Transcript Online Intermediaries and Liability for Copyright Infringement Lilian Edwards and Charlotte Waelde AHRC Centre for Intellectual Property and Technology Law University of Edinburgh.

Online Intermediaries and Liability
for Copyright Infringement
Lilian Edwards
and
Charlotte Waelde
AHRC Centre for Intellectual Property and Technology
Law
University of Edinburgh
Introductory themes and issues
Who are online intermediaries?
– Traditional, newer and “P2P”
Why have immunities for intermediaries?
– Policy factors
– Changes since P2P explosion
Copyright liability issues
Types of “general” immunity regimes
– Notice and take down (NTD)
Immunity and “P2P” intermediaries
Suing copyright infringer not intermediary
– Private copying – when downloading is legal?
– Disclosure and anonymity issues
Alternatives to suing intermediaries or infringers
Conclusions
On line intermediaries
“Traditional” =
– Internet Access Providers (IAPs)
– Internet Service Providers (ISPs) eg AOL
– Hosts/”portals” eg BBC, NY Times, Yahoo!
E.g. US Communications Decency Act 1996 s 230(c)– “Provider..
Of an interactive computer service”
Intended to protect ISPs, also applied to websites and moderator
of website, but NOT to EBay as distributor not publisher of
content (Grace v Ebay, 2004)
Eg, Singapore Electronic Transaction Act 1998, India IT Act 2000
both refer to “network service providers”
Newer online intermediaries
•On-line sellers/distributors of goods/services
•On-line auction sites
•Aggregators eg RSS readers
•Price comparison engines
•Search engines
•Universities & digitised archives
•Chat-rooms, fora, eGroups
•“Web logs” or blogs
•Mobile phone communications providers
EC E-Commerce Directive 2000
Art 2(a) - Information Society Service Providers (ISSPs) (see Arts 12-15)
Provider of an “information society service” defined as “any service normally
provided for remuneration, at a distance, by means of electronic equipment for
the processing (including digital compression) and storage of data, and at the
individual request of a recipient of a service.” Recipient is user, natural/legal
person.
Much wider than traditional ISP sector
Non-commercial? Search engines? Universities?
Services provided not WHOLLY at a distance? eg, tele-employer
P2P intermediaries??
P2P intermediaries
1. Centralised index P2P intermediaries eg first Napster
2. De-centralised model eg Grokster/KaZaA – user nodes, super-nodes
3. BitTorrent – files downloaded in chunks, every downloader also uploader –
hubs point to torrent files, tracker sites point to users. eXeem is eg P2P
implementation.
4. Freenet – encrypted files, also chunked, anonymised users.
5. “Open source” intermediaries eg BitTorrent – cf proprietary intermediaries,
eg, Napster, KaZaA.
Copyright intermediary worries
•Early cases – Scientology texts etc
•Caching
•P2P liability for illicit downloading of songs, video
•Hyperlinking liability (cf DMCA and ECD)
Policy issues around “general”
intermediary liability
•Policy/law often driven by libel/porn cases not copyright
•Early cases exclusively re ISPs, analogy to h/c publishers
•ISPs seen as identifiable targets with “deep pockets”, while original content
providers often anonymous, unlocatable, no resources, & (re copyright) bad PR
to sue your own customers
•ISPs transmit/host/publish huge amounts content, some dynamic, most out of
contractual control
•In practice, unable to monitor/check all this material, plus undesirable in terms
of privacy
•Thus, in toto, seen as subject to unmanageable burden if made liable as
ordinary publishers are for content provided by others
Policy outcomes to c 2000
•But - public interest in a flourishing ISP sector for public/commercial reasons
•States furthermore saw ISPs as natural gatekeepers to Internet – able to help
control porn, spam, etc
•Hence, immunities needed so that ISP could exert some though not total
control over 3rd party content without becoming liable for it – statutory reversal
of Prodigy case, which had encouraged “head in sand” approach.
•US CDA 1996 s 230 (c) eg gave ISPs total immunity in respect of content
provided by another party
•Later instruments – DMCA, ECD etc – gave less total immunity (see on)
But later policy factors emerge..
•ISPs/intermediaries took advantage of immunities granted but did NOT on
whole (tho cf BT Internet) take on voluntary monitoring/filtering role. Tendency
to see self as neutral businesses, not censors or state agents.
•On-line industry mainstreamed – less worry that liability would put it out of
business, cause off-shoring
•Interests of “victims” given short shrift compared to immunity for intermediaries
– esp IP rightsholders.
•Exponential growth in P2P music piracy
•Tacit knowledge that broadband as consumer business model based heavily
on illegal downloading
•MIPI, Australia, April 05 “There can be no doubt that the ISP industry's dirty
little secret is how much revenue they derive from the traffic in unauthorised
sound recordings.”
Legal regimes for intermediary
liability - 1
“Total liability”
– China etc – state censorship arm
– Original Australian Broadcasting Amendment Services (On Line
Services) Act 1999, re porn only – amended
“No Liability” or “Total immunity”
– US CDA 1996 c 230 (c) re publication libellous, obscene,
negligently misstating content not copyright: “No provider or
user of an interactive computer service shall be treated as the
publisher or speaker of any information provided by another
content provider“
– Problems – no incentive for ISP/host to pay any attention to
rights of victims, even on explicit notice – see Zeran v AOL ,
1997.
Legal regimes for intermediary
liability 2 – limited liability
Compromise. Encourages self regulation by intermediary.
US DMCA (copyright only) and EC ECD (“horizontal”) both espouse
functionality immunities for online intermediaries
“Mere conduit” immunity
“Caching” immunity
“Hosting” immunity. Most controversial. Main issue is notice and take down
(NTD)
“Linking/informational or locational tools” immunity – found in DMCA but not in
ECD. Is linking liability something that would logically extend to P2P
intermediaries as well?
Do P2P intermediaries have benefit of these regimes at all? Apparently not in
US: see Napster, Aimster later. EU? Lack of linking liability provision in ECD
makes it unlikely.
Notice and take down
•Essence of limited liability regimes is that intermediary is immune from liability
as host/publisher unless receives constructive or actual notice of illegality.
•Both ECD and DMCA then demand “expedient” take-down (what is
“expedient?”)
•Key issue: how far does NTD operate as privatised censorship and invade
public domain? Does intermediary have any incentive to check validity of
claim?
•Oxford “mystery shopper” found no incentive to investigate. Dutch research
found 70% take down without enquiry by Dutch ISPs of public domain text.
•DMCA does help by demanding rightsholder authorisation of take down, and
good faith pledge - not found in ECD
•DMCA also provides safe harbor to intermediary against breach of contract
claims by site taken down – not in ECD
Put-back and public scrutiny
•If evidence true, are there ways to safeguard NTD against unfairly repressing
public domain/fair use/fair dealing?
•Put-back in DMCA in practice rarely used – C&Ds tend to be accepted/settled,
due to superior firepower.
•Could a body like Internet Watch Foundation usefully adjudicate copyright
take-down requests? Unlikely – see EC Rightswatch research.
•Oxford research suggests criteria for self regulatory decisions, such as
transparency, public accountability, audit, independence, independent appeals
mechanism. Also suggest accreditation by sector regulator as fair system.
P2P intermediaries
1. Centralised index P2P intermediaries eg first Napster
2. De-centralised model eg Grokster/KaZaA – user nodes, super-nodes
3. BitTorrent – files downloaded in chunks, every downloader also uploader –
hubs point to torrent files, tracker sites point to users. eXeem is eg P2P
implementation.
4. Freenet – encrypted files, also chunked, anonymised users.
5. “Open source” intermediaries eg BitTorrent – cf proprietary intermediaries,
eg, Napster, KaZaA.
Copyright liability and P2P intermediaries
•Can P2P intermediaries be held to be liable for infringement of copyright by
their users?
•Varying standards:
•US – contributory and vicarious liability
•Canada and Australia – authorisation of infringement
•Netherlands – general tort law?
Contributory and vicarious liability
– the US
Direct infringement by primary user
•Contributory: knowledge of the infringement and material contribution
•Vicarious: right and ability to supervise and financial benefit
But – substantial non-infringing uses
Sony Betamax case
•Staple article of commerce doctrine
•Sale of copying equipment does not constitute contributory infringement if it is
used or capable of substantial non infringing uses
Napster
• Napster had actual knowledge of infringing uses through provision
of centralised server.
• Where there is actual knowledge, it is irrelevant that the product is
capable of substantial non-infringing uses
• Material contribution to user infringement through provision of site
and facilities
• Centralised architecture gave it the right and ability to supervise
and control users
• Tried to develop a filter to stop the movement of infringing files…
Aimster
•Architecture decentralised – Aimster had no copies on its servers - information
as to location of files on computers of users.
•Aimster software searched for files
•Communications encrypted
•Used for substantial non-infringing uses – but no evidence (burden of proof on
defendant)
•Merely being capable of substantial non-infringing uses not enough
•Consider ability of & costs to service provider in preventing infringement by
users
•Wilful blindness (encryption) amounts to knowledge of infringement
Grokster
Decentralised system:
Each user maintains an index only of files to be made available to other users
•Capable of substantial non-infringing uses
•No control over users so no vicarious liability
•Could not know of infringement at time when it occurred
•Constructive knowledge enough if lacking substantial non-infringing uses, but
actual knowledge of specific infringement needed if there are substantial noninfringing uses
Grokster in the Supreme Court
29th March 2005
Does a defendant invoking the Sony defence have to show that the technology is capable of, or
actually does, support substantial non-infringing uses?
Petitioners' Argument
Under the Sony rule, Grokster should be found liable: unauthorised copying of works was "the only
significant use of Grokster"
Even if there were non-infringing uses – these were dwarfed by infringing uses: look at the proportion
of legitimate to illegitimate uses.
Grokster should be excused only if the business model was not substantially related to infringement
(see also Government support of Petitioners - the developer should show that it is "not involved in a
business significantly related to copyright infringement.")
Have reasonable steps been taken to deter infringement?
On relying on the actual inducement test "These companies already operate in the shadows," "The
paper trail won't exist next time."
Respondents' Argument
Sony decision important to protect innovation
Grokster software is clearly within rubric of "substantial noninfringing uses." (Cf Aimster which found
no substantial noninfringing uses of a P2P file sharing program)
Grokster not liable under ‘wilful ignorance’- never in possession of information regarding how its
software is used.
The technology was structured in such a way that the developers had
nothing to do with the users once they obtained the software.
Safe Harbor
•Transitory communications – transmitting/routing or providing connections for
materials through system or network
•System caching – intermediate and temporary storage of material
•Information location tools – referring/linking to an online location containing
infringing material
Proviso – where there is knowledge prevent the use of the service by repeat
infringers
NTD regime not satisfactory as a regime of protection for P2P intermediaries
•Napster – attempts resulted in closure
•Aimster – said it did not know what users were doing – but included tutorials
•Grokster – not considered in detail – could not know of uses at time at which
they took place - control had been ceded to users
Netherlands
Buma/Stemra v KaZaA
KaZaA not liable for copyright infringement in relation to works swapped
between its users
•‘The provider of [P2P] file sharing software as the one in issue cannot itself be
held liable for infringement of copyright. The provider may in certain
circumstances be liable for a wrongful act’
•‘a service provider …may… be [required] to take adequate measures when
the service provider is notified of the fact that one of the users of its computers
system is committing copyright infringements..’
Requiring what? Termination of a users account? Takedown?
But where control is ceded to the user and there is no further involvement from
the provider?
Canada
Authorisation of infringement (sanction, approve or countenance)
Could royalties be collected from ISPs in Canada for downloading by users?
Did the ISPs authorise the infringement?
•‘a person does not authorise infringement by authorising the mere use of
equipment that could be used to infringe copyright. Courts should presume
that a person who authorises an activity does so only so far as it is in
accordance with the law…’
•‘an ISP is entitled to presume that its facilities will be used in accordance with
the law’.
Could be rebutted by knowledge – e.g. notice of infringing posting and ‘failure
to take it down’.
But where control is ceded to the user and there is no further involvement from
the provider?
Australia – KaZaA litigation
Moorhouse test – sanction approve countenance or permit
‘inactivity or indifference exhibited by acts of commission or omission’ might be
enough
Must know – or have reason to suspect that infringing activity would take place
•‘a person who has under his control the means by which an infringement of
copyright may be committed…and who makes it available to other persons,
knowing, or having reason to suspect, that it is likely to be used for the purpose
of committing an infringement, and omitting to take reasonable steps to limit its
use to legitimate purposes, would authorise any infringement that resulted from
its use’
What might this require P2P intermediaries to do? Would warnings be enough
– as with photocopier notices?
But where control is ceded to the user and there is no further involvement from
the provider?
Notice and architecture
Architectural differences – crucial
Napster – knowledge and technically capable of removal
KaZaA and Grokster – no knowledge at time of infringing activities and no way
of stopping those infringements
Suing downloaders and uploaders
Downloaders
•Downloading/making private copies is not unlawful in all jurisdictions:
•Canada – a levy system ‘all private copying is now exempt subject to a
corresponding right of remuneration’
•France – downloading films and music from the internet, copying onto CDs
and sharing ‘with a few friends’ – not commercial use. How many friends?
Downloaders and uploaders
•BitTorrent – downloading and uploading – who to sue?
Uploaders
Many individuals been sued – many of whom have settled.
Hiding and Identifying the infringers
Hiding the infringers
Freenet – users remain anonymous through its architecture and makes process of
identification hard
Identifying the infringers
Should disclosure be mandated by courts? Pre litigation? Standard of evidence?
Where is the balance between privacy and disclosure?
How much evidence of infringement should be required to justify disclosure?
UK – Totalise v Motley Fool (libel) – court ordered disclosure notwithstanding data
protection. BPI action – 28 individuals disclosed
US – DMCA s 512(h) – empowers ISP to disclose ‘notwithstanding any other rule of law’;
Cf. Dendrite v John Doe No. 3. – (libel) plaintiff must show winning case before
disclosure would be mandated; RIAA v Verizon – DMCA procedure does not apply where
ISP acts a conduit
Canada - BMG v John Doe – ‘the public interests in favour of disclosure must outweigh
the legitimate privacy concerns’
Unresolved issues
•Actual or constructive knowledge?
•When is knowledge relevant?
•How much positive action should be taken?
•What of wilful blindness?
•What is meant by authorisation?
•Relevance of actual or potentially non-infringing uses?
•What happens where users are downloaders and uploaders?
•Decentralised anonymised systems make identification problematic
•Who is liable for open source systems?
•NTD regimes not helpful or relevant
Alternative solutions?
•Levies
Giving up on copyright; majority pay for minority; double pay where DRM; not
intended to compensate for unlawful use; loss of control; administrative
problems; ignores market;
Better than more regulation where enforcement is impossible; administration
could be managed; deploy technology to collect levies?
•Digital Rights Management
Complex contractual matrices; fair use/dealing; capable of circumvention
•Active inducement theory
The inducement is likely to be hidden – Grokster "These companies already
operate in the shadows," "The paper trail won't exist next time."
•Join the club
Managed downloading sites
•Shaping the technology?
Balancing the interests
•Intermediaries; content providers; rights holders; technology developers; public
interest
•Time for a change in emphasis?
•From limited liability NTD to…?
For more information:
http://www.law.ed.ac.uk/ahrb
Email: [email protected]
AHRC Research Centre for Studies in Intellectual Property and Technology
Law
School of Law
University of Edinburgh
Old College
Edinburgh EH8 9YL