One Crack and an 'Evisceration': The Current State of the DMCA's Safe Harbor

• Author: Louis T. Perry - Katie A. Feiereisel
• Position: Louis T. Perry is a partner at Faegre Baker Daniels LLP and a member of the firm's trademark, copyright, advertising, and media (T-CAM) practice. His area of expertise is litigation. He can be reached at louis.perry@faegrebd.com. Katie A. Feiereisel is an associate at the same firm, where she focuses her practice on intellectual property...
• Pages: 29-60

Published in Landslide® magazine, Volume 10, Number 1, a publication of the ABA Section of Intellectual Property Law (ABA-IPL), ©2017 by the American Bar Association. Reproduced with permission. All rights reserved. This

information or any portion thereof may not be copied or disseminated in any form or by any means or stored in an electronic database or retrieval system without the express written consent of the American Bar Association.

September/October 2017 n LANDSLIDE 27

The Digital Millennium Copyright Act (DMCA) has long frus-

trated content owners by providing a broad safe harbor to

Internet service providers (ISPs), making it extremely difcult

for a content owner to meaningfully enforce its copyrights.

Content owners have long (and unsuccessfully) argued that

ISPs must take responsibility for infringing material on their serv-

ers. ISPs have long (and successfully) argued that they are merely

an informational conduit and can avoid monetary liability provided

One Crack

and an

“Evisceration”

The Current State of

the DMCA’s Safe Harbor

By Louis T. Perry and Katie A. Feiereisel

Photo: iStockPhoto

Published in Landslide® magazine, Volume 10, Number 1 , a publication of the ABA Section of Intellectual Property Law (ABA-IPL), ©2017 by the American Bar Association. Reproduced with permission. All rights reserved. This

information or any portion thereof may not be copied or disseminated in any form or by any means or stored in an electronic database or retrieval system without the express written consent of the American Bar Association.

LouisT. Perry is a partner at Faegre Baker Daniels LLP and a

member of the rm’s trademark, copyright, advertising, and media

(T-CAM) practice. His area of expertise is litigation. He can be reached

at louis.perry@faegrebd.com. KatieA. Feiereisel is an associate at

the same rm, where she focuses her practice on intellectual property

litigation involving trademarks, false advertising, copyrights, and patents.

She can be reached at katie.feiereisel@faegrebd.com.

that they maintain this (semi) passive role. ISPs point to their

compliance with 17 U.S.C. §512, which covers infringement

claims that arise “by reason of the storage at the direction of

a user of material that resides on a system or network con-

trolled or operated by or for the service provider.” The §512

safe harbor protects an ISP if the ISP:

1. has no actual knowledge of specic infringing material;

2. is not aware of facts or circumstances from which

infringing activity is apparent;

3. acts expeditiously to remove or disable access to known

infringing material;

4. designates an agent to receive notications of claimed

infringement;

5. receives no nancial benet directly attributable to the

infringing activity and has the right and ability to con-

trol such activity; and

6. adopts and implements a policy terminating repeat

infringers.

The practical effect of §512 is that content owners often

nd themselves engaged in a no-win game of whack-a-mole

with infringing content. For every 10 instances where infring-

ing content is removed, 20 new instances arise. Rather than

continually monitor sites and send numerous infringement

notications to ISPs, some content providers sue the ISPs

directly. The results have been largely predictable: the DMCA’s

safe harbor protects ISPs from monetary liability. While the

bedrock of protection for ISPs remains strong, cracks are

beginning to form as a result of the natural evolution of ISPs

and the tendency of some to push the limits of acceptable

behavior proscribed by §512(c). These cracks have not often

resulted in liability to a particular ISP, but when they do (as it

happened in the recent Second Circuit decision EMI Christian

Music Group, Inc. v. MP3tunes, LLC1—which was labeled an

“evisceration” by some critics), the copyright world sits upright

and takes notice. This article examines one such crack and the

Second Circuit’s supposed evisceration.

Finding the Elusive “Something More”

Content providers often seize upon the ISP’s business model

as a chink in its defense—clearly an ISP benets nancially

from the material it transmits (infringing and otherwise).

Were it any different, why would the ISP even exist? And

it’s equally clear that an ISP has the right and ability to con-

trol infringing activity. If this is not so, then what purpose

does designating a copyright agent to receive notication of

infringement claims (and subsequently removing or blocking

access to infringing material) serve?

The matter, however, is not so simple. Under the DMCA, the

“right and ability to control” infringing activity requires “some-

thing more” than the ability to remove or block access to materials

posted on an ISP’s website.2 What constitutes this “something

more” has not been extensively explored. But courts are clear that

to have the right and ability to control infringing activity, an ISP

must exert “substantial inuence” on user activity.3

The following (rather extreme) facts have been found to evi-

dence an ISP’s right and ability to control infringing activity:

• A monitoring program by which user websites received

detailed instructions regarding issues of layout, appear-

ance, and content, and under which the ISP forbade

certain types of content and refused access to users who

failed to comply with its instructions.4

• Facts that would support a nding of inducement of copy-

right infringement under Metro-Goldwyn-Mayer Studios,

Inc. v. Grokster, Ltd.,5 which premises liability on purpose-

ful, culpable expression and conduct. Such facts include

an ISP’s organization of infringing torrent les on its web-

site and the provision of personal assistance to users who

could not nd certain material likely to be infringing.6

• Evidence of active control over the production and

shipment of at least some infringing items for sale on

an ISP’s platform.7

In cases against ISPs such as YouTube, Vimeo, and Veoh,

however, numerous courts have found the “something more”

required by the DMCA lacking. On remand from the Second

Circuit, the district court in Viacom International, Inc. v. You-

Tube, Inc. decided that YouTube lacked the right and ability

to control within the meaning of §512(c) because

[t]here is no evidence that YouTube induced its users to sub-

mit infringing videos, provided users with detailed instructions

about what content to upload or edited their content, prescreened

submissions for quality, steered users to infringing videos, or oth-

erwise interacted with infringing users to a point where it might

be said to have participated in their infringing activity.8

In Capitol Records, LLC v. Vimeo, LLC,9 Vimeo utilized an

employee-implemented monitoring program, the foundation of

which is its “Terms of Service” and “Community Guidelines,”

and which included approximately 40 moderator tools including:

• The “Thin Ice” and “Wiretap” tools, which allow Vimeo

to monitor the activities of specic users suspected of

uploading content violative of Vimeo’s policies;

• The “Sweet Spot” ltering tool, which searches for

and lists videos the duration of which Vimeo has

determined corresponds to the duration of uploaded

television shows or movies; and

• The “Movie Search” tool, which runs automated key-

word searches for movies currently in theaters.

Vimeo had “signicant discretion” to manipulate the visibil-

ity of videos that complied with Vimeo’s content restrictions.

The district court concluded that Vimeo’s monitoring program

“lacks the ‘something more’ that Viacom demands.”10 The

court’s decision turned largely on its determination that Vimeo

“does not purport to, and in practice does not, exert substantial

inuence over the content of the uploaded material.”11 Rather,

“Vimeo leaves such editorial decisions in the hands of its

users.”12 The court also focused on Vimeo’s staff-to-user ratio,

and noted that “it is difcult to imagine how Vimeo’s staff of

Published in Landslide® magazine, Volume 10, Number 1, a publication of the ABA Section of Intellectual Property Law (ABA-IPL), ©2017 by the American Bar Association. Reproduced with permission. All rights reserved. This

information or any portion thereof may not be copied or disseminated in any form or by any means or stored in an electronic database or retrieval system without the express written consent of the American Bar Association.

seventy-four (as of 2012) could, through its discretionary and

sporadic interactions with videos on the Website, exert substan-

tial inuence on approximately 12.3 million registered users

uploading 43,000 new videos each day.”13

The Second Circuit considered the matter on interloc-

utory appeal. Specically, it addressed whether an ISP’s

viewing of “user-generated video containing all or virtu-

ally all of a recognizable, copyrighted song may establish

‘facts or circumstances’ giving rise to ‘red ag’ knowledge of

infringement.”14 The Second Circuit found that it did not:

A copyright owner’s mere showing that a video posted by a

user on the service provider’s site includes substantially all

of a recording of recognizable copyrighted music, and that an

employee of the service provider saw at least some part of the

user’s material, is insufcient to sustain the copyright owner’s

burden of proving that the service provider had either actual

or red ag knowledge of the infringement.15

Finally, in UMG Recordings, Inc. v. Veoh Networks, Inc., the

Ninth Circuit determined that the following facts did not rise

to the level of “substantial inuence”: (1)the allegedly infring-

ing material resided on Veoh’s system; (2)Veoh had the ability

to remove such material; (3)Veoh could have implemented,

and did implement, ltering systems; and (4)Veoh could have

searched for potentially infringing content.16

The courts make one thing clear about the elusive “some-

thing more”—a content owner is unlikely to nd it without

(1)an egregious fact pattern, or (2)targeted and comprehen-

sive (and expensive) discovery efforts. Deciding to litigate

against an ISP requires signicant nancial commitment or,

as is the case below, a coalition of aggrieved plaintiffs.

Redening Repeat Infringers

Section 512(i) of the DMCA requires that an ISP “adopt[]

and reasonably implement[] ... a policy that provides for

the termination in appropriate circumstances of subscribers

and account holders of the service provider’s system or net-

work who are repeat infringers.” Most ISPs do have a repeat

infringer policy—that is, they have a policy whereby prob-

lem accounts are agged and removed when the ISP receives

multiple infringement notications tied to such accounts.

Because the DMCA does not dene “repeat infringer,” ISPs

have long construed the term in the context of infringement

notications. But the Second Circuit recently upended that in

EMI Christian Music Group, Inc. v. MP3tunes, LLC.17

MP3tunes has alternatively been dismissed as a product of

its own egregious fact pattern (featuring owners who knowingly

participated in infringement) and an evisceration of the DMCA

(by those same owners and some prominent commentators). It

will be some time before it is clear which characterization proves

true, but the case bears examination and careful consideration.

MP3tunes.com was launched in 2005 as an online plat-

form that allowed customers to purchase music created by

musicians unrepresented by a record label. Shortly thereaf-

ter, it added “locker storage,” which allowed users to store

music on the site’s server in exchange for a fee. MP3tunes

also owned sideload.com, a site that allowed users to comb

the Internet for free music and offered users a plug-in that

allowed them to “download” that music to their virtual

MP3tunes locker—a process also referred to as “sideload-

ing.” Once a song was sideloaded, it was indexed and made

available for other sideload.com users to stream, download,

or sideload into their own virtual MP3tunes lockers.18

EMI Christian Music Group, along with a variety of music

publishers and record companies, sued MP3tunes alleg-

ing that it had violated thousands of copyrights. MP3tunes

argued that the DMCA’s safe harbor provisions shielded it

from liability. The plaintiffs argued, among other things, that

MP3tunes failed to implement the required repeat infringer

policy and ignored red ags of widespread infringement.

The district court held that MP3tunes had reasonably imple-

mented a repeat infringer policy and granted it summary

judgment on this point, but ultimately allowed the issue of

MP3tunes’ willful blindness to the rampant infringement as

a question of fact for the jury. The jury found MP3tunes sec-

ondarily liable for copyright infringement and awarded the

plaintiffs approximately $48 million, but this verdict was later

partially vacated and reduced by the district court. An appeal

to the Second Circuit followed.19

The Second Circuit began with a simple question: what

is a repeat infringer? The DMCA leaves the term undened.

The district court had held that a user can only be a repeat

infringer if that user knows that its conduct is infringing

another’s copyright. Thus, according to the district court, only

those who upload content can be repeat infringers. By con-

trast, users who sideload content to their virtual MP3tunes

locker or stream infringing content do not know whether the

material violates the copyrights of others.20

The Second Court disagreed, nding that a repeat infringer

need not have any knowledge of the copyright status of a

certain work. All that is required is repeated uploading and

downloading of copyrighted material. The district court’s sum-

mary judgment ruling, then, was improper, because “MP3tunes

did not even try to connect known infringing activity of which

it became aware through takedown notices to users who repeat-

edly created links to that infringing content in the sideload.com

index or who copied les from those links.”21

That practical effect of this ruling—that MP3tunes should

have “tried” to connect takedown notices to users—may not seem

terribly burdensome at rst glance. After all, many ISPs have a

framework for terminating repeat infringers, and it is easy enough

to ag an account that is the subject of a takedown notice. But in

this particular instance, the court seems to suggest that MP3tunes

not only should have maintained a dossier on users who uploaded

infringing links, but also should have tracked all users who sub-

sequently copied the le underlying an infringing link and also

tracked those users for future activity subject to a notice. The mag-

nitude of this undertaking not only is staggering, but it also seems

at odds with another provision of the DMCA that relieves ISPs of

the burden of afrmatively monitoring their users.22

It remains to be seen how other circuits will handle

attacks on ISPs based on the repeat infringer provision of the

DMCA,23 but the Second Circuit has laid the groundwork for

a sea change in ISP liability.

Continued on page 58