Congress enacted the Digital Millennium Copyright Act ("DMCA") nearly two decades ago seeking to balance the needs of two factions: Content creators, who were struggling to protect their intellectual property in the digital age, and fledgling Internet companies, who feared being held liable for the misdeeds of their customers.
For the Internet companies, Congress offered relief by creating a number of "safe harbors" shielding such companies from copyright-related damages arising from their customers' infringing activities.
In particular, the DMCA established four distinct safe harbors for online service providers, each safe harbor aimed at a different type of online activity (i.e., transitory digital network communications; system caching; online hosting; and provision of information location tools) and each with its own set of eligibility requirements.
To qualify for any of these DMCA safe harbors, however, the DMCA requires that service providers "reasonably implement" a policy that provides for the termination of "repeat infringers" in "appropriate circumstances."
Despite the threshold importance of repeat infringer policies, the DMCA left many questions unanswered. Who exactly counts as an "infringer"? Does it include every user accused of infringement or only those found culpable in court? If it's somewhere in between, what level of proof is required before a service provider is required to take action? Can the repeat infringer policy differentiate between those who upload infringing content for others to copy and share and those who only download such content for their own personal viewing? And how many acts of infringement does it take to become a "repeat infringer" anyway?
When the Second Circuit Court of Appeals recently denied rehearing en banc and issued a modified opinion in EMI v. MP3tunes, it added its voice in the limited—but growing—number of cases addressing these questions. The MP3tunes case involves two websites founded in 2005 by Internet entrepreneur Michael Robertson. (Mr. Robertson is also the founder and CEO of MP3.com, which, only a few years earlier, had been held liable for widespread copyright infringement.)
The first of Mr. Robertson's two websites at issue, mp3tunes.com, was an early cloud storage "locker" for digital music. The second website, sideload.com, allowed users to search the Internet for "free" music files and then copy (i.e. sideload) those files directly to their online locker. Many of these files allegedly contained pirated music and, in 2007, EMI sued MP3tunes and Mr. Robertson for copyright infringement.
In a 2011 summary judgment decision, Judge Pauley, a federal judge in Manhattan, held that, as a matter of law, MP3tunes had reasonably implemented a repeat infringer policy under the DMCA; in support of his decision, Judge Pauley noted that the company had instituted a policy for responding to DMCA takedown requests and had actually "terminated the accounts of 153 users who allowed others to access their lockers and copy music files without authorization." The court's analysis, however, used a narrow definition of "repeat infringers," including only those who upload infringing content to the Internet with knowledge that the content is infringing. The court explained:
MP3tunes' users do not upload content to the internet, but copy songs from third-party sites for their personal entertainment. There is a difference between (1) users who know they lack authorization and nevertheless upload content to the internet for the world to experience or copy, and (2) users who download content for their personal use and are otherwise oblivious to the copyrights of others.
Despite the court's validation of the MP3tunes repeat infringer policy, the jury ultimately found the company willfully blind to infringing activity by its customers and thus ineligible for DMCA safe harbor protection.
On appeal, a panel of judges on the Second Circuit found that the district court had erred, both regarding the definition of "repeat infringer" and on whether MP3tunes' repeat infringer policy was reasonable as a matter of law.
Reevaluating the meaning of "repeat infringer," the Second Circuit noted that infringement is a strict liability offense with no requirement to prove unlawful intent. Moreover, both uploading and downloading can constitute infringement. Because the DMCA does not define "repeat infringer," the court adopted this ordinary meaning and held that "all it [takes] to be a 'repeat infringer' [is] to repeatedly [upload or download] copyrighted material for personal use."
Next, the Second Circuit found that MP3tunes' repeat infringer policy was not, in fact, reasonable as a matter of law because, while the site did respond to takedown notices from copyright owners and terminated the accounts of some users, "MP3tunes did not even try to connect known infringing activity of which it became aware through takedown notices to users who repeatedly sideloaded files and created links to that infringing content in the sideload.com index."
Requiring this sort of search would seemingly run up against a separate DMCA provision that prohibits the conditioning of safe harbor protection on "a service provider monitoring its service or affirmatively seeking facts indicating infringing activity." The Second Circuit, however, found that such a search would not constitute "monitoring" or "affirmatively seeking facts" under the DMCA because "MP3tunes would simply have had to make use of information already within its possession"—the takedown notices provided by EMI—"and connect that information to known users."
In the wake of the decision, several high-powered amici, including Dropbox, Facebook, Google, Pinterest and Twitter, took issue with the Second Circuit's approach to repeat infringer policies and joined in supporting MP3tunes' petition for rehearing before the full Second Circuit. Specifically, these leading Internet companies were concerned that requiring service providers to "tally strikes and terminate users merely for having accessed, viewed, or otherwise engaged with content that later might be the subject of a takedown notice" would destabilize the DMCA safe harbor regime and unfairly penalize users. The Second Circuit was unmoved and denied rehearing by the full court. MP3tunes has since indicated that it will seek Supreme Court review of Robertson's personal jurisdiction issues, but the Second Circuit has had the final say on the copyright question.
Also on the horizon is a similar dispute that may provide further guidance in this area. Later this year, the Fourth Circuit Court of Appeals is slated to review a lower court decision in BMG v. Cox, which turns on whether "repeat infringers" includes all users accused of infringement or only cases of infringement adjudicated in courts. The district court squarely rejected Cox's "adjudicated infringer" position late last year, and MP3tunes does little to signal sympathy for that reading, but, in an area with little case law, the issue is far from settled.
In the meanwhile, for companies that host or are otherwise involved with user-generated content, they will want to revisit their current repeat infringer policies and determine whether such policies need to be updated in light of the emerging DMCA safe harbor case law addressing such policies.
Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.
© Morrison & Foerster LLP. All rights reserved