As 2012 began—and less than two months after winning control over the Spanish parliament—the right-leaning Partido Popular passed a controversial new anti-Internet-piracy law that will impose strict penalties on website owners who fail to remove copyrighted material from their sites.
Sound familiar? The law, named after the former culture minister, Ángeles GonzálezSinde [above], gives the Spanish government nearly the same broad-ranging authority found in the equally controversial Stop Online Piracy Act (SOPA) now wending its way through the U.S. Congress. Owners of the material can now complain to a government commission that can issue an order to block a website's service.
The Spanish law was initially brought up for consideration and rejected in 2010. Evidence obtained by the Spanish paper El País suggests that the United States has been pushing hard for a reevaluation of the measure ever since, using trade agreements as leverage to prod the Spanish government to resurrect it. It's no surprise that the United States has shown such interest. Piracy is epidemic in Spain. Thirty percent of the population uses file-sharing sites, often to download Hollywood movies.
But there are good reasons to think that the Sinde law will only encourage more of this behavior. Because the law goes after only the content provider and leaves intact an individual's right to a digital copy, it may actually encourage Spanish citizens to use peer-to-peer file sharing, says Rosa María Garcia Sanz, a professor in the department of communication law at the Complutense University of Madrid.
In fact, there is little evidence to suggest that the enforcement strategies called for by the new law actually work to stop illegal downloading. France passed a law in 2009, known as Hadopi, or the "three strikes" law. It gives the government the authority to interrupt service for individuals who are caught downloading illegal content after they've received two warnings. Plenty of people took the legislation more as a challenge than a threat; many immediately began avoiding detection, thereby sidestepping the regulation, with the aid of virtual private network servers.
The Sinde law will be just as tough to enforce, according to Professor Sanz: "Even blocking domain name system [DNS] sites," she says, "would just encourage users to use alternative and unregulated DNS servers. In other words, there is a real problem of applying the law because it [is] so easy to circumvent the technical barriers used to block users from reaching the websites."
The same will likely be true in the United States, where SOPA has been held up in the House Judiciary Committee since last year, and a far-flung group of individuals and organizations have targeted companies that have come out in support of the antipiracy measure. Even the Obama administration has suddenly taken an under-the radar position against SOPA. Developers are already providing tools to circumvent the legislation. The Firefox add-on DeSopa was written as a proof of concept, but if the law is implemented, the add-on would allow users to resolve blocked domains by obtaining an IP address through foreign DNS servers.
But these kinds of solutions, which would certainly become popular if SOPA is enacted, carry serious security concerns. They would most likely increase the incidence of DNS hijacking, whereby an attacker redirects queries to a faulty, and potentially malicious, IP address. Security analysts at Sandia National Laboratories, in Albuquerque, raised these concerns in response to both the Senate and House versions of the bill, calling the DNS filtering mandate a fruitless " 'whack-amole' approach that would only encourage users and offending websites to resort to low-cost work-arounds."
It's unclear how seriously members of Congress are taking this advice. Indeed, the Obama administration's opposition may make SOPA moot. As U.S. lawmakers pause to catch their breaths after the first rounds of this battle, they might consider taking an even bigger step back to watch how the Spanish effort plays out—to see whether legislation actually brings about the hoped-for result.
About the Author
Morgen E. Peck is a technology journalist based in New York City and a frequent contributor to IEEE Spectrum. This article is adapted from her Tech Talk blog post "Spain's SOPA Law: How It Works And Why It Won't" of 9 January 2012.