In a recent op-ed piece in TheHill.COM, some friends and I described the futility of mandated DNS blocking as contemplated by the SOPA (H.R. 3261) and PIPA (S. 968) bills now working their way through the U.S. Congress:

No Internet user is required to use the Domain Name servers provided by their ISP. And if millions of American citizens who for whatever reason want to engage in online piracy can no longer do so because Congress has passed this law and their ISP is now filtering the citizen’s DNS lookups, well, those citizens will have dozens if not thousands of off-shore Domain Name servers they can switch to with the click of a mouse.

This is an important point since if federal law is changed to mandate that hundreds of millions of dollars be spent by ISP’s blocking the estimated hundred or so domain names used by the worst off-shore offenders of U. S. copyright and trademark law, then we’d all like to have some assurance that American consumers will respect this blockade. We would call those consumers “unintended infringers” because they are infringing U. S. copyrights and trademarks now, but are doing so in ignorance, and if they knew they were stealing, they wouldn’t do it. We know that no “intended infringers”—who already know they are stealing when they buy pirated or infringing goods online—will be stopped by any federal law, since the Internet just doesn’t work that way. From the same article:

The Great Firewall of China is built to a massive scale and could easily cope with this sort of problem. Since we in America would never monitor and restrict Internet traffic at that scale, the best Congress could hope for would be a symbolic gesture that merely indicates our country’s displeasure with online piracy and infringement—without stopping such activities or even slowing them down by much.

Today I happened across a recent report from Cisco Systems entitled “Beg, Borrow or Steal? Young Professionals, College Students Admit They’ll Go to Extreme Measures for Internet Access Despite IT Policies, Identity Theft Risks”, which studies the infringement motives of a statistically meaningful population. Here’s an excerpt:

“Of those who were aware of IT policies, seven of every 10 (70%) employees worldwide admitted to breaking policy with varying regularity. Among many reasons, the most common was the belief that employees were not doing anything wrong (33%). One in five (22%) cited the need to access unauthorized programs and applications to get their job done, while 19% admitted the policies are not enforced. Some (18%) said they do not have time to think about policies when they are working, and others either said adhering to the policies is not convenient (16%), they forget to do so (15%), or their bosses aren’t watching them (14%).”

What this means from a high level policy perspective is that we really can put “unintended infringer” into the “myth” category. [2017 Note: A few years later I learned a more nuanced view, which is, in some cases the unintended and intended infringer populations are of the same order of magnitude—which shows that criminals are smarter and better motivated than I knew when I wrote this. See also Nation Scale Internet Filtering for a more recent treatment of this topic.]