PROTECT IP Act

The internet: law, politics and engineering

Immagic’s Jim Farmer discusses security and technical concerns raised in the postponed PROTECT IP Act

On 25 May 2011, The Internet Corporation for Assigned Names of seizing and redirecting domain names to an alternate site. This and Numbers’ (ICANN) chairman Steve Crocker and others in the enforcement practice is exactly the same process used by “rogue technological field made their paper warning public regarding sites” to redirect innocent users to their site, and will preserve their

Picture: silver tiger / Shutterstock Picture: their concerns over (DNS) filtering ability to do so. requirements under the PROTECT IP Act. They wrote: • Cloud computing, except from large, influential and low risk firms, carries • The US government and private industry have identified internet increased risks to their users; the risk may be unacceptable to potential security and stability as a key part of a wider cyber security strategy, users. Enforcement as practised applies the same remedy – seizing domain and if implemented, the DNS related provisions of PROTECT IP ACT names disconnects all users including non-infringing users. (PIPA) would weaken this important commitment. • As courts begin to direct the activities of internet service providers • DNS filters would be evaded easily, and would likely prove ineffective (ISPs) on a national basis – eg, the UK and Netherlands courts ordered at reducing online infringement. Further, widespread circumvention ISPs to block user access to The Pirate Bay4 – their directives apply only would threaten the security and stability of the global DNS. to that nation. As domains are redirected or blocked, the network will • The DNS provisions would undermine the universality of domain operate one way in one country and another in a different country. names, which has been one of the key enablers of the innovation, As a result, the internet begins to be a series of interconnections of economic growth, and improvements in communications and national networks that operate differently. information access unleashed by the global internet1. • The “hacker” community has an incentive to hide the identity of a source of files and to protect the content of files through encryption In the month following the publication, Crocker was elected chair of the to prevent routine censorship5. ICANN Board, which operates under a contract with the US Department of Commerce, and oversees the Internet Domain Name System. This Engineers view ISPs, such as BT and Verizon, as operators of a “directory” links the names of users and servers – eg, Amazon.com – communication network focused on reliability, stability, and security. with the internet protocol numeric address used to route data packets2 Lawmakers are viewing ISPs as enforcers of content laws – including through the internet. This is a “digital era” analogue of the traditional non-judicial censorship. telephone directory. This “look up” occurs every time a user enters an DNSSEC uses the same technology as digitally signed documents. URL – the complete and specific address of a document or website. The user can similarly validate an intended party’s internet address. That is, On 17 January 2012, Crocker provided six minutes and 54 verifying Citibank.com is really Citibank.com, not a rogue site that looks seconds of explanation to the Congressional Internet Caucus Advisory like Citibank.com. The US Department of Justice currently seizes domain Committee3. The Caucus is funded by firms to provide information names by instructions to US-based internet registrars and redirects the and guidance to members of the US Congress. Crocker described the domain name to one of their websites. If DNSSEC was implemented, protocols of the internet – descriptions of how the network should the user would only receive a message saying the connection could not work translated into computer code – as “arcane, nuanced” and be completed. As Crocker writes, the user would not know whether with “subtleties”. He continued saying the proposed laws may have communication failed, the intended website was not operational, or the “unintended consequences”. He described the internet as global with address was invalid. Since DNSSEC depends upon cryptographic keys “legal boundaries” referring to the scope of law as contrasted to the that can also be used for signing or encrypting documents, concerns internet. He also urged “careful and thoughtful” use of real data in that law enforcement would seize these keys have been discussed6, making judgments about the operation of the internet. but not documented. Obtaining these cryptographic keys may provide From an engineering perspective, and discussions since at least access to all the user’s digitally signed or encrypted documents. 2009, some of the possible impacts and incentives of current and Cloud computing is also vulnerable. Computer programs on the proposed law and enforcement are: “cloud” provide service over the internet rather than from the user’s • The Domain Name System Security Extensions (DNSSEC) is being computer or the firm’s computers. Cloud computing offers lower costs implemented to ensure a user knows the website address is valid. because of size, reliable computer hardware and communications, and However, this system is inconsistent with the proposed practices increased capacity on demand.

42 Intellectual Property magazine June 2012 www.intellectualpropertymagazine.com PROTECT IP Act

However, seizing a Top-Level-Domain may deny access to all users Summary communicating with the “cloud” whether or not they are infringing. Intellectual property attorneys have experience mastering both law and The Megaupload case demonstrated this unreliability. A substantial technologies. It may be that they, rather than politicians, engineers, or number of non-infringing users of the Megaupload “cloud” were content providers, can best recommend laws and practices that integrate denied access to their data and lost processing capabilities7. This raises their perspectives into effective internet law and law enforcement. And the concern that another user’s infringement would seriously impact then take this experience into their work with clients, who will benefit a non-infringing user. As an example of instability, the Danish Police from this special experience and expertise. Overall, all internet users accidentally blocked over 8,000 sites, including and , would benefit. labelling them as child porn when they were not. Mike Masnick, editor of blog TechDirt summarised, “For all the talk Footnotes of how The (SOPA) and Protect IP Act (PIPA) were 1. “Security and other technical concerns raised by the DNS filtering requirements bad for changing the way the internet would have to work, it’s worth in the PROTECT IP Bill,” Shinkuro, Inc, 25 May 2012. http://www.shinkuro. noting the very very real impact of the Megaupload takedown on the com/PROTECT%20IP%20Technical%20Whitepaper%20Final.pdf. 2. A packet consists of two kinds of data: control information and user data. The control information provides data the network needs to deliver the user data. 3. Detailed information and event coverage is available at http://www. netcaucus.org. “The “hacker” community has an 4. In April, the UK’s High Court ordered five ISPs to block communications with , a website claimed to be infringing. In May, a Dutch court ruled incentive to hide the identity of a that four ISPs block user access to the site. source of files and to protect the 5. The Oxford Electronic Dictionary defines censorship as “the practice of officially examining books, movies, etc, and suppressing unacceptable content of files through encryption parts.” The connotation this is unethical or undesirable is not intended. to prevent routine censorship.” 6. For example, in 2006, the UK police force urged for the power to be able to demand encryption keys from suspects to gain access to data. http://news.cnet. com/U.K.-police-Let-us-seize-encryption-keys/2100-7348_3-6105680.html. 7. We now know staff of the US Department of Defense and Department of State were users. This use is not unusual for transferring lengthy files from one user to potential development of various new services and business models. another, because of typical file limits for email attachments and the difficulty of The risks and uncertainty increased massively on 19 January and not in using a file communications protocol such as FTP (file transfer protocol). a good way for anyone8. 8. Mike Masnick has appeared as a speaker in many meetings and conferences The role of ISPs in censoring internet transmissions in Pakistan was on the internet, including the Advisory Committee’s “State of the Net” revealed in its government proposal9: panel with Steve Crocker and representatives of MPAA and US Chamber • The ISPs and backbone providers (organisation that supply of Commerce. access to high-speed transmission lines that connect users to 9. National URL filtering and blocking system, Ministry of Information the internet) have currently deployed manual URL filtering and Technology, Government of Pakistan, 3 February 2012. blocking mechanisms in order to block the specific URLs containing 10. British ISPs will block The Pirate Bay within weeks, The Guardian, 30 April 2012. undesirable content as notified by Pakistan Telecommunication 11. The Pirate Bay block initiates Streisand Cascade, drives record traffic, Leigh Authority from time to time. Beadon, TechDirt 2 May 2012. • Many countries have deployed web filtering and blocking systems at the internet backbones within their countries. However, Pakistani ISPs and backbone providers have expressed their inability to block millions of undesirable websites using current manual blocking systems.

Note the “millions of undesirable websites”. The Pakistani implementation restricts communication based on a government determination of “undesirable content”. While this is more specific, and less damaging, than domain name seizure, the use of URLs may also include subordinate websites that have only “desirable content”. After the UK’s High Court ban on The Pirate Bay, The Guardian newspaper reported, “The block, starting within weeks, will mean Author millions of Britons will no longer be able to access one of the biggest and longest-running global filesharing sites10”. Two days later, The Pirate Jim Farmer is an economist with Immagic in Bay had “12m more visitors than it ever had11”. This demonstrates how Washington DC. He works on technologies ineffective DNS filtering can be. To effectively prevent communications increasing the productivity of university researchers and university intellectual traffic, every UK ISP will need to implement domain name filtering. property policies. He is a USPTO registered Smaller ISPs may be eliminated, lacking the capital for such an researcher and writes on patent trials at the investment. The use of proxies (third-party websites providing links) and Federal Circuit and District Courts. “encrypted tunnelling” (which enables hidden activity), as suggested to Pirate Bay users to circumvent blocks, indicates the effectiveness of DNS filtering may be limited, as Crocker predicted. www.intellectualpropertymagazine.com June 2012 Intellectual Property magazine 43