New Revenge Porn Bill Shows Silicon Valley’s Influence in Politics

On Thursday, Rep. Jackie Speier (D-CA) introduced a bill to criminalize revenge porn—the posting of nude or sexually explicit photographs without the subject's permission. A comparison of the text of the bill to an earlier draft circulated in May 2015 and conversations with sources indicate that tech industry lobbying had a significant impact on the final text.

The Intimate Privacy Protection Act (IPPA) is a bipartisan bill cosponsored by Reps. Katherine Clark (D-MA), Ryan Costello (R-PA), Gregory Meeks (D-NY), and Thomas Rooney (R-FL). It criminalizes the "knowing" use of the internet to distribute nudes or sexually explicit photos of an identifiable person with "reckless disregard" for that person's consent. A violation of the proposed law could result in a fine and/or up to five years in prison.

The bill, therefore, is targeted at not only intimate partners who maliciously post nudes of their exes online, but also the people who "recklessly" pile on afterwards, reposting the images to harass the target.

An earlier draft of the bill also imposed liability for search engines, website operators, and software application developers, requiring them to respond to revenge porn takedown requests within 48 hours. These provisions do not appear in the final text—an apparent instance of successful lobbying on the part of tech companies including Google, which sources say was involved in the drafting process. In Thursday's press conference, Speier thanked Twitter and Facebook for their support of the bill.

The bill was originally supposed to be introduced last fall, but was delayed without explanation.

The Difficulties of Legislating Against a "Life-Ruining" Crime

Revenge porn is a serious harm, sometimes described as "life ruining" by victims. "The victim's privacy is irreparably violated, they fear for their safety, their job opportunities are jeopardized, and they are often driven to feel shame and guilt," said Rep. Katherine Clark in a press release.

Similar bills at the state level have been criticized for encroaching on the First Amendment. In September 2014, the ACLU challenged an Arizona revenge porn law on the basis that it violated the First Amendment, and in July of the following year, obtained a permanent halt to enforcement of the law.

Fortunately, IPPA's final form is a far cry from Arizona's sloppily drafted statute—which could have criminalized the sale of history books that included photos from Abu Ghraib—and is far less likely to be struck down in court if it does get passed. The bill holds perpetrators to a higher level of mens rea ("guilty mind"—a level of intent usually specified in criminal statutes) and provides an exception for photos published "in the bona fide public interest."

Gone: Provisions that Would Have Weakened CDA 230

At the press conference on Thursday, Speier thanked a "broad coalition of supporters," including "online businesses like Facebook and Twitter." She did not explicitly mention Google or other search engines, but sources told Motherboard that the search engine company was involved in the process of drafting the bill. Speier's office said that Google was "neutral" on the bill—neither backing nor opposing the legislation.

However, the Congresswoman's office would not answer questions as to whether Google or other tech companies were responsible for the removal of notice-and-takedown provisions.

Google's search engine would have been directly affected by the earlier version of the bill. In 2015, Google voluntarily chose to begin removing revenge porn from search results,but the previous version of the bill would have introduced liability for not doing so.

This version of the bill that was circulated for discussion in May 2015 posed a potential problem for many tech companies: It created a "safe harbor" similar to DMCA safe harbor, immunizing search engines (like Google), website operators, and software application developers from liability so long as they delisted or removed revenge porn within 48 hours of notice.

But "safe harbor" is a deceptive word here. Section 230 of the Communications Decency Act already provides a liability shield for online platforms.

Many tech companies owe their growth to the liability shield provided by CDA 230. Thanks to CDA 230, startups that make use of user-generated content—including Instagram, Yelp, and Reddit—can more easily defend themselves from a whole class of lawsuits. As an example, just this last year, Twitter was sued by the widow of an American contractor killed overseas by ISIS. CDA 230 likely bars the suit, allowing the tech company to easily defend itself at an early stage of litigation for content posted by its users—some of whom are indeed members of ISIS.

CDA 230 is also sometimes blamed by anti-revenge porn activists for enabling revenge porn and preventing the prosecution of revenge porn site operators who say they aren't liable for what their users post. (For what it's worth, CDA 230 did not stop site operators Kevin Bollaert or Hunter Moore from going to prison.)

The "safe harbor" described in the early revenge porn bill would have shattered the CDA 230 liability shield, creating a brand new notice-and-takedown regime similar to the DMCA, but specific to revenge porn. It would create obligations that would may have required Twitter, Facebook, Google, and others to expend new resources on dealing with revenge porn takedown requests—more so than present efforts, which are voluntary, rather than required by law.

The revenge porn safe harbor provisions do not appear in the final version of IPPA, however, making it likely that Silicon Valley successfully lobbied to remove that part of the law and keep CDA 230 mostly intact.

The final text actually reiterates CDA 230 protections—with a slight twist. The bill says that it won't apply "to any provider of an interactive computer service as defined in [CDA 230] unless such provider of an interactive computer service intentionally promotes or solicits content that it knows to be in violation of this section."

Eric Goldman, professor at Santa Clara University School of Law, and an expert on CDA 230, said that it was unclear as to whether this changed the current state of CDA 230 law. "In general, Section 230 applies to all third party content, even if it is promoted or solicited," he said. However, he added, "The rules get less clear when the [user-generated content] is itself illegal."

It's possible that IPPA does nothing to change CDA 230, said Goldman, pointing to existing language in landmark (and controversial) decisions like Roommates.com.

IPPA's earlier draft would have slashed a hole in CDA 230, but the final version has a more ambiguous relationship with the current state of the law, and the interests of the tech industry at large.

A Narrowly Drafted Law

The tech industry's success in shaping the bill to its interests certainly helped make a narrowly drafted law. But rather than making the bill toothless, this narrow drafting may have done the anti-revenge porn movement a favor.

The ACLU's victory against the Arizona law was a blow to the anti-revenge porn movement, and the effort to create federal legislation subsequently took a very cautious approach. A federal law being overturned on First Amendment grounds can seriously stymie future forms of similar regulation—see, for example, what happened to the Communications Decency Act, which sought to regulate indecency on the web. In 1997, significant portions of the law were ultimately struck down by the Supreme Court, ironically leaving CDA 230 intact—the very liability shield often criticized by anti-revenge porn activists.

The ACLU also opposes the final text of IPPA, saying it's not drafted carefully enough.

The question of whether the bill would pass First Amendment scrutiny took front and center stage at a press conference on Thursday, where Speier said that the final text received support from "12 leading constitutional scholars," including Erwin Chereminsky, the dean of UC Irvine Law School.

A statement from Chereminsky—who could not attend the press conference—was read aloud by Speier: "There is no First Amendment problem with this bill. The First Amendment does not protect a right to invade a person's privacy by publicizing without consent nude photographs or videos of sexual activity."

Despite the great care that speakers at the press conference took to allay concern about free speech, CDA 230—which fosters online speech by shielding platforms from liability for that speech—did not get mentioned. And the tech companies who benefit from an intact CDA 230 only got a small shout-out. But the fingerprints of their lobbying efforts can be seen in the final text, another marker of Silicon Valley's growing political presence in Washington, D.C.