Sep 012018
 

This post originally appeared on Techdirt on 3/22/18.

Hold on tight to those memories of all the good things the Internet has brought. SESTA has just passed the Senate, and at this point it’s a clear legislative path to undermining Section 230, the law that has enabled all those good things the Internet has offered.

It is not entirely Facebook’s fault: opportunists from Hollywood saw it as a chance to weaken the innovation that weakens their antiquated grip over people’s creativity. Ill-informed celebrities, who understood absolutely nothing about the cause they professed to advocate for, pressed their bumper-sticker demands that something be done, even though that something is destructive to the very cause the bumper-stickers were for. Willfully ignorant members of Congress then bought into the bumper-sticker rhetoric, despite all the evidence they had about how destructive this law would be to those interests and online speech generally.

Even frequent innovation ally Senator Wyden joined the chorus mounting against the tech industry, lending credence to the idea that when it came to a law that would undermine the Internet, the Internet had it coming.

With all due respect, that criticism is not fair. Setting aside that many of these companies didn’t even exist twenty years ago, we have never before lived in a world where we could all talk to each other. It makes no sense to punish the people who have enabled this gift simply because we haven’t quite figured out how best to manage it. We are but toddlers in Internet time, and just as we would not crush a toddler’s ability to learn to do better, it makes no sense to punish today’s Internet service providers, or future innovators, or speakers, simply because figuring out how to handle the promise of this global interconnectivity is hard. We cannot let the reactionary antipathy against Facebook mask difficult issues that need to be carefully teased apart before applying regulatory “solutions.”

But when we tally the score on whose fault today is, plenty can still be laid at Facebook’s door. Again, not all of its current troubles are necessarily of its own making: in addition to being square in the eye of the worst growing pains that computer-mediated communication can offer, it has also been misused, and even potentially illegally manipulated, by bad actors keen to exploit the inherent vulnerabilities presented by this shift from a world of physical scarcity to a world of digital plenty. Meanwhile doctoral theses in organizational theory could be written about the challenges faced by large companies, especially those that have grown so quickly, in reacting to the challenges their success has invited. In other words, we need to separate which expectations of the company are reasonable from those that are not necessarily fair to expect from an enterprise pioneering a new business that could not have even existed just a few years ago.

Yet while much of what Facebook does should be viewed charitably, it is not beyond criticism. To say it is like a bull in a china shop would be unfair to bulls, who at least seem to have some awareness of the chaos they leave in their wake as they throw their weight around. Whereas Facebook seems to have little insight into just what it is that it does, where it lives in the Internet ecosystem, and who is in there with it. As it blunders about, stoking outrage that makes people too upset to see the need for nuance in regulatory response, it also interferes with those advocating for that nuanced regulatory response. It is becoming very hard to trust Facebook as a partner in addressing the complex issues its business choices raise when the company itself seems to lack any coherent understanding of what those choices are. After all, what exactly is the business of Facebook? Is it to aggregate data, or to connect people and intermediate their speech? Or something else? These competing agendas antagonize users and cloud the regulatory waters, leading to overreactions like SESTA that end up hurting everyone. The bitter irony of SESTA, of course, is that it only punishes the good things Facebook does—the being a global platform facilitating speech and interpersonal connections around the world—that benefit our lives, and not those that give us pause. But it also makes sure that no one else will be able to come along and perform any of these functions any better.

Furthermore, it should not be forgotten that, as a matter of politics, Facebook allowed this regulatory travesty to happen. Its shocking endorsement of these dysfunctional policies undermined the resistance that the speakers and innovators were trying to mount against these policies that so that threaten them. Facebook may be foolish enough to believe it can endure the regulatory shift SESTA will bring, but even if it were correct, no one else can. Not even Facebook’s own users.

Today is a sad day for the future and all the speech, innovation, and interconnectivity we were counting on to help us confront the challenges of living together in this increasingly small world. There is plenty of blame to go around, but the oblivious insularity of one of the biggest actors in the policy space is a deserving recipient of much of it. Not only was it a lightning rod for regulatory outrage, not entirely undeservedly, but it then greased the skids for the worst of it, indifferent to the effects on others. It will surely suffer from its choices, but so will everyone else.

Sep 012018
 

This post originally appeared on Techdirt on 2/26/18.

These days a lot of people are upset with Facebook, along with many other of its fellow big Internet companies. Being upset with these companies can make it tempting to try to punish them with regulation that might hurt them. But it does no good to punish them with regulation that will end up hurting everyone – including you.

Yet that’s what the bill Congress is about to vote on will do. SESTA (or sometimes SESTA-FOSTA) would make changes that reduce the effectiveness of Section 230 of the Communications Decency Act. While a change to this law would certainly hurt the Facebooks of the world, it is not just the Facebooks that should care. You should too, and here’s why.

Section 230 is a federal statute that says that people who use the Internet are responsible for how they use it—but only those people are, and not those who provide the services that make it possible for people to use the Internet in the first place. The reason it’s important to have this law is because so many people – hundreds, thousands, millions, if not billions of people – use these services to say or do so many things on the Internet. Of course, the reality is, sometimes people use these Internet services to say or do dumb, awful, or even criminal things, and naturally we have lots of laws to punish these dumb, awful, or criminal things. But think about what it would mean for Internet service providers if all those laws that punish bad ways people use the Internet could be directed at them. Even for big companies like Facebook it would be impossibly expensive to have to defend themselves every time someone used their services in these unfortunate ways. Section 230 means that they don’t have to, and that they can remain focused on providing Internet services for all the hundreds, thousands, millions, if not billions of people – including people like you – who use their services in good ways.

If, however, Section 230 stops effectively protecting these service providers, then they will have to start limiting how people can use their services because it will be too expensive to risk letting anyone use their services in potentially wrongful ways. And because it’s not possible for Internet service providers to correctly and accurately filter the sheer volume of content they intermediate, they will end up having to limit too much good content in order to make sure they don’t end up in trouble for having limited too little of the bad.

This inevitable censorship should matter to you even if you are not a Facebook user, because it won’t just be Facebook that will be forced to censor how you use the Internet. Ever bought or sold something on line? Rented an apartment? Posted or watched a video? Found anything useful through a search engine? Your ability to speak, learn, buy, sell, complain, organize, or do anything else online depends on Internet services being able to depend on Section 230 to let you. It isn’t just the big commercial services like Facebook who need Section 230, but Internet service providers of all sorts of shapes and sizes, including broadband ISPs, email providers, online marketplaces, consumer review sites, fan forums, online publications that host user comments… Section 230 even enables non-commercial sites like Wikipedia. As a giant collection of information other people have provided, if Section 230’s protection evaporates, then so will Wikipedia’s ability to provide this valuable resource.

Diminishing Section 230’s protection also not only affects your ability to use existing Internet services, but new ones too. There’s a reason so many Internet companies are based in the United States, where Section 230 has made it safe for start-ups to develop innovative services without fear of crippling liability, and then grow into successful businesses employing thousands. Particularly if you dislike Facebook you should fear a future without Section 230: big companies can afford to take some lumps, but without Section 230’s protection good luck ever getting a new service that’s any better.

And that’s not all: weakening Section 230 not only hurts you by hurting Internet service providers; it also hurts you directly. Think about emails you forward. Comment threads you allow on Facebook posts. Tweets you retweet. These are all activities Section 230 can protect. After all, you’re not the person who wrote the original emails, comments, or tweets, so why should you get in trouble if the original author said or did something dumb, awful, or even criminal in those emails, comments, or tweets? Section 230 makes many of the ordinary ways you use the Internet possible, but without it all bets are off.

Sep 012018
 

This post originally appeared on Techdirt on 2/3/18.

With the event at Santa Clara earlier this month, and the companion essays published here, we’ve been talking a lot lately about how platforms moderate content. It can be a challenging task for a platform to figure out how to balance dealing with the sometimes troubling content it can find itself intermediating on the one hand and free speech concerns on the other. But at least, thanks to Section 230, platforms have been free to do the best they could to manage these competing interests. However you may think they make these decisions now, they would not come out any better without that statutory protection insulating them from legal consequence if they did not opt to remove absolutely everything that could tempt trouble. If they had to contend with the specter of liability in making these decisions it would inevitably cause platforms to play a much more censoring role at the expense of legitimate user speech.

Fearing such a result is why the Copia Institute filed an amicus brief at the Ninth Circuit last year in Fields v. Twitter, one of the many “how dare you let terrorists use the Internet” cases that keep getting filed against Internet platforms. While it’s problematic that they keep getting filed, they have fortunately not tended to get very far. I say “fortunately,” because although it is terrible what has happened to the victims of these attacks, if platforms could be liable for what terrorists do it would end up chilling platforms’ ability to intermediate any non-terrorist speech. Thus we, along with the EFF and the Internet Association (representing many of the bigger Internet platforms), had all filed briefs urging the Ninth Circuit to find, as the lower courts have tended to, that Section 230 insulates platforms from these types of lawsuits.

A few weeks ago the Ninth Circuit issued its decision. The good news is that this decision affirms that the end has been reached in this particular case and hopefully will deter future ones. However the court did not base its reasoning on the existence of Section 230. While somewhat disappointing because we saw this case as an important opportunity to buttress Section 230’s critical statutory protection, by not speaking to it at all it also didn’t undermine it, and the fact the court ruled this way isn’t actually bad. By focusing instead on the language of the Anti-Terrorism Act itself (this is the statute barring the material support of terrorists), it was still able to lessen the specter of legal liability that would otherwise chill platforms and force them to censor more speech.

In fact, it may even be better that the court ruled this way. The result is not fundamentally different than what a decision based on Section 230 would have led to: like with the ATA, which the court found would have required some direct furtherance by the platform of the terrorist act, so would Section 230 have required the platform’s direct interaction with the creation of user content furthering the act in order for the platform to potentially be liable for its consequences. But the more work Section 230 does to protect platforms legally, the more annoyed people seem to get at it politically. So by not being relevant to the adjudication of these sorts of tragic cases it won’t throw more fuel on the political fire seeking to undermine the important speech-protective work Section 230 does, and then it hopefully will remain safely on the books for the next time we need it.

Nov 122017
 

This post appeared on Techdirt on 11/10/17.  The anniversary it notes is today.

We have been talking a lot lately about how important Section 230 is for enabling innovation and fostering online speech, and, especially as Congress now flirts with erasing its benefits, how fortuitous it was that Congress ever put it on the books in the first place.

But passing the law was only the first step: for it to have meaningful benefit, courts needed to interpret it in a way that allowed for it to have its protective effect on Internet platforms. Zeran v. America Online was one of the first cases to test the bounds of Section 230’s protection, and the first to find that protection robust. Had the court decided otherwise, we likely would not have seen the benefits the statute has since then afforded.

This Sunday the decision in Zeran turns 20 years old, and to mark the occasion Eric Goldman and Jeff Kosseff have gathered together more than 20 essays from Internet lawyers and scholars reflecting on the case, the statute, and all of its effects. I have an essay there, “The First Hard Case: ‘Zeran v. AOL’ and What It Can Teach Us About Today’s Hard Cases,” as do many other advocates, including lawyers involved with the original case. Even people who are not fans of Section 230 and its legacy are represented. All of these pieces are worth reading and considering, especially by anyone interested in setting policy around these issues.

Nov 042017
 

The following post originally appeared on Techdirt on 10/27/17.

It isn’t unusual or unwarranted for Section 230 to show up as a defense in situations where some might not expect it. Its basic principles may apply to more situations than may necessarily be readily apparent. But to appear as a defense in the Cockrum v. Campaign for Donald Trump case is pretty unexpected. From page 37 of the campaign’s motion to dismiss the case against it, the following two paragraphs are what the campaign slipped in on the subject:

Plaintiffs likewise cannot establish vicarious liability by alleging that the Campaign conspired with WikiLeaks. Under section 230 of the Communications Decency Act (47 U.S.C. § 230), a website that provides a forum where “third parties can post information” is not liable for the third party’s posted information. Klayman v. Zuckerberg, 753 F.3d 1354, 1358 (D.C. Cir. 2014). That is so even when even when the website performs “editorial functions” “such as deciding whether to publish.” Id. at 1359. Since WikiLeaks provided a forum for a third party (the unnamed “Russian actors”) to publish content developed by that third party (the hacked emails), it cannot be held liable for the publication.

That defeats the conspiracy claim. A conspiracy is an agreement to commit “an unlawful act.” Paul v. Howard University, 754 A.2d 297, 310 (D.C. 2000). Since WikiLeaks’ posting of emails was not an unlawful act, an alleged agreement that it should publish those emails could not have been a conspiracy.

This is the case brought against the campaign for allegedly colluding with Wikileaks and the Russians to disclose the plaintiffs’ private information as part of the DNC email trove that ended up on Wikileaks. Like Eric Goldman, who has an excellent post on the subject, I’m not going to go into the relative merits of the lawsuit itself, but I would note that it is worth consideration. Even if it’s true that the Trump campaign and Wikileaks were somehow in cahoots to hack the DNC and publish the data taken from it, whether and how the consequences of that disclosure can be recognized by law is a serious issue, as is whether this particular lawsuit by these particular plaintiffs with these particular claims is one that the law can permit to go forward without causing collateral effects to other expressive endeavors, including whistleblower journalism generally. On these points there may or may not be issues with the campaign’s motion to dismiss overall. But the shoehorning of a Section 230 argument into its defensive strategy seems sufficiently weird and counterproductive to be worth commenting on in and of itself. Continue reading »

Feb 202014
 

The following was posted on Project-Disco.org earlier this week:

What would the Internet be without its intermediaries? Nothing, that’s what. Intermediaries are what carry, store, and serve every speck of information that makes up the Internet. Every cat picture, every YouTube comment, every Wikipedia article. Every streamed video, every customer review, every online archive. Every blog post, every tweet, every Facebook status. Every e-business, every search engine, every cloud service. No part of what we have come to take the Internet for exists without some site, server, or system intermediating that content so that we all can access it.

And yet, if we’re not careful, we can easily lose all the benefits these intermediaries bring us. Thankfully, in the United States we have some laws that help ensure they can exist, chief among them 47 U.S.C. Section 230. As my recent paper on the state of the law regarding intermediary liability explains, this law stands for the proposition that intermediaries are only responsible for what they themselves communicate through their systems – not what others use them to say. For example, newspapers that post articles online are only responsible for the content of the articles they publish, not the comments readers then post to them. Similarly consumer review sites are only responsible for the information they supply to their sites, not the user reviews themselves. This same principle also means that people who link to content (as search engines do) are not legally responsible for that content, even if that content should happen to be illegal in some way (like by being potentially defamatory).

The reason Section 230 has been so helpful in allowing the Internet to thrive and become this increasingly rich resource is that by relieving intermediaries of liability for the content passing through their systems it has allowed for much more, and much more diverse, content to take root on them than there would have been had intermediaries felt it necessary to police every byte that passed through their systems out of the fear that if they didn’t, and the wrong bit got through, an expensive lawsuit could be just around the corner. Because of that fear, even if those bits and bytes did not actually comprise anything illegal intermediaries would still be tempted to over-censor or even outright prohibit scads of content, no matter how valuable that content might actually be.

Continue reading »

Feb 202013
 

At an event on CFAA reform last night I heard Brewster Kahle say what to my ears sounded like, “Law that follows technology tends to be ok. Law that tries to lead it is not.”

His comment came after an earlier tweet I’d made:

I think we need a per se rule that any law governing technology that was enacted more than 10 years ago is inherently invalid.

In posting that tweet I was thinking about two horrible laws in particular, the Computer Fraud and Abuse Act (CFAA) and the Electronic Communications Privacy Act (ECPA). The former attempts to forbid “hacking,” and the second ostensibly tried to update 1968’s Wiretap Act to cover information technology. In both instances the laws as drafted generally incorporated the attitude that technology as understood then would be the technology the world would have forever hence, a prediction that has obviously been false. But we are nonetheless left with laws like these on the books, laws that hobble further innovation by how they’ve enshrined in our legal code what is right and wrong when it comes to our computer code, as we understood it in 1986, regardless of whether, if considered afresh and applied to today’s technology, we would still think so.

To my tweet a friend did challenge me, however, “What about Section 230? (47 U.S.C. § 230).” This is a law from 1996, and he has a point. Section 230 is a piece of legislation that largely immunizes Internet service providers for liability in content posted on their systems by their users – and let’s face it: the very operational essence of the Internet is all about people posting content on other people’s systems. However, unlike the CFAA and ECPA, Section 230 has enabled technology to flourish, mostly by purposefully getting the law itself out of the way of the technology.

The above are just a few examples of some laws that have either served technology well – or served to hamper it. There are certainly more, and some laws might ultimately do a bit of both. But the general point is sound: law that is too specific is often too stifling. Innovation needs to be able to happen however it needs to, without undue hindrance caused by legislators who could not even begin to imagine what that innovation might look like so many years before. After all, if they could imagine it then, it would not be so innovative now.