Taming the Web

By Patricia Jacobus
Staff Writer, CNET News.com
April 19, 2001, 4:00 a.m. PT

The remarks were largely overlooked when the U.S. Supreme Court rejected the Communications Decency Act in a landmark ruling four years ago, but they seem increasingly prescient today.

"Until gateway technology is available throughout cyberspace, and it is not in 1997, a speaker cannot be reasonably assured that the speech he displays will reach only adults because it is impossible to confine speech to an 'adult zone,'" Justice Sandra Day O'Connor wrote in an opinion on behalf of Chief Justice William H. Rehnquist. Nevertheless, she added: "The prospects for the eventual zoning of the Internet appear promising."

In the early days of the Web's popular explosion, this kind of zoned filtering was proposed repeatedly and often for concerns involving objectionable content or political rebellion. With few exceptions, the concept was abandoned as technically infeasible--especially as government officials worried that draconian restrictions might stifle an unprecedented Internet economic boom.

Today, however, the development of highly sophisticated filtering and tracking software is making such limitations possible for the first time. As a result, the new technologies are resurrecting a volatile issue long thought dead: the idea that the Internet can be regulated by geographic boundaries within the United States and from country to country.

"The risk is that if other countries are allowed to enforce regulations on the Web publishers all over the world, it would have a chilling effect on free speech and be a burden on the industry," said Alan Davidson with the Center for Democracy and Technology, a Washington lobbying group. "How will a Net business be able to comply to all national laws? Will businesses have to keep up with the laws in Southern Bavaria or in Saudi Arabia?"

Already, the use of new technologies to create de facto boundaries online is being tested in the much-publicized French ruling against Web portal Yahoo. A French court last year ordered the U.S.-based Internet giant to block those living in France from viewing Nazi memorabilia on its auction sites or face a fine of roughly $13,000 a day. Yahoo is fighting the case, arguing that France has no jurisdiction over an American company, but it has removed the items in the meantime.

The case raised fears among free-speech advocates around the world. If an online powerhouse like Yahoo can be held responsible for blocking certain visitors, the thinking goes, it could spell an end to the borderless universe that libertarians have long espoused for the Internet.

"I used to believe that the thought of government imposing their rules on an American Internet company was laughable, until I saw what Yahoo did," said John Perry Barlow, author and co-founder of the Electronic Frontier Foundation. "If you're going to be free, you have to act free."

At the crux of the controversy is a new generation of software that makes it possible to block content and track people based on their physical locations. These tracking programs work much the same way as consumer profiling used by advertisers. They track a person's IP (Internet Protocol) address, which in turn can be used to locate where an individual lives or works.

Marie Alexander, chief executive of Quova, a company that provides geographic tracking through its GeoPoint software, said business has surged since the Yahoo case as other Internet companies worry that they, too, will be forced to block certain visitors.

"We have maps of the Internet, specifically by IP addresses," Alexander said in describing GeoPoint, which works like other tracking software. "It's like sending a letter and not putting a return address on it. From the postmark I can tell it was mailed in the Sacramento area."

The program was devised to help industries that do business across jurisdictional boundaries, such as insurance and pharmaceutical companies that must adhere to individual state laws as well as comply with federal regulations.

The software is also used for another type of law enforcement, known as "digital rights management." Record labels interested in releasing new music to a single country can use GeoPoint to block uninvited listeners.

That filtering ability carries wide potential for other copyright-sensitive industries, such as professional sports. Last year, many sports news Web sites were forbidden from covering the Olympics in Sydney partly because they could not guarantee that certain events would be shown only to certain spectators.

But such business uses can quickly become a double-edged sword. Although Yahoo's auction site argued that blocking sites along geographical lines was not feasible, Yahoo Sports Producer Tonya Antonucci pressed for ways to do just that for a chance at Webcasting future Olympic games.

Therein lies the heart of the debate: On the one hand, zoning the Internet could mean wider access as, for example, the music industry grows more comfortable releasing new works online or pharmaceutical companies consider offering medicine via the Web. On the other, such borders could inhibit a free exchange of ideas by providing a tool to limit Web usage that erects geographic borders online.

As tracking technologies mature, these agendas are likely to clash with rising frequency.

Mark Cramer, chief executive of tracking service NetGeo, describes these technologies as the Holy Grails for advertisers but acknowledges their unintended potential.

"The intent of our company is not to censor free speech," he said. "But it can certainly be used for that."

As it stands today,

Meta Group says strong forces are behind the development of geolocation services to identify and segregate consumers on the Internet. see commentary

Another problem is the inability to track people who use filters that conceal IP addresses along with such personal information as age, sex and income. Zero Knowledge Systems and Junkbusters, a privacy clearinghouse based in New Jersey, are among a plethora of organizations offering services and software that protect identities online.

Still, as with all software in demand, it is only a matter of time before tracking methods become more effective. And if legal pressures continue, it could become increasingly difficult to find places to hide in cyberspace.

For example, the 26 million or so people who use AOL Time Warner's America Online are registered in Virginia, where the company is based, so tracing an individual by IP address from outside its system would be no easy task. But if a court ordered AOL to block certain sites from its subscribers, the online service could probably do so far more easily and effectively than other Internet service providers.

The Internet Engineering Task Force is developing a technology known as IPv6 that would expand the IP address system and make people more easily identifiable by assigning serial numbers to each computer's network-connection hardware.

The technology has strong support among e-commerce companies that could theoretically acquire all manner of demographic information from potential customers, including income, professional credentials and citizenship status. That is exactly why it has drawn strong opposition from privacy groups and others who fear the prospect of a new Big Brother on a global scale.

Mark Brailov, spokesman for the American Electronics Association, acknowledges that the Internet cannot be free of government. But he takes a more tempered approach, saying that regulators need to be quietly present.

"The governments' role should serve as a guiding hand, not a heavy one," he said.

Yet some remain puzzled at what they see as artificial distinctions between cyberspace and the physical world. Like other Internet academics and professionals, University of Miami Law School Professor Michael Froomkin dismisses the notion of an unregulated medium as "cyberpunk dreams that rules are bad."

"Just because you're using a computer doesn't mean you don't have to follow the law," he said.
 

By Lisa M. Bowman
Special to CNET News.com
April 19, 2001, 4:00 a.m. PT

The San Francisco Public Library, a large gray edifice that stands across from the city's sparkling City Hall, hardly seems like ground zero for a constitutional war over Web content.

But inside the library, where backpack-toting students can slip in to study and homeless people can duck the rain and surf the Web, a battle is brewing over what people--children and adults--can view on public, Internet-connected computers.

As a result of a new federal law, the San Francisco Public Library and thousands of other libraries across the country are facing a conundrum: filter Internet content against their will or risk losing federal funds.

The law, called the Children's Internet Protection Act (CIPA), forces schools and libraries that receive government money to block Web images deemed harmful to minors.

San Francisco, long a bastion of free love and free speech, is taking a stand against what officials there see as censorship by refusing to filter content.

Gartner analyst Bill Gassman says the battle over filtering Internet content, both in the public sphere and within enterprises, is one that needs to be fought. see commentary

The filtering law--which is facing legal challenges from groups including the America Civil Liberties Union (ACLU), the American Library Association (ALA) and an organization of California libraries that includes San Francisco--is the latest in a long line of attempts to regulate Web content. Although the founders of the Web envisioned a freewheeling community where people of all persuasions could communicate without the legal constraints of the real world, the self-appointed moral keepers of society have had a different idea.

Fearing that easy access to a flurry of pornographic and violent content could taint Net users in general and children in particular, some groups have set out to restrict what people can see and read on the Web. The results so far have been largely unsuccessful: Two major federal legislative attempts have been tossed out because of First Amendment violations. And most efforts at the state level have failed as well.

However, proponents of a content crackdown are learning from their experiences and tailoring successive rounds of legislation more narrowly in efforts to avoid the constitutional blunders of the past.

The major tool for filtering is software that resides either on a client computer or a local server. Such software was designed to help parents protect their children from smut, and filtering advocates are hoping that libraries and schools will install it in response to CIPA.

The local method of filtering has been the preferred approach in the United States and differs from steps taken in more oppressive countries, where governments have tried to use state-run Internet service providers and other methods to block content.

Of course, the debate over censorship is as old as the written word. But the Web has opened a new chapter of the debate by providing access to a world of content larger than any library could ever house, a world where sites catering to people's most-primal fantasies are just a mouse click away.

In some ways, peddlers of porn and other vices have become more insidious. After all, Web pages catering to fetishes of all stripes can be found at sites containing seemingly innocuous words such as "whitehouse," "Barbie" or "childrensbiblestories." What's more, once people stumble onto such a site--either unwittingly or intentionally--they often are trapped there by countless technological tricks including misleading metatags and a disabled back button.

It is this phenomenon of porn on demand--available anytime to people of all ages--that's alarmed individuals such as Donna Rice Hughes, an Internet safety advocate and former leader of the anti-porn group Enough is Enough. For years, Hughes, the Gary Hart love interest turned born-again Christian, has been on a crusade to combat the seedy side of the Net through regulation, a battle that has culminated with the latest filtering bill.

Hughes promotes government intervention because, she said, "parents...can't be expected to shoulder the entire burden."

Her targets these days are those she calls "pornapreneurs": businesspeople looking to make a buck by capitalizing on the underbelly of the Web.

Hughes began her battle in the mid-1990s, helping to craft legislation that eventually became the Communications Decency Act (CDA). The act was a wide-ranging attempt to clean up Internet smut, making it a felony to deliver indecent material to minors via the Net. Congress passed the measure as part of a massive telecom reform bill in 1996, but the ACLU, ALA and others challenged it on free-speech grounds. In 1997, in its first Web-related case, the U.S. Supreme Court overturned major portions of it.

Next came the Child Online Protection Act (COPA), which was attached to a budget bill in 1998 and dubbed the "son of CDA." Though less restrictive than its predecessor--the law targeted only commercial sites, preventing them from purveying sexually explicit material to children--a federal appeals court again tossed out major parts of it on First Amendment grounds. However, the Justice Department recently filed an appeal in an attempt to revive COPA.

What's more, a commission was impaneled in fall 1999 to submit recommendations to Congress on dealing with Web material that's harmful to minors. In a report released in October, the commission recommended parental education and self-regulation for the porn industry, but it refused to promote filters.

Despite that, CIPA, the law that mandates filtering, passed in December. Introduced by Sen. John McCain, R-Ariz., it represents a more tailored attempt at regulating content. Unlike the two previous acts, it restricts only visual depictions, affects only schools and libraries, and ties restrictions to federal funds.

"What we learned is that we had to try to find a way to extend the protections children have in the real world, to find a way to siphon off the material from kids without impeding on the rights of adults," said Hughes, who's also a COPA commissioner and a consultant to FamilyClick.com. "You need a targeted approach. You can't do everything all at once."

The major federal attempts to regulate content have had many similarities: All were more narrowly tailored than their predecessors; all were attached to sweeping bills in an effort to avoid public debate over the matter; and all have been challenged in court.

In the latest round of the cultural war over Internet content, the ACLU and ALA sued on grounds that the latest filtering bill violates the First Amendment by restricting content in libraries. What's more, the groups argue that the bill further accelerates the digital divide by forcing people who don't have computers at home to surf a filtered Web.

The filtering bill also presents technical challenges, partly because it requires the blocking only of visual depictions.

"The problem is just blocking out the illegal stuff," said Nika Herford, a spokesman for filtering company Net Nanny Software International. For example, how will a computer program distinguish between the nude, reclining figure in Jean-Auguste-Dominique Ingres' "La Grand Odalisque" and a porn star poised for prurience?

"They think they are going to win because they've made the law so narrow, but the technology maybe can't deliver that," Herford warned.

To complicate matters, the U.S. Supreme Court has just agreed to hear arguments regarding the Child Pornography Prevention Act of 1996, a law that makes it illegal to possess digital images of sexual acts featuring people who "appear to be" minors, even if they aren't. A federal appeals court in California has struck down that portion of the law, but three other district courts have upheld it, despite warnings from free-speech groups that it could make owning a digital copy of movies such as "Lolita" or "Romeo and Juliet" punishable by years in prison.

In addition to the federal attempts, several states have tried to clamp down on Internet porn. However, most have not succeeded.

Then there are court battles in Virginia and California regarding specific libraries and their filtering habits, or lack thereof. Courts in both states have ruled in favor of free-speech advocates. A Virginia court has ordered a Loudoun County library to stop filtering, and a California court has sided with a library that refused to filter.

So far, librarians are cheering their court victories.

"We continue to prevail in court, and we expect to do so again," said Susan Gallinger, director of the Livermore Library in California, which so far has fended off a court challenge by a mother who wants the library to filter. "It's the typical practice of trying to impose their values on everybody else. Librarians don't want to be put in that role."

Whatever the outcome of the filtering challenges, one thing is certain. The debate over Web content regulation will rage for years to come. When overturning parts of the CDA, Judge Stewart Dalzell called the Internet a "never-ending worldwide conversation" that should be protected from government intervention.

Still, James Schmidt, a San Jose State University professor and COPA commissioner at the opposite end of the spectrum from Hughes, predicted filtering proponents won't back off anytime soon, even if their latest bill doesn't pass constitutional muster.

"Until and unless that school of thought is satisfied that appropriate government regulation is being taken to protect kids, this debate will go on and on and on," he said.
 

By Rachel Konrad and Patricia Jacobus
Staff Writers, CNET News.com
April 19, 2001, 4:00 a.m. PT

Foreign governments are moving to regulate the Internet with growing frequency, raising the potential for the kind of conflict with U.S. law not seen since the beginning of the medium's mainstream popularity.

Although Yahoo's legal dispute with a court in France has drawn the most attention, governments of other countries are passing laws restricting information: Britain's Regulation of Investigatory Powers Act gives police broad access to e-mail and other online communication; South Korea has outlawed access to gambling sites; and an Italian court ruled in January that foreign sites could be shuttered in a case involving a father who said he was defamed by online claims that he kidnapped his two daughters.

Still more frightening to cyberlibertarians are initiatives by governments banding together to create worldwide laws. Of particular concern are such efforts as an international treaty on crime under discussion by the Council of Europe, a group of 41 countries. Another treaty formed at the Hague Convention and due for adoption in the summer could allow for enforcement of foreign judgments in intellectual property disputes, libel and other claims.

"The trend now is the rise in multilateral regulations such as the Council of Europe on cybercrime," said Alan Davidson from the Center for Democracy and Technology. "This is where multiple countries regulate behavior through law and treaty. These are very real and potentially far-reaching."

Yet for all the lawsuits, legislation and technology that seek to control information and e-commerce, academics and Web veterans say governments aren't likely to tame the Internet anytime soon. In fact, they say, the Net's increasingly international stature is precisely what will keep it a relatively lawless place where pirates and pundits alike can continue to thrive.

Andrew Norwood, attorney for intellectual property group Waller Lansden Dortch & Davis of Nashville, Tenn., cited a recent congressional hearing in which politicians were shown graphically obscene online depictions of children. The legislators then learned that in each case, the material was published from an overseas Web site impervious to U.S. regulations on child pornography.

Norwood said that the Internet's international nature is what makes it so difficult for individual countries to police online activity. In addition to pornography, people attempt to sell via the Web everything from weapons to perscriptions that are illegal in the United States.

"It's a whole bunch of gunslingers out there doing whatever they want," Norwood said. "It's not like you can send the U.S. Marshals to Finland and shut things down. Nation states don't do a good job returning terrorists and kidnappers. Why would we think they should do a good job policing bald hair remedies sold online?"

Nevertheless, those hoping to place more constraints on the Internet are making inroads.

Efforts to regulate the Internet on a country-by-country basis have been under way for years, with many nations already imposing strict controls on online access as well as content. To date, the most extreme restrictions have been limited to undeveloped countries with little infrastructure to support online communications. In the West, where Internet use is highest, lawmakers have sought repeatedly to limit online content but have generally been overruled by constitutional guarantees on free speech.

Recently, however, legal experts say Internet regulation has been gathering new momentum for several reasons: the emergence of technology that can be used to find the approximate geographical location of people using the Web; increasing global cooperation; and the growing popularity of the Internet in countries with fewer free-speech safeguards than those of the United States.

"Technology is evolving that allows governments to identify the geographical location of Internet users in a way that was not possible before," said Patricia Bellia, an assistant professor at Notre Dame Law School and a former attorney with the Justice Department.

Such efforts are bolstered further by international cooperation. John H. Murphy, a professor at Villanova University School of Law who specializes in cyberterrorism, said current and proposed treaties could go a long way toward bridging the gap between divergent laws and cultures on the Web.

The World Intellectual Property Organization's 1996 copyright treaty is a good example of international cooperation on Internet regulation, he said. The agreement led to the creation of an international arbitration forum for resolving domain name disputes.

The treaty also gave rise to the passage of the Digital Millennium Copyright Act, a U.S. law that has won plaudits from content companies as a most effective weapon against Internet piracy but drawn barbs from consumer advocates. Last month, the European Union adopted similar legislation.

In addition, a proposed treaty aimed at cracking down on cybercrime could help transform the Internet into a more regulated environment. Begun in 1997 under the auspices of the Council of Europe, the treaty is still in the draft stage. Since it was made public last year, it has come under severe criticism because of numerous provisions, including a requirement that Internet service providers comply with subpoenas for customer information from any treaty nation.

Bellia said the cybercrime treaty would be unlikely to help governments impose cross-border regulations. But she said it could make it easier to investigate and enforce legislation against hacking, viruses and other online attacks by developing common laws and expediting shared information.

Murphy agreed. "I've always been skeptical of the idea that nation states are helpless in the face of (the Internet). It's ridiculous," he said. "The creeping of borders onto the Net will continue."

As Internet usage continues to rise overseas, international cybercrime is proliferating in places not often associated with the Internet. In Russia, for example, St. Petersburg is increasingly becoming a center for criminal activity online as the home base for the United Crackers League, an international group that orchestrates attacks on specific Web sites.

Russia's legions of young, male, unemployed and self-taught computer gurus have even created a name for themselves: khakker, the Russified version of hacker. So many khakkers cracked into America Online and CompuServe with stolen passwords that the companies left the country. Shortly after their departure in 1997, a new police department opened to deal with high-tech crime.

Known as Directorate R, the police unit says stolen passwords remain the most widespread form of cybercrime in Russia. Directorate R estimates that up to 95 percent of computer-related crimes in Russia go undetected.

European nations are taking the lead on law enforcement efforts against such illicit activities, but online crime is by no means restricted to the continent. Nor does cybercrime always involve enormous industries or governments.

Jim Hedgepath, for example, is primarily concerned with criminal activity by individuals in South Korea. And his concerns are centered on a commodity not often associated with the Internet at all, let alone with online crime: copyrighted needlepoint patterns.

The soft-spoken Hedgepath, president of Pegasus Originals, is in the center of an increasingly raucous debate to wrest control of the Web from pirates who download his copyrighted patterns for needlepoint, stencil designs, paint-by-number art and even entire instruction manuals with impunity. Hedgepath estimates that unfettered online distribution of his intellectual property has dented sales by at least $200,000 a year since 1997.

"We've found that most people, when we confront them, are very apologetic and say they didn't realize they were cutting the designer out of a way to make a living," Hedgepath said from his prize-winning cross-stitch and needlepoint design studio in Lexington, S.C. "But we have about six individuals out there who are hard-core pirates. They'll even rip off patterns from Disney and Precious Moments and Barney and 'Sesame Street'--they don't stop because it's a big name. They don't listen to anybody."

Overseas theft is one of the main complaints of the Hobby Industry Association (HIA), an Elmwood Park, N.J.-based trade group representing more than 4,000 member businesses. But the group fears that there's little it can do to stem the violations.

"Realistically, we're not going to be able to do anything about Korea," said Susan Brandt, HIA spokeswoman, assistant executive director and director of communications. "There's no such thing as a worldwide patent or copyright. A small company simply cannot afford tens of thousands of dollars for worldwide copyright protection. Maybe they can go after a violation in Canada, or even Germany. But Korea? Forget it."

Alan Weintraub, a research director at technology research firm Gartner, compared the state of Internet law enforcement to the days of U.S. Prohibition from 1919 to 1933.

"Just as we emerged out of Prohibition with legalized drinking, we'll emerge out of content distribution with people understanding that if they break the rules, there will be some level of legal reaction," he said. "We're always going to have the bootleggers. But we're going to be able to set up a set of acceptable policies that people will live by."

But when that will happen--if ever--remains an open question.

"It's maturing, but it certainly is still a new technology. And from a legal point of view, whenever you have a new technology, you're going to have an introductory period when the law can't figure out how to adapt," said Michael Epstein of New York-based law firm Weil Gotshal & Manges. "Right now it's the wild, wild West because there's limited guidance in terms of cases and legislation. We evolve to something more manageable and traditional, but it's going to take a long time." 

News.com's Evan Hansen contributed to this report.