In less than 20 years, law governing safe harbors for digital intermediaries is outdated.
It has been 18 years since the Digital Millennium Copyright Act (DMCA), 17 U.S.C. §1201 et seq., was signed into law. It became effective in October 2000, and it has been incorporated into the Copyright Act. It was created to balance the security and rights of copyright holders with the growing influence of digital communications. But today it is facing serious criticism about its usefulness from every key stakeholder — creators, distributors and consumers alike.
Congress has taken steps to mitigate these complaints, such as limiting the liability of an Internet service provider (ISP) or online service provider (OSP), both critical platforms in content distribution, in user-instigated copyright violations. This official policy is known as the Online Copyright Infringement Liability Limitation Act (OCILLA) (Title II of the DMCA), and it introduced an interesting innovation into the world of copyright protection — safe harbor provisions.
Safe harbor provisions have been so influential that other countries adopted them into their copyright protection laws. For instance, the European Union adopted the safe harbor exemption model in its Electronic Commerce Directive 2000 law, while other nations, including Japan and New Zealand, followed a self-regulatory authority model formed by intermediaries and rights holders with government involvement.
Is the DMCA Dead?
OCILLA, however, is imperfect. The law encourages ISPs to err on the side of removing content from a website to preserve safe harbor protections, regardless of whether the content actually infringes copyright. Additionally, fighting DMCA notices places the burden of proof — as well as the burden of legal consequences — on the allegedly infringing party. This has a chilling effect on content creation and destabilizes a carefully calibrated balance between copyright holders, content creators and distributors.
Via the DMCA, legacy copyright holders, especially larger ones, can effectively silence new content creators and suppress new distribution mediums. It does not encourage customer engagement or encourage a better customer experience. The law now oscillates between fighting either for copyright holders or safe harbor provisions. It can have a detrimental effect on fair use, competition and copyright law for digital content creators and consumers everywhere.
A review of just a few landmark cases illustrates how complex the landscape has become:
- In 2010, Universal Music Group (UMG) sued Grooveshark, a “YouTube for audio” service, for the service’s use of pre-1972 sound recordings that UMG owned. A year later UMG brought an additional suit, citing Grooveshark’s internal documents that it had uploaded illegal copies of UMG-owned recordings. In 2012, a New York court ruled that pre-1972 sound recordings are covered by the safe harbor provision of the DMCA. In 2013, a New York appeals court ruled against Grooveshark, finding that pre-1972 sound recordings are not covered under the safe harbor provision, and the following year the case was decided in favor of UMG.
- In 2011, all five of the major movie studios collaborated to file a lawsuit against the file locker service Hotfile. Hotfile argued that it was a host protected under DMCA’s safe harbor provisions. The studios argued that Hotfile lost its protection when it both failed to meet standards outlined in the DMCA and, through an affiliate program, paid the most prominent copyright infringers. The court ruled that Hotfile had lost its safe harbor protection because of its inadequate repeat infringer policy — a policy that terminated only 43 infringing accounts after more than 10 million DMCA notices.
- In 2013, Capitol Records, among other record labels, sued video sharing site Vimeo, alleging that the video streaming service streamed songs owned by the labels. Vimeo claimed DMCA safe harbor protection, arguing that it was not liable for any infringement. The court found that Vimeo reasonably implemented its policy, saying that its “three strikes” policy and its policy of tracking users by email address were sufficient.
- In 2015, a Virginia court ordered a large multiple-system operator (MSO) to pay $25 million for failing to disconnect subscribers who repeatedly used their connections to pirate content. The court determined that the company did not “reasonably implement” a policy to terminate repeat infringers.
To summarize: ISPs and OSPs are forced to carry the commercial burden of enforcing copyright holders’ rights; copyright holders believe the DMCA cannot, and does not, protect their ownership rights; and consumers feel the DMCA is arbitrarily enforced, constrictive and invasive of their privacy.
Major Flaws Plague the Law
The U.S. Copyright Office launched a public consultation earlier this year to evaluate the effectiveness of the DMCA’s safe harbor provisions. Several issues are under consideration. One is volume. According to the Google Transparency Report, rights holders send over 80 million URL removal requests every month. The volume has grown rapidly — just under half that number of notices were sent within the past year.
Removal requests are troublesome as well. For ISPs, removal requests are complicated and time-consuming. ISPs must dedicate resources to evaluate the substance of claims, checking for the accuracy, possible fair-use defenses, possible public domain scenarios or other judgments about the limits of protected speech and expression.
Another issue is the difficulty in locating infringing content. Rights holders do not have to identify each specific URL, or other identifier, where a violated work is found. Instead, they may specify only titles, artists, search result pages or similarly vague identifiers. Because of these imprecise requests, ISPs struggle, or find it impossible, to locate allegedly infringing material on their site or to know whether every instance of a title, artist or other identifier on an identified page is truly infringing.
Another issue revolves around companies attempting to “game the system” — to negatively affect competing businesses by submitting errant DMCA notices. In fact, Google found more than half the takedown notices it evaluated were sent by businesses targeting competitors.
Finally, ISPs are struggling to enforce repeat infringer policies filed by copyright owners. Increasingly, the copyright owners who have identified repeat offenders elect not to wage legal battles. Instead, they demand that ISPs function as their rights enforcers by terminating connections. This is both time- and resource-intensive for ISPs. Federal Communications Commission chairman Tom Wheeler recently referred to the broadband-enabled Internet as the “most powerful and pervasive communications platform in the history of the planet.” With such an important communication medium, terminating an end-user’s connection must be reconciled with federal policy, and reserved only for the narrowest and rarest circumstances.
The end result is a legal structure in which consumers, in an effort to consume content in the way they wish on devices they own, are encouraged to break the law. Technologies, laws and notices are then created to prevent the illegal use of copyrighted content. This, in turn, encourages consumers to adopt even newer technologies to circumvent copyright restrictions. Thus, an arms race is born. ISPs and OSPs are caught in the middle, upsetting both consumers and copyright holders for either perceived inaction or perceived invasion of privacy.
Sensible Solutions for Transparency
These complex and overlapping issues require equally elegant, layered consumer-friendly solutions. These solutions must place consumers at the center of the regulatory environment and provide a flexible framework that’s scalable and adaptable to new technologies. Above all, these policies need to encourage content producers to engage with consumers in a consumer-friendly manner.
After all, consumers are fans of content. They share, promote, create and appreciate work regardless of restrictions. That will not change, especially as technology makes content engagement faster and easier for them.
But the DCMA can be improved upon in several ways. Greater understanding via transparency reports, much like the way Google publishes its own transparency report, would be a good start. If all ISPs and hosts began publishing their own reports, it would create a wealth of knowledge that would identify willful infringers while reducing the burden on hosts, ISPs, subscribers and rights owners.
Additionally, the DMCA needs a filtering mechanism for false, incomplete or misapplied takedown requests. This is an important issue, since today’s takedown requests are highly automated. In the current system, a DMCA takedown notice is treated as an affidavit, and if the host or ISP to whom the takedown notice is served pursues the notice in court, any false, incorrect or malicious DMCA takedown notice is treated as perjury, and the issuer has to face the consequences. However, current law only punishes false DMCA notices, not incomplete or overbroad takedown alerts. Today, rights owners use high-end DMCA BOTS or software BOTs to send large numbers of broad, vague and incomplete notices based on keyword searches. If such incomplete or broad DMCA notifications were brought under a similar ambit of law, it would improve scrutiny and decrease the burden on legitimate users and hosts, increasing both efficiency and effectiveness.
Standardizing would also improve the DMCA’s effectiveness. Under current law, DMCA notices can be sent in a variety of formats, including email, form, fax and snail mail. There is no prescribed format. This means that the ISPs and hosts must invest significant resources and money in processing DMCA notices, though notices may not be sufficient upon which to act. Streamlining this process with standard modes and templates would reduce the administrative and processing overheads on the ISPs and hosting companies, directly resulting in better performance.
Despite these issues, the DMCA can encourage content creators to adopt consumer-friendly solutions. One may be voluntary collective licensing — a concept championed by the Electronic Frontier Foundation. The concept is simple: Creators form a “collecting society,” which then offers file-sharing fans the opportunity to legally share music in exchange for a reasonable, regular payment. So long as they pay, fans are free to share and consume the content they love in a manner of their choosing without fear of lawsuits. The money collected gets divided among rights-holders based on the content’s popularity.
A modernized DCMA could address all of these issues. It would simultaneously reduce the unfair burden on ISPs while strengthening a copyright holder’s ability to protect its work and encourage engagement. Stopping digital pirates and their practices would become less burdensome. In every instance, the consumer (or “citizen,” in policyspeak) must be at the center of regulation. A regulatory environment that enables a level playing field for companies to compete for attention would drive innovation and success for companies, along with incredible content for users.
Viroopax Mirji is an associate vice president and senior industry principal at Infosys for the cable, wireless and media domain. He is the head of Domain Consulting in Americas, with 25 years in IT and service operations. Currently he is leading the work around intelligent media processes at Infosys’ largest PayTV firms and telecoms. Sunil Gregory is a client partner managing Infosys’ relationship with select clients and niche independent software vendors in the communications, media and entertainment space. He has more than 13 years of software industry and telecom experience. He is a Ph.D. student at National Academy of Legal Studies and Research (NALSAR) University of Law, and his area of research is digital copyrights. This article also appeared in Corporate Counsel, an ALM sibling of this newsletter.
The views expressed in the article are those of the authors and not necessarily the views of their clients or other attorneys in their firm.