The Promise of Internet Intermediary Liability
The internet has transformed the economics of communication, creating a spirited debate as to the proper role of federal, state, and international governments in regulating conduct that relates to or involves the internet. Many have argued that internet communications should be entirely self-regulated-either because they cannot or should not be the subject of government regulation. The advocates of that approach would prefer a no-regulation zone around internet communications, based for the most part on the unexamined view that internet activity is fundamentally different in a way that justifies broad regulatory exemption. At the same time, it is undisputed that some kinds of activity that the internet facilitates violate widely shared norms and legal rules. State legislatures motivated by those concerns have begun to respond with internet-specific laws directed at particular contexts, giving little or no credence to the claims that the internet needs special treatment.
This Essay starts from the realist assumption that government regulation of the internet is inevitable. Thus, instead of focusing on the naïve question of whether the internet should be regulated, it discusses how to regulate internet-related activity in a way that is consistent with approaches to analogous offline conduct. The Essay also assumes that the most salient characteristic of the internet is that it inserts intermediaries into relationships that could be, and previously would have been, conducted directly in an offline environment. Existing liability schemes generally join traditional fault-based liability rules to broad internet-specific liability exemptions. Those exemptions are supported by the premise that in many cases the conduct of the intermediaries is so wholly passive as to make liability inappropriate. As time has gone on, this has produced a great volume of litigation, mostly in the context of the piracy of copyrighted works, in which the responsibility of the intermediary generally turns on fault, as measured by the level of involvement of the intermediary in the challenged conduct.
We argue that the pervasive role of intermediaries calls not for a broad scheme of exoneration, premised on passivity, but rather for a more thoughtful development of principles for determining when and how it makes economic sense to allocate responsibility for wrongful conduct to the least cost avoider. The rise of the internet has brought about three changes that make it more likely that intermediaries will be least cost avoiders in the internet context than they previously have been in offline contexts: an increase in the likelihood that it will be easy to identify specific intermediaries for large classes of transactions; a reduction in the information costs that make it easier for the intermediaries to monitor the conduct of end-users; and the anonymity that the internet fosters makes remedies against end-users generally less effective. Accordingly, in cases in which it is feasible for intermediaries to control the conduct, we recommend serious attention to the possibility of one of a series of three different schemes of intermediary liability: traditional liability for damages; takedown schemes (in which the intermediary must remove offensive content upon proper notice); and "hot list" schemes (in which the intermediary must avoid facilitation of transactions with certain parties).
The final Part of the Essay uses that framework to analyze the propriety of intermediary liability for several kinds of internet-related misconduct. We are agnostic about the propriety of any particular regulatory scheme, recognizing the technological and contextual contingency of any specific proposal. Because any such scheme will impose costs on innocent end-users, the selection of a particular level of regulation should depend on the policymaker's view of the net social benefits of eradication of the misconduct, taking into account the costs of compliance with the regulation by the intermediaries and innocent users. Still, our analysis suggests three points. First, the practicality of peer-to-peer distribution networks for the activity in question is an important consideration, because those networks undermine the effectiveness of the regulatory scheme, making regulation less useful. Second, the highly-concentrated market structure of Internet payment intermediaries makes reliance on payment intermediaries particularly effective as a regulatory strategy because it is difficult for illicit actors to relocate to new payment vehicles. Third, with respect to security harms (viruses, spam, phishing, hacking, and the like), we conclude that the addition of intermediary liability in those cases is less likely to be beneficial, because market incentives appear to be causing substantial efforts by intermediaries to solve these problems even without the threat of liability.
