How California’s ‘Transparency’ Bills Will Only Make It Impossible To Deal With Bad Actors: Propagandists, Disinfo Peddlers, Rejoice
from the why-california,-why? dept
It is bizarre that the California legislature, in a state that has produced most of the biggest internet companies out there, has apparently decided it wants to destroy them all in a flood of purely vexatious litigation. There are a whole series of bills that the legislature is reviewing, and so many of them are terrible — yet seem very likely to be passed by the legislature and signed into law by Governor Gavin Newsom. While bills like AB 2408 (with its ridiculously impossible “don’t addict kids”) language have received more attention, I want to talk about a pair of bills (slightly conflicting bills!) that seem likely to pass and have received somewhat less scrutiny, in part because of the myth that these are “merely” about “transparency.” The bills in question are AB 587 and SB 1018.
Most of this post will focus on 587, and I’ll fill in some details on 1018 at the end, but I will note that as far as I can tell, the California legislature currently seems completely oblivious to the fact that these two bills that are both rushing forward at breakneck speed, appear to claim to do the same thing… in ways that would conflict with one another. This would be hilarious if it weren’t so stupid.
So, AB 587. We already had a long and detailed breakdown of the many, many, many technical problems with the bill by Professor Eric Goldman. I highly recommend reading that post, though I warn you that if you believe in supporting an open internet, and you have any hair, you may tear it out by the end.
Instead of picking through the many, many problems of the bill, I wanted to explain why the bill is totally unworkable from the perspective of someone who lives in reality and understands how the internet works. Because it’s clear that the authors of this bill have no clue.
The bill is framed as being about “transparency.” And, transparency is good. Promoting and encouraging more transparency, especially from internet services is a theme that we’ve pushed here at Techdirt for over two decades.
But there’s a big difference between encouraging more transparency, and mandating transparency in a manner where it can (and will) be weaponized to attack companies for anything they do that you dislike. And AB 587 is very much a version of the latter.
In short (and, again, I encourage you to carefully read through Eric Goldman’s careful dismantling of every part of the drafting of the law), the law requires decently large internet companies to “publish” their terms of service (loosely defined), and send them to the California Attorney General every quarter. It also requires that those terms include a bunch of things about how they deal with certain types of content (including so-called “lawful, but awful” content, as judged by the California government). It also requires descriptions of processes and remedies for dealing with user complaints.
And some of that sounds good… if you have basically zero experience with running a website, but have the chutzpah to think you know how it all works. Running a website that allows third party content of any kind is a constant battle against those with malicious intent, to create a workable, useful, and safe environment for the users you’re actually trying to serve. The malicious entities you’re battling while running a website vary and change at all times. It can include spammers. It can include hackers. It can include garden variety trolls. It can include political operatives seeking to spread propaganda. It can include nation states. It can include scammers and extortionists. It can include grifters. And that’s just a sampling. The list is ridiculously long.
Almost all of these transparency proposals assume that all users (and all consumers of the transparency reports and readers of the terms of service) are there in good faith. But they’re not. As we’ve discussed recently (in a different context) regarding Twitter and its bot/spam situation, there are a lot of malicious users.
And they don’t stand still.
They don’t use the same techniques. It’s a dynamic situation, in which they are constantly probing and evaluating.
And that means that social media platforms have to constantly be adapting as well. And AB 587 makes that effectively impossible. Because sites need to publish very specific terms and it opens them up to facing a legal challenge if they fail to live up to their terms, you’ve now created two problems for online services — and two lovely openings for malicious actors.
First, thanks to these publicly revealed policies, malicious actors now have more ability to figure out how to game the rules. We already see bad faith actors (usually in the political realm) whine and complain about how they are treated unfairly and try to “litigate” publicly how whatever sketchy thing they did did not technically violate the rules (or to claim that they were treated differently than someone else, usually ignoring important contextual differences). And now, companies will be required to publish a much more clear blueprint for how to tiptoe around the rules, and still be a bad actor, but without tripping the officially declared rules.
Second, while the California assembly removed the private right of action part of the bill that would allow anyone to sue (which would have been even more ridiculous), it still allows a wide range of government officials to sue any company that they deem somehow did not live up to their terms of service.
Actions for relief pursuant to this chapter shall be prosecuted exclusively in a court of competent jurisdiction by the Attorney General or a district attorney or by a county counsel authorized by agreement with the district attorney in actions involving violation of a county ordinance, or by a city attorney of a city having a population in excess of 750,000, or by a city attorney in a city and county or, with the consent of the district attorney, by a city prosecutor in a city having a full-time city prosecutor in the name of the people of the State of California upon their own complaint or upon the complaint of a board, officer, person, corporation, or association.
That’s… a decently big list. And local prosecutors are kinda known for loving the limelight. And what better limelight is there than suing Twitter or Facebook or Google because someone in your town claims that they were unfairly banned from social media?
Even worse, the bill incentivizes local government officials to file these kinds of suits by giving them a cut of the proceeds.
If the action is brought by a district attorney or county counsel, the penalty collected shall be paid to the treasurer of the county in which the judgment was entered. If the action is brought by a city attorney or city prosecutor, one-half of the penalty collected shall be paid to the treasurer of the city in which the judgment was entered, and one-half to the treasurer of the county in which the judgment was entered.
The idea that this won’t be abused is laughable.
So, now you’ve both given bad actors a roadmap, and there are political and financial incentives for local prosecutors to go after these companies for any attempt to stop bad actors that was not clearly laid out in the terms of service. That’s a terrible combination, and one that simply enables more bad actors. And that’s somewhat hilarious, because many of the politicians pushing AB 587 claim they’re doing it to encourage websites to do a better job stopping bad actors. It will do the opposite.
There’s one other aspect that is important to call out here. Requiring companies to file reports on their terms of service and enforcement efforts almost certainly guarantees less activity on that front. Because now, every change in the terms and every enforcement action is a regulatory matter. That means it often (always?) may need to be reviewed by legal. And that greatly limits the freedom of these companies to adapt in real time to very serious and dynamic threats.
At a more fundamental level, this entire thing would seem somewhat crazy in almost any other context. Imagine the same kind of bill written for cable news, telling them they need to publicly reveal and file with the state their editorial policies, including what kinds of stories they’ll publish, and what they won’t, and if they violate that policy they could face massive fines in cases brought by government officials at basically any level.
Most people would immediately recognize the obvious 1st Amendment concerns.
But for whatever reason, the California legislature seems oblivious to it.
Speaking of obliviousness of the legislature… that brings us to SB 1018. As mentioned earlier, this bill seems to be doing the same thing. Perhaps because an earlier version of this bill did a hell of a lot more, no one in the California legislature has realized that these are two conflicting bills that both seem to be targeting the same issue in different ways.
SB 1018 was originally a dangerously unconstitutional bill trying to force websites to pull down COVID misinformation. Perhaps because actual lawyers who actually understand this stuff explained to the legislature that the 1st Amendment doesn’t allow that kind of thing, the bill was amended and revised until… it’s now just another transparency bill. Just slightly different from AB 587.
SB 1018 requires a social media platform to disclose the following information on a regular basis:
statistics regarding the extent to which, in the preceding 12-month period, items of content that the platform determined violated its policies were recommended or otherwise amplified by platform algorithms before and after those items were identified as in violation of the platform’s policies, disaggregated by category of policy violated.
This is a different level of transparency reporting from AB 587, and because the bills come from different places in different ways, SB1018 involves a different kind of reporting process of different kinds of content. But, it’s also demanding information that is confusing and difficult to keep track of. What does it mean to “recommend” or “otherwise amplify” content here? Neither term is defined in the law, and it seems like both could be subject to extensive (ridiculous) litigation.
It does appear that one of the more recent amendments to this bill was to try to align it with AB 587… but they did so by importing many of the problems of AB 587 into this bill — enabling the identical local prosecutors to sue over failure to abide by this law, and the hugely problematic definition (and exemptions) for a “public or semipublic internet-based service or application.”
Once again: transparency is a good thing. We should all strive for having more transparency in general. But having the government mandate a pointless type of transparency — one that only serves to help enable more bad acts from more bad actors — while enabling local prosecutors to make a name for themselves (and help fill the local coffers) by filing frivolous lawsuits under this bill, you’re not helping solve the problems of modern internet services.
You’re making them much, much worse.