Dept. of Justice Opposes Exon Bill - But Calls for Replacement -------------------------------------------------------------- Below is a letter from the Justice Department in response to (D-VT) Sen. Pat Leahy's recent enquiry regarding the DoJ's position on the Exon/Gorton Communications Decency Act. The CDA was recently folded into larger Senate telecom deregulation bill S. 652, after significant but insufficient amendment to reduce system operator liability. The House version of the bill, still in its original form, remains a separate bill, H.R.1004, whose sponsor appears to have had second thoughts and has called for slowing the bill down. As grassroots, and especially online, activists and concerned citizens continue to raise serious doubts about this bill, and as organizations like EFF, Voters' Telecommunications Watch, the Center for Democracy and Technology, and dozens of others, work to derail it, the following letter comes as a pleasant surprise for the most part. The Department of Justice maintains first and foremost that the bill will greatly harm law enforcement's efforts against obscenity and sexual abuse of minors, in a number of ways. Most of these flaws in the bill are due to imprecise application of terms like "digital" and insufficient consideration of the effects that supposedly minor changes to one section of the telecommunications regulations have on other sections, their enforcement and their interpretation by the courts. However, and to their credit, the DoJ has also identified four distinct and serious threats to privacy posed by the CDA. Besides making it easier for system crackers to evade detection, Sen. Exon's legislation would also negate the "exclusionary rule" of 18 USC section 2515, reducing the privacy protections of phone calls in one way, and additionally weaken this privacy by introducing a loophole into the wiretap statute that would broadly allow monitoring by anyone of private voice communications. The Department further warns that one section of the bill "would encourage intrusion by on-line service providers into the private electronic mail communications of individual users. [The section] actually promotes intrusions into private electronic mail by making it 'safer' to monitor private communications than to risk liability. At the same time, [the section] would defeat efforts by the government to enforce federal privacy protections against illegal eavesdropping." Not all is sunshine however, and those concerned about civil liberties online should keep one eye open for a replacement bill in the not too distant future. The Acting Assistant Attorney General notes that "While we agree with the goal of various legislative proposals designed to keep obscenity and child pornography off of the information superhighway, we are currently developing a legislative proposal that will best meet these challenges and provide additional prosecutorial tools. This legislative package is being developed while taking into consideration the need to protect fundamental rights guaranteed by the First Amendment." Needless to say, many of us will remain skeptical. *********** Department of Justice Letter to Sen. Leahy May 3, 1995 Honorable Patrick J. Leahy United States Senate Washington, DC 20510 I write to respond to your letter of March l, 1995 concerning our prosecution of violations of federal child pornography and obscenity laws and your April 21, 1995 request for the views of the United States Department of Justice on the "Communications Decency Act," which has been incorporated as title IV of the proposed "Telecommunications Competition and Deregulation Act of 1995," S. 652. In accordance with your request, the analysis of the Communications Decency Act focuses on sections 402 and 405 of the bill. The Department's Criminal Division has, indeed, successfully prosecuted violations of federal child pornography and obscenity laws which were perpetrated with computer technology. In addition, we have applied current law to this emerging problem while also discovering areas where the new technology may present challenges to successful prosecution. While we agree with the goal of various legislative proposals designed to keep obscenity and child pornography off of the information superhighway, we are currently developing a legislative proposal that will best meet these challenges and provide additional prosecutorial tools. This legislative package is being developed while taking into consideration the need to protect fundamental rights guaranteed by the First Amendment. With respect to the communications Decency Act, while we understand that section 402 is intended to provide users of online services the same protection against obscene and harassing communications afforded to telephone subscribers, this provision would not accomplish that goal. Instead, it would significantly thwart enforcement of existing laws regarding obscenity and child pornography, create several ways for distributors and packagers of obscenity and child pornography to avoid criminal liability, and threaten important First Amendment and privacy rights. Similarly, while we understand that section 405 of this bill is intended to expand privacy protections to "digital" communications, such communications are already protected under existing law. Moreover, this provision would have the unintended consequences of jeopardizing law enforcement's authority to conduct lawful, court-ordered wiretaps and would prevent system administrators from protecting their systems when they are under attack by computer hackers. Despite the flaws in these provisions, the Administration applauds the primary goal of this legislation: prevent obscenity from being widely transmitted over telecommunications networks to which minors have access. However, the legislation raises complex policy issues that merit close examination prior to Congressional action. We recommend that a comprehensive review be undertaken of current laws and law enforcement resources for prosecuting online obscenity and child pornography, and the technical means available to enable parents and users to control the commercial and non commercial communications they receive over interactive telecommunications systems. The following are the Department's primary objections to sections 402 and 405 of the pending telecommunication bill: First, Section 402 of the bill would impose criminal sanctions on the transmission of constitutionally protected speech. Specifically, subsections 402(a)(1) and (b)(2) of the bill would criminalize the transmission of indecent communications, which are protected by the First Amendment. In _Sable Communications of Cal. v. FCC_, 492 U.S. 115 (1989), the Supreme Court ruled that any restrictions on the content of protected speech in media other than broadcast media must advance a compelling state interest and be accomplished by the "least restrictive means." 8y relying on technology relevant only to 900 number services, section 402 fails to take into account less restrictive alternatives utilizing existing and emerging technologies which enable parents and other adult users to control access to content. Nearly ten years of litigation, along with modifications of the regulations, were necessary before the current statute as applied to audiotext services, or "dial-a-porn" calling numbers, was upheld as constitutional. See _Dial Information Services v. Thornburg_, 938 F. 2d 1535 (2d Cir. 1991). The proposed amendment in section 40-2 of the bill would jeopardize the enforcement of the existing dial-a-porn statute by inviting additional constitutional challenges, with the concomitant diversion of law enforcement resources. Second, the definition of "knowingly" in section 402 of the bill would cripple obscenity prosecutions. Under subsection 402(e), only those persons with "actual knowledge" of the "specific content of the communication" could be held criminally liable. This definiition would, make it difficult, if not impossible, to prove guilt, and the standard is higher than the prevailing knowledge requirements under existing obscenity and child sexual exploitation statutes. Under _Miller v. California_, 413 U.S. 629 (1973j, the government must only prove that a person being prosecuted under an obscenity statute had knowledge of the general nature of the material being distributed. Large-scale distributors of child pornography and other obscene materials--among the most egregious violators -- do not read or view each obscene item they distribute. the proposed definition in subsection 402(e) would make it nearly impossible for the government to establish the necessary knowledge requirement and would thereby severely handicap enforcement of existing statutes. Third, section 402 would add new terms and defenses that would thwart ongoing enforcement of the dial-a-porn statute. Currently, the government is vigorously enforcing the existing dial-a-porn statute. It took more than ten years for the government to be able to do so, due to constitutional challenges. The proposed amendment to this statute fundamentally changes its provisions and subjects it to renewed constitutional attack which would hinder current enforcement efforts. Fourth, section 402 would do significant harm by inserting new and sweeping defenses that may be applied to nullify existing federal criminal statutes. The government currently enforces federal criminal laws preventing the distribution over computer networks of obscene and other pornographic material that is harmful to minors (under 18 U.S.C. section 1465, 2252 * 2423 (a)), the illegal solicitation of a minor by way of a computer network (under 18 U.S.C. section 2252), and illegal "luring" of a minor into sexual activity through computer conversations (under 18 U.S.C. section 2423(b)). These statutes apply to all methods of "distribution" including over computer networks. The new defenses proposed in subsection 402(d) would thwart ongoing government obscenity and child sexual exploitation prosecutions in several important ways: * The first defense under subsection 402 (d)(1) would immunize from prosecution "any action" by a defendant who operates a computer bulletin board service as an outlet for the distribution of pornography and obscenity so long as he does not create or later the material [sic]. In fact, this defense would establish a system under which distributors of pornographic material by way of computer would be subject to fewer criminal sanctions than distributors of obscene videos, books, or magazines. * The second defense provided in subsection 402(d)(2) would exculpate defendants who "lacked editorial control over the communications." Such a defense may significantly harm the goal of ensuring that obscene or pornographic material is not available on the Internet or other computer networks by creating a disincentive for operators of public bulletin board services to control postings on their boards. Moreover, persons who provide critical links in the pornography and obscenity distribution chains by serving as "package fulfillment centers" filling orders for obscene materials, could assert the defense that they lack the requisite "editorial control." This proposed defense would complicate prosecutions of entire obscenity distribution chains. * The third defense provided in subsection 402 (d)(3), containing five subparts, would be available to pornographic bulletin boards operators who take such innocuous steps as (A) directing users to their "on/off" switches on their computer as a "means to restrict access" to certain communications; (B) warning, or advertising to, users that they could receive obscene material; and (C) responding to complaints about such minimum, [sic] this proposed defense would lead to litigation over whether such actions constitute "good faith" steps to avoid prosecution for violating the section 402, and could thwart existing child pornography and obscenity prosecutions. * The fourth defense provided in subsection 402 (d)(4) would exculpate defendants whose pornography business does not have the "predominate purpose" of engaging in unlawful activity. This defense would severely undercut law enforcement's efforts to prosecute makers and distributors of noncommercial pornography and obscenity. * The fifth defense provided in subsection 402 (d)(5) would preclude any cause of action from being brought against any person who has taken good faith steps to, _inter_alia_, "restrict or prevent the transmission of, or access to," a communication deemed unlawful under section 402. This defense would encourage intrusion by on-line service providers into the private electronic mail communications of individual users. The defense actually promotes intrusions into private electronic mail by making it "safer" to monitor private communications than to risk liability. At the same time, this defense would defeat efforts by the government to enforce federal privacy protections against illegal eavesdropping. Finally, but no less significantly, section 405 amends the federal wiretap statute in several respects, each of which creates considerable problems. First, it amends the wiretap statute to add the term "digital" to 10 USC section 2511 (see footnote #1), without considering the effect of this amendment on other statutory provisions. For example, 10 USC section 2516 (1) provides that certain government officials may authorize an application for a wiretap order for wire or oral communications while 18 USC section 2516 (3) provides that other government officials may authorize an application for a wiretap order for electronic communications. Since section 405 does not amend 10 USC section 2516, to include the term "digital," it would appear that _no_ government official has the authority to authorize an application for a wiretap order for digital communications. This is particularly problematic, since this investigative tool is reserved for the most serious cases, including those involving terrorists, organized crime, and narcotics. Equally disconcerting, the amendment serves to protect computer hackers at the expense of all users of the National Information Infrastructure (NII), including businesses, government agencies and individuals. Prior to 1994, wiretap statute allowed electronic communication services providers to monitor _voice_ communications to protect their systems from abuse. 18 USC section 2511 (2)(a)(i) (1986 version). Thus, when hackers attacked computer systems and system administrators monitored these communications, they had no clear statutory authority to do so. In October 1994, Congress finally remedied this defect by amending 10 USC section 2511 (2)(a)(i) to permit the monitoring of electronic (i.e., digital, non-voice) communications. If section 405 is enacted and these hacker communications are deemed digital, system administrators will once again be denied the statutory authority to monitor hacker communications. It would be most unfortunate if, at the same time Congress is encouraging the widespread use of the NII, it passed a law giving system administrator's a Hobson's choice: either allow hackers to attack systems unobserved or violate federal law. There are three other concerns as well. First, by adding the term "digital" without amending the suppression provisions of 18 USC section 2515, voice communications -- if they are deemed "digital" -- will no longer be protected by the statute's exclusionary rule. This would serve to reduce the privacy protections for phone calls. Second, section 405 would replace the words "oral communication" with "communication" in 18 USC section 2511 (l)(B). This would have undesirable consequences for law enforcement because it would criminalize the interception of communications as to which there was no reasonable expectation of privacy (see footnote #2). >From the law enforcement perspective, there is simply no sound reason for eliminating this highly desirable feature of present law. Additionally, the amendment might also impact upon the news gathering process. For example, if the conversation of two individuals shouting in a hotel room were recorded by a news reporter standing outside the room, the reporter would, under section 405, be violating the wiretap statute. Under current law, of course, the individuals could not complain about the recording because, by shouting loud enough to be heard outside the room, they lack any reasonable expectation of privacy. Last, the provision in section 402 (d)(5) provides that "no cause of action may be brought in any court ... against any person on account of any action which the person has taken in good faith to implement a defense authorized under this section ...." This would seem to suggest that any person can freely engage in electronic surveillance otherwise prohibited under Title III- so long as they claim to be implementing a section 402 defense. As such, section 402 (d)(5) severely weakens the privacy protections currently offered by the wiretap statute. In sum, sections 402 and 405 of the bill would hamper the government's ongoing work in stopping the dissemination of obscenity and child pornography and threaten law enforcement's continued ability to use court-authorized wiretaps. We believe that a comprehensive review be undertaken [sic] to guide response to the problems that the Communications Decency Act seeks to address. I assure you that the Department is aware of the growing use of computers to transmit and traffic obscenity [sic] and child pornography. The Criminal Division's Child Exploitation and Obscenity Section is aggressively investigating and prosecuting the distribution of child pornography and obscenity through computer networks, and the use of computers to locate minors for the purpose of sexual exploitation. As we have discussed with your staff in a meeting focused on these issues, we remain committed to an aggressive effort to halt the use of computers to sexually exploit children and distribute obscenity. Sincerely, {sig} Kent Markus Acting Assistant Attorney General FOOTNOTES (1) It should be noted that "digital" communications are already covered by the wiretap statute. Under current law, a "digital" communication is either a wire communication under 18 USC sec 2510 (1) (if it contains voice) or an "electronic communication" under 18 USC sec 2510 (12) (if it does not contain voice). Since such communications are already covered, the reason for enacting section 405 is unclear, and it is difficult to predict how the courts will interpret the amendment. (2) The definition of "oral communication" in 18 USC sec 2510 (2) contains a requirement that the communication to be protected must have been made under circumstances justifying an expectation of privacy. [End of DoJ document.]