U.S. House Passes the SAFE Act

Q Boyer
WASHINGTON — The House of Representatives, 409 to 2, has passed the Securing Adolescents From Exploitation-Online (SAFE) Act, which would require Internet service providers to report any apparent violation of certain sections of federal law pertaining to child pornography and child exploitation.

Free Speech Coalition Chairman Jeffrey Douglas said that although he had not had the opportunity to do a detailed analysis of the SAFE Act as passed by the House, his cursory evaluation of the bill lead him to believe it “has constitutional problems coming out of its ears.”

“The notion that an ISP could actually tell what is or isn’t a violation [of the relevant federal laws] — to make those distinctions on its own — is kind of silly,” Douglas told XBIZ. “There are very subtle distinctions there, and it is all extremely subjective.”

Particularly troubling is the fact that as terms like “lascivious display” and “depictions” are defined in the existing federal statutes referenced by the SAFE Act in such a way that ISPs could find themselves needing to report depictions of fully clothed minors, if they are posed incorrectly, or even forms of depictions like statues, drawings, cartoons and paintings.

“Once you extend the law to implicate [1st Amendment] protected materials, you have stepped out of bounds,” Douglas said.

Under the language of the bill as passed by the House, any person “engaged in providing an electronic communication service or a remote computing service to the public” that “obtains actual knowledge” of apparent violations of sections 18 U.S.C §1466A, 2251, 2251A, 2252, 2252A, 2252B or 2260, must “as soon as reasonably possible … complete and maintain with current information a registration with the CyberTipline of the National Center for Missing and Exploited Children … [and] make a report of such facts or circumstances to the CyberTipline.”

The reports filed by ISPs would be required to include “information relating to the Internet identity of any individual” who appears to have violated the relevant sections of federal law and to the extent available to the ISP the “electronic mail address, website address, uniform resource locator or any other identifying information, including self-reported identifying information” concerning the suspect individual.

Such reports would also be required to include historical information “relating to when any apparent child pornography was uploaded, transmitted, reported to or discovered by [the ISP} … including a date and time stamp and time zone” and geographic information pertaining to the suspect individual obtained by the ISP.

Lastly, the report would be required to include the apparent images of child pornography themselves. The act provides immunity to both the reporting ISP and to NCMEC for the sending and receiving of such images in the reports — which would otherwise be a violation of federal law in itself.

Failure to report as required would result in significant fines under the SAFE Act. The first instance of failure to report would be punishable by a fine of up to $150,000, while second and subsequent failures to report would lead to a maximum penalty of $300,000.

Reed Lee, an attorney with JD Obenberger and Associates and member of the FSC’s legal team in its challenge to 2257 record-keeping regulations, told XBIZ that the bill’s scope and definitions aside, any time government-required reporting is at issue other worries arise.

“It is true that one of the things that the Internet did was to make child pornography more readily available, and Congress understandably wants to do what it can to address that,” Lee said. “But this entire field of forced reporting has created some concerns.”

Drawing an analogy between the SAFE Act and laws that require schools to report suspected child abuse, Lee noted that such requirements create a lot of dilemmas for the people required to do the reporting.

“You have people reporting things that might not otherwise have caused them to be suspicious, even, because they are worried about complying with the law,” Lee said, adding that sometimes such reports create unnecessary headaches, because even if no abuse has taken place, the agencies and people involved have to follow through on the report.

Asked whether the law could potentially be extended to require individual computer users, or companies that provide some manner of Internet service but are not what one might think of as an ISP — such as coffee shops that provide Wi-Fi connections for their in-store customers — to file such reports when they observe apparent illegal activity over their networks, Lee said that he had not yet examined the statute in depth, and thus could not provide a definitive answer.

“The thing to keep in mind where legislative definitions are concerned is that it does make sense when you are creating new law in area with existing statutory definitions to cross reference and rely on those existing definitions,” Lee said. “Sometimes things are defined for one purpose, however, but that definition doesn’t take into account other purposes — so you really have to roll up your sleeves and dig into those definitions to get an accurate picture.”