Having read the entire bill, I think you may have missed a definition.
the term "owner" or "operator" when used in connection with an Internet site shall include, respectively, any owner of a majority interest in, or any person with authority to operate, such Internet site (Page 33, lines 19 - 23)
Going by that, I would think that it's only the customer that would be liable, unless you offer a fully managed service. Fully managed meaning that you are the one actually loading the "illegal" content on the server, and making it publicly accessible. So, if you don't have the authority to log into the server, or the authority that you have been granted (to do system management work) doesn't involved looking at, or touching the "illegal content", then I can't see how the host would be responsible.
If we move this to a residential scenario, would your home ISP be legally responsible if you were file sharing? Enough to be sued? I don't think so, but again, I'm not a lawyer...
Chris Rogers - firstname.lastname@example.org Inerail - Servers, Colocation, IP Transit
Performance, Reliability, Security
New York • Philadelphia • London • Salt Lake City
The definition you're analyzing refers to who may be sued initially by the Attorney General. One of the changes in PROTECT-IP vs. COICA (last year's version) is that internet infrastructure providers have been removed from the list of entities who may be sued by the Attorney General (in most cases).
The issue for hosts is that there doesn't appear to be a requirement of operational reasonableness required of court orders directing you to take action against the operators. Looking at the bill, advertisers and financial service providers have been called out a couple of times and limits placed on what courts can force them to do.
My experience has been that courts often make the analogy that hosts are similar to self storage vendors. As a result, their orders will require you to do something like "preserve all data on the server, while allowing it to remain online." In a managed hosting context, those two requirements are typically mutually exclusive.
There is also a concern that there is no immunity from liability for the actions of your customers. While this is a bit murkier than the prior issue, it seems that particular industries have been called out for protection, while others, hosting in particular have not. This ambiguity could lead to years of litigation.
My analysis of the bill is on my WHIR blog (I can't link to it because I don't have 5 posts yet).
The infuriating thing here is that this legislation is so unnecessary. Do they really need additional tools to fight theft of IP? No matter what the penalties, people will infringe. I guess I might feel differently if I were a movie studio or record label. I also think preservation and equipment seizure requirements are particularly onerous with the prevalence of cloud for high end customers. It's like shared hosting but for big boys. :-) I hope it doesn't come down to the government seizing an entire cloud infrastructure for a single rogue client to help the government think their policies through, but it wouldn't surprise me either.
The infuriating thing here is that this legislation is so unnecessary.
I agree - the Digital Millennium Copyright Act is the current status quo. It is not without some issues, but they are issues that can be addressed if the right parties sit down to talk about solutions.. Overall it's a good piece of legislation - a pro-business, sensible way of approaching IP.
First of all I want to make it clear that I am extremely sympathetic to copyright holders. I think that by and large web hosts are on their side, and we stand against anybody who is illegally exploiting their works. But when it comes right down to it, there are right and wrong ways to do things, and Protect IP has got it wrong.
The biggest problem with the DMCA is that it tends to result in a game of whack-a-mole. A host works with authorities to shut down a site, but that doesn't stop it from popping up elsewhere, which it inevitably does. That is a problem, and it has led to great frustration on the part of copyright holders, understandably so. And parts of Protect IP endeavor to try to fix that problem. Protect IP actually may result in lists of domains that hosts will have strong incentives to blacklist. That could help the game of whack-a-mole. But how do they achieve it? By throwing out an incredible amount of due process.
I completely understand the government's desire to find a better way to protect copyright owners. One is needed. The DMCA, flawed as it is, should be the framework on which we build the next step in our campaign to provide relief to victims of copyright abuse. The DMCA can be improved upon a lot easier than Protect IP could be turned into something that won't do a lot more harm than it does good.
Lobbying resources are one thing, but Google has lobbying resources and it hardly ever gets it way legislatively. Why? Because it doesn't have numbers. We do. We're in a great position to enact legislative change because hoisters - backed by money or no - if educated and empowered - have numbers on our side.
The issue, honestly, with Google, Microsoft etc's lobbying efforts is that they're completely transparent. A very focused industry effort is often more successful than those from a large company, no mater its resources.