The seemingly endless battle against copyright infringement has caused plenty of collateral damage. But now that damages is reaching new levels, as copyright holders target providers of basic internet services. For example, Sony Music has persuaded a German court to order a Swiss domain name service (DNS) provider, Quad9, to block a site that simply indexes other sites suspected of copyright infringement. Quad9 has no special relationships with any of the alleged infringers. It simply resolves domain names, conveying the public information of which web addresses direct to which server, on the public internet, like many other service providers. In other words, Quad9 isn’t even analogous an electric company that provides service to a house where illegal things might happen. Instead, it’s like a GPS service that simply helps you find a house where you can learn about other houses where illegal things might happen.
This order is profoundly dangerous for several reasons. In the U.S. context, where injunctions like these are usually tied to specious claims of conspiracy, we have long argued that intermediaries which bear no meaningful relationship to the alleged infringement, and cannot therefore be held liable for it, should not be subject to orders like these in the first place. Courts do not have unlimited power; rather, judges should confine their orders to persons that are plausibly accused of infringement or acting in concert with infringers.
Second, orders like these create a moderator’s dilemma. Quad9 faces this order in large part because it provides a valuable service: blocking sites that pose technical threats. Sony argues that if Quad9 can block sites for technical threats, it can block them for copyright “threats” as well. As Quad9 rightly observes:
The assertion of this injunction is, in essence, that if there is any technical possibility of denying access to content by a specific party or mechanism, then it is required by law that blocking take place on demand, regardless of the cost or likelihood of success. If this precedent holds, it will appear again in similar injunctions against other distant and uninvolved third parties, such as anti-virus software, web browsers, operating systems, IT network administrators, DNS service operators, and firewalls, to list only a few obvious targets.
If you build it, they will come, and their demands will discourage intermediaries from offering services like these at all – to the detriment of internet users.
Third, orders like these are hopelessly overinclusive. Blocking entire sites inevitably means blocking content that is perfectly lawful. Moreover, courts may not carefully scrutinize the claims – keep in mind that U.S authorities persuaded a court to allow them to seize a popular music website for over a year, based solely on the say-so of a music industry association. To try avoid that kind of disruption, some intermediaries might also feel compelled to block preemptively. If so, the entire history of copyright lobbying shows that this tactic will not work. Copyright maximalists are never satisfied. The only way to avoid the pressure is to insist that copyright enforcement, and other forms of content moderation, happen at the right level of the internet stack.
Fourth, as the above suggests, blocking at the infrastructure level imports all of the flaws we see with content moderation at the platform level – and makes them even worse. The complete infrastructure of the internet, or the “full stack,” is made up of a range of intermediaries that range from consumer-facing platforms like Facebook or Pinterest, to ISPs like Comcast or AT&T. Somewhere in the middle are a wide array of intermediaries, such as infrastructure providers like Amazon Web Services (AWS), domain name registrars, certificate authorities (such as Let’s Encrypt), content delivery networks (CDNs), payment processors, and email services.
For most of us, this stack is nearly invisible. We send email, tweet, post, upload photos and read blog posts without thinking about all the services that have to function correctly to get the content from creators to users all over the world. We may think about our ISP when it gets slow or breaks, but most of us don’t think about AWS at all. We are more aware of the content moderation decisions—and mistakes—made by the consumer-facing platforms.
We have detailed many times the chilling effects on speech and the other problems caused by opaque, bad, or inconsistent content moderation decisions from companies like Facebook. But when ISPs or intermediaries are forced to wade into the game and start blocking certain users and sites, it’s far worse. For one thing, many of these services have few, if any, competitors. For example, many people in the United States and overseas only have one choice for an ISP. If the only broadband provider in your area cuts you off because they (or your government) don’t like what you said online—or what some other user of the account said—you may lose access to a wide array of crucial services and information, like jobs, education, and health. And again, at the infrastructure level, providers usually cannot target their response narrowly. Twitter can shut down individual accounts; AWS can only deny service to the entire site, shutting down all speech including that which is entirely unobjectionable. And that is exactly why ISPs and intermediaries need to stay away from this fight if they can – and courts shouldn’t force them to do otherwise. The risks from getting it wrong at the infrastructure level are far too great.
European policymakers have recognized these risks. As the EU Commission recently stated it in its impact assessment to the Digital Services Act, actions taken in these cases can effectively disable access to entire services. Nevertheless, injunctions against infrastructure providers requiring them to block access to copyright-infringing websites are on the rise, whilst freedom of expression and information rights often take the back seat.
Finally, as we have already seen, these kinds of orders don’t stop with copyright enforcement – instead, copyright policing frequently serve as a model that is leveraged to shut down all kinds of content.
While EFF does not practice law in German courts, we urge allies in the EU to support Quad9 and push back against this dangerous order. Copyright enforcement is no excuse for suppressing basic, legitimate, and beneficial, internet operations.