Policing the Internet is not a Job for a Corporation
In light of recent legislation in the US (SOPA and PIPA), and a decision last week in the Netherlands that orders Dutch ISPs to block access to the Pirate Bay website, this excellent new FAIFE Spotlight by Finnish journalist Hanna Nikkanen is very timely. In it, she explores the dangers of threatening private companies with fines if they do not enforce strict bans on access to copyrighted material – and points how that when complying with such rulings these companies will almost certainly interpret the law in a more restrictive manner than necessary in order to protect themselves from the financial consequences of not doing so. The end result is that punishing the providers of communications infrastructure for making available copyright-violating material instead of the actual culprits will end up exposing innocent internet users to side effects that infringe on their basic rights – such as restrictions on freedom of speech.” Kai Ekholm, FAIFE Chair
In late October, a Helsinki court ordered the Finnish internet service provider Elisa to prevent its customers from accessing the file-sharing portal The Pirate Bay. Elisa refused to comply with the court’s decision for over two months; on January 9, threatened by a hefty fine, Elisa gave in. The wording of the order has been described as unclear, and it did not specify which illegal content it targeted.
The Helsinki district court’s decision refers to unspecified copyright-violating content that users can access via The Pirate Bay. This is problematic: only some of the content that The Pirate Bay links to is illegal, and none of it is hosted on The Pirate Bay’s servers. The website is merely one out of many torrent hosting sites that act as passive middle men in copyright infringements committed by individual internet users. Elisa or any other internet service provider (ISP) is even further removed from the actual violation.
In 1995, the Church of Scientology sued the Dutch internet service provider Xs4all over a copyright violation allegedly committed by one of its customers.
Xs4all’s defense compared the ISP’s role to that of a phone company: no one can sue a phone company over something that people say on the phone, especially before the authorities have exhausted all possible means to identify and prosecute the actual suspect.
After nearly a decade of litigation, the case reached the Dutch Supreme Court, where Xs4all won. Since then, the principle has been recorded in the European Union’s E-Commerce Directive: if someone uploads copyright-infringing content on the internet, the authorities should primarily seek to prosecute the person actually responsible for the infringement, not the company that happens to host the content. The Helsinki District Court’s decision seems to ignore the spirit of this principle.
The principle of the operators’ immunity is important for the simple reason that private companies make terrible guardians of the freedom of speech. If we demand that ISPs act as policemen on the internet, they will almost certainly interpret the law in a more restrictive manner than necessary.
That’s what happened when the United States declared personal trade sanctions on certain members of the Zimbabwean cabinet. Bluehost, a US-based internet service operator, promptly shut down the website of Kubatana, a Zimbabwean human rights organization. It was easier and cheaper for the ISP to give up all Zimbabwean customers than to inspect each contract on the off chance that some of them might violate the new sanctions.
In 2009 the popular business-related social networking site LinkedIn expelled all Syrian users without a warning. The decision was based on similar thinking as in the Zimbabwean case: rather than trying to understand the complicated terms of the embargo, LinkedIn gave up on Syria altogether.
In Elisa’s case, already on the first day of the court-ordered block of The Pirate Bay and related websites, the ISP was accidentally blocking one domain – piraattilahti.fi – that is not connected to The Pirate Bay and redirects to an NGO website instead.
Eventually public criticism convinced both Bluehost and LinkedIn to change their minds. Their initial reactions were exaggerated and could have had very negative consequences to the freedom of speech of regular Syrians and Zimbabweans, but the companies’ logic is understandable.
If a private company is threatened with fines and forced to choose between effectuating either too much or too little censorship, it will almost always choose to go overboard. The economic losses of an unnecessarily restrictive policy are generally smaller than the losses that the company risks with operating on a grey legal zone, dealing with lawsuits, court orders and complaints. The less revenue a customer brings to the company, the more likely it is to be thrown overboard: this makes internet users in developing countries and small NGOs particularly vulnerable to unfair denial of service.
This is not how an open and just society functions. That’s why decisions about who is allowed to operate on the internet should never be delegated to internet service providers. The Finnish ISP Elisa showed laudable responsibility during the two months when it refused to accept this role.
The rapid changes in our media landscape make it both necessary and extremely difficult to update the way we understand and protect copyright. Those of us who make a living out of the sale of their copyrighted work have solid reasons to worry about piracy.
However, worries about piracy do not justify the short cut prescribed by the Helsinki District court: one that punishes the providers of communications infrastructure instead of the actual culprits and, in doing so, exposes innocent internet users to side effects that infringe on their basic rights.
While Finland adopts drastic anti-piracy measures, Iceland has chosen a different strategy. The country is currently in the process of adopting a wide-ranging collection of media laws, formerly known as the Icelandic Modern Media Initiative and recently re-christened the International Modern Media Institute (IMMI). When passed, the laws will grant ISPs complete immunity from prosecution regarding their customers’ uploaded content.
Instead, the Icelandic laws demand that internet censorship be always based on a court order against specific content. When a person commits a crime on the internet, that person is to be punished, not the company that provided the infrastructure.
Thus far, Finnish copyright organizations have tried to tag a pro-piracy label on anyone who disagrees with their views. That is unfair: actors like Elisa or Iceland’s IMMI project can hardly be seen as opposing the concept of copyright as such.
Instead, a legislation that defines the allowable range of internet censorship in a clear, transparent and prudent manner is in the shared interest of ISPs, their customers and every person who values their freedom of expression.
The author is a Finnish journalist. The European Union and the Finnish government have recently awarded her work on corporate social responsibility, technology and social justice.