Letter to Rep. Jim Moran on Internet regulation, employers, child protection


May 4, 2006


Dear Rep. Moran:


Within the past six months there has been renewed media attention to the exposure of minors and teenagers to various risks on the Internet. Much of the recent attention is focused particularly on so-called “social networking sites” such as myspace.com. However, we know that risks appear in various forms as new technologies appear and are explored in various combinations. These elements include not just profiles on social networking sites but also personal domains and websites, blogs, search engines, so-called “private investigative services” that I wrote you about in May 2005, chat rooms, webcams, and pornography.  The law naturally tries to deal with the legality of web content and Internet conduct as a relative objective matter (because of the demands of the First Amendment), and yet most of the practical concerns seem to have to do with the context with which people (especially minors) interpret content and the acceptability of various behaviors.


There are two particular concerns that have caught media attention recently. The first concern is that employers, universities and graduate schools are reported to be regularly checking social networking profiles of job applicants as part of their “due diligence.” It is less clear from these reports (although strongly suggested) that employers regularly Google sites like mine, or personal blogs of adults.  There is no question about the legality of their access to a public space, but there are serious ethical questions about using personal sites or “Google finds” on a person as a major factor in an employment decision. A search engine like Google will show references to a person by others, and it is also easy to pick up the wrong person because of name synonyms. While I can understand that employers would take a dim view of rebellious “self-incriminating” bragging by students, say, about underage drinking and drug use, it would be all too easy to use the searches to weed out persons for social non-conformity (and “screen” for sexual orientation, an idea that would be especially “tempting” for the military, given the “don’t ask don’t tell” policy).


Of course, some jobs are very sensitive to publicity exposure. That is why I think it is sensible for employers to announce publicly their blogging policies, especially to job applicants. (This could hold true for military commands and some kinds of government agencies.) It makes sense that such policies depend on what the job is. Someone with direct reports, or whose job is to manage a company’s public relations, or who makes underwriting decisions about customers, is in a much more sensitive public position than an individual contributor in an information technology shop. But some scattered media reports (such as a Long Island Business Daily report in March) indicate that employers could run into many state employment laws (regarding “off duty behavior”) if they publish such policies to associates. Therefore employers resort to doing these “investigations” under the table, resulting in a loss of business ethics and more harm to associates. The attempt to regulate turns out to be self-defeating. What is needed to re-examine who owns the legal “right of publicity” of an associate in the workplace.


The second big concern contains, of course, the exposure of minors to the well-known dangers on the Internet, about which there are many bills in Congress. You recall that I am a litigant against the Child Online Protection Act (COPA) of 1998. The most conspicuous concern has been the exposure of children to sexual predators in chat rooms. The NBC “Dateline” series “To Catch a Predator” as well as some sensational reports in The New York Times about teenagers who sell their own child pornography from webcams in chatrooms has attracted public outrage.  But sometimes kids have attracted stalkers and predators by posting personal information on social networking sites.


Before getting too much into all of the regulatory controversies (and constitutional questions) it is simple to propose one major measure: Social networking companies should not allow persons under 18 to post profiles or blogs in public spaces without parental permission. Instead, they should set up “intranets” or “virtual private networks” where the universe of people who can access a kid’s profiles or writings is much more restricted and protected. Some of these companies have already made significant voluntary progress in doing this. As for the chatrooms themselves, we know that most states now allow the police to set up stings to catch persons who have an intention (or “propensity”) to contact minors for illegal purposes. But solicitation laws in many states (including Virginia) are worded loosely enough that conceivably otherwise legitimate and “objectively legal” web content could, in some contexts (such as having been written and published by a teacher) be construed and prosecuted as indirect solicitation.


Since the mid 1990s it has become possible for almost anyone, under a system of essentially “free entry” to make himself or herself a celebrity on the Internet if he or she is effectiveness in attracting attention, especially through search engines. The importance of this observation gets lost in the debates over spam, get-rich-schemes, viruses and worms, security, and phishing. As you can see, I have taken advantage of this opportunity, and I hope that I have pressured the debate on many controversial questions (starting with gays in the military, as you remember, but on to many “family values” issues and speech/publication issues) into more objective waters, and taken away the thunder of some of the special interests and conventional writers and lobbyists who earn a living by presenting only biased views. All of these issues about personal freedom and shared personal responsibility and meaning are linked together, and should be considered together, not in pieces. Nevertheless, there will be some people who do not like the way I present these matters without “paying my dues” first.


One legal mechanism that has made Internet freedom possible is that, by and large, ISPs are usually not legally responsible for content posted by their subscribers. Some of this protection comes from Section 230 of the 1996 law, the censorship portions (the “Communications Decency Act) that were struck down by the Supreme Court in 1997. There are legal notions that if an ISP monitors its customers, it can become liable. However, given the problems encountered by minors, there seem to be some calls for “New Testament I am my brother’s keeper” laws.  Now since around 2000 most ISP’s, like book publishers, have written indemnification clauses into their “terms of service” documents as contractual terms for provision of service. Because ISPs are, as a practical matter, largely shielded from a lot of liability for what customers do, these clauses are rarely invoked (except perhaps in cases of spamming and gross movie or music piracy – the downstream liability concept was recently visited by the Supreme Court in the Grokster case). Were this paradigm to change, ISP’s probably could not offer shared hosting services to self-publishers like me unless someone like me could demonstrate the revenue stream to cover the increased risk.


One subtle problem that we are seeing with all of the media reports about kids’ sites and profiles is that it is easy for a publisher to attract unwanted attention from stalkers and endanger not only him or herself but also other family members, students, coworkers, or co-residents. So far, in conjunction with personal security, this observation seems to be a much bigger problem in Europe and in the UK than in the United States. Personal outspokenness cuts both ways: it seems like it is necessary to keep the debate in a democracy “honest” and yet it presumes a certain personal distance in responsibility for others and family values. As a legal and constitutional matter, the First Amendment lists freedom of speech and freedom of the press separately. I am not a member of the press as normally understood and I do not have all of the rights of “the press.” But will the freedom to “speak” grow about from the freedom to “publish” in future laws and subsequent judicial litigation?


Certainly, there is a lot we can do to make our Internet communication and publishing infrastructure without unduly burdening personal freedom. I’ve mentioned some of them in this letter. One idea that might work better than what has been proposed so far (adult ID with COPA; also S1507, USC2257, S2246) is content labeling, as developed so far by organizations like Safesurf and ICRA. Although Microsoft is working with ICRA, much more coordination among software vendors, ISPs and governments (including internationally) would be needed to make this work in a practical sense for both publishers and parents. This would require major investment, and as a career matter in “retirement” it is something I would like to be able to take on. Another issue has to do with domain names and TLDs, although the proposed legislation requiring the use of the “XXX” TLD sounds carelessly conceived.  


 Business mail address:


4201 Wilson Blvd #110-688

Arlington VA 22203-1859


best phone is 571-334-6107


Note that on the discussion of downstream liability there would be concerns about the costs of defending frivolous and SLAPP suits where there may be no legitimate standing by the plaintiff. Another term for "brother's keeper" is "know your customer" laws.

See also this link about Internet safety and education about legal and intellectual property concepts for novices and minors.