Category: Cyber Civil Rights


Revenge Porn Site Operators and Federal Criminal Liability

My recent post offered a potential amendment to Section 230 of the CDA that would exempt from the safe harbor operators whose sites are primarily designed to host illegal activity. Even without such legal change, cyber cesspool operators could face criminal liability if prosecutors took matters seriously.  Section 230 does not provide a safe harbor to federal criminal charges.  Consider revenge porn operator Hunter Moore’s statement to the press (Forbes’s Kashmir Hill and Betabeat’s Jessica Roy) that, on his new site, he will overlay maps of individuals’ homes next to their naked pictures and social media accounts (if he does not like them).  If Moore is serious, he might open himself up to criminal charges of aiding and abetting cyber stalking.  Congress, in its 2006 reauthorization of the Violence Against Women Act (VAWA), banned the use of any “interactive computer service” to engage in a “course of conduct” that places a person in another state in reasonable fear of serious bodily injury or death or that is intended to cause, and causes, a victim to suffer substantial emotional distress.  18 U.S.C.A. 2261A(2) (2012).  As the Executive Director of the National Center for Victims of Crime explained in congressional testimony:

[S]talkers are using very sophisticated technology . . . —installing spyware on your computer so they can track all of your interactions on the Internet, your purchases, your e-mails and so forth, and using that against you, forwarding e-mails to people at your job, broadcasting your whereabouts, your purchases, your reading habits and so on, or installing GPS in your car so that you will show up at the grocery store, at your local church, wherever and there is the stalker and you can’t imagine how the stalker knew that you were going to be there. . . . this legislation amends the statute so that prosecutors have more effective tools, I think, to address technology through VAWA.

Congress ought to consider passing laws that criminalize the operation of sites designed to facilitate the posting of nude photographs without subjects’ consent, along the lines of state invasion of privacy laws.  States like New Jersey prohibit the posting of someone’s nude or partially nude images without his or her consent if the images were recorded in a place where a reasonable person would enjoy an expectation of privacy.  The Senate Judiciary Committee recently approved a bill that makes it a crime to make an online app whose primary use is to facilitate cyber stalking.  The next important step is to criminalize sites doing the same.

Of course, laws will have limited coercive and expressive impact if they are never enforced.  As the group End Revenge Porn rightly notes, “State police argue that the crime is occurring on the internet, which therefore crosses state lines and is out of their jurisdiction.  The FBI claim that these cases are civil and/or do not threaten national security and should therefore should be handled solely by lawyers.”  Changing those social attitudes and legal solutions are key.  Advocacy groups like Without My Consent , lawyers, law professors like Mary Anne Franks, see hereAnn Bartow, see here, and Derek Bambauer, see here, activists like Jill Filipovic and Charlotte Laws, and most recently victims behind Women Against Revenge Porn and End Revenge Porn are working hard on this score.  One might say that their work is part of an emerging cyber civil rights movement.  (Check out Professor Franks’s important commentary about revenge porn on HuffPo Live).  Lucky for us at CoOp, Professor Franks will be joining us next month as a guest blogger.  I will be working hard to finish my book Hate 3.0: The Rise of Discriminatory Online Harassment and How to Stop It (forthcoming Harvard University Press) and working with Professor Franks on non-consensual pornography, so more to come.


The Importance of Section 230 Immunity for Most

Why leave the safe harbor provision intact for site operators, search engines, and other online service providers do not attempt to block offensive, indecent, or illegal activity but by no means encourage or are principally used to host illicit material as cyber cesspools do?  If we retain that immunity, some harassment and stalking — including revenge porn — will remain online because site operators hosting it cannot be legally required to take them down.  Why countenance that possibility?

Because of the risk of collateral censorship—blocking or filtering speech to avoid potential liability even if the speech is legally protected.  In what is often called the heckler’s veto, people may abuse their ability to complain, using the threat of liability to ensure that site operators block or remove posts for no good reason.  They might complain because they disagree with the political views expressed or dislike the posters’ disparaging tone.  Providers would be especially inclined to remove content in the face of frivolous complaints in instances where they have little interest in keeping up the complained about content.  Take, as an illustration, the popular newsgathering sites Digg.  If faced with legal liability, it might automatically take down posts even though they involve protected speech.  The news gathering site lacks a vested interest in keeping up any particular post given its overall goal of crowd sourcing vast quantities of news that people like.  Given the scale of their operation, they may lack the resources to hire enough people to cull through complaints to weed out frivolous ones.

Sites like Digg differ from revenge porn sites and other cyber cesspools whose operators have an incentive to refrain from removing complained-about content such as revenge porn and the like.  Cyber cesspools obtain economic benefits by hosting harassing material that may make it worth the risk to continue to do so.  Collateral censorship is far less likely—because it is in their economic interest to keep up destructive material.  As Slate reporter and cyber bullying expert Emily Bazelon has remarked, concerns about the heckler’s veto get more deference than it should in the context of revenge porn sites and other cyber cesspools.  (Read Bazelon’s important new book Sticks and Stones: Defeating the Culture of Bullying and Rediscovering the Power of Character and Empathy).  It does not justify immunizing cyber cesspool operators from liability.

Let’s be clear about what this would mean.  Dispensing with cyber cesspools’ immunity would not mean that they would be strictly liable for user-generated content.  A legal theory would need to sanction remedies against them.  Read More


Revenge Porn and the Uphill Battle to Pierce Section 230 Immunity (Part II)

Plaintiffs’ lawyers have some reason to think that they can convince courts to change their broad-sweeping view of Section 230.  In the rare case, courts have pierced the safe harbor, though not because the site operators failed to engage in good faith attempts to protect against offensive or indecent material.  In 2011, a federal district court permitted a woman to sue the site operator of the for defamation on the grounds that Section 230 is forfeited if the site owner “invites the posting of illegal materials or makes actionable postings itself.”  Sarah Jones v. Dirty World Entertainment Recordings LLC, 766 F. Supp.2d 828, 836 (E.D. Kentucky 2011).

That trial judge relied on a Ninth Circuit decision, Fair Housing Council v., which involved a classified ad service that helps people find suitable roommates.  To sign up for the site’s service, subscribers had to fill out an online questionnaire that asked questions about their gender, race, and sexual orientation.  One question asked subscribers to choose a roommate preference, such as “Straight or gay males,” only “Gay” males, or “No males.”  Fair housing advocates sued the site, arguing that its questionnaires violated federal and state discrimination laws.  The Ninth Circuit found that Section 230 failed to immunize the defendant site from liability because it created the questions and choice of answers and thus became the “information content provider.”  The court ruled that since the site required users to answer its questions from a list of possible responses of its choosing, the site was “the developer, at least in part, of that information.”  Each user’s profile page was partially the defendant’s responsibility because every profile is a “collaborative effort between [the site] and the subscriber.”

As the Ninth Circuit held (and as a few courts have followed), Section 230 does not grant immunity for helping third parties develop unlawful conduct. The court differentiated the defendant’s site from search engines whose processes might be seen as contributing to the development of content, its search results.  According to the court, ordinary search engines “do not use unlawful criteria to limit the scope of searches conducted on them” and thus do not play a part in the development of unlawful searches.  The court endorsed the view that sites designed to facilitate illegal activity fell outside Section 230’s safe harbor provision.

Here is the rub.  To reach its conclusion, the Ninth Circuit essentially had to rewrite the statute, which defines information content providers as those responsible for the “creation and development of information provided through the Internet,” not the creation and development of illegal information. Read More


Revenge Porn and the Uphill Battle to Sue Site Operators

Last week, a group of women filed a lawsuit against the revenge porn site as well as the hosting company Go Daddy!  Defendant invites users to post nude photographs of individuals who never consented to their posting.  Revenge porn sites — whether Private Voyeur, Is Anyone Down?, (and the former IsAnyoneUp?), or — mostly host women’s naked pictures next to their contact information and links to their social media profiles. Much like other forms of cyber stalking, revenge porn ruins individuals’ reputations as the pictures saturate Google searches of their names, incites third parties to email and stalk individuals, causes terrible embarrassment and shame, and risks physical stalking and harm.  In the recently filed suit, victims of revenge porn have brought invasion of privacy and civil conspiracy claims against the site operator and the web hosting company, not the posters themselves who may be difficult to find. More difficult though will be getting the case past a Rule 12(b)(6) motion to dismiss.

In this post, I’m going to explain why this lawsuit is facing an uphill battle under Section 230 of the Communications Decency Act and why extending Section 230’s safe harbor to sites designed to encourage illicit activity seems out of whack with the broader purpose of CDA.  In my next post, I will talk about cases that seemingly open the door for plaintiffs to bring their suit and why those cases provide a poor foundation for their arguments.

Does Section 230 give revenge porn operators free reign to ruin people’s lives (as revenge porn site operator Hunter Moore proudly describes what he does)?  Sad to say, they do.  Read More


Cyberstalking, Still Ignored (Really)

Since Friday, the news has been abuzz about the resignation of General Patraeus and the FBI investigation of alleged cyber stalking that led to the exposure of his affair and potential security risk — blackmail — that such an affair raises.  According to today’s New York Times and other media coverage, the FBI agent who spearheaded the cyber stalking investigation was not really seeking to enforce the federal Interstate Stalking law.  Instead, the agent thought, “This is serious” because the e-mail sender “seem[ed] to know the comings and goings of a couple of generals.’”  The FBI agent supposedly worried that might suggest the Generals were being stalked in ways that could compromise national security.  The Times explains that the agent “doggedly pursued Ms. Kelley’s cyberstalking complaint,” despite being admonished by supervisors who thought he was trying to improperly insert himself into the investigation.  What’s clear: the agent pursued a criminal investigation of Ms. Broadwell for allegedly stalking Ms. Kelley (though it’s clear that is not the stalking that worried the FBI), which served as the basis for the warrant obtained by the FBI to retrieve Broadwell’s e-mails and ultimately obtain the e-mails of General Patraeus.  This investigation used cyber stalking of Ms. Kelley as a pretext to obtain Ms. Broadwell’s e-mails and hence to better understand what the agent thought was the sexual nature of the relationship between Ms. Broadwell and the General.

On first hearing about the investigation, I never kidded myself that the FBI was taking cyber stalking seriously.  That is not to say that they never do, but the typical response to cyber stalking complaints is to advise victims to turn off their computers, to return to the precinct when their stalkers confront them offline, to pursue their harassers with civil suits, and/or to ignore their attackers who will eventually get bored.  Or as cyber stalking victims have told me, law enforcement agents, both federal and state, incorrectly tell them that criminal law provides little help to cyber stalking victims.  (Federal and state law often does punish repeated online conduct directed at private individuals for no legitimate reason that is designed to cause substantial emotional distress that does in fact cause substantial emotional distress, 18 U.S.C. 2261A(2)(A)).  Indeed, little has changed since the Department of Justice reported in 2001 that the majority of law enforcement agencies refused to investigate cyber stalking cases because they lacked training to understand the seriousness of the attacks and the potential legal responses.  Part of the problem may be attributable to officers’ poor response to stalking generally.  According to the 2009 National Crime Victimization Survey, stalking continues to be frequently overlooked and often misunderstood.  Half of those surveyed explained  that officers took a report and did nothing else.  Almost 19% reported that officers did nothing at all.  They attributed police inaction to a lack of interest in getting involved, a sense that no legal authority existed, and incompetence.  Lack of training and troubling social attitudes are to blame for criminal law’s under-enforcement.


Stanford Law Review Online: Software Speech

Stanford Law Review

The Stanford Law Review Online has just published a Note by Andrew Tutt entitled Software Speech. Tutt argues that current approaches to determining when software or speech generated by software can be protected by the First Amendment are incorrect:

When is software speech for purposes of the First Amendment? This issue has taken on new life amid recent accusations that Google used its search rankings to harm its competitors. This spring, Eugene Volokh coauthored a white paper explaining why Google’s search results are fully protected speech that lies beyond the reach of the antitrust laws. The paper sparked a firestorm of controversy, and in a matter of weeks, dozens of scholars, lawyers, and technologists had joined the debate. The most interesting aspect of the positions on both sides—whether contending that Google search results are or are not speech—is how both get First Amendment doctrine only half right.

He concludes:

By stopping short of calling software “speech,” entirely and unequivocally, the Court would acknowledge the many ways in which software is still an evolving cultural phenomenon unlike others that have come before it. In discarding tests for whether software is speech on the basis of its literal resemblance either to storytelling (Brown) or information dissemination (Sorrell), the Court would strike a careful balance between the legitimate need to regulate software, on the one hand, and the need to protect ideas and viewpoints from manipulation and suppression, on the other.

Read the full article, Software Speech at the Stanford Law Review Online.


Video Voyeurism

Recall that during the spring, a jury convicted Dahrun Ravi of criminal invasion of privacy along with a bias intimidation charge for surreptitiously using his webcam to live stream his roommate’s sexual encounter and for attempting to do so a second time.  Here comes word of another criminal invasion of privacy case, this time in Maryland.  Apparently, a Howard County man broke into the apartments of two young women, installing a video camera in their bathrooms and bedrooms.  The man has been charged with burglary and video surveillance “with a prurient interest.”  The man apparently knew the women, allowing him to steal and copy their apartment keys.  According to news reports, the suspect filmed himself installing the cameras.  Apparently, Maryland law aims to punish and deter sexualized privacy invasions by requiring proof of prurient interest.  Besides the Ravi case, another criminal matter that comes to mind is the Erin Andrews stalking case.  Much like the criminal case against Ms. Andrews’s stalker, prosecutors might also have charged the defendant with criminal harassment, that is, repeated conduct designed to cause victim substantial emotional distress with intent to cause substantial emotional distress.  On the civil side of things, the women can surely sue their harasser for tort privacy’s intrusion on seclusion, which protects against invasions of someone’s solitude or her “private affairs or concerns” that would be “highly offensive to the reasonable person.”  As I head off to speak at the Harvard Law Review’s symposium on Privacy and Technology where I will be commenting on Neil Richards’s excellent essay “The Dangers of Surveillance” (and as I write my book Hate 3.0: The Rise of Cyber Harassment and How to Stop It, forthcoming in Harvard University Press), this case could not be more timely.  You can check out David Gray’s and my response to Neil’s paper, a draft of which is posted on the HLR website.


The Normative Jurisprudence of Creepshots

My reaction to Robin West’s extraordinary scholarship always includes some mixture of distress and excitement: distress over the failures of law and humanity she describes with such devastating clarity, and excitement about the potential applications of her insights. In this post, I want to discuss how Robin’s critique of both liberal legalism and what she calls “neo-critical” legal theory in Normative Jurisprudence – particularly the former’s fetishization of individual rights and the latter’s decidedly uncritical celebration of consent – usefully illuminates the recent controversy over the outing of Michael Brutsch, aka “Violentacrez,” the man behind some of the most controversial forums on the popular social news website, One of these, the “/r/creepshot” forum (or “subreddit”), which encouraged users to submit surreptitious photographs of women and girls for sexual commentary, garnered national attention when it was discovered that a Georgia schoolteacher was posting pictures of his underage students. Brutsch’s outing (or “doxxing“) sparked outrage from many in the reddit community, and has led to an intriguing online and offline debate over Internet norms and practices. The defense of Brutsch and the forums he helped create – mostly sexual forums targeting women and girls – has been dominated by a highly selective conception of the right to privacy, the insistence on an unintelligibly broad conception of “consent,” and a frankly bewildering conception of the right to free speech. Attempts to criticize or curtail these forms of online abuse have also been primarily framed in terms of “rights,” to uncertain effect. Robin’s critiques of rights fetishism and the ideology of consent offer valuable insights into this developing debate.

I will attempt to briefly summarize (and no doubt oversimplify, though I hope not misrepresent) the points Robin makes that I think are most useful to this conversation. Liberal legalism’s focus on rights rests on a seductive fantasy of individual autonomy: it “prioritizes the liberty and autonomy of the independent individual, shrouds such a person in rights, grants him extraordinary powers within a wide ranging sphere of action, and in essence valorizes his freedom from the ties and bonds of community. It relegates, in turn, the interests, concerns, and cares of those of us who are not quite so autonomous or independent … those of us for whom our humanity is a function of our ties to others rather than our independence from them … to the realm of policy and political whim rather than the heightened airy domain of right, reason, and constitutional protection” (41). The critical legal studies movement attempted to correct some of this rights fetishism by pointing out that “rights” are not only radically indeterminate (i.e. rights can be interpreted and granted in conflicting ways), but that they are also legitimating (that is, bestowing the status of “right” on narrowly drawn freedoms can obscure the injustice and inequality that fall outside of them, thus insulating them from critique).

Robin persuasively demonstrates that neo-critical legal theorists held on to the indeterminacy thesis while jettisoning the critique of legitimation. Concerns about legitimation are concerns about suffering, and neo-crits are largely uninterested in, if not contemptuous of, suffering. Their primary concern is power and pleasure, which is accordingly supported by what Robin calls “the ideology of consent.” To the neo-crits, consent has the power to fully shield any act from either legal or moral critique. Robin addresses the way the ideology of consent plays out in the context of sex by looking to the work of Janet Halley. According to Robin, Halley espouses a view of sex that takes “[c]onsent to sex … as full justification for a collective blindness to both societal and individual pressures to engage in unwanted sex, so long as the sex is short of rape”(142). Sex is presumptively pleasurable, and as such presumptively immune from critique. As Robin describes Halley’s position, “sex is almost always innocent, and when consensual, there can be no ‘legitimate’ basis for criticism. Consensual sex is just too good to be circumscribed, or bound, by claims of its unwelcomeness or unwantedness. The claims that consensual sex is in fact unwelcome or unwanted are likely false in any event. The harms sustained, even if the claims are true, are trivial” (146). (I came to similar conclusions regarding Halley’s work in my review of her book, Split Decisions: How and Why to Take a Break from Feminism).

Now to apply these insights to the Michael Brutsch/creepshot controversy. The moderators of the creepshot subreddit provide this helpful definition of “creepshot” on the “subreddit details” page:

Read More


Is IP for People or Corporations?

Another day brings another cornucopia of exciting and important comments on my book, From Goods to a Good Life: Intellectual Property and Global Justice. I thank Professors Molly Van Houweling, Jessica Silbey, Michael Madison, and Mark McKenna, and earlier Concurring Opinions commentators —Professors Deven Desai, Lea Shaver, Laura DeNardis, Zahr Said, and Brett Frischmann—for reading my book so carefully, and engaging it so helpfully. I focus here on Professor Van Houweling’s framing of an important issue arising in the discussion.

Professor Van Houweling has provoked stimulating discussion with her astute observation of two competing visions of intellectual property within the emergent “capabilities approach” school of intellectual property we identified earlier this week. Professor Van Houweling contrasts Professor Julie Cohen’s alternative justification of copyright as a tool for promoting corporate welfare (sustaining creative industries), with my attention to intellectual property laws as tools for promoting livelihood and human welfare (sustaining human beings in their quest for a good life).

Read More


Internet Governance and the Good Life

Madhavi Sunder’s thought-provoking new book, From Goods to a Good Life, creates an opportunity to rethink many areas of global knowledge policy, including how the Internet’s technical architecture is governed. Global Internet governance is often viewed through the lens of technical expediency and innovation policy, especially concentrating attention on the international institutions that coordinate critical Internet resources and infrastructure.  Sunder’s book provides a refreshing theoretical basis for shifting this frame to place culture and human rights at the center of Internet governance debates.  Technologies of Internet governance, although concealed in technical complexity and generally outside of public view, are the new spaces determining some of the most important cultural freedom issues of our time.

Sunder’s book suggests the technological features necessary for participatory culture to thrive. Some of these include many-to-many interactivity, amenability to manipulation and revision, and an architecture that shifts cultural production from the top-down hierarchical control of popular media to a distributed system in which cultural creation can reside at endpoints.  As Sunder explains, “This open architecture facilitates democratic resistance to dominant cultural discourses.”

Some trends in Internet governance are discordant with these crucial features. Internet governance control points are neither legal control points nor are they confined within nation-state boundaries. They are often manifested through the design of technical architecture, the decisions of global institutions of Internet governance, and through private business models.

I’ll offer a few Internet governance questions with implications for the future of participatory culture. The first is the evolving, behind-the-scenes architecture of online advertising practices. Relinquishing information about ourselves, consciously or not, is the quid pro quo bargain for free culture. The companies that operate platforms supporting distributed cultural production obviously require massive annual operating budgets. They provide free distributed products (e.g. YouTube, social media, blogging platforms) but are supported by online advertising models predicated upon the centralized collection and retention of data (contextual, locational, behavioral) about individuals that use these products. The removal of material barriers to cultural production is predicated upon these information goods, which are in turn predicated upon the hidden and mechanized monetization networks that support them. Information collected about individuals routinely includes unique hardware identifiers, mobile phone numbers, IP addresses, and location as well as content and site-specific information. In what ways will these evolving practices eventually constrain participatory culture and human freedom? There is a cultural disconnect between the perception of online anonymity and the actuality of a multi-layered identity infrastructure beneath the layer of content.

A second Internet governance trend potentially agonistic to the future of participatory culture is the turn to the Domain Name System (DNS) for intellectual property rights enforcement. The DNS has always served a clear technical function of translating between the alphanumeric names that humans use and the binary Internet addresses that routers use. Right now, the authoritative Internet registries that resolve these names into binary numbers are already being asked to enforce trademark and copyright laws, essentially blocking queries from websites associated with piracy. If this practice expands to ISPs and other DNS operators (as SOPA/PIPA seemed to propose), what will be the collateral damage to free expression and participatory culture?

Finally, an emerging Internet governance challenge to participatory culture is the trend away from interoperability. The ability to exchange information regardless of location or device is a necessary ingredient for participatory culture. Some social media approaches actually erode interoperability in several ways: lack of inherent compatibility among platforms; lack of Uniform Resource Locator (URL) universality; lack of data portability; and lack of universal searchability. In all of these cases, standard approaches are available but companies have explicitly designed interoperability out of their systems. Cloud computing approaches seem to be lurching away from interoperability in a similar manner. These trends concentrate control and intelligence in medias res rather than at end points. These centralized and proprietary approaches mediated by gatekeepers are what the market has selected but this selection has consequences for cultural as well as technical interoperability.

Madhavi Sunder’s book is a reminder to think about these architectural and economic shifts with attention to their effects on participatory culture and to engage public input into these debates.

It might not be immediately obvious how issues as varied as essential medicines, viral Internet videos, and technical architecture are connected to each other and to human liberty. Drawing from theorists as diverse as Durkheim, Foucault, and Habermas, From Goods to a Good Life convincingly makes this connection.  Congratulations to Professor Sunder for so insightfully helping us to connect issues of intellectual property and human freedom across diverse areas of global knowledge policy.

Dr. Laura DeNardis, Associate Professor, American University in Washington, D.C.