Copyright Law’s Abuse

Yesterday, we had a very interesting discussion of copyright at our event on Tom W. Bell’s book, Intellectual Privilege. (Video will be available soon.) Today, I received an email that reflects how the copyright statute can be misused.

In a 2009 blog post about an $18,000,000 U.S. government web site, I pointed to the web site, Recovery.org, which was then hosting the same information as the government site, and doing it for free. Since then, the Recovery.org domain has evidently been transferred to an organization specializing in recovery from addiction (to alcohol and drugs, not government spending).

The email I received today purports to be from an attorney named “Rick Smith” of the “Law Offices of Rick Smith & Associates”—no web site or phone number, and only a Gmail account. It asks me to remove the link to http://www.recovery.org/, claiming to have “received numerous complaints” from readers of the 2009 blog post.

It goes on: “If you fail to respond by May 13 we will be forced to serve you with a formal DMCA take down notice. A copy can also be sent to the hosting provider and major search engines that can exclude this and other pages from organic search rankings.”

The notice-and-take-down provision of the Digital Millennium Copyright Act allows aggrieved copyright holders to attack the wrongful Internet posting of material over which the law gives them control. It is not there to help people seeking correction of web site inaccuracies, much less for them to threaten suppression of access to material in which they do not hold the copyright.

I know this, of course, but many people don’t. Emails like this can fool people into thinking that they have to make demanded changes.

I’m going to make the change because there’s no sense in preserving a bad link. I’m also going to contact the folks at Recovery.org to see if they’re aware that someone purporting to be their attorney is misusing copyright in their name.

McCotter’s Plan to Expand DMCA-Style Take-Downs

The “Cyber Privacy Act”? No it ain’t!

Michigan Representative Thaddeus McCotter (R) has introduced a bill to create a take-down regime for personal information akin to the widely abused DMCA process. The Digital Millennium Copyright Act established a system where copyright holders could as a practical matter force content off the Internet simply by requesting it.

McCotter’s proposal would similarly regulate every Internet site that has a comment section. He thinks it’s going to protect privacy, but he’s sorely mistaken. Its passage would undermine privacy and limit free speech.

I’ll take you through how McCotter’s gotten it wrong.

The operative language of H.R. 5108 is:

Any Internet website that makes available to the public personal information of individuals shall–

(1) provide, in a clear and conspicuous location on the Internet website, a means for individuals whose personal information it contains to request the removal of such information; and

(2) promptly remove the personal information of any individual who requests its removal.

The Federal Trade Commission would enforce the failure to abide by requests as it does unfair and deceptive trade practices. (Meaning: penalties.)

So if someone posts his or her name in a comment section and later regrets it, the operator of that web site would have to take it down. Sounds nice—and that is the right thing for webmasters to do when the circumstances warrant. But what about when they don’t?

Let’s say you run a site that receives hundreds or thousands of comments per day, many of them from anonymous visitors. Let’s say the site deals with controversial issues, and some visitors are angry at each other—they’re even angry at the site for hosting the discussion. Those visitors start working to undermine the conversation. They personally attack others, adopt false names, tell lies, and use vulgarities. This kind of person is well known on the web. They’re called “trolls.”

What would trolls do if federal law required webmasters to take down personal information by request? Simple: They would post the personal information of others. They would pose as others and falsely ask to have information taken down.

It’s a great way to attack a site: require it to consider hundreds or thousands of personal information take-down requests, each one backed by the threat of federal penalties.

What do you do as a webmaster to counter that? You require all comments to be tied to a fixed identity. Require a log-in before site visitors can comment. Then you can figure out later if the person requesting a take-down of personal information is the person who it pertains to.

What’s the result of that? Web sites collect and store more information about visitors. Then they turn around and use it for tracking and marketing. The information is available to litigators and government investigators, of course, through subpoenas and warrants.

Are you doing the math? McCotter’s “Cyber Privacy” bill is a proposal to increase Internet surveillance. Maybe he intends to improve Internet courtesy and decency. But decency is not a federal government project. It’s bottom-up, not top-down.

I write, of course, as a spare-time webmaster myself. The bills on WashingtonWatch.com get hundreds of comments per day. Many bills get lots of comments, but one in particular—subject of dispute, controversy, and trolling, along with productive political organizing—has over 130,000 comments.

I do a lot to foster a good visitor experience, consistent with maintaining the space available for free speech. I advise people about how to deal with trolls, I allow people to register so their stable identities can build trustworthy reputations, I proctor commenters about controlling vulgarities—sometimes strongly editing comments when they don’t, and I allow users to block commenters and words they don’t want to see.

When the context warrants it, I do remove personal information at the request of people that I believe are making honest, good faith requests. I think it’s part of what builds allegiance to the site.

But if I were required by law to do this, it would be an entirely different calculation. Each request would present me with a veiled legal threat, not a small customer service opportunity.

As trolls figured out how to exploit the law—the way some copyright holders exploit the DMCA—they could inundate small sites with requests. Webmasters would be right to treat all requests with suspicion. Confirming requests would require them to convert to greater surveillance. A percentage of the small sites and blogs that are hobbies or money-losers would just shut down comments rather than deal with the nonsense.

Representative McCotter’s plan to regulate Internet communications this way is no “Cyber Privacy” act. It’s anti-privacy, and it’s anti-free-speech.