Stop Online Piracy and PROTECT IP Acts Do More Harm Than Good

About Andrew McDiarmid:

Andrew McDiarmid is a policy analyst at the Center of Democracy and Technology's Washington, D.C., office. He works on policy issues related to digital copyright, free expression, and Internet neutrality. Prior to joining CDT, McDiarmid was a research assistant at the Samuelson Law, Technology, and Public Policy Clinic at the UC-Berkeley School of Law, where he researched a range of issues including electronic surveillance and licensing solutions for peer-to-peer networks.

There are steps Congress should take, but two bills under active consideration should not pass in their current form. Both the House's Stop Online Piracy Act and the Senate's PROTECT IP Act call for a form of Internet filtering that would do very little to stop infringement while imposing severe costs to cybersecurity and online free expression.

The bills would allow courts to issue orders requiring ISPs and other operators of domain name system (DNS) servers to take steps to prevent access to sites found to be dedicated to infringement. The problem is that the steps these entities would take do more harm than good. Think of the DNS as the Internet's 411; it translates domain names like 'usnews.com' into IP addresses like 208.77.248.169 that computers and routers understand. Every time you visit a website or send E-mail, the first thing that happens is your computer asks the DNS for the IP address associated with the domain name you requested. So filtering out a DNS query is akin to blacking out a number in the phone book—without doing anything to the phone number itself or the infringing activity behind it.

[Check out 2011: The Year in Cartoons.]

With the infringing sites still online, DNS filtering is trivial for anyone to get around. There are millions of DNS servers in the world to choose from, and countless other ways for find the right IP address for a website. Indeed, these two bills have not yet passed and we have already witnessed the launch of several browser plug-ins and other workarounds. The idea that this tactic would have an appreciable impact on infringement is pure fantasy.

To add insult to ineffectiveness, prominent cybersecurity experts including a director at Sandia National Labs have warned that the steps users will take to circumvent the orders will expose U.S. networks to increased cybersecurity risks. DNS spoofing—where an attacker replaces the answer to a DNS query to redirect someone to a malicious site—is a major problem that will likely increase as users redirect DNS traffic to potentially untrustworthy servers. In addition, mandated DNS filtering would seriously impair the deployment of DNS Security Extensions (DNSSEC), a critical update designed to prevent spoofing.

[Vote: Is SOPA a Form of Censorship?]

If despite these costs the United States were to embrace DNS filtering as a means to go after online activity, it would be a major setback for global online freedom of expression. The United States actively argues against Internet filtering by repressive countries, and Secretary of State Hillary Clinton has forcefully promoted the idea of "one Internet" that looks the same no matter where you connect. How can we be taken seriously arguing the importance of unfettered access to a single, global Internet if our Congress is trying to create our own domestic firewall and blacklist? There are other enforcement actions in the bills, namely targeted actions aimed at cutting off infringer's financial resources—that will be more effective and not threaten all this collateral damage. Congress would do well to focus on those remedies and avoid the one where the costs outweigh the benefits.

• See a collection of political cartoons on the turmoil in the Middle East.
• See our slide show in opinion: 5 Ways New Media Are Changing Politics.
• Follow U.S. News Debate Club on Twitter.

Tags:

internet,

digital piracy,

Congress