There was an interesting article in
this week about revenge porn and copyright law—and I’m hoping some of you out there can help me.


But first, let me step back.


Of all the vile things on the Internet, revenge porn lingers at the top; and of all the vile people facilitating such vengeful filth is Hunter Moore—also known as the “Most Hated Man on the Internet.” Moore was recently arrested for actions taken to create his website IsAnyoneUp. Moore, according to a court
, had help from Charles “Gary Jones” Evens to hack into the e-mail accounts of certain victims to find, steal and post naked photos—often with the victim’s profile and contact information juxtaposed next to the photo. The site was also the receptacle of compromising photos sent in from jealous ex-spouses.


One charge against Moore and Evens relies on the controversial Computer Fraud and Abuse Act (CFAA) for their “unauthorized access of a protected computer to obtain information.” Depending on the case, victims can use state voyeurism or Peeping Tom laws, defamation suits or false light claims.


But these actions are generally only successful against the submitters of compromising photos, not the website hosting them, because of Section 230 of the Communications Decency Act. Service providers are not liable for user-generated content. The law came about after the financial firm portrayed in
The Wolf of Wall Street
successfully sued service provider Prodigy. Lawmakers worried such liability “would crush the Internet.” Indeed, I am reminded by the case in Italy against
, who, along with other executives, faced jail time after a company-owned video streaming service hosted a video uploaded by Italian students mocking another student. After almost four years, the case was finally closed, but not without giving Fleischer and the others a good scare.


Without Section 230, as
Atlantic
columnist Amanda Levendowski points out, restaurants could sue Yelp for bad reviews. Not only would the Internet be crushed, so would the First Amendment.


She also points out the danger of the CFAA, in that its language—drafted in the mid-1980s—is notoriously vague. “Giving prosecutors as poorly drafted a law is like putting a wounded antelope in front of a lion,” she writes, “they can’t resist going for the jugular.” Anyone familiar with the plight of the late Internet activist
knows this reality all too well.


But, there is a lot of motivation to prevent these bottom-dwelling revenge porn websites. So far, three states have revenge porn laws. Levendowski, rightly, I believe, worries that more laws will only give us a “CFAA 2.0.” A bigger, badder and more dangerous, albeit, well-intentioned law.


So here’s where some of you lawyers can step in.


Moore, while explaining his legal position for why he can get away with what he does, on Bob Garfield’s When On The Media, said this:


“[B]ut when you take a picture of yourself in the mirror, it was intended for somebody else so, actually, the person you sent the picture to actually owns that picture, because it was intended as a gift. So whatever the—that person does with the picture, you don’t even own the nude picture of yourself anymore ... So that’s how I’m protected.”


Levendowski writes that Moore is dead wrong, citing that 80 percent of revenge porn photos are “selfies.” Meaning the subject took a photo of themselves and had the photo mined from their device or hard drive, and thus own the copyright of their photo, and under the takedown provisions within the Digital Millenium Copyright Act (DCMA), victims can compel websites to take down their photo and search engines to de-index websites with their photo—“all without having to hire a lawyer,” Levendowski writes.


Such an avenue, she argues, prevents overbroad laws, doesn’t affect Section 230 provisions and leaves stalking, harassment and privacy laws untouched.


If this is true, doesn’t this bring up other avenues of data ownership? To what extent do I own my biometric data, for example—the DNA properties held within
?


How about my faceprint?


, an early developer of facial recognition identity management systems. Attick has argued that our faceprints should be copyrighted.


Since my faceprint is captured by facial recognition technology, and not “created” by me, the DCMA wouldn’t apply. But isn’t the copyright concept getting us closer to avoiding overly broad laws like the CFAA? And overly paternalistic ones as well?


How about a lighter version of the Right to be Forgotten, where, under certain circumstances, a user has some rights and can issue similar takedowns as seen with the DCMA? Could that be a step in the right direction?


No one wants to take down the Internet less than me, and I understand what a burden a constant stream of requests for takedowns of small pieces of data could be, especially for young Internet firms without the resources of the goliaths. But surely there must be a balance somewhere that allows me to object to information about me being stored or displayed somewhere I'd rather it not be.