Category Archives: DMCA

GitHub jeopardizes its DMCA safe harbor status by launching its new policy

GitHub has baked in some feelgood to its new DMCA takedown policy. The new setup features clearer language, a refusal to automatically disable all forks of an allegedly infringing repository, and a 24-hour window in which the target of a takedown notice may make changes. The mechanisms of this third point ought to cause one to consider whether GitHub is risking the protections of the DMCA safe harbor.

If a DMCA takedown notice alleges that only certain files (as opposed to the whole repository) infringe, under the new policy, GitHub “will contact the user who created the repository and give them approximately 24 hours to delete or modify the content specified in the notice.” If the user makes changes to the repository, the burden shifts back to the sender of the DMCA notice. This shifing-the-burden-back seems problematic under the DMCA.

GitHub’s policy says:

If the user makes changes, the copyright owner must review them and renew or revise their takedown notice if the changes are insufficient. GitHub will not take any further action unless the copyright owner contacts us to either renew the original takedown notice or submit a revised one. If the copyright owner is satisfied with the changes, they may either submit a formal retraction or else do nothing. GitHub will interpret silence longer than two weeks as an implied retraction of the takedown notice.

The DMCA protects a party in GitHub’s position so long as the party “responds expeditiously to remove, or disable access to, the material that is claimed to be infringing upon notification of claimed infringement”. Read that provision carefully — the response must be to take down, not merely take steps to work with the alleged infringer to make it right. GitHub’s new mechanism of interpreting silence as a retraction is not an expeditious removal of or disabling access to allegedly infringing material. Nothing in the DMCA requires the sender of the takedown notice to have to ask twice.

You’ve got to hand it to GitHub for trying to make the world a better place through this new policy. The intended net effect is to reduce the number of instances in which entire repositories are taken down simply because of a few allegedly infringing files. But GitHub is putting something of great value, namely, its DMCA safe harbor protection, at risk.

Many copyright plaintiffs look for every possible angle to pin liability. You can almost be certain that a copyright owner will challenge GitHub’s safe harbor status on the ground that GitHub did not respond expeditiously. It seems odd GitHub would be willing to toss a perfectly good affirmative defense. One would think the better approach would be to go ahead and take the repository down after 24 hours, rather than leaving it up and risk a finding on “non-expeditiousness”.

Related:

Microsoft letter to GitHub over DRM-free music software is not the first copyright-ironic action against an intermediary

Evan Brown is an attorney in Chicago advising clients on matters dealing with copyright, technology, the internet and new media.

DMCA’s protection of copyright management information applied to non-electronic works

The Digital Millennium Copyright Act (DMCA) provides safe harbors from copyright infringement liability for online service providers (17 U.S.C. 512) and makes it unlawful to circumvent technological measures that effectively control access to copyrighted works (17 U.S.C. 1201). A lesser-known (and lesser-litigated) provision of the DMCA (17 U.S.C. 1202) makes it illegal to intentionally remove or alter any copyright management information or to distribute copies of works knowing that copyright information has been removed or altered without authority of the copyright owner or the law. “Copyright management information” includes information conveyed in connection with copies of the work, such as the title and the name of the author.

A recent case from federal court in Florida considered whether this regulation of copyright management information in the DMCA applies only to electronic works intended for distribution over the internet, or whether it applies to more traditional works such as hard copy technical drawings. The court interpreted the DMCA broadly to apply to all kinds of works, whether on the internet or not.

Plaintiff alleged that defendant violated the DMCA by distributing copies of plaintiff’s drawings “knowing that [plaintiff’s] name had been removed therefrom and/or that another entity’s name had been added thereto.” Defendant argued that plaintiff failed to state a claim for a violation of the DMCA because the DMCA only applies to “technological” infringement. Defendant cited to Textile Secrets Intl’l, Inc. v. Ya–Ya Brand, Inc., 524 F.Supp.2d 1184 (C.D.Cal.2007), which found that § 1202(b) “was [not] intended to apply to circumstances that have no relation to the Internet, electronic commerce, automated copyright protections, or management systems, public registers, or other technological measures or processes as contemplated in the DMCA as a whole.” To read it otherwise, the court in that case reasoned, would contradict the “legislative intent behind the DMCA to facilitate electronic and Internet commerce.”

In this case, however, the court noted that other courts, focusing on the plain language of the DMCA, have held differently, and approved the DMCA’s application to non-technological contexts. See Murphy v. Millennium Radio Group LLC, 650 F.3d 295 (3d Cir.2011); Agence France Presse v. Morel, 769 F.Supp.2d 295 (S.D.N.Y.2011). Although in this case, as in Murphy, the legislative history of the DMCA was consistent with defendant’s interpretation, it did not actually contradict it. Instead, Section 1202(b) simply established a cause of action for the removal of, among other things, the name of the author of a work when it has been conveyed in connection with copies of the work.

So the court, as it found it was required to do, considered the statute’s plain meaning before it considered its legislative history. Under that analysis, it held that plaintiff’s allegations were sufficient to a state a claim for violation of the DMCA.

Roof & Rack Products, Inc. v. GYB Investors, LLC, 2014 WL 3183278 (S.D. Fla. July 8, 2014)

Evan Brown is an attorney in Chicago advising clients on matters dealing with copyright, technology, the internet and new media.

Must a service provider remove all content a repeat infringer uploaded to qualify for the DMCA safe harbor?

459px-Enjoy_Don't_DestroyDoes an online service provider forfeit the safe harbor protections of the Digital Millennium Copyright Act if, when terminating the account of a repeat infringer, it does not delete all content the repeat infringer uploaded — infringing and noninfringing alike? A recent decision involving the antique internet technology Usenet sheds light on an answer.

Active copyright plaintiff Perfect 10 sued Usenet provider Giganews for direct and secondary liability for hosting allegedly infringing materials on the Giganews servers. Giganews asserted the safe harbor of the DMCA (17 U.S.C. 512) as an affirmative defense. Perfect 10 moved for summary judgment on whether the safe harbor applied – it argued that the safe harbor did not apply, Giganews argued that it did. The court denied Perfect 10’s motion.

Perfect 10 asserted that Giganews had not reasonably implemented a policy to terminate the accounts of repeat infringers as required by 17 U.S.C. 512 (i)(1)(A). One of the arguments Perfect 10 made was that Giganews did not reasonably implement its repeat infringer policy because Giganews terminated the accounts of the infringers but did not also delete all the content the infringers had uploaded.

The court was not persuaded that § 512(i)(1)(A) requires a service provider to disable or delete all content a repeat infringer has ever posted. The plain language of the statute requires “termination … of subscribers and account holders,” not the deletion of content. And because a requirement of taking down all content, not just infringing content, would serve no infringement-preventing purpose, the court held that there was no justification for reading such a requirement into the statute.

Perfect 10, Inc. v. Giganews, Inc., — F.Supp.2d —, 2014 WL 323655 (C.D.Cal. January 29, 2014)

Court refuses to help author who was victim of alleged bogus DMCA takedown notices

Author and her publisher disagreed on the content of two of the author’s new books. (As an aside, this author is very prolific — she alleges that she publishes a new book every two weeks!) So rather than deal with publisher, author self-published the works on Amazon. Publisher sent DMCA takedown notices to Amazon, with which Amazon complied. Author sued publisher under Section 512(f) of the DMCA, which provides penalties against senders of DMCA takedown notices that knowingly materially misrepresent claims of infringement. She sought a temporary restraining order (TRO), asking the court to instruct publisher to tell Amazon to make the works available.

The court denied the TRO motion. It found that author had failed to show she would suffer irreparable harm if the works were not put back on the market. In the court’s view, author failed to show how a temporary delay in sales would affect her reputation or goodwill.

The case presents an interesting issue concerning a party’s right to send a DMCA takedown notice. Author alleges that her agreement with publisher provided she owns the copyright in her works, and that publisher merely has a right of first refusal to publish any “sequels” to her previous works. So if what author is saying is true, that publisher does not have a copyright interest in the books but merely a contract interest, she stands a good chance, ultimately, on her 512(f) claim.

Flynn v. Siren-BookStrand, Inc., 2013 WL 5315959 (September 20, 2013)

Court rules against Ripoff Report in copyright case

Xcentric Ventures, LLC v. Mediolex Ltd., 2012 WL 5269403 (D.Ariz. October 24, 2012)

Plaintiff Xcentric Ventures provides the infamous Ripoff Report, a website where consumers can go to defame complain about businesses they have dealt with. Defendant ComplaintsBoard.com is a similar kind of website.

Ripoff Report’s Terms of Service provide that users grant Ripoff Report an exclusive license in the content they post to the site. Based on this right, Xcentric sued various defendants associated with ComplaintsBoard for “encourag[ing] and permit[ing] consumers to post content that has been exclusively licensed to Xcentric.”

Defendants moved to dismiss the copyright infringement claim, asserting they were protected by the safe harbor provision of the Digital Millennium Copyright Act (“DMCA”). The court granted the motion to dismiss, but not because of the DMCA.

DMCA Analysis

The safe harbor provision of the DMCA states that a “service provider shall not be liable for monetary relief” if all of the following requirements are met:

(1) it does not have actual knowledge that the material on its network is infringing;

(2) it is not aware of facts or circumstances that would make the infringing activity apparent;and

(3) upon obtaining knowledge or awareness of such infringing activity, it acts expeditiously to remove or disable access to the copyrighted material.

In this case, Xcentric alleged that defendants actively “encouraged and permitted” copyright infringement by ComplaintsBoard users. The court held that this allegation, if taken as true, could be sufficient to preclude defendants from taking advantage of the DMCA’s safe harbor provisions.

But the court went on to hold that Xcentric had failed to state a copyright claim on which relief may be granted.

Secondary Liability Insufficiently Pled

Xcentric did not allege that defendants directly infringed copyright. Instead, it alleged that by encouraging and permitting users to copy and republish material, ComplaintsBoard was engaged in secondary infringement — either vicarious or contributory infringement.

To state a claim for contributory copyright infringement, Xcentric had to plead that ComplaintsBoard had knowledge of the infringing activity and induced, caused, or materially contributed to the infringing conduct of its users. The court found that Xcentric had not alleged any facts that would lead to a reasonable inference that defendants knew of their users’ republishing Xcentric’s copyrighted content or that defendants had induced, caused, or materially contributed to such republication.

To successfully plead vicarious infringement, Xcentric had to show that defendants had the right and ability to supervise the infringing activity and also had a direct financial interest in those activities. The court found that Xcentric had not put forward enought facts to show that defendants had the right and ability to supervise the infringing activity.

DMCA takedown notices are not just for content

Apple using the DMCA to stop early sales of iOS 6.

The infamous Digital Millennium Copyright Act takedown process gets quite a bit of press when content owners such as movie studios and record companies use it to take infringing copies of films or music offline. The safe harbor provisions of the DMCA are at the heart of content-distribution platforms’ defenses against infringement occasioned by users of the platform. (Think Viacom v. YouTube.)

Apple reminds us, however, that the DMCA gives all copyright owners — not just those who own copyrights in content – a mechanism for getting infringing works off the internet. According to this piece on Engadget, Apple has been contacting hosting providers of sites that offer unauthorized copies of the forthcoming iOS 6 for sale.

So the DMCA, acting in the name of copyright protection, provides a remedy for software providers to keep the clamps on parties who may have access to software for their own use (in this case, iOS developers) but go outside the bounds of such use and offer the technology for sale to others.

Fair use, the DMCA, and presidential politics

The 2012 presidential election cycle is already giving internet law enthusiasts things to talk about. Last week it was Ron Paul’s grumblings about an unauthorized campaign ad on YouTube. Now NBC is moaning about a Mitt Romney ad comprised almost entirely of Tom Brokaw on the Nightly News in 1997.

NBC has asked the ad be pulled, claiming it is a copyright infringement. Smart people are already saying the ad is fair use. It probably is fair use.

And NBC knows that. Romney’s campaign posted the ad on YouTube five days ago, and it is yet to be the subject of a DMCA takedown notice. Though such a notice would be easy to draft and send, NBC is aware that the fallout could be expensive. Section 512(f) of the DMCA penalizes the senders of bogus takedown notices. And the courts have not taken kindly to purported victims of infringement who do not fully consider fair use before having content taken off YouTube.

With the election still months away, we may yet see controversial action like we did in 2008 by the news media to disable political content. These situations underscore the problem presented by how long it takes to process DMCA counternotifications and 512(f) actions.

A candidate’s defeat makes these processes moot. So maybe we should hope for a longer republican primary season just so we can see some good DMCA and fair use litigation. Come on NBC, send that takedown notice!

Court orders company to stop sending bogus DMCA notices to eBay

Design Furnishings, Inc. v. Zen Path LLC, No. 10-2765, 2010 WL 4321568 (E.D. Cal. October 21, 2010)

Decision shows court’s willingness to crack down on overreaching rights holders and abusive DMCA takedown practices.

Plaintiff and defendant both sell wicker furniture on eBay. Defendant sent 63 notices to eBay complaining that plaintiffs auctions infringed on defendant’s purported copyright in the furniture.

So plaintiff filed a lawsuit over the barrage of DMCA takedown notices, claiming, among other things, that defendant violated 17 U.S.C. 512(f) by knowingly and materially misrepresenting that plaintiff’s eBay auctions contained infringing material. Plaintiff asked the court to grant a temporary restraining order (TRO), stopping defendant from sending the notices to eBay. The court granted the motion.

The court found that plaintiff would likely succeed on its Section 512(f) claim because of the strong inference that defendant knew it did not have a valid copyright claim. On this point, the court found that the defendant appeared to be claiming copyright protection in the industrial design of the wicker furniture. But the Copyright Act excludes “useful articles” from the scope of copyright protection.

The court also found plaintiff might suffer irreparable harm if defendant were permitted to keep sending the bogus DMCA takedown notices. If eBay were to suspend plaintiff’s account, plaintiff might lose prospective customers and goodwill. This sort of harm was intangible and not capable of measurement. Because of the risk of harm, the court also found that the balance of equities tipped in plaintiff’s favor.

Finally, the court found that the TRO would serve the public interest. On this point the court made the intriguing observation that eBay’s policies of taking down content upon the mere allegations of infringement reverses the ordinary burden of proof in copyright infringement matters. The court granted the TRO to prevent defendant from “effectively shut[ting] down a competitor’s business on eBay simply by filing the notice that the seller’s product allegedly infringes on the complaining party’s copyright.”

YouTube victorious in copyright case brought by Viacom

District court grants summary judgment, finding YouTube protected by DMCA safe harbor.

Viacom v. YouTube, No. 07-2103, (S.D.N.Y. June 23, 2010)

The question of whether and to what extent a website operator should be liable for the copyright infringement occasioned by the content uploaded by the site’s users is one of the central problems of internet law. In talks I’ve given on this topic of “secondary liability,” I’ve often referred it simply as “the YouTube problem”: should YouTube be liable for the infringing content people upload, especially when it knows that there is infringing material.

Charlie Bit My Finger - Harry and his little b...
Image via Wikipedia

Today was a big day in the history of that problem. The district court granted summary judgment in favor of YouTube in the notorious billion dollar copyright lawsuit brought against YouTube by Viacom way back in 2007.

The court held that the safe harbor provisions of the Digital Millennium Copyright Act (“DMCA”) (at 17 USC 512) protected YouTube from Viacom’s direct and secondary copyright claims.

Simply stated, the DMCA protects online service providers from liability for copyright infringement arising from content uploaded by end users if a number of conditions are met. Among those conditions are that the service provider “not have actual knowledge that the material or an activity using the material on the system or network is infringing,” or in the absence of such actual knowledge, “is not aware of facts or circumstances from which infringing activity is apparent.”

The major issue in the case was whether YouTube met these conditions of “non-knowledge” (that’s my term, not the court’s) so that it could be in the DMCA safe harbor. Viacom argued that the infringement was so pervasive on YouTube that the site should have been aware of the infringement and thus not in the safe harbor. YouTube of course argued otherwise.

The court sided with YouTube :

Mere knowledge of prevalence of such activity in general is not enough. . . . To let knowledge of a generalized practice of infringement in the industry, or of a proclivity of users to post infringing materials, impose responsibility on service providers to discover which of their users’ postings infringe a copyright would contravene the structure and operation of the DMCA.

Given the magnitude of the case, there’s little doubt this isn’t the end of the story — we’ll almost certainly see the case appealed to the Second Circuit Court of Appeals. Stay tuned.

Enhanced by Zemanta

Pro-DRM decision under DMCA

Actuate Corp. v. IBM Corp., No. 09-5892 (N.D. Cal. April 5, 2010) [Scroll down for opinion]

Distribution of software license keys on the internet may constitute trafficking in circumvention technology, which is prohibited under the Digital Millennium Copyright Act (“DMCA”)

Plaintiff software licensor sued defendant for, among other things, violation of the anticircumvention provisions of the DMCA found at 17 USC 1201. Plaintiff alleged that defendant posted license keys on the internet, which purportedly would enable plaintiff’s software to be “installed on an unlimited basis.”

Defendant moved to dismiss, pointing to a line of cases including I.M.S. Inquiry Management Systems, Ltd. v. Berkshire Information Systems, Inc. and Egilman v. Keller & Heckman, LLP [see this old blog post about Egilman].

The I.M.S. line of cases hold that the use of a password issued by the copyright holder does not amount to “circumvention” under the DMCA. Under this thinking, the use of an issued password, even if done without authority, does not result in the “avoiding, bypassing, removing, deactivating, or otherwise impairing [of] a technological measure.”

But another line of cases, headed by 321 Studios v. MGM Studios, Inc. suggests differently. The court in 321 Studios reasoned that unauthorized use of a decryption code (the same one issued by the manufacturer) to bypass the encryption on a DVD served to avoid and bypass the encryption.

In this case, despite both parties’ attempts to show the compatibility of the lines of cases, the court found them to be irreconcilable. It sided with the thinking behind the 321 Studios line, finding no support for a distinction between passwords and other types of code that might be used for decryption.

Here’s the opinion:

Skeleton key photo courtesy Flickr user theogeo under this Creative Commons license.