Liability Of Internet Service Providers
Internet service providers (“ISPs”) provide their subscribers with online Internet access. This raises the question of whether the ISP or the individual subscriber is liable for potential copyright infringement.
Prior to the enactment of the Digital Millennium Copyright Act (“DCMA”), the law was unclear on the extent to which ISPs could be held liable for infringement by their subscribers. In Playboy Enterprises Inc. v. Frena, 839 F.Supp. 1552 (M.D. Fla. 1993), Playboy obtained summary judgment for copyright infringement against a bulletin board operator who allowed Playboy photographs to be uploaded, displayed, and downloaded. The Court found direct copyright infringement even though the bulletin board operator testified that he did not know, and had no reason to know, of the infringements. In Sega Entertainment, Ltd. v. Maphia, 857 F.Supp. 679 (N.D. Cal. 1994), Sega obtained a preliminary injunction against a bulletin board operator who encouraged the uploading and downloading of Sega games. The United States Copyright Act, through the enactment of the DMCA, now provides Internet service providers with some additional protections.
Safe Harbors For Internet Service Providers
The DMCA, Title II, Public Law 105-304, which is codified in 17 U.S.C. § 512 of the Copyright Act, provides safe harbors from copyright infringement liability for ISPs (including company bulletin boards and intra-company e-mail). To qualify for any of the safe harbors provided by the DMCA, an ISP must adopt, implement, and inform subscribers of a policy of termination for repeat infringers. In addition, the ISP must accommodate standard copyright protection measures. There are four categories of safe harbors provided by the DMCA:
- transitory digital network communications
- system caching
- information residing on systems or networks at direction of users
- information location tools
To receive the benefit of limited liability under any one of these safe harbors, the ISP must meet certain requirements. The safe harbors allow ISPs to avoid monetary damages, and, in most cases, injunctive relief for copyright infringement.
To be eligible for the transitory digital network communications safe harbor, an ISP cannot initiate the transmission of copyrighted material, the transmission must be carried out through an automatic technical process, the ISP must not select the recipients of the copyrighted material, and the ISP must not store the material any longer than is necessary to transmit it to the recipient. In this type of situation, the ISP is merely acting as a passive conduit for the material. See 17 U.S.C. § 512(a).
The system caching safe harbor requires that the copyrighted material is made available by someone other than the ISP, that the material pass through the ISP to another person, and that the transmission is carried out through an automatic technical process. Additionally, the ISP must not modify the transmitted material, must comply with the rules regarding refreshing and reloading set forth by whoever made the material available, and must not interfere with the technology that returns the material to whoever made the material available. The ISP can only remove or disable access to the material if the material is first removed or disabled from the originating site, or a court order has been entered requiring removal or disablement. See 17 U.S.C. § 512(b).
Information residing on systems or networks at direction of users allows the ISP to limit their liability for the storage of infringing material for subscribers on a system or network operated by the ISP. This safe harbor requires that the ISP has no actual knowledge of the infringing activity and does not receive a financial benefit from the infringing material. The ISP must also act expeditiously, once notice is received, to remove or disable any allegedly infringing material. Because of the notice requirement, an ISP must have a designated agent to receive notice on file with the Copyright Office. See 17 U.S.C. § 512(c).
One should be careful when sending out cease and desist letters to ISPs based on the DMCA. Diebold, Inc., the manufacturer of voting machines, sent out many cease and desist letters to ISPs after internal documents describing problems with the Diebold software were published on the Internet, including several college sites. After receiving a letter from Diebold, Swarthmore College required students to remove the allegedly infringing material. Diebold stopped sending cease and desist letters after being challenged in a lawsuit filed by the Online Policy Group on behalf of two Swarthmore College students. The judge, however, found that Diebold was liable for damages, since it knowingly and materially misrepresented that copyright infringement had occurred and that no reasonable copyright holder could have believed that portions of emails discussing possible technical problems with voting machines were protected by copyright. Online Policy Group v. Diebold, Inc., 337 F. Supp. 2d 1195 (September 2004).
Finally, information location tools qualify as a safe harbor. Information location tools allow ISPs to refer or link subscribers to other on-line locations, some of which may contain infringing material. The ISP must not have actual knowledge of the infringing activity and if knowledge is present must act expeditiously to remove or disable any infringing material, and must not receive a financial benefit from the infringing activity. The ISP is only required to comply with these requirements if notice of the infringement sufficiently identifies the material or activity to allow the ISP to locate the allegedly infringing material. See 17 U.S.C. § 512(d).