Hacking Politics: How Geeks, Progressives, the Tea Party, Gamers, Anarchists, and Suits Teamed Up to Defeat SOPA and Save the Internet
Page 21
On December 15, Slurp140, a Twitter analytics service, reported that there were eighty-four thousand seven hundred seventy-one SOPA-related tweets—a record for the fight up to that point—and with the exception of the online blowup against GoDaddy a week later, the most activity we would see until the days prior to the blackout.
At Don’t Censor the Net, our numbers were following a hockey stick-like growth trajectory. The day before the markup, we had launched a petition with Senator Rand Paul to rally conservatives and libertarians against SOPA and PIPA. Throughout the campaign, we were seeing several signups per minute, and we nearly doubled our existing base of support in a week. The conversion rate on our petition far exceeded what was normal for candidates and causes, and we saw a doubling of signatures thanks to those who shared the petition to Facebook or Twitter. Where the opposition to SOPA prior to the markup felt like a brushfire with the potential to be snuffed out by the proponents’ vaster arsenal, after the markup it became a raging wildfire that wouldn’t be extinguished until the bill died.
The markup would resume for a second day on Friday, December 16th. Thirty-six hours earlier, a victory for SOPA seemed to be in the bag, and now there was a palpable sense of optimism that opponents could delay further action on the bill into 2012—an election year when Congress would get little done. Few of the fifty-five amendments had been voted on after the first full day of hearings, and Smith was running out of time before Congress adjourned, possibly for the rest of the year.
That morning, there was talk that Chaffetz’s DNSSEC objection, encapsulated by his “bring in the nerds” riff, had struck a chord in the committee. He went to Smith, asking for a hearing on the technical and security implications of the bill before voting the bill out of committee, and wasn’t shot down. A concession like this would have been unprecedented. Capitol Hill watchers couldn’t recall a time when a bill entered the markup phase, only to go back for further fact-finding hearings. It was an embarrassing concession by the proponents that they hadn’t done their homework, and a sign of the full retreat to come.
Things didn’t have a chance to play out like that. At 1:30 p.m., eleven hours and twenty-eight minutes into the proceedings, Smith took the microphone and announced that the committee would stand in recess, following word of a full House recess. This was to be the last time Congress formally considered SOPA or PIPA.
This was the moment I became convinced that we had won. The bills that get passed through Congress fit into one of two categories: highly partisan bills designed to score political points at the expense of the other party, or uncontroversial bills supported by those in both parties that legislators can use back home to tout their problem-solving bona-fides. The MPAA and RIAA had hoped to slip SOPA through under the latter, and their messaging around the bill had the whiff of “Nothing to see here, move along.” For decades, the entertainment lobby had used the glitz and glamour of Hollywood to seduce members on both sides of the aisle, even conservatives worried about sex and violence in movies and music. And they threw better parties (I had attended a few).
SOPA and PIPA were always controversial on the Internet, and the markup is when they became controversial in Congress and with the American people. Hollywood had strong relationships with members of Congress on the relevant committees, but these only went so far: members who hadn’t thought much about technology or IP issues would now be weighing in, and Hollywood hadn’t showered them with campaign contributions. These members would have no reason to do anything but default to the voice of the people back home.
The political case for passing SOPA had been utterly decimated by the way its proponents handled the process in the Judiciary Committee, starting with a propagandistic one-sided November hearing that singled out Google as the bill’s sole opponent, and ignored the other “nerds” beating down Smith’s door to testify. Dismissal of the technical concerns—and of any real debate whatsoever—was cited by many in the technology industry as the catalyst for first getting involved and spurring their users to action.
Now, the bill was controversial, without a clear political rationale for passage. Indeed, the politics now swung strongly the other way: Americans had shown they cared about keeping the government’s hands off the Internet more than they did about “foreign theft.” After decades of ever-expanding copyright, it was assumed that aggressive intellectual property enforcement was a political winner on Capitol Hill. Now, with a rising Internet economy driven by remix culture and user-generated content, Congress could no longer be sure.
The first tweets after the adjournment could have come from a liberated World War II capital. SOPA was dead until 2012! An election year! When nothing would get done. Congressional obstruction would save the day for once. And the bill would die.
Minutes after adjourning, Issa tweeted:
I’m proud to have made my #stopSOPA stand w/ @RepZoeLofgren @JaredPolis @Jasoninthehouse in Judiciary these last two days. #sopa #OPEN
—@DarrellIssa, December 16, 2011, 2:04pm
Sensing that they gave up a bit too soon, Smith’s forces put out word that the markup would resume the next week once the House was back in session to deal with the payroll tax. But this wasn’t a sure thing: the Senate could—and eventually did—pass changes to the payroll tax bill that wouldn’t require the House to go back into session, thus definitively tabling any discussion of SOPA until 2012.
Reflecting on the markup, it’s instructive to take a step back and consider how insiders and outsiders experienced these events differently. Prior to the markup, the insiders who fought the fight were extremely pessimistic—at least at the Judiciary Committee level—and the Manager’s Amendment was seen as a huge setback, bringing SOPA in line with the milder PIPA. Lobbyists involved in the fight repeatedly voiced concern that SOPA gave Patrick Leahy and the Senate proponents an opportunity to frame PIPA as the reasonable, uncontroversial alternative.
Smith’s Manager’s Amendment moving SOPA in the direction of PIPA was an implicit embrace of this dynamic, and yet it turned out not to matter. The Internet was just as vehement in its campaign against SOPA (and later PIPA) as before. This holds important lessons for future legislative fights.
Smith’s changes might have seemed a game-changer for inside players on the Hill, but they were virtually ignored by the online community. Once SOPA had been branded as the bill that killed the Internet, nothing bearing its name could pass. Nor were the substantive changes enough to placate the technology community. SOPA and PIPA were still bad bills, and as detailed elsewhere in these pages, the “follow the money” approach in the OPEN Act was the only palatable solution to the “rogue website” issue for technology companies.
Smith was in effect asking the tech community to negotiate with itself, positing a series of bogus remedies, any of which would have fundamentally damaged the Internet ecosystem. Fortunately, tech companies didn’t take the bait, and only pressed harder for SOPA’s total defeat. Later on, when we worried if the Internet was too riled up on SOPA, and not PIPA, the community would pivot around the action in the Senate, scheduling the Internet blackout to coincide with planned floor action in the upper chamber.
When it comes to online reaction to controversial bills affecting the Internet, amendments don’t matter. Once a bill has been branded a certain way, changing that perception is very difficult. A better way would be to put out legislation in draft form, and allow the online community to shape the bill prior to its introduction. This is the crux of Darrell Issa’s Madison Project, where the public was invited to co-author the alternative to SOPA.
In hindsight, we can say that the markup marked the moment the tide turned. All along, the bills depended on a sense that they were sleepy and uncontroversial. The assumption that they could stay as such had always been a colossal error in judgment by the proponents, but the markup brought home this reality in stark terms. Once we got word that the markup had been postponed, we were very optimistic that we had dealt a serious blow, but we coul
dn’t yet fathom how big this issue would become in the course of the next month.
BRING IN THE NERDS: THE IMPORTANCE OF TECHNICAL EXPERTS IN DEFEATING SOPA AND PIPA
ANDREW MCDIARMID AND DAVID SOHN
Andrew McDiarmid and David Sohn both work for the Center for Democracy and Technology, where McDiarmid is a senior policy analyst and Sohn is general counsel. The Center for Democracy and Technology is a nonprofit public policy organization and the leading Internet freedom organization working at the critical edge of policy innovation. When the Internet was in its infancy, CDT helped shape the first legislative choices and court decisions that allowed this technology of freedom to flourish. Today, it is committed to finding innovative, practical and balanced solutions to the tough policy challenges facing this rapidly evolving medium.
Early in the formative stages of SOPA/PIPA CDT’s David Sohn was invited to testify before Congress about anti-piracy proposals. The photo above is from a March 14, 2011 hearing titled “Promoting Investment and Protecting Commerce Online: Legitimate Sites v. Parasites.”
The scene is familiar to many among the millions who mobilized to defeat SOPA: some Members of Congress proudly declaring technical ignorance and defiantly dismissing free speech and cybersecurity concerns over DNS-blocking, while a vocal few underscored these problems and insisted that Congress “bring in the nerds” to learn more.
This dynamic at SOPA’s December 2011 markup meeting of the House Judiciary Committee became a rallying point for opponents of the legislation. We saw articles declaring it “no longer ok” for Congress not to know how the Internet works, and proponents’ steadfast refusal to entertain the technical objections to the bill fueled the sentiment that experts, Internet communities, and the public at large had been shut out of the behind-the-scenes work that went into both SOPA and PIPA.
Now, it isn’t exactly realistic to expect politicians to write code or understand all the technical workings of networks and the DNS. Nobody is seriously suggesting that they should. These intricacies are worlds away from the many pressing issues on policymakers’ minds, and we hire them to be effective representatives of their constituents, not network engineers.
Nonetheless, when the issue on the table is undeniably technical—and fiddling with Internet addressing is nothing if not technical—it’s not unreasonable to expect at least engagement with the details. Lucky for us, despite skewed hearings and the unwillingness of PIPA and SOPA’s sponsors to budge on the technical concerns (at least until it was too late), a small group of opponents used the SOPA markup as a platform to ask the right questions and bring attention to issues too long ignored in the lead-up to what could have otherwise been easy passage out of committee.
But where did those arguments come from? The efforts of Reps. Lofgren, Issa, Polis, Chaffetz, and others were invaluable in stalling SOPA and fueling the fire over the next five weeks until the January 18th protests—but what fueled their fire? In this chapter we want to make a case for the important groundwork done before SOPA grabbed the Internet’s attention, in particular the contributions of impartial technical experts who weighed in not on the side of copyright or the “copyleft,” but on behalf of the integrity and security of the world’s most important communications network. It is not at all certain that things would have played out as they did without these experts’ written contributions and on-the-ground efforts to educate Congress about the risks they identified.
Self-identified geeks and introverts got vocal in opposition to SOPA/PIPA. Hundreds of people employed in Internet-related jobs felt threatened by the legislation and joined up with protests. The images above are from the NY Tech Meetup on Jan. 18, 2012.
When COICA (PIPA’s predecessor, the “Combating Online Infringements and Counterfeits Act”) was introduced in September 2010, a small handful of familiar voices in Internet-meets-copyright policy circles weighed in with a laundry list of arguments against the bill. Our organization, CDT, published one of the first analyses of the bill, focusing in large part on the overblocking and cybersecurity concerns that DNS-filtering presents. The same day, the Electronic Frontier Foundation organized a letter from over ninty prominent Internet engineers who decried the bill as censorship and expressed their fear that it would fragment and destabilize the Domain Name System (DNS).
We were joined over the next weeks and months by other D.C.-based advocates like Public Knowledge and the library associations, Internet trade associations, and the human rights community. But despite our growing coalition, we faced long odds to overcome the well-connected momentum behind the bill. The bill’s supporters worked to brand us as apologists for infringers and insisted that the legislation was a simple matter of deciding to take a stand against rampant theft. Despite our community’s expertise and deep understanding of both the policies and technologies that have made the Internet such a remarkable vehicle for innovation and free expression, our warnings about the folly of mandated interference with the DNS went largely unheeded.
As fall turned into winter, the 111th Congress into the 112th, and COICA eventually into PIPA, new voices began to weigh in. Dan Kaminsky, the DNS security folk hero who would go on to play a major part in educating Congress about the risks of mandated blocking, reiterated concerns about stability and governance and raised new issues in a short letter on COICA. He also participated in a panel debate on the subject at the January 2011 State of the Net conference in Washington. His fear was that mandating filtering in an attempt to block what is, for better or for worse, hugely popular content would drive users to use untrusted and risky DNS servers. He argued that such a migration would undermine the benefits of securing U.S. nameservers against malicious sites, exposing users and networks to botnets and phishing attacks. Kaminsky also worried that the migration would weaken ISPs’ “eyes and ears” into their networks; DNS traffic can provide a rich dataset on network usage to help diagnose and mitigate attacks as they occur.
In March 2011, as his name was invoked by COICA’s supporters and opponents alike, Paul Vixie entered the debate with a pair of blog posts describing the relationship between mandated blocking and DNSSEC (secure DNS) and the long-term risks of mandated blocking to the DNS’s primary value, universal naming. For Vixie, founder of Internet Systems Consortium and one of the world’s leading experts on DNS, a key issue was “alignment of interests” and the fragility of Internet infrastructure. He feared that the interference envisioned by COICA would for the first time put nameservers in the role of frustrating rather than fulfilling user requests, create widespread motivation for users to circumvent current DNS arrangements, and ultimately fracture the Internet into a network without a single naming system for reaching everything.
Kaminsky and Vixie, respected in computer security circles but relative newcomers to Internet copyright debates, lent new credibility to the argument of CDT and others that the legislation carried serious risks for cybersecurity. They also started a serious conversation in engineering circles about the technical implications of the bills, including the extent to which the legislation would conflict with or undermine DNSSEC. The growing attention and involvement of the technical community would prove invaluable in PIPA and SOPA’s demise.
During the spring of 2011, CDT worked to bring the analysis of the DNS experts into the legislative debate. In March, CDT’s David Sohn flagged the technical and cybersecurity issues in hearing testimony to the key panel of House lawmakers, the House Judiciary Committee’s subcommittee on intellectual property. Meanwhile, CDT helped organize an effort to have top DNS experts document the technical concerns in detailed yet accessible fashion. In the late 1990s, a technologists’ report coordinated by CDT had helped swing the hard-fought debate over encryption policy; CDT urged that an authoritative explanation of the technical implications could be similarly pivotal now.
Kaminsky, Vixie, and three other heavyweights in DNS and Internet-security circles answered the call and co-authored a whitepaper, “Security and Other Technical Concerns Ra
ised by the DNS Filtering Requirements in the PROTECT IP Bill”. They released the paper in May 2011, shortly after PIPA was approved unanimously by the Senate Judiciary Committee, and it quickly had a powerful impact on the debate.
The whitepaper offered more detailed examinations of several key arguments against DNS filtering: the tension with DNSEEC deployment, the problems for security and network intelligence that flow from user-circumvention, and the potential for collateral damage due to interdependencies in the DNS. For those of us working against the bills in Washington, the paper was an invaluable asset. We joined Ernesto Falcon of Public Knowledge and other colleagues at many of his meetings on the bills, and once it was published this paper was the first thing we would hand to staff as we urged them to reject the bills’ approach. Of course, the technical problems were far from our only concerns, but having experts with unassailable credentials—and without strong interests one way or the other on copyright enforcement questions—made the technical arguments harder to ignore.
On several occasions, some of the authors even joined us in meetings with congressional staff to explain their concerns.
The whitepaper garnered significant media attention as well. Beyond being picked up by the tech-press outlets already covering the issue, it was cited prominently in a Los Angeles Times editorial opposing PIPA and urging a “more measured approach”. The New York Times also relied on the experts’ analysis in declaring that the bill “shouldn’t pass” as it then stood. The closing line of the NYT editorial nicely summed up opponents’ reasonable position: “If protecting intellectual property is important, so is protecting the Internet from overzealous enforcement.”
Pro-PIPA critics tried to dismiss the arguments made in the whitepaper, but more often than not their rebuttals took the form of “but something needs to be done” or “surely the technical standards community can come up with a way to fix these problems” instead of actually refuting the problems themselves. Within most of the technical community, the paper met with general consensus. In the fall, groups such as the Internet Society, the Anti-Phishing Working Group, and the Brookings Institute released papers or letters reiterating the technical concerns posed by the legislation. Most prominently, the director of computer sciences and information systems at Sandia National Labs, Dr. Leonard Napolitano, assessed the technical claims in November at the request of Rep. Zoe Lofgren. His office’s response cited the whitepaper and was unequivocal: “we agree with the conclusions of that report.” In addition, Stewart Baker, former NSA General Counsel and former Head of Cyber Policy for DHS, penned two widely read op-eds in which he focused on the harm mandated blocking would cause for DNSSEC deployment.