Stop Online Piracy Act Vote Delayed

Rep. Jason Chaffetz. Photo J. Scott Applewhite/Associated Press

(This post was updated at 2:55 p.m. EST to reflect new hearing date set for Wednesday.)

The House Judiciary Committee considering whether to send the Stop Online Piracy Act to the House floor abruptly adjourned Friday with no new vote date set — a surprise given that the bill looked certain to pass out of committee.

The committee’s chairman and chief sponsor of the legislation, Rep. Lamar Smith (R-Texas), agreed to further explore a controversial provision that lets the Attorney General order changes to core internet infrastructure in order to stop copyright infringement.

Smith said the hearing would resume at the “earliest practical day that Congress is in session.” Hours later,  Rep. Darrell Issa (R-California) tweeted that the committee would resume action Wednesday.

The abrupt halt to Friday’s proceeding, which followed a marathon-long, 11-hour hearing Thursday, was based on a motion from Rep. Jason Chaffetz (R-Utah). He urged Smith to postpone the session until technical experts could be brought in to testify whether altering the internet’s domain-naming system to fight websites deemed “dedicated” to infringing activity would create security risks.

Just yesterday, Smith said that was not necessary, despite a signed letter by many of the internet’s core engineers saying the bill’s approach was technically flawed.

The legislation mandates that ISPs alter records in the net’s system for looking up website names, known as DNS, so that users couldn’t navigate to the site. Or, if ISPs choose not to introduce false information into DNS at the urging of the Justice Department, they instead would be required to employ some other method, such as deep-packet inspection, to prevent American citizens from visiting infringing sites.

ISPs, could, for instance, adopt tactics used by the Great Chinese Firewall to sniff for traffic going to a blacklisted site and simply block it.

But a host of security researchers and tech policy experts, including Stewart Baker, the former Department of Homeland Security policy director, said the plan “would still do great damage to internet security.”

On Thursday, Chaffetz and a host of other lawmakers asked Smith to stop the hearing so that the committee could bring in experts to testify. But Smith had refused, and the committee voted 22-12 to leave the DNS redirect and firewall provisions intact.

The committee heard from the Motion Picture Industry Association of America at a SOPA hearing last month, but has never called an expert on internet architecture. It was not immediately clear who Smith would ultimately line up.

Michael O’Leary, an MPAA vice president, had testified last month before the committee that security concerns were “overstated.”

Putting false information into the DNS system — the equivalent of the net’s phonebook — would be ineffective, frustrate security initiatives and lead to software workarounds, according to a paper co-signed by security experts Steve Crocker of Shinkuro, David Dagon of Georgia Tech, Dan Kaminsky of DKH, Danny McPherson of Verisign and Paul Vixie of Internet Systems Consortium. The paper was lodged into the committee’s record on Thursday.

“These actions would threaten the Domain Name System’s ability to provide universal naming, a primary source of the internet’s value as a single, unified, global communications network,” they wrote.

Also lodged into the record was an open letter from 83 prominent internet engineers, including Vint Cert, John Gilmore and L. Jean Camp.

“The US government has regularly claimed that it supports a free and open internet, both domestically and abroad. We cannot have a free and open Internet unless its naming and routing systems sit above the political concerns and objectives of any one government or industry,” they wrote.

In the security context, they maintain the bill would break the internet’s universal character and hamper U.S. government-supported efforts to rollout out DNS-SEC, which is intended to prevent hackers from hijacking the net through fake DNS entries.

The measure, meanwhile, also grants private companies the ability to de-fund websites they allege to be trafficking in unauthorized copyright and trademark goods. Rights holders may ask judges to order ad networks and banks to stop doing business with a site dedicated to infringing activities.

The legislation also gives legal immunity to financial institutions and ad networks that choose to boycott the rogue sites even without having been ordered to do so.

Smith’s legislation targets sites with foreign domains, not American-based ones ending in .com, .org and .net.