Regulating Internet Gambling — Testimony by Eric Goldman


Testimony of Eric Goldman Before the National Gambling Impact Study Commission’s Regulatory, Enforcement and Internet Subcommittee, December 1, 1998

[Introduction: Below are excerpted remarks presented by Eric Goldman to the National Gambling Impact Study Commission’s Regulatory, Enforcement and Internet Subcommittee on December 1, 1998. For more information about the Commission, see All remarks represent Eric’s personal viewpoints and were not made on behalf of Cooley Godward, its clients or anyone else.]

Regulation and the First Amendment

The first point is the First Amendment aspects of online regulation. The problem is that, in all meaningful respects, online conduct is indistinguishable from speech. In other words, a person engaging in online conduct is probably also engaging in speech. Thus, electronic communications—even those related to gambling—generally should be subject to First Amendment protection unless they fall into the limited number of categories of “bad” speech that the Supreme Court has said are not protected by the First Amendment or the regulations pass the requisite constitutional muster.

The distinction between online conduct and speech is creating confusion in the courts. For example, there are administrative regulations on exporting software capable of encryption. As it turns out, the conduct of exporting software may also be speech. Thus, by restricting software exports, these regulations may impermissibly restrict First Amendment-protected speech. Already, there is a split in the courts about whether this is the case. (Compare Bernstein v. U.S. Dept. of State, 974 F. Supp. 1288 (N.D. Cal. 1997) with Junger v. Daley, 8 F. Supp. 2d 708 (N.D. Ohio 1998) and Karn v. U.S. Department of State, 925 F. Supp. 1 (D.C.D.C. 1996)). This has even led to the confused result that, under encryption regulations, software source code can be distributed in a book, but posting the same code compiled into executable code on a website would break the law (as was held in the Karn case).

Electronic communications related to gambling should be able to be regulated under the First Amendment, but only if such regulation are narrowly and precisely drawn in order to avoid chilling permissible electronic communications. Narrowly drawn and precise regulations are crucial both to preserve the free flow of electronic communications and to avoid the uncertainty created among businesses who do not know if their business efforts run afoul of broadly described regulations. The need for narrowly drawn regulations is especially acute in the context of criminal regulations, but even civil regulations create substantial concern.

There are a virtually unlimited number of ways in which regulation of online gambling could transgress the First Amendment, so it is best to defer giving specific examples of impermissible regulation. The key point is that the First Amendment must be in the forefront of the mind of anyone drafting regulations related to electronic communications.

The Definitional Problems

The second point is the definitional problem raised by current attempts to regulate the Internet.

Congress and other legislative bodies have an extremely difficult time defining who is subject to their regulations. The legislative efforts have created non-overlapping definitions that, in turn, create a patchwork quilt of regulations that are very difficult to analyze. Below are 4 examples of legislative attempts to define who is subject to the regulations.

The Electronic Communications Privacy Act (the ECPA) requires “electronic communication services” and “remote computing services” to respect certain use, disclosure and interception rules with respect to electronic communications. An “electronic communication service” is defined in 18 U.S.C. §2510(15) as any service which provides to users the ability to send or receive wire or electronic communications, and a “remote computing service” is defined in 18 U.S.C. §2711 as a public provider of computer storage or processing services by means of electronic communication system. These definitions have been occasionally used in other statutes, such as Section 604 of the recently-passed Protection of Children from Sexual Predators Act of 1998 (codified as 47 U.S.C. §227).

In 1996, Congress adopted the Communications Decency Act, known as the CDA, which regulated certain types of online speech and, in the process, created some safe harbors for “interactive computer services.” An interactive computer service is defined in 47 U.S.C. 230(e)(2) as any information service, system, or access software provider that provides or enables computer access by multiple users to a computer server, including specifically a service or system that provides access to the Internet and such systems operated or services offered by libraries or educational institutions. This definition has been used in other statutes, such as Washington’s anti-spam law (Washington House Bill No. 2752 (March 25, 1998)).

In the Congressional term that recently ended, Congress passed the Digital Millennium Copyright Act (the DMCA). The DMCA created certain safe harbors for “service providers,” defined in 17 U.S.C. 512(k) for most purposes as a provider of online services or network access, or the operator of facilities therefor, including an entity offering the transmission, routing, or providing of connections for digital online communications, between or among points specified by a user, of material of the user’s choosing, without modification to the content of the material as sent or received.

In 1984, the California legislature passed the Electronic Commerce Act of 1984, which imposed certain disclosure obligations on providers of “electronic commercial services.” This is defined in California Civil Code §1789.2 as an electronic shopping system to conduct the purchase of goods and services via a telecommunications network (with certain narrow exceptions spelled out in the definition).

Notice that not a single statutory definition above uses the term “website.” Thus, it is impossible to provide an easy answer to the simple question clients ask—do they fit within the statutory definitions, and if so, which ones.

Assuming for the moment that Congress chooses to regulate gambling websites, such entities will need to be defined narrowly and precisely. As can be seen, there is a tendency to define such entities opaquely and in bureaucrat-ese, and this makes it difficult for industry participants to know if they are supposed to comply with such regulations or not. Such definitions serve no one’s best interest except perhaps lawyers who are paid excessive amounts to navigate through the bureaucratic minefields.

The Derivative Liability Problem

The third point is the problem of derivative liability. There is no need to address the normative issue of whether gambling online should be regulated or not – let’s assume for a moment that it is or will be. In this case, it is likely that there will be 2 “bad actors” subject to the regulations—the site offering gambling, and the person who chooses to gamble. As discussed above, it is crucial to define each of these actors very clearly and narrowly, which I think is no small challenge.

In the course of these two actors interacting with each other, numerous other service providers will be involved. Both the gambler and the gambling website will have Internet access providers to route their data over the Internet. In turn, each of these Internet access providers may have one or more access providers, and so on. The gambling website may have other service providers involved to greater or lesser degrees, such as a provider that hosts its website on the provider’s servers, a design firm, software providers, payment system providers, and other sites that carry its advertising.

Any regulation of gamblers or gambling sites explicitly or implicitly creates the possibility of derivative liability among all these downstream or upstream service providers. Derivative liability could take any number of forms, such as aiding and abetting liability, contributory liability, vicarious liability, conspiracy liability and perhaps even RICO liability.

Without opining on whether gamblers or gambling sites should be liable, from a normative standpoint, I oppose the creation of any derivative liability for any service providers to these actors.

The law has struggled with the law of derivative liability for online activities and communications for almost 2 decades. Frequently, the courts have struggled with this topic, resulting in too many cases where the court has imposed derivative liability casually and often without sufficient thought.

In response, Congress has created some safe harbors against derivative liability. The 1996 CDA contained a very broad safe harbor for “interactive computer services” against a wide range of possible liabilities (47 U.S.C. §230(c)). However, the CDA’s safe harbor also contained important exceptions, such as for intellectual property claims and federal criminal laws. Congress attempted to fill the copyright liability hole in the safe harbor with the DMCA (17 U.S.C. §512(c)), and even the recently-passed but presently-enjoined Child Online Protection Act (known as the CDA II) contained some safe harbors for derivative liability.

Without specifically critiquing the adequacy of these safe harbors, generally they do not quite accomplish Congress’ stated goals of encouraging the development of web content and tools to permit user control over the information they receive (47 U.S.C. §230(b)). In any respect, any Congressional regulation of gambling should negate or severely limit the possibility of derivative liability for the actions of the regulated actors.

Similarly, I would strongly oppose any effort to make the service providers the government’s police, such as by mandating them to block access to certain sites, or to require such service providers to make mandatory disclosures either to users or the government. These types of requirements suffer many defects: they impose onerous and costly administrative burdens on service providers, they raise serious First Amendment concerns (as addressed earlier) and privacy concerns, and they have limited efficacy in an era when so many users and websites can act effectively anonymously.

Finally, it would be helpful to provide clear rules with respect to the advertising of gambling sites. Many websites currently carry advertising for gambling sites. It is functionally impossible for these websites to determine if the site placing the advertising, or the advertising itself, breaks the law. However, based on current legal regimes, these websites appear to carry advertising at their risk. States such as Minnesota (Minnesota v. Granite Gate Resorts, 568 N.W.2d 715 (Minn. Ct. App. September 5, 1997)) and Missouri (Missouri v. Interactive Gaming & Communications Corp. (Cir. Ct. Mo. May 22, 1997)) have prosecuted based on advertising the availability of gambling sites. These actions appear to, once again, create the prospect of derivative liability on the part of an intermediary. Thus, ideally any gambling regulations will provide a safe harbor for intermediaries who carry gambling advertising, rather than requiring these intermediaries to act as police for the government to determine prospectively if the advertising entity is violating the regulations.


About the author: Eric Goldman (formerly Eric Schlachter) is an attorney practicing cyberspace law with Cooley Godward LLP, Palo Alto, CA. He also is an adjunct professor of Cyberspace Law at Santa Clara University School of Law. Cooley Godward’s web page is located at, and Eric’s personal home page is located at  Eric can be reached