By Robert Schlesinger |
There are steps Congress should take, but two bills under active consideration should not pass in their current form. Both the House's Stop Online Piracy Act and the Senate's PROTECT IP Act call for a form of Internet filtering that would do very little to stop infringement while imposing severe costs to cybersecurity and online free expression.
The bills would allow courts to issue orders requiring ISPs and other operators of domain name system (DNS) servers to take steps to prevent access to sites found to be dedicated to infringement. The problem is that the steps these entities would take do more harm than good. Think of the DNS as the Internet's 411; it translates domain names like 'usnews.com' into IP addresses like 184.108.40.206 that computers and routers understand. Every time you visit a website or send E-mail, the first thing that happens is your computer asks the DNS for the IP address associated with the domain name you requested. So filtering out a DNS query is akin to blacking out a number in the phone book—without doing anything to the phone number itself or the infringing activity behind it.
With the infringing sites still online, DNS filtering is trivial for anyone to get around. There are millions of DNS servers in the world to choose from, and countless other ways for find the right IP address for a website. Indeed, these two bills have not yet passed and we have already witnessed the launch of several browser plug-ins and other workarounds. The idea that this tactic would have an appreciable impact on infringement is pure fantasy.
To add insult to ineffectiveness, prominent cybersecurity experts including a director at Sandia National Labs have warned that the steps users will take to circumvent the orders will expose U.S. networks to increased cybersecurity risks. DNS spoofing—where an attacker replaces the answer to a DNS query to redirect someone to a malicious site—is a major problem that will likely increase as users redirect DNS traffic to potentially untrustworthy servers. In addition, mandated DNS filtering would seriously impair the deployment of DNS Security Extensions (DNSSEC), a critical update designed to prevent spoofing.
If despite these costs the United States were to embrace DNS filtering as a means to go after online activity, it would be a major setback for global online freedom of expression. The United States actively argues against Internet filtering by repressive countries, and Secretary of State Hillary Clinton has forcefully promoted the idea of "one Internet" that looks the same no matter where you connect. How can we be taken seriously arguing the importance of unfettered access to a single, global Internet if our Congress is trying to create our own domestic firewall and blacklist? There are other enforcement actions in the bills, namely targeted actions aimed at cutting off infringer's financial resources—that will be more effective and not threaten all this collateral damage. Congress would do well to focus on those remedies and avoid the one where the costs outweigh the benefits.
About Andrew McDiarmid Policy Analyst at the Center of Democracy and Technology
Corynne McSherry Intellectual Property Director at the Electronic Frontier Foundation
Stephen Cox President and CEO of the Council of Better Business Bureaus
Sandra Aistars Executive Director of the Copyright Alliance