Secondary Liability under the DMCA: Has the DMCA Shrunk Contributory Infringement and Vicarious Liability?

The common law doctrines of contributory infringement and vicarious liability are a staple of copyright infringement law. But the Digital Millennium Copyright Act (“DMCA”) has significantly reshaped these doctrines.

Naomi Jane Gray, Esq., in her remarks to the Copyright Subcommittee of the Intellectual Property Litigation Committee of the ABA on September 28, 2010,  clearly charted the changes the DMCA has made to secondary liability. Naomi’s fine outline of her talk (the “Outline”) is here. I set forth below some of the noteworthy changes to secondary liability drawn from the Outline.

Does Red-Flag Knowledge Still Exist under the DMCA?

The doctrine of contributory infringement requires three elements: direct infringement by a third party; knowledge or reason to know of a third party’s direct infringement; and substantial participation by the defendant in the infringing activities. The DMCA seemingly incorporates the knowledge element when it creates what the statute refers to as a safe harbor that, when applicable, shields online service providers from monetary liability for copyright infringement.

The DMCA, at 17 U.S.C. § 512(c), closes the safe harbor to a internet service provider (“ISP”) who does not act quickly to remove the infringing material: (i) if the ISP has “actual knowledge that the material or an activity using the material on the system is infringing;” or, absent actual knowledge, (ii) if the ISP “is aware of facts or circumstances from which infringing activity is apparent” (referred to as “red-flag” knowledge).

But as the Outline indicates, cases under the DMCA have nearly extinguished red-flag knowledge. UMG v. Veoh held that generalized knowledge of infringement, without more, is not enough for red-flag knowledge. The Ninth Circuit in Perfect 10 v. CCBill went further and held that defendant lacked red-flag knowledge even though its clients’ websites had alluring, come hither names such as “illegal.net” or “stolencelebritypictures.net.” Then Viacom v. YouTube simply read red-flag knowledge out of the DMCA, stating that the ISP needed to have the same knowledge of specific infringing activity on its site for both red-flag and actual knowledge. See my earlier DMCA post here criticizing the decision in Viacom.

Only Columbia Pictures v. Fung found red-flag knowledge where: (a) Fung, an operator of a “torrent” file-sharing site, himself downloaded copyrighted material to one of his sites; and (b) defendants designed websites to include known copyrighted works and must have had at least red-flag knowledge of the existence of copyright material on the sites because that material was so prevalent. But Viacom drew no guidance from Columbia Pictures, dismissing Fung as “an admitted copyright thief.”

Accordingly, what evidence must a copyright holder now show to establish red-flag knowledge under the DMCA?  As Naomi cogently observes in the Outline, we seem to be back to the “I know it when I see it” standard created by Justice Stewart in Jacobellis v. Ohio, 378 U.S. 184, 197 (1964), when the Supreme Court was struggling to define obscenity.

 

What Level of Control Must the ISP Exercise Over its Site to Be Exposed to Liability Under the DMCA?

The element of control over infringing material is found both in vicarious liability and under the DMCA. But their meaning is not the same. Under the common law a defendant is vicarious liable if it has the right and ability to control infringing activity and directly financially benefits from the infringing transaction.

As the Outline indicates, Fonovision v. Cherry Auction gives a common sense definition of control for vicarious liability purposes. There, the operator of a swap meat (or flea market) was held liable for vicarious infringement because its vendors were selling infringing goods. Fonovision found that operator had sufficient control over the vendors because the operator retained the right to terminate them for any reason and controlled access of customers to the swap meet area.

The DMCA incorporates a control element. It provides, at 17 U.S.C. § 512(c)(1)(B), that the ISP loses safe harbor protection if it “has the right and ability to control” infringing activity and receives a financial benefit from it. But as Naomi points out in the Outline, this disqualifying level of control will not be found simply because an ISP  reserves the right, as did the plaintiff in Fonavision, to terminate infringers.

Instead Veoh stated that what constitutes “control” for purposes of the DMCA “requires its own statutory analysis.” Veoh noted that § 512(c)(1)(A)(iii) qualifies an ISP for safe harbor status if the ISP has reserved the right to remove or disable infringing material on its site. Further, the ISP, must, pursuant to § 512(i)(1)(A), have “adopted and reasonably implemented … a policy that provides for the termination in appropriate circumstances of [users] of the service provider’s system or network who are repeat infringers.”

Veoh concluded that Congress could not have intended that an ISP would lose its safe harbor status because it engages in acts to control infringement and terminate infringers that the DMCA requires an ISP to take to qualify for that status. Such a result would “create a confusing, self-contradictory catch-22 situation.”

Accordingly, what level of control, greater than the threshold level required to qualify for safe harbor immunity, must an ISP take to lose its DMCA protection? There is little guidance. Perfect 10 v. Cybernet Ventures holds there must be “something more” than the mere exercise of the ability to block access to the site. Cybernet found that something more because the ISP “pre-screened sites before it allowed them to even use its age verification services, gave sites extensive advice, prohibited the proliferation of identical sites, and exercised control in a variety of other ways.”

But this “something more” standard is not any more helpful than the “I know it when I see it” test for red-flag knowledge.

What Financial Benefit Must an ISP Receive from Infringing Activity to Lose Safe Harbor Status under the DMCA?

Here again the DMCA has not codified the financial benefit element required for vicarious liability. Fonovision established a “draw” standard for vicarious liability. Under that standard, courts find a financial benefit where the presence of infringing material at defendant’s venue enhances its attractiveness and acts as a “draw” for customers. But In describing the DMCA’s financial-benefit provision, neither the Senate nor the House Report refers to the common-law standard; instead, they indicate that courts “should take a common sense, fact-based approach, not a formalistic one.”

Further, as the Outline points out, Fonavision allowed a vicarious liability claim to proceed against the swap meet operator even though its infringing vendors and customers paid the same fees as the non-infringers. But the House and Senate reports state the such an even-handed payment scheme is insufficient to show a financial benefit:

In general, a service provider conducting a legitimate business would not be considered to receive a ‘‘financial benefit directly attributable to the infringing activity’’ where the infringer makes the same kind of payment as non-infringing users of the provider’s service. (emphasis added)

Again, the cases under the DMCA give little guidance regarding what evidence a copyright owner must show to satisfy the financial benefit standard.

 

Two Circuits Are about to Weigh In on the Scope of the DMCA

Hopefully Veoh and Viacom, on appeal to the 9th and 2d Circuits, respectively, will add some welcome clarity to these issues. Stay tuned.

Thanks again Naomi for a great presentation. Her fine blog, Shades of Gray, with some posts on Viacom is at http://www.shadesofgraylaw.com.