[Originally published in _Internet_World_, Sept./Oct. 1993.] The Law of the Net: Problems and Prospects [ 1,500 words ] By Mike Godwin (mnemonic@eff.org) Legal Services Counsel Electronic Frontier Foundation When non-lawyers wonder about just what it is that lawyers do, they often think that lawyers are focused on the past. The world of precedent, after all, resides in the past, as do the histories of legislation and the meanings of legal language. But lawyers have to think about the future, too. Part of a lawyer's job is being able to anticipate problems and suggest solutions ahead of time. (Failure to do this properly is a chief source of lawsuits.) And nowhere is the need for legal forecasting so acute as it is on the Internet, a global network of networks that seems to have simultaneously raised issues in every area of law, from criminal law to intellectual property to Constitutional law to international law. In this article I'll outline just a few of the legal areas that face both lawyers and nonlawyers who invest time and resources on the Internet. But I hope that in doing so I can suggest the range of legal issues that we'll have to address in the coming century of networked computer communications. Civil and criminal law on the Net: who's responsible? Most areas of the law--e.g., tort law, property law, and contract law--focus on allocating rights and responsibilities among the parties in certain kinds of specified interactions. But the changes wrought by distributed computer networks will likely change some of the traditional balances our society has struck between rights and responsibilities. Take libel, for example. Historically, a publisher who printed an article quoting a libelous statement was held to be as responsible, legally, as the person who originally made the statement. A number of theories have been advanced to justify this legal principle, including the following: 1) A publisher is more likely to be able to pay significant money to someone whose reputation has been damaged. That is, the publisher is more likely to have the resources to mitigate the damage caused by a libel. 2) Libelled persons typically have less access to media than writers and editors do, so it's only fair that publishers be given a strong monetary incentive to get their facts straight, since normal folks won't have much chance to correct the record themselves. 3) A publisher (or his or her agent) could be presumed to have reviewed the libelous material before it was published, so to that extent the publisher is to blame for the damage to the plaintiff's reputation. This historical principle was significantly modified by the U.S. Supreme Court in a case called New York Times Co. v. Sullivan (376 U.S. 254, 1964). In that case and in subsequent cases, the Court held that publishers should be held liable for libel only if the plaintiff can prove some degree of fault on the publisher's part. But how does libel law play out on the Net? One thing that becomes apparent quickly to Internet users and service providers is that the dynamic of information flow is very different on the Net from that of traditional (print) publishers. For one thing, the person or entity providing Internet access may have no more financial resources than the person who is allegedly libelled by a posting from that site. For another, no one reasonably believes that an access provider prescreens all Usenet postings or e-mail before passing that information through to the rest of the world. A third difference lies in the sheer democracy of the Net--it is comparatively easy for even private individuals to "correct the record" by posting answers to libelous statements. These differences may undermine the whole rationale for holding those who merely republish information (and who do not review it beforehand) legally responsible for libelous statements. A recent decision in federal district court (Cubby, Inc. v. CompuServe, Inc., 776 F.Supp. 135, S.D.N.Y. 1991) suggests that the law may treat online service providers more like bookstores than like traditional publishers, which may mean different (and arguably greater) First Amendment protections for these providers. Still another area of the law likely to be changed by the growth of the networks is criminal law. Consider, for example, the release and dissemination of computer viruses. One of the legal norms in this country is that, under most circumstances, you can be prosecuted for only for things you *do*, not for things you *say*. But the world of computers and networks is a world in which language (specifically, computer language) has immense power to do good or ill. Where will the courts draw the line between speech and action? Is the person who writes a virus a criminal? What if she releases one accidentally? What if she does so on purpose? What if her activities are part of an academic study program focusing on viral behavior and dissemination? Can writing a virus be considered aiding and abetting a crime (such as vandalism)? And what about computer intrusion? Are "hacking" and "cracking" more analogous to burglary than to trespass? Or do they not fit any traditional crime at all? Should the law distinguish between "malicious" and "exploratory" computer intrusion? Questions like these will dominate discussions of computer-crime legislation. Negligence law, a major area of tort law, will probably adapt most easily to the new world of international computer networks, since the notion of negligence is very generally defined in terms of care with which a reasonably prudent person would conduct his or her affairs. But even negligence law has its challenges in a world where the standards of due care have not yet been widely established. Is an access-provider negligent if his or her system becomes the means by which a virus is spread? To what extent must service providers inspect their systems for dangerous programs? These are issues over which reasonable people can disagree. Intellectual Property on the Net One area of law will be particularly challenged to adapt to the changes the increasing access to a global network will bring. The law of intellectual property, which includes the law of copyright, will have to adapt to a world in which advances in technology increasingly undercut one's ability to enforce intellectual-property rights. Only now has it become clear the extent to which copyright law has depended on the "bottleneck" created by the costs of printing (and, later, of photocopying). As of today, it remains far easier simply to buy the magazine containing a short story than it is to photocopy that story, or to have a copy printed by a printshop at your own expense. But thanks to the growth of character recognition software, the dropping costs of computer hardware, and the increasing ubiquity of computer networks, the costs of reproducing all sorts of intellectual property are falling rapidly. The ease with which one can duplicate the latest William Gibson novel may approach (or surpass!) the ease with which one can copy the latest version of Microsoft Excel--especially if the novel is released on disk at some point. (Three of Gibson's novels have already been published on disk as hypertext files.) It has been argued that the current copyright regime could be replaced by one based on usage fees, but that suggestion overlooks a couple of important obstacles. First of all, once someone acquires information from an online publisher, there's little disincentive to spread that information around. (Why should you call up Nexis, for example, when I did a similar search last week and can forward my search results to you in e- mail?) The second problem is that both the Internet and the proposed infrastructural schemes that could replace it are highly decentralized. This decentralization of the Net makes billing for and tracking use of intellectual property very difficult, since there's no central tracking mechanism, nor has any credible one been proposed. In the meantime, copyright violations on the Net are commonplace. To a large extent, rights in copyright on the Net are enforced only by the honor system, and those who regularly read Usenet are accustomed to seeing the occasional wry comment accompanying a retyped or copied article: "Reprinted Without Permission." It seems certain that the great majority of people who routinely forward copyrighted material around the Net are not otherwise significant lawbreakers. I have long believed that, when a law's requirements are so unrealistic that they are routinely broken by otherwise law- abiding citizens, it's a sign that the law needs to be changed. (This could be called "The Lesson of Prohibition.") But, to my knowledge, no one has yet advanced a theory as to what changes could save the essence of copyright law, or what scheme could replace it. Other problems in the law of Cyberspace As I said at the outset, I can only suggest the range of legal issues that will face us in the coming years and decades. For example, I've said nothing about the complex jurisdictional problems that are created when people routinely can commit acts in one country that lead to harmful effects in a country on the other side of the globe. The Net is multijurisdictional, yet international law has yet to show the kind of robustness, nor has it earned the kind of support, to be a reliable guide to the legal framework of global networked communications. What's more, there is an incredible potential for international friction in the fact that the Net is neither centralized nor censored. What happens when some college prankster posts chapters from THE SATANIC VERSES to soc.culture.iranian? Not only do we not yet have solutions for these kinds of problems, but we also have relatively few policy experts who recognize that these *are* problems. But whenever problems begin to arise routinely from human interaction, it's a safe bet that lawyers will soon appear. Disturbing as this fact may be to those of us who see "lawyer" as a synonym for "trouble," it's also a sign that the electronic frontier is becoming civilized--it takes a civilization to require laws, and to enforce them. [ Bio tag t.b.d. ]