EASTSIDE — When Jonathan Gelfand walks into his office in the Lantana complex in Santa Monica, he doesn’t wonder if someone has stolen from him — the question is how much.
Gelfand is an attorney for Beachbody LLC., producers of the popular P90X workout videos, which promise that the user will get “absolutely ripped” in 90 days if they follow a rigorous workout schedule and meal plan.
And while many people seem willing to try the program, relatively few want to pay the $120 price tag. Instead they get the disks off of pirate websites with servers located outside of the United States.
That piracy costs Beachbody $75 million each year, Gelfand estimates.
“We need help,” Gelfand said. “This is truly killing us.”
A pair of bills before the two houses of Congress aim to give law enforcement agencies the ability to stop online piracy on offshore websites, powers that some Santa Monica-based companies cheer and others fear.
The two bills, called the Stop Online Piracy Act (SOPA) in the House of Representatives and the Protect IP Act (PIPA) at the Senate level, would make it possible for a judge to order an Internet Service Provider (ISP), like AT&T or Comcast, to redirect traffic away from foreign sites that are illegally selling or posting copyrighted materials.
Furthermore, companies could go after the source of payments to those websites through payment systems like PayPal, cutting the revenue off at the source.
The bills, which still in their adolescence, have met significant backlash from companies that fear they might incidentally fall into the category of “pirates” if users post links to copyrighted materials — like music videos — on their sites, and from Internet engineers who say that the methods used to redirect web traffic will have significant impacts on Internet security.
Beachbody and Universal Music Group, which is also based in Santa Monica have come out strongly in support of SOPA, which they see as the only way to prevent their products from being stolen and shared. The Recording Industry Association of America claims that global music piracy results in $12.5 billion in economic losses each year, and a loss of 71,060 jobs in the U.S.
Cost of the hunt
Offshore websites hawking ripped off versions of the P90X videos are a dime a dozen and, under current law, nearly impossible to shut down. Gelfand, and many others, liken it to playing the arcade game “whack-a-mole,” where contestants use padded mallets to hit plastic moles that appear out of a series of holes in the game board.
If so, this is a pretty expensive version.
Chasing an offshore site costs a cool $15,000 to begin, and involves wading through local law — often in China or eastern Europe — to get an ISP to shut down a site for the exact same domain name to reappear less than a day later, Gelfand said.
If negotiating with the ISP doesn’t work, companies can try to buy up the domain name. That results in the same site with a slight name variation coming online within hours.
Winning means fighting with a site until the owners decide it’s not worth it anymore. That can mean up to $180,000 in legal costs and months of work, Gelfand said.
“It’s laborious, it doesn’t work and it’s expensive,” Gelfand said.
SOPA and PIPA would give companies better tools to go after offending sites, saving them money and encouraging them to invest in new products which they could assume wouldn’t be stolen as easily.
But what Gelfand sees as a helpful weapon for the arsenal, intellectual property attorney Milord Keshishian likens to “using a Patriot missile to level an anthill.”
Keshishian’s firm, Milord & Associates, represents startups in Santa Monica that could see their business pulled out from under them if the act passes in its present form.
“I think it’s a little overreaching,” Keshishian said.
A fear within the Internet community is that SOPA and PIPA would allow companies alleging copyright infringement to go to a service provider and request that the offending site remove the content or face loss of revenues and takedown of the site.
Existing law gives websites and service providers “safe harbor,” meaning that the company cannot go after the site for content that a user posts. For instance, if an individual put up an illegal copy of a music video on YouTube, the music company that owns the rights could not sue YouTube.
According to Keshishian, SOPA turns that provision on its head.
“If the party gives notice and you don’t shut down the website, you’re not protected by safe harbor,” he said. “If you do it unlawfully, and the user-generated content is deemed not to be infringing, you have immunity against the content owner.”
That means that the website or service provider is safer if it takes down material that allegedly violates a copyright or stop payments to a certain site, even if a judge later determines the material to be benign.
The draft law has since been changed to remove a five-day deadline to inform the content owner of the problem before taking down the material altogether. Critics said it was not a reasonable amount of time for people to respond. It’s unclear if more time would be added.
At Beachbody, Gelfand acknowledges many of the criticisms about the bill, but says that potential abuses can be prevented by the judges who hear the cases.
“We put a lot of time weighing the positives and negatives of this bill,” he said. “Finally, it would give U.S. companies the ability to enforce our rights outside the United States.”
One of Keshishian’s Santa Monica clients, Jamie Snider, founded a group chat site called Yowie.com.
Yowie provides two core products. One allows celebrities to hold a live video chat with fans and the other lets groups of friends chat together using video and sharing links.
SOPA supporters, notably the Disney group, have used Yowie’s service to get their young stars closely connected to their fan base, but the concept of the bill makes Snider nervous.
“The big issue for a company like ours is to be responsible for monitoring all user-generated content on the site in fear of a penalty as severe as jail time, fines, or DNS blacklisting,” Snider said.
DNS, or domain name system, is the naming system that effectively translates from English to computer. Inputting words into a computer browser is meaningless to the machine unless they are translated into a series of numbers called the Internet Protocol (IP) address.
DNS blacklisting is when the DNS does not route to its associated IP address, blocking access to the site.
That’s the main way that SOPA and PIPA propose to halt traffic to offending sites after a judicial process that critics like the American Civil Liberties Union calls insufficient.
For Snider and his team of six full-time employees and one part-timer, it would mean monitoring all of the chats that happen on Yowie to make sure no one shares a bad link or, in extreme cases, plays a song in the background of the chat.
The method has drawn protest from critics across the Internet who believe that it could be used to stifle free speech, or go after websites that are critical of the government, like Wikileaks.
Although that concerns Snider, his worries are more immediate.
“I’m against piracy,” Snider said. “I’m a Netflix subscriber, and I have an iTunes account. I pay for everything. I can certainly understand the position they’re in, and there’s no justification for the effect it’s having on their business.
“My concern is that the government doesn’t understand our business,” he said.
It’s a common complaint, but not just amongst businesses.
Internet engineers complain that the lawmakers most heavily involved with SOPA and PIPA lack a fundamental understanding of how the Internet works, including how their bills propose to alter the fundamental underpinnings of the one thing the entire world agrees upon.
“Everybody has said, ‘Wait, you can’t do this, it’ll break my stuff,’” said Paul Vixie. “When it comes to DNS, I can tell you that it would truly break our stuff.”
Vixie is the founder of the nonprofit Internet Systems Consortium, a nonprofit group that provides open source software for the Internet community and focuses on maintaining and enhancing BIND, a widely-used DNS software.
He is also the co-author of a paper that came out in May analyzing the two bills which stated that people could easily get around the proposed DNS filters, and that their efforts would “threaten the security and stability of the global DNS.”
“You would have to spend almost 30 seconds getting back to where you were before,” Vixie said. “Given that’s the case, this is pointless and unenforceable.”
Determined downloaders without a lot of Internet knowledge can use a foreign DNS server to get around local filters, a feature easily accessed through a plugin in a web browser like Firefox that will automatically look offshore.
That would invite other cybercrimes, because the servers that would be used don’t operate under United States law. It could mean going to something that looks like your bank’s website only to find it was a clone meant to steal your financial information.
Vixie estimates he’s spent about 60 percent of the last year arguing about SOPA and PIPA, but he hasn’t yet been called before Congress. Vixie anticipates testifying before Congress soon. Lawmakers have called for a hearing specifically including engineers concerning the security risk Vixie raised.
He does believe that there is a third way between the status quo and what he feels are the dangerous changes in SOPA and PIPA, a technical solution that would respect the laws of the Internet and protect copyrighted information.
“The [Motion Picture Association of America] spent $90 million so far this year according to mandatory reporting trying to put PIPA and SOPA in place,” Vixie said. “If they would invest half that much over a few years, I’ll put the band back together and solve this problem in a way that makes more money and doesn’t put anybody out.”