There’s never a dull moment with Donald J. Trump. Twitter’s fact check of our esteemed President last week reignited a wonky debate over a law called Section 230, a longstanding pillar of U.S. Internet policy, as Trump and his allies such as Sens. Rubio and Hawley take aim at the provision.
47 USC 230 was originally part of the Communications Decency Act (CDA), which became law in 1996. The CDA was an attempt by Congress to regulate indecency and obscenity on the Internet. Courts overturned most of the Act as an infringement on free speech, but 230 survived.
Subsection 230(c), which is actually the portion at issue, does two things. First, it says that no one is responsible for stuff that other people say online. As the law states: “No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” If a user tweets falsehoods (purely hypothetically), for legal purposes Twitter is not considered the publisher or speaker of those falsehoods. This is critical for preserving the open web because, without this protection, a company like Twitter could become liable for defamation based on what its users tweet. Twitter then would have to either police its content with extraordinary zeal or simply shut its virtual doors to the public.
The second part of 230(c) says that any actions taken by anybody to restrict access to objectionable material do not expose that person to liability. This provision exists to short-circuit the case law that had been developing in the 1990s. Courts were starting to consider online services that did such curation to be publishers of all content on their platforms, creating a disincentive to police pornography and other objectionable content. Congress wanted providers to feel safe to curate and filter content on their services, so they said that these restrictions on objectionable content do not create liability.
It’s difficult to imagine social media platforms existing in anything like the form they do today without the protections in Section 230. On one hand, they would have a strong incentive to restrict access, lest any user subject them to liability by defaming someone. On the other hand, they would have a strong incentive to refrain from policing pornography, obscenity, hate speech, and other objectionable content, lest courts consider them the publisher of everything they leave up.
The Internet has been a rare bright spot in our economy over the last 20 years. Without the protections against intermediary liability embodied in Section 230, all the companies and services that have grown up in this period could come tumbling down. Yet it does seem that one way or another, 230’s days are numbered. Trump’s executive order may be ineffectual, but politicians in both parties have seized on a populist, anti-tech mood and advocated 230’s repeal, often misstating how the law works. And in any case, the Internet is a global phenomenon, and 230 is a U.S. law. At some point, the forces of pragmatic pro-Internet policy may falter against a populist, mercantilist, global onslaught. What then?
Crypto to the rescue?
In 1996, contra John Perry Barlow, there was no alternative to the centralization that renders web applications vulnerable to the whims of politics. But today, a renaissance in applied cryptography could lead to a solution. In 2008, the Bitcoin white paper explained how relatively simple cryptographic hash functions could be combined across time to create a resource available to all but that no single party could control.
It is a bit mind-blowing. A hash function is literally just a mathematical operation that takes in any input and outputs a fixed-length string of digits. The cryptographic variety adds some key informational properties, but it was and is surprising that such a simple building block could be used to make such an elaborate structure.
The discovery of the surprising utility of cryptographic hash functions as building blocks for a deeper structure has led to more inquiry. Applied cryptography is blooming. Zero-knowledge proofs, an obscure corner of the academic literature in 2008, are now the hot primitive. Blockchain technology and blockchain-adjacent ideas are developing rapidly.
As a result of this renaissance, all the elements needed to build a decentralized Twitter or Facebook kind of exist — they just need to be scaled or refined or agreed on. Need user accounts? ENS is a growing decentralized name service that can store small amounts of arbitrary metadata. Need decentralized storage and distribution? IPFS is a network for exchanging content-addressed data (I’ve written about it before). Need a protocol for describing social interactions? How about an off-the-shelf protocol recommended by the World Wide Web Consortium?
Early decentralized social networks of various sorts exist, ranging from federated platforms like Diaspora and Mastodon to peer-to-peer message-passing services like Scuttlebutt. It’s not obvious what the right structure and architecture are for a scalable and global network that could actually replace Twitter or Facebook, but folks are experimenting. The existing networks have failed to take off, perhaps because they have not yet hit on the right structure, perhaps because the tools aren’t mature enough yet, or perhaps because there simply isn’t demand for decentralization right now.
This is where Section 230 comes back in. If policymakers in the US and elsewhere put an end to immunity for web platforms, that could finally drive demand for a decentralized alternative. To be sure, it would be a colossal policy error, killing some of our most successful companies. But it wouldn’t put an end to online social networking the way it would have a couple of decades ago.
Because decentralized networks can’t practically be sued in court, we would in a sense retain intermediary immunity with respect to social networks. Just as you can’t sue Bitcoin, you wouldn’t be able in any practical sense to sue the protocol that people use to do social networking online. The advent of the right kind of decentralized social network would make the protection provided in 230(c)(1) moot, at least as far as it affects users posting on that network. Only a user herself would be liable for what she posts.
Twitter itself is experimenting with a decentralized base layer through its @bluesky initiative. The company seems to believe that the real value they provide is in curation, moderation, and recommendation. There is indeed demand not to be inundated with vile statements and images every time one logs on, and Twitter thinks they can win in a world with a neutral base layer for tweeting and a competitive market in curation services.
If 230(c)(2) is repealed, then Twitter might not have the chance to engage in such moderation and curation. It’s unclear how courts would treat a competitive market for curation services, but it’s at least possible that Twitter could be sued for restricting access to content through curation, for example if it fact-checks or censors a politician’s decentralized tweet.
In a 230-less world, however, there would still be demand for these curation services. Perhaps they could be provided by DAOs. A decentralized autonomous organization is essentially a protocol for coming to agreement on and executing various real-world actions. DAOs can definitely be used for curation. Given that demand for these services would still exist, and no traditional company could provide them for fear of liability, that would create a huge opening for DAOs to exist and thrive.
Getting rid of 230, then, might kill existing models of social networking provision, but it might not kill social networking as we know it. Existing social networking companies could be replaced with unstoppable protocols that are effectively immune to court-ordered judgments. For politicians that worry about obscene or harmful content online, getting rid of 230 could result in that content being available in a universal uncensorable base layer of social media that is outside their control. And for politicians that worry about ideological bias in the curation that 230 enables, just wait until there is an unstoppable competitive environment in such services. Neal Stephenson explores the competitive “editor” market in his novel Fall; or, Dodge in Hell, and the result is not pretty.
My hope is that 230 protections will remain. The law has enabled our Internet industry to blossom into a source of global wealth and power, and it would be a shame to lose that. But if 230 does fall, it may finally be the moment the decentralized applied cryptography community has been waiting for. “No force on earth can stop,” says Victor Hugo, “an idea whose time has come.”