(It is simply unfair that this week we’ve had some truly amazing things happening on the cyberlaw front, while I have to study up for finals. So this will have much shorter than it warrants.)
Sometime over the past few days the Department of Justice seized 82 websites under civil forfeiture statutes, citing violations of trademark and copyright law. If you go to, say, “boxedtvseries.com,” you will not see boxedtvseries.com (here’s an Archive.org capture from 2005). Instead, you see this:
The seizure, entitled “Operation in Our Sites II” (part I was a small-scale seizure over the summer), relied on power granted under civil forfeiture statutes: sections 981 and 2323 of Title 18 are cited, but really it’s all about 2323, with 981 providing the procedure. Assuming they followed the letter of the law here, this means that someone in the Attorney General’s office filed what is tantamount to a criminal warrant, and then obtained custody and title of the goods in the name of the Attorney General and the United States. This is shocking and surprising for a number of reasons. This is exactly the concern raised by groups opposing the Combating Online Infringements and Counterfeits Act – that the government would be able to “blacklist” websites “dedicated to infringing activity,” and then take them off the Internet. We also are asserting domain over the Internet itself, something which no other country has tried to do. Big questions come up here, namely Can the United States do this as a matter of fact? Can they do this as a matter of authority?
To examine the U.S. authority in doing this would be far too much to take on right now with finals, so I’m going to focus more on the facts. To do this requires a quick crash course on Internet architecture. Here goes:
The Internet is driven by numbers, IP addresses specifically. If you type “126.96.36.199″ in your browser you will see the website for the blog Boing Boing. This is Boing Boing’s web address. Of course, we wouldn’t want to have an Internet where we needed to memorize IP addresses like phone numbers, so we developed a naming system to organize and label these addresses. This is the Domain Name System, or DNS. This system consists of a series of 13 “root servers,” located throughout the globe, which tell all computers where to go to look up the addresses of sites ending in “.com,” “.net,” “.edu,” and so forth. These root servers are redundant copies of each other, designed so that if one goes down the others can still direct traffic. Each of these top level domains (“.net” in our example) contains another server (and backups thereof) which stores a list of every website that ends in that extension and its corresponding IP address. This is of course a gross simplification, but when we type in “boingboing.net,” our computer looks to the root server to find the “.net” server, then goes to the “.net” server and asks where to go for “boingboing.” That server responds “188.8.131.52,” and the connection is made.
So what does it mean to “seize” a website? I am hunting down the civil forfeiture warrants used in Operation in Our Sites II, but it seems to that once they convinced a judge that there was probable cause to issue this forfeiture order, the government went to the DNS servers involved in translating (“resolving” in the lingo of the industry) the websites at issue, and had them change their destination to the Justice Deparment’s website, http://www.seizedservers.com/ (a website created 6 days ago, likely for this operation). Now if you enter in “boxedtvseries.com,” instead of resolving to whatever numerical address it had before, it resolves to “184.108.40.206.” Of course, if you happen to know what the old number is for “boxedtvseries.com” you can still type in that number and get the old website. The Internet is deliberately decentralized in that way. Short of actually taking the computers that host “boxedtvseries.com” – computers that could be anywhere in the globe – the best the Justice Department can do is make it so that the DNS servers no longer point there when someone types in words instead of numbers.
And this has lead to one interesting hypothesis from ComputerWorld – what happens if people no longer trust the institutionalized DNS servers? There’s nothing in the architecture of the Internet to stop anyone from creating a new DNS server that resolves names differently than the DNS system does now, telling people where, for example, the real “boxedtvsets.com” is located. If they were to do this outside the jurisdiction of the United States, I don’t see how civil forfeiture (or the proposed COICA bill) could stop it. And this would create all sorts of chaos for the Internet as a whole – imagine a world where typing in the same URL on two different computers would lead to pulling up two different websites. I hope the Justice Department realizes what kind of special fire it is playing with right now by forcing DNS servers to resolve to places where sections of the public do not want them to resolve. John Perry Barlow may have been more right than we realize: we may have a domain name mutiny if we are too reckless in enforcing the law this way.
One last thought. The other big cyberlaw case of the day is, of course, Wikileaks and its dumps of classified government information. One of the great ironies of our legal system is this: to stop the Wikileaks website would take a criminal prosecution establishing a violation of a state interest of the highest order, an order so strong the Supreme Court has never found it in any leak of classified information distributed by the press. (I think that’s a good thing, by the way.) But if Julian Assange was trading in fake handbags instead of state secrets, his website could be down already though civil forfeiture. Does that seem right to you?
Update 12/3 – apparently the copyright / First Amendment dichotomy I mentioned above was noticed by none other than Sarah Palin.