P2P and the ISP: the ins and outs of file-sharing liability.
The law governing P2P arrangements stems from Sony Corp. of America Inc. v. Universal City Studios Inc., 464 U.S. 417 (1984), a Supreme Court case that resolved the copyright status of the Sony Betamax, a predecessor of today's video cassette recorders.
The court ruled that the manufacturer of a product having substantial non-infringing uses (in this case, recording TV programs for viewing at a more convenient time) is not a contributory infringer merely because some uses of the product constitute copyright infringement. The court deemed that Sony lost control over use of its product once it was sold. In addition, the court refused to allow copyright holders to deny consumers the benefits of a new technology to prevent infringement via the technology.
In A & M Records Inc. v. Napster Inc., 239 F3d 1004 (9th Cir. 2001), the 9th U.S. Circuit Court of Appeals (which covers California, Washington, Oregon, Idaho, Montana, Nevada and Arizona) held the Napster file-sharing system liable for contributory and vicarious copyright infringement.
Napster was found guilty of contributory infringement because it knew its users were exchanging pirated music, and furnished facilities and support services (including software, servers, search engines and a central list of available files) that enabled them to find and download copyrighted music. Napster was found liable for vicarious infringement because it required users to register and gave limited access to its system to registered users [Rural Telecommunications, November/December 2002].
After the Napster ruling, P2P software vendors tried to reduce their copyright exposure by limiting centralized facilities and controls. However, the next P2P vendor to reach the appellate courts did not do enough to distinguish itself from Napster.
In Aimster Copyright Litigation, Case No. 02-4125, decided June 30, 2003, the 7th U.S. Circuit Court of Appeals (which covers Illinois, Indiana and Wisconsin) found the Aimster (later Madster) P2P service liable for contributory and vicarious infringement of music copyrights.
Aimster was comprised of proprietary software, a server (which conducted searches of user computers for music they were willing to share and instructed the computers to transmit encrypted files to users requesting them) and tutorials on file swapping. The court found that a service provider, unlike the manufacturer, has a continuing relationship with its customers and, therefore, a greater ability to monitor use of its service and prevent infringements.
It held that Aimster's use of encrypted shared files did not immunize it from knowledge that its service was being used for the infringing activities that its tutorials encouraged. Finally, the court declared that it was not enough for Aimster merely to list possible non-infringing uses of its service. Rather, file-sharing services must show that: 1) they actually are used for substantial non-infringing purposes, and 2) the cost of eliminating or substantially reducing infringing uses would be disproportionately high.
An End in Sight?
The string of losses by P2P services may be ending, however. On February 3, the 9th Circuit heard oral arguments in the appeal of a lower court decision, MGM Studios Inc. v. Grokster Ltd., Case CV 01-08541 (C. D. Cal. April 25, 2003), which found that the vendors of Grokster and Morpheus file-sharing software had not engaged in contributory or vicarious copyright infringement.
Once installed, both software products connect automatically to a P2P network and make shared files available for transfer to other users connected to that network. Searches and transfers are conducted from computer to computer on the P2P networks without any information being transmitted to or through computers owned by Grokster or Morpheus.
The District Court found that the vendors distribute and support software that users can employ for lawful and unlawful purposes. It ruled that they were not guilty of contributory infringement, even though they had been notified of infringing conduct by users, because 1) they had no actual knowledge of infringement at a time they could prevent it (i.e., before they sold the software to an infringing user), and 2) they provided no sites or facilities or technical assistance that materially contributed to infringing activities.
Likewise, although Grokster and Morpheus derive financial benefits from purchase of their software for infringing purposes, they were not guilty of vicarious infringement because they had no right or ability to control the use of their software after its sale.
The 9th Circuit will issue its Grokster order later this year. Depending on its ruling, and those in other cases working their way through the courts, the end result may be a conflict requiring the U.S. Supreme Court to revisit its 20-year-old Sony decision, or a more elear dividing line may be drawn between the continuing-assistance Aimster approach and the sale-only Grokster model. In the alternative, Congress may weigh in with legislation to address the conflicts between copyright holders and file sharers.
Staying Out of the Fray
As long as P2P services and users may be liable for copyright infringement, ISPs must protect themselves from being drawn into this litigation as alleged contributory and/or vicarious infringers. They need to satisfy the conditions necessary to qualify for the safe harbors in Section 512 of the Copyright Act for "transitory communications," "system caching," "hosted Web sites" and/or" information location tools." If an ISP qualifies for the relevant safe harbor, it is not subject to monetary damages for copyright infringement over its facilities, and is subject to limited injunctive relief (i.e., it can only be ordered to terminate particular customer accounts and restrained from providing access to infringing material at particular online sites).
To qualify for any of the four safe harbors, an ISP must: 1) adopt and implement a policy of terminating the accounts of repeat copyright infringers, and 2) accommodate and not interfere with the standard technical measures used by copyright owners to identify and protect copyrighted works.
In addition, each of the four safe harbors has specific conditions that must be met. For example, to qualify for the "transitory communications" safe harbor that protects it from liability for the infringing acts of its users, an ISP must: 1) not initiate or direct the transmission of material, 2) use an automatic technical process to transmit, route, provide connections and/or store material without the selection of such material by the ISP, 3) not select the recipients of material except as an automatic response to the request of a third party, 4) maintain no copy of material in intermediate or transient storage that ordinarily is accessible to anyone other than the anticipated recipients, 5) maintain no copy of material in intermediate or transient storage for longer than is necessary for transmission, routing or providing connections, and 6) transmit material without modification of its content.
An ISP that wants to qualify for the Web site hosting safe harbor that protects it from liability for copyright infringements by Web sites established by customers on its system must: 1) designate an agent with the copyright office, 2) remove or block access to a Web site once it becomes aware of infringing activity, 3) comply with the "notice, take-down and counter-notice" procedures for blocking or restoring access to Web sites in the event of disputes between copyright holders and Web site operators, and 4) receive no financial benefit directly attributable to an infringing activity.
ISPs and Injunctions
In 2003, RIAA began using the subpoena provision of Section 512(h) of the Copyright Act to request and serve subpoenas on ISPs for identification of customers alleged to be infringing music copyrights. The subpoenas list Internet protocol (IP) addresses where large numbers of music files are alleged to have been traded via P2P programs, and demand the names and physical addresses of the customers.
These subpoenas put ISPs in the extremely difficult position of risking contempt of court and judicial penalties if they refuse to comply with a valid subpoena, and risking customer alienation and liability for violation of customer privacy if they respond to invalid subpoenas. At the very least, ISPs may incur substantial expenses to test the validity of such subpoenas.
In RIAA v. Verizon Internet Services Inc., Case No. 03-7015, decided December 19, 2003, the U.S. Court of Appeals for the D.C. Circuit held that Section 512(h) does not authorize the issuance of a subpoena to an ISP acting solely as a conduit for an individual using a P2P file-sharing program to exchange files (i.e., where the ISP has no control over content). The court concluded that a Section 512(h) subpoena may be issued only to an ISP engaged in storing infringing materials on its servers (e.g., infringing materials on a hosted Web site, in a temporary cache or in an information tool hosted by the ISP).
In June 2003, Pacific Bell Internet Services filed a complaint for injunctive relief against RIAA and its subpoenas in the U.S. District Court for the Northern District of California (Case No. 03-3560). Pac Bell requested a ruling that the subpoenas are not authorized by Section 512(h) of the Copyright Act or, in the alternative, that Section 512(h) is void because it violates Article III and the First and Fifth Amendments of the Constitution.
Pac Bell also asked that RIAA be required to reimburse ISPs for the costs of complying with its subpoenas, and that RIAA obtain subpoenas only from the U.S. District Court in which an ISP is located. The Pac Bell complaint as of press time was still pending.
On January 21, RIAA responded to the Verizon decision by filing "John Doe" lawsuits against 532 computer users who allegedly distributed copyrighted music illegally on P2P networks. The lawsuits identified the 532 defendants by their IP addresses but did not name them.
RIAA's next step will be to request subpoenas to be served on ISPs, asking for the names and physical addresses of the "John Doe" defendants. These subpoenas will be subject to traditional judicial rules and procedures rather than Section 512(h) of the Copyright Act, and may be quashed if they do not comply with these rules (e.g., the issuing court does not have jurisdiction to issue the subpoena against the ISP).
It is believed that at least some ISPs issue temporary IP addresses to customers, and these ISPs will not be able to identify specific customers unless the subpoenas specify precise times or periods of use. If an ISP assigns temporary addresses, responses to these subpoenas may become difficult and burdensome.
A Costly Undertaking
Whereas rural telecom companies can sympathize with copyright holders that have invested substantial sums in their products and want to be paid for their use, the RIAA/MPAA litigation will increase the costs and risks of their ISP affiliates for the next few years.
However, regardless of the justice of their cause, many in the recording and motion picture industries believe that the ease of digital reproduction and the borderless nature of cyberspace make the current U.S. copyright system unenforceable and unsustainable in the long run. Whether the ultimate solution is legal or technical (e.g., a combination of increased software controls and micro-payments), the current P2P litigation is likely to run its course in the next three to six years.
Gerard J. Duffy is a partner in the Washington, D.C., law firm of Blooston, Mordkofksy, Dickens, Duffy & Prendergast [www.bloostonlaw.com]. He can be reached at email@example.com.
|Printer friendly Cite/link Email Feedback|
|Author:||Duffy, Gerard J.|
|Date:||Mar 1, 2004|
|Previous Article:||Seeking safe harbor: ISPs and the copyright law.|
|Next Article:||Protecting the homeland: the role of rural telcos.|