US law.
Perhaps one question to consider is whether the existing copyright and intellectual property laws are fit for purpose in the Internet age. The Universal Copyright Convention came into force in 1952. The principles it established are sound and important but should be adapted to reflect current circumstances. Moreover, states have to protect the national interest but important lessons can be learnt and greater progress made through multilateral discussion and cooperation.
The Internet is one of civilisation’s most innovative creations and while it cannot be used as a vehicle for criminal activity protected by an immunity of “freedom”, it should not be used as a vehicle for state censorship and heavy handed restrictions on the information it holds. Quite how the balance is going to be struck is a question even Wikipedia doesn’t yet hold the answer to.
Kirsten Sjovoll is a trainee barrister at Matrix Chambers