Risk
1/18/2012
12:49 PM
Connect Directly
RSS
E-Mail
50%
50%

SOPA: 10 Key Facts About Piracy Bill

Despite mass opposition to the SOPA and PIPA anti-piracy bills, both continue to move forward in Congress. Here's an update on what's at stake and where the bills stand.

What's the status of two controversial bills designed to block foreign, rogue websites and prevent U.S. residents from accessing pirated movies and music?

The proposed bills are the House's Stop Online Piracy Act (SOPA) and the Senate's Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act (Protect IP Act, or PIPA). Numerous businesses and technologists--for starters--have criticized the bills, leading an estimated 7,000 websites Wednesday to either black out their site (in the case of the English language version of Wikipedia) or to alter their site design to demonstrate their opposition to the bills (as in the case of Google and Mozilla).

[ Cyberattacks are expected to rise this year. Learn more about the 10 Security Trends To Watch In 2012. ]

With opposition mounting, here's where the bills now stand:

1. SOPA is still alive.
Are both SOPA and PIPA now stalling? In fact, SOPA's chief sponsor, Rep. Lamar Smith (R-Texas), said Tuesday that he expects to bring the bill to a House Judiciary Committee markup hearing in February. At such hearings, legislators can debate the bill and propose amendments, as well as vote on whether the bill should then be passed to the full House. "To enact legislation that protects consumers, businesses, and jobs from foreign thieves who steal America's intellectual property, we will continue to bring together industry representatives and members to find ways to combat online piracy," said Smith Tuesday in a statement.

2. Payment provider cooperation is required.
SOPA would encourage--though not require--payment providers such as Visa and PayPal to not facilitate business transactions with any website that the government had deemed to be hosting pirated content. According to Smith, "the bill maintains provisions that 'follow the money' and cut off the main sources of revenue to foreign illegal sites ... and it provides innovators with a way to bring claims against foreign illegal sites that steal and sell their technology, products, and intellectual property."

3. SOPA loses court orders.
One sticking point for SOPA has been that service providers would be required to comply with a court order, obtained by the government, requiring them to block access to rogue foreign websites, and which would indemnify their actions. But in response to criticism of the provision, Smith recently removed the court-order provision from SOPA. As a result, it's not clear how website-blocking orders might be obtained or policed.

4. Bills continue to evolve.
Both SOPA and PIPA have continued to evolve in response to criticism. Notably, PIPA author Sen. Patrick Leahy (D-Vt.) admitted that service providers wouldn't support any bill that filtered domain-name servers (DNS) for anti-piracy purposes. Likewise, to help prevent abuse, the bills' authors have added provisions that would impose damages--including costs and attorneys' fees--on anyone who makes a false claim.

5. DNS tinkering isn't popular.
As an anti-piracy technique, domain name filtering is proving to be quite unpopular. Notably, Google--which of course earns advertising revenue based on page impressions--has said it will resist any such measures. Likewise, both SOPA and PIPA have been derided by service providers, technology experts, as well as the Business Software Alliance, for being too sweeping in their approach.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Bprince
50%
50%
Bprince,
User Rank: Ninja
1/19/2012 | 2:21:36 AM
re: SOPA: 10 Key Facts About Piracy Bill
SOPA and PIPA seem basically dead at the moment. A lot of politicians are dropping support according to the Washington Post. The masses appear to have spoken.
Brian Prince, InformationWeek/Dark Reading Comment Moderator
cxf
50%
50%
cxf,
User Rank: Apprentice
1/19/2012 | 3:19:35 PM
re: SOPA: 10 Key Facts About Piracy Bill
Content authors already have the civil and criminal remedies they need through existing piracy laws. I'm reminded by this with every copyrighted DVD I watch. It's clear, that if I violate Federal copyright laws, I could face 5 years in the pokie, and a $250,000 fine. Isn't that enough? It is for me.
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-3304
Published: 2014-10-30
Directory traversal vulnerability in Dell EqualLogic PS4000 with firmware 6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the default URI.

CVE-2013-7409
Published: 2014-10-30
Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .m3u (playlist) file.

CVE-2014-3446
Published: 2014-10-30
SQL injection vulnerability in wcm/system/pages/admin/getnode.aspx in BSS Continuity CMS 4.2.22640.0 allows remote attackers to execute arbitrary SQL commands via the nodeid parameter.

CVE-2014-3584
Published: 2014-10-30
The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the authorization header of a request to a JAX-RS service.

CVE-2014-3623
Published: 2014-10-30
Apache WSS4J before 1.6.17 and 2.x before 2.0.2, as used in Apache CXF 2.7.x before 2.7.13 and 3.0.x before 3.0.2, when using TransportBinding, does properly enforce the SAML SubjectConfirmation method security semantics, which allows remote attackers to conduct spoofing attacks via unspecified vect...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.