Embed Size (px)
DESCRIPTION
Were Amazon right to take down Wikileaks? What are the duties of online intermediaries to host or give access to content which may lose them money or customers? Should they have duties to preserve freedom of speech?
Citation preview
LILIAN EDWARDSPROF OF E -GOVERNANCE
STRATHCLYDE LAW SCHOOL
FEBRUARY 2011
HTTP: / /BLOGSCRIPT.BLOGSPOT.COM
Wikileaks, cybercrime and the role of online intermediaries
Timeline
28 Nov 2010: “patriot” DDoS attack hits WikiLeaks as first set of US diplomatic cables is published.
3 December 2010: Amazon Web Services stops hosting Wikileaks, citing ToS; hit by DDOS attacks
3 December 2010: WikiLeaks.org ceases to work for web users after everyDNS.com claims DDOS attacks against WikiLeaks were disrupting its service provided to other customers.
4 December 2010: PayPal permanently restricts account used by WikiLeaks (later, M/card, Visa, Postfinance)
8 December 2010: DDoS attacks take down PayPal, Visa, Mastercard, “Anonymous” /Operation Payback claims responsibility, using LOIC to create DoS attacks
13 December 2010 : Amazon in Europe goes down for 30 mins - denies DDOS cause
Anonymous’s version
"We're against corporations and government interfering on the internet," Coldblood added. "We believe it should be open and free for everyone. Governments shouldn't try to censor because they don't agree with it”.
Guardian 8 December
The First Great Infowar?
What was the role of the intermediaries?
Should Amazon have taken down Wikileaks? Possible criminal liability as publisher under US Espionage Act Possible civil liability: copyright documents? (tho under US law
, probably not); trade secrets? Libel? Protection? S 230 © CDA does not cover criminal liability. (In
EU, ECD protection vanishes on notice to take down.) Risks to revenues/shareholders Risks to staff/CEA including jail PR risks – much opposition to Wikileaks in US
Yet in Europe.. Upholders of freedom of expression? “if you don’t support freedom of expression, why are you
selling books?”
Collateral risk to other customers
“"Having been there personally, I know how hard it is to face a DOS attack, and speaking for ourselves, any decisions made while a full-on shitstorm is being targeted at one's company and business are not political ones, they are ones of survival. I challenge anybody sitting in the comfort of their cozy little bubble existence at home, to sit on the receiving end of a full on DOS attack directed at themselves and then pontificate about 'cowardice' or anything else. Armchair quarterbacks.“ CEO, Easy DNS.
What was the corporate social responsibility of AWS? To their users? Customers? The public? Freedom of speech?
Further problems for intermediaries
AWS’ acts largely deflected by mirroring of Wikileaks across multiple hosts & new DNS servers
What if ISPs, search engines or DNS intermediaries asked to block access to Wikileaks.ch, .de, etc to users?
In UK no precedent for such even re criminal websites (eg fraud; race hate)and said to be no voluntary action by ISPs except re child porn IWF list
But DEA 2010 may still introduce power to seek court order to block locuses of likely © infringement
(cf COICA in US re DNS blocking anti P2P sites)Ofcom review of this ordered Feb 1 2011…
AWS’s terms of service
““you represent and warrant that you own or otherwise control all of the rights to the content… that use of the content you supply does not violate this policy and will not cause injury to any person or entity.” It’s clear that WikiLeaks doesn’t own or otherwise control all the rights to this classified content. “
In UK or EU, leaked government emails would probably be © the government unlike US.
Public interest exception? Maybe ...Do intermediaries need international rules to protect
them from being piggy in the middle? Are they publishers, businesses or messengers?
