Could SOPA kill Internet Banking?

The PROTECT IP Act (Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011), is a proposed law with the stated goal of giving the US government and copyright holders additional tools to curb access to "rogue websites dedicated to infringing or counterfeit goods", especially those registered outside the U.S. Both of these "Acts" would have massive impact globally, and could create absolute chaos. The PROTECT IP Act is a re-write of the Combating Online Infringement and Counterfeits Act which failed to pass in 2010.

SOPA builds on PIPA. Known as the Stop Online Piracy Act or SOPA, is a bill that was introduced in the United States House of Representatives on October 26, 2011, by House Judiciary Committee Chair Representative Lamar S. Smith and a bipartisan group of 12 co-sponsors. The bill, if made law, would expand the ability of U.S. law enforcement and copyright holders to fight online trafficking in copyrighted intellectual property and counterfeit goods.

As proposed, SOPA would allow the U.S. Government the power to block any website from both a DNS Lookup, and eliminate it from search engine results - without needing any court order. Due to the vague nature of the bill being passed through, this could create significant chaos. So what about for banks? Would SOPA/PIPA impact banks at all? Is it in the interest of banks to support or push back against these bills?

Enforcement process

The key problem with SOPA is around enforcement actions available to copyright holders and the US Department of Justice (DoJ). The enforcement actions are unilateral, brutal and extreme. Violators face immediate action against their site and/or business, and up to 5 years in jail for infringement. The fact that you might be in another country and not subject to US law, doesn't really factor in this process.

If a violation is lodged by a copyright holder, or as SOPA defines it “the owner or operator of such Internet site is facilitating the commission of [copyright infringement]”, the site in question can be blocked at the DNS (Domain Name Server) level and removed from all websites. Payment providers (section (b)(1)) and ad networks ((b)(2)) are required, upon receiving a claim against a site by a copyright holder (section (4)(A)(i)), to cut off all services to the accused site within five days, unless they receive a counter-notification from the operator of the accused site. Note that there is no requirement that the accused be actually notified of the accusation, and thus, they would have no opportunity to provide a counter-notice. Probably the first you'd know about it is when your email stops working, or customers start calling letting you know your site is down.

The only way to provide a counter-notice to a claim or breach is to agree to submit to U.S. jurisdiction (section (5)(A)(ii)) if you are a foreigner, and to state under penalty of perjury that your product does not fit the definition of an “Internet site…dedicated to theft of U.S. property."

The definition of SOPA around offensive 'copyright violation' behavior is as follows:

An `Internet site is dedicated to theft of U.S. property’ if [a portion of the site is US-directed] and is used by users within the United States and is primarily designed or operated for the purpose of offering services in a manner that enables or facilitates [copyright violation or circumvention of copyright protection measures].

This means that YouTube, Facebook, Wikipedia, Gmail, Dropbox and millions of other sites would be “Internet sites…dedicated to theft of U.S. property,” under SOPA’s definition. As far as being 'US-directed', any contact form that enables a US consumer to enter their details, would be in violation from this perspective.

There's an excellent review of much of these specifics around the law and how it ties in with enforcement action on Mashable.

Scenarios to think about?

So what does this mean? To illustrate simply, lets say you post a video of your baby dancing to Beyonce's new song, filming your kids song and dance routine of their favorite bands song, you post a review of a restaurant or show a photo of a new gadget you've purchased. The site you hosted it on would be banned from search engines, advertising companies would not be able to do business with that company and internet providers will be forced to block their customers from accessing those sites and you the uploader would be fined and sentenced to jail for 5 years on a 1st offense.

What about in respect to banks, banking content and possible SOPA violations?

Here's a few banking specific scenarios that I identified from SOPA that could be problematic for banks:

• A bank promotes an iPad or iPhone giveaway as part of an offer - unless you had Apple's permission, you'd be in violation
• The use of an image of a car or car brand in a motor vehicle insurance advertisement
• Credit Card Loyalty programs that promote rewards using products would be in direct violation of SOPA
• A contact form that allows a US citizen to apply for a pre-paid Visa Debit Card on a foreign website before they travel overseas on a trip.

Let me illustrate how ridiculous this is.

HSBC in Hong Kong offers a program of rewards for cardholders they call "RewardCash". Their RewardCash e-Shop shows products like a Mophie Juice Pack, a Panasonic Rechargeable Shaver, Targus USB powered Travel Speakers, Victorinox 22" Carry-on luggage, etc. Let's say that one of those companies was trawling the web and found 'image' violations of their product, it could be interpreted that HSBC was using credit card 'rewards', miles or points as an alternative currency to sell those products and circumvent US distribution chains, and a complaint could be lodged with the Department of Justice. A similar complaint could be lodged if a brand owner feared fake products were being given away from this site. They wouldn't need proof, just the 'threat' of potential impact to a US IP owner.

5 days later, HSBC.com (and other domains) would be removed from the DNS databases in the US and around the world, becoming totally inaccesible. While HSBC would have the right of recourse, the damage would be massive and very, very expensive. Internet banking would be down. The main website would be down. Staff email would be down.

Now, could this scenario really happen? It's unlikely, but the point is that SOPA would allow such an action to be taken.

Imagine how much fun legal and compliance would have with this legislation?

A disaster

All in all, SOPA simply is a disaster for the future of business, free commerce and innovation. The Whitehouse Administration cautioned in a blog post last week that it would not support any bill that did not “guard against the risk of online censorship of lawful activity and must not inhibit innovation by our dynamic businesses large and small.” While this is not a direct condemnation of the proposed act, it seems probably that President Obama would veto this bill if it was passed into law - and he'd be right to do so.

The MPAA and RIAA lobby groups that have driven this law to Capitol Hill, should not be in a position where foreign banks could be brought to their knees by nonsensical legislation. This is very one-sided legislation.