Until recently, most internet service providers (“ISPs”) had good reason to feel reasonably shielded from liability stemming from the conduct of their subscribers. From the uploading of unlicensed music files to the exchange of pirated content via BitTorrent, most ISPs remained shielded from liability since the implementation of the Digital Millennium Copyright Act in 1998. Balancing the interests of copyright holders with the needs for ISPs to limit their exposure for users’ content, the Title II of the DMCA known as the “Online Copyright Infringement Liability Limitation Act” (codified under 17 USC Section 512) basically created a “safe harbor” for ISPs from, inter alia, secondary liability for the infringing acts of their subscribers. Essentially, ISPs may be shielded from liability for the content posted by subscribers if the ISP (i) as no knowledge of the infringement, (ii) implements effective notice and takedown procedures regarding infringing content, and (iii) takes prompt measures to remove such content after notice of infringement. A recent federal district court case out of the Eastern District of Virginia, however, should serve as a warning to conduit ISPs that this liability shield is anything but absolute…and requires a more active role by ISPs than most ISPs may think.
BMG (a music publishing company that controls the musical composition rights to many artists like Bruno Mars and) sued Cox Communications (an ISP) when informed by its online rights agent, Rightscorp, that Cox was not cooperating in forwarding infringement notices to Cox subscribers. Rather than purportedly adhering to its acceptable use policy (“AUP”) claiming suspension and termination for infringement, Cox gave what amounted to a “13 Strike policy” before actually terminating subscribers. This inaction was not insubstantial – Rightscorp detected over 1.8 million instances of infringement (with more than 150,000 copies of illegally downloaded copyrighted works collected by Rightscorp from Cox subscribers). A little less than 1,400 copyrighted works were in contention in the lawsuit, and the jury at trial rendered a $25 million verdict (about $18,000 for each song infringed).
With this backdrop in mind, here are 3 things ISPs need to address post–BMG to ensure they remain within the purview of the DMCA liability shield:
- Ensure Your Usage Policy is Reasonable… and Adhere to It. Although the verdict is ostensibly limited to the use of BitTorrent in the uploading and distribution of copyrighted content, ISPs need to take a more pro-active role in addressing potential infringement to be safe regardless of the mechanism used to distribute the allegedly infringing content. ISP policies should not only clearly state acceptable uses of the service and prohibit the uploading and distribution of infringing materials – they need teeth, meaning the ISP must suspend and terminate violators.
- Enforce 3 Strikes and You’re Out…Really. It is clear from the judge’s opinion that the numerous warning notices to subscribers without suspending access were highly problematic (thirteen is definitely NOT a magic number in this case). If the ISP receives a notice of infringement from a third-party, it needs to take action on the allegation and not hesitate. Initial notice, second notice with suspension and third notice with termination is well within the purview of reasonableness and would avoid allegations of willfulness. I realize that ISPs need subscribers and are concerned about taking action prematurely (Cox was definitely irritated with the accuracy of Rightscorp’s sampling and the settlement language in their initial notices); however, Cox never provided alternative vehicles to alert subscribers and arrogantly ignoring the notices (and eventually blacklisting Rightscorp) only made matters worse in the eyes of the court. ISPs should be proactive in such cases by working with the claimed IP owner and/or agent, not against them – having subscribers is important, but subscribers that flaunt an ISPs usage policies are not worth the potential liability.
- Do NOT Disregard Notices of Infringement…Ever. Regardless of the mechanism used to notify the ISP of potential infringement, knowledge of potential infringement cannot be taken lightly as it can trigger liability. The DMCA “safe harbors” require action to be taken against repeat infringers to enjoy the liability shield, so ISPs must take action consistent with the appropriate usage policy. If the ISP takes issue with the nature of the notice or its accuracy, at least engage the notice provider, clarify the claim and seek resolution or an alternative means to alert the subscribers.
I realize that this federal court case is of limited precedent and places more onus on ISPs; however, Judge Cox’s opinion may be a leading indicator of the direction of the courts given the extent of copyright infringement on the Internet (keep that in mind, KimDotCom). Further, Rightscorp is now empowered to take on ISPs with its trove of data on alleged infringements…and is raring to do so. When confronted with the prospect of potential liability, don’t risk it – it is definitely better to be safe than sorry…especially when “sorry” can come with a pretty steep price tag.