While it’s premature to say that SOPA and PIPA are officially dead, it appears that the writing is on the wall for these noxious bills. That does not meanxx however, that there is nothing to be worried about. Indeed, the failure of SOPA and PIPA has led some pundits to speculate that BigIP will “double down” on its legislative strategy. Beyond the copyright wars, there are two legislative developments that hosts need to be aware of.
All eyes are now on the Anti-Counterfeiting Trade Agreement, or ACTA. This controversial treaty has been around since 2006, when the U.S. and Japan began to collaborate on it. While I will discuss the text of ACTA in a subsequent post, there are a number of problems with this treaty. The first is that it is, in essence, “policy laundering.” Policy laundering, similar to money laundering, is the attempt to enact policies that may be difficult to enact in one area by funneling them through other forums. In this case, intellectual property protections that rights holders have been unable to secure in the legislatures of most industrialized nations.
Along these lines, the Obama administration has stated that ACTA may be brought into force in the U.S. not as a treaty, but as an executive agreement. In doing so, ACTA may be made law without the approval of the Senate, which is required for treaties. The concern seems to be that because COICA, SOPA and PIPA were so toxic, ACTA might suffer a similar fate if debated in the Senate. Given the fact that ACTA has engendered street protests in Europe, that concern may not in fact be misplaced.
The final issue is the fact that those involved in the negotiations of ACTA only represented the viewpoints and opinions of rights holders. Particularly in the U.S. and Europe, no members of the public interest lobby were included in meaningful ways in the drafting of the treaty. This has, to a large extent, led to a treaty that seems to undermine critical societal values like free speech and transparency. Indeed, an MPAA representative to the negotiations has argued that ACTA could be used to suppress sites like Wikileaks.
Cybersecurity Act of 2012
This long awaited bill was introduced in the Senate on Valentine’s Day. While I have not had an opportunity to review all of the text of the bill, there are a couple of key issues to watch out for. The first of these is the definition of “breach.” The term breach does not have a generally accepted meaning. As a result, what is considered to be a breach can have a wide-ranging impact on compliance responsibilities.
The second issue is risk shifting. For legislation, this generally means who has to bear the cost of a violation of the law. Key issues will be whether the act contains a private right of action, the ability for law enforcement officials to investigate violations, or fines. Each of these have a great deal of impact on who bears the ultimate risk of compliance, and whether insurance can be procured for a violation.
Finally, a key issue for most businesses will be whether the act preempts state security laws. Currently, 47 states and the District of Columbia have some sort of security breach law. Some, like Massachusetts, claim that their laws apply regardless of whether a breach occurs within the state. This patchwork of laws has created a high compliance burden for internet infrastructure companies who may have data centers in more than one location, or process information about individuals from every state.
Another way to find out more is to join Christian Dawson and me at the Parallels Summit on Thursday, February 16 at 4:45 pm. We’ll be discussing how Congress and the Executive branch regulate hosting, and ways we can work together through the Save Hosting Coalition to ensure that hosts’ voices are heard.