A.The Basic Premise
The basic premise of this Essay is that the response described above is a wrong turn. Fundamentally, we argue, it is inadequate to respond to internet-related misconduct with rules for intermediaries that turn so pervasively on normative and fault-related notions of responsibility and participation. The touchstone that we suggest—searching for the least-cost avoider—is not a new one. Nor is it a new idea that in some cases misconduct can be sanctioned most effectively through the indirect imposition of responsibility on intermediaries. That idea is prominently associated with a pair of papers on the subject of “gatekeeper” liability written in the early 1980’s by Reinier Kraakman.88 But analysts of internet governance generally have failed to notice either the distinctive nature of the gatekeeper regime or the reasons it is so well-suited to the internet.
1.The Nature of Gatekeeper Liability.—The first point is the simplest one, already emphasized above: the imposition of liability under the gatekeeper rationale should have nothing to do with a normative assessment of the level of responsibility, participation, or support of the intermediary. Rather, it should turn entirely on the balance between the social costs of the misconduct and the effectiveness with which the intermediary can sanction the misconduct (more on that calculus below). That is not to say that it is inappropriate to impose liability in cases in which the intermediary is directly involved in the misconduct. For example, in Napster, it seems not an unfair assessment of the facts to conclude, as the Ninth Circuit did, that Napster was so involved in unlawful P2P filesharing89 as to make it appropriate to sanction Napster for that misconduct. The gatekeeper inquiry, however, would turn on the question whether Napster could serve as a reliable tool for preventing unlawful filesharing. As we discuss below, the fact that no actions by Napster could possibly have stopped unlawful filesharing suggests that imposition of gatekeeper responsibility on Napster would have been ineffective.90
To put the point affirmatively, the key question for determining the propriety of intermediary liability is how plausible it is to think that the intermediary could detect the misconduct and prevent it.91 Specifically, because the analysis premises the imposition of responsibility on a determination that the intermediary is the least-cost avoider of the misconduct in question, a proper determination requires not only that the gatekeepers be able to detect offenses, but they also be able to detect and prevent them economically.
Returning to the example discussed in the introduction, it is difficult to say whether ISPs can economically detect copyright infringement. If ISPs were made liable for the copyright infringement of their customers, how might they react to stop the infringement?92 There are two main techniques for enlisting ISPs in the fight. The first involves ISP monitoring of individual users’ internet activity to detect patterns that are consistent with targeted activities. Regulation could be designed to give ISPs an affirmative defense to liability if they assisted law enforcement officials in detecting customers who appear to be violating laws.93 ISPs could detect suspicious activity using a combination of hot list URLs94 and examination of internet traffic patterns. Those customers who have unusually large transfer logs and who visit sites that are known to contain tools for downloading copyrighted materials are likely offenders. But these crude indicators are likely to result in large false positives because perfectly legal activities, such as distributing one’s own works, uncopyrighted works, or works whose owners consent to the proliferation, would look very similar to illegal distribution.
A second technique would be more invasive. If lawmakers are intent on using ISPs to prevent certain internet conduct, ISPs could be required to integrate their services more fully with the systems of internet users to allow the ISPs to monitor their customers internet activity and prevent certain transactions. ISPs should have the ability to intercept non-encrypted transmissions to determine the nature of those transmissions. And the technology to determine whether the intercepted transmissions infringe a copyright may exist. Perhaps by comparing a portion of a transmission with a database of infringing material a connection could be found.95 And if this is technologically or practically impossible, other solutions may remain. ISPs could require that certain software be downloaded and running on a computer to connect to the internet. This software could then monitor the programs running on a computer while the computer is connected to the internet. When a program that is used for copyright infringement is identified, further examination of the program and the use of that program could be made to determine whether indeed copyright infringement was taking place. If such software were designed and implemented, the DMCA would likely prevent the development of software to circumvent such copyright protection efforts.96 This approach certainly brings with it both normative and practical concerns. Normatively, would we as a society want to give private parties such great power to monitor our activities? And practically, would the costs and limitations of such a system be justified by the harm prevented?
The point here is not to make a definitive assessment of the potential technological responses, which would be both beyond our capabilities and short-lived in its accuracy in any event. The point is simply to suggest the likelihood that it would be costly for ISPs to implement such strategies. It might, therefore, be unreasonable to expect that an ISP could monitor all users for infringement. Of course, selective monitoring schemes might produce a high level of desired results if subscribers, knowledgeable of the possibility that their internet activities are being monitored, react by curtailing their illegal activities.97 Similarly, automated detection could drive down surveillance costs, as would the creation and implementation of standard software for this type of activity.
For present purposes, what is important about the discussion is that the second hypothetical response, software surveillance monitoring, doubtless is more costly than the first, transmission monitoring, and could be justified only if the social benefits of suppression of the misconduct were relatively high. If the benefits from suppression were not substantial, the costs of that kind of surveillance (including the costs of the intrusion on the privacy of individuals not engaging in the challenged conduct) would outweigh those benefits and thus make the surveillance inappropriate.
2.Gatekeeper Liability and the Internet.—The second point is an overtly exceptionalist argument that gatekeeper liability is systematically more likely to be effective in the modern internet environment than it has been in traditional offline environments.98 This is true for three separate reasons. First, as should be clear from the discussion of the structure of the internet in Part I, it often will be the case that a particular type of misconduct on the internet generally will proceed through a readily identifiable intermediary or class of intermediaries, and that it will not at reasonable cost be practicable for those who wish to engage in misconduct to avoid such an intermediary: the customer who wishes to purchase contraband on the internet is quite likely to interact with a site that describes or provides the contraband and to use some form of payment intermediary to pay for the contraband. This is of course a substantial change from offline reality, in which the seller of contraband need not establish a freely accessible place of business and in which wholly untraceable cash payments are easy.
Second, advances in information technology make it increasingly cost-effective for intermediaries to monitor more closely the activities of those that use their networks. As it becomes cheaper to monitor activity more closely, it ineluctably becomes relatively99 more desirable to rely on such monitoring as the least expensive way to eradicate undesirable activity.100
Third, the relative anonymity that the internet fosters makes remedies against primary malfeasors much less effective than they are in a brick and mortar context. Thus, for example, it is much easier to obtain a relatively anonymous email account (from a provider such as Google) for use in connection with illicit conduct than it is to obtain a post-office box in the offline world. This is not to say that anonymity is impossible in the offline world or that it is perfect in the online world; it is simply to say that it is much easier to engage in relatively anonymous conduct online than it ever has been offline. But with the introduction of intermediaries in targeting certain activities, this anonymity decreases significantly. The networks provided by the intermediaries, whether communication networks in the case of ISPs, payment systems in the case of payment intermediaries, or auction systems in the case of auction intermediaries, require that users of those networks be identifiable to varying extents. ISPs provide service to an identifiable account holder. Payment systems require transfers to identifiable accounts. And auction intermediaries obtain personal information in order to facilitate the smooth operation of auctions and to ensure payment. Thus, when these types of intermediaries are engaged in the battle against an activity, the information they collect in order to provide their services automatically and necessarily decreases the anonymity of the transaction.
Share with your friends: |