December 9, 2022

Intent Requirements in the State Super-DMCA Bills

Several readers point out that the state super-DMCA bills contain language requiring an “intent to harm or defraud a communications service”, and they suggest that such a requirement makes the bills less harmful than I had said yesterday.

I disagree, for two reasons.

First, although some of the offenses created by the bills do require an “intent to harm or defraud”, the part of the bills to which I objected yesterday does not contain such a requirement. All that is required in the way of intent is an intent to conceal the origin or destination of a communication – and that intent would be inferred, presumably, if somebody took an action that had the predictable effect of concealing origin or destination.

Second, even if such language did apply to the part of the bills under discussion, I would still be worried (though less so). “Intent to defraud” doesn’t bother me, but “intent to harm” does, given the danger that “harm” could be construed broadly. In a competitive marketplace, people often take legitimate actions that harm the interests of one competitor. If I switch my lunch beverage from Pepsi to Coke, that action could be said to harm Pepsi; but surely my intent to switch beverages does not belong in the same category as an attempt to defraud Pepsi.

MPAA Lobbying for State Super-DMCA Bills

The MPAA has reportedly been lobbying in favor of the overreaching state super-DMCA bills I discussed yesterday. Apparently, the MPAA has been circulating this one-pager in support of the bills.

The one-pager refers to “proposed model state legislation”, which explains the similarities between the various states’ bills. But it doesn’t say who is circulating the model legislative language. Anybody care to guess?

As a professor, I couldn’t help but notice that I had seen documents like this before. The characteristics are familiar: the large space-filling font; the overlong introduction repeating obvious generalities (e.g., copyright infringement is bad); the circular arguments (e.g., the need “to make illegal the manufacture and use of unlawful … devices”); and the lack of any specific reference to the text supposedly under discussion. It looks suspiciously like an essay turned in by a student who didn’t do the reading.

Use a Firewall, Go to Jail

The states of Massachusetts and Texas are preparing to consider bills that apparently are intended to extend the national Digital Millennium Copyright Act. (TX bill; MA bill) The bills are obviously related to each other somehow, since they are textually similar.

Here is one example of the far-reaching harmful effects of these bills. Both bills would flatly ban the possession, sale, or use of technologies that “conceal from a communication service provider … the existence or place of origin or destination of any communication”. Your ISP is a communication service provider, so anything that concealed the origin or destination of any communication from your ISP would be illegal – with no exceptions.

If you send or receive your email via an encrypted connection, you’re in violation, because the “To” and “From” lines of the emails are concealed from your ISP by encryption. (The encryption conceals the destinations of outgoing messages, and the sources of incoming messages.)

Worse yet, Network Address Translation (NAT), a technology widely used for enterprise security, operates by translating the “from” and “to” fields of Internet packets, thereby concealing the source or destination of each packet, and hence violating these bills. Most security “firewalls” use NAT, so if you use a firewall, you’re in violation.

If you have a home DSL router, or if you use the “Internet Connection Sharing” feature of your favorite operating system product, you’re in violation because these connection sharing technologies use NAT. Most operating system products (including every version of Windows introduced in the last five years, and virtually all versions of Linux) would also apparently be banned, because they support connection sharing via NAT.

And this is just one example of the problems with these bills. Yikes.

UPDATE (6:35 PM): It’s worse than I thought. Similar bills are on the table in South Carolina, Florida, Georgia, Alaska, Tennessee, and Colorado.

UPDATE (March 28, 9:00 AM): Clarified the paragraph above about encrypted email, to eliminate an ambiguity.

UPDATE: I now have a page with information about all of these bills, including the current status in each state.