Speaker Newt Gingrich opposes the current form of the House's Stop Online Privacy Act (SOPA) and Senate's Protect IP Act (PIPA). Combating online piracy of intellectual property and its adverse effects on jobs and free market competitiveness is without question an important objective. However, each bill allows for private rights of action to censor the Internet while opening up additional risks to national security.
Although both bills are designed to be a new enforcement mechanism to combat online infringement of content and goods, there is an abundance of current technology, security best practices, and legal maneuvers to shut down foreign rogue websites without adding another layer of regulation. Each bill requires the use of domain name system (DNS) filtering, which raises serious technical and security concerns. The DNS is a daily, reliable function for every user on the Internet that converts a website name (such as Newt.org) to an IP address (such as 64.203.96.245). Modifying this function creates an incompatibility with the DNS Security Extensions - a critical set of security updates. In layman's terms, DNS filtering would be minimally effective and would compound an already difficult cybersecurity challenge.
Speaker Gingrich is not alone in his opposition. Organizations such as Google, Twitter, Wikipedia and Reddit have voiced root concerns, as well as public protests by blacking out some services as a cause-effect example. Sandia National Laboratories and other notable cybersecurity experts, have clearly documented the overarching technical and security challenges. This includes how easily an online pirate could evade DNS filters, but more importantly how a widespread circumvention would threaten the stability of the global DNS -- effectively opening up more cyber attacks. This scenario has been used in a variety of industry and government training exercises to demonstrate the threats and vulnerabilities to America's critical infrastructures.
In its current form, SOPA and PIPA are not mature enough to successfully combat online piracy without compromising competition and security. Speaker Gingrich recommends an in-depth examination of the distinct, yet interrelated business, technical and security issues. The next step would be to isolate existing laws, regulations, guidelines and standards to ensure that non-infringing bystanders are not adversely affected. The final step would be to develop a process to accurately identify online pirates and deploy a prompt, measured response.
