Appeals Court Makes A Mess Of Copyright Law Concerning ISPs And Safe Harbors
from the this-makes-no-sense dept
We’ve been following the BMG v. Cox lawsuit from the very beginning, through all its very odd twists and turns, including having a judge in the district court, Liam O’Grady, who made it quite clear that he didn’t much care about the internet, and didn’t see why it was a problem if people lost their internet access completely based on merely a few allegations of copyright infringement. The 4th Circuit appeals court has now overturned the lower court ruling and sent the case back to the district court for a do-over. While the initial decision was awful (as we discuss below), this new ruling makes a huge mess out of copyright law and will have serious, dangerous, and long-lasting consequences for the internet as a whole.
If you don’t recall, the case involved BMG suing Cox Communications, though much of the case really hinged on the actions of another company, Rightscorp, who has been trying (and mostly failing) to build a business model around a form of mild copyright trolling. Rather than the aggressive “sue ’em and settle,” strategy employed by others, Rightscorp would send DMCA takedowns to ISPs, with a settlement offer, and hope that the ISPs would pass those notices on to subscribers accused of infringing.
Cox Communications — a decently large broadband provider — made it quite clear to Rightscorp that it did not intend to be a part of its business model, and refused to pass on the settlement letters. Rightscorp started flooding Cox with notices… to the point that Cox decided to effectively just trash all inbound messages from Rightscorp as spam. After all this happened, Rightscorp signed BMG as a client, and then sued Cox, claiming the ISP had violated the DMCA by not kicking users off. What came out during the trial was that Cox basically had a “thirteen strike” policy (some of the earlier strikes involved stopping internet access until you read something and clicked something — or requiring the user to call in to Cox).
What is rarely noted, of course, is that Cox was basically one of the only ISPs to actually have any termination policy for people who used their connections for copyright infringement. Most ISPs (and most copyright lawyers not working for legacy industry interests) believed that the DMCA’s requirement for a “repeat infringer policy” was not directed at access providers, but at content hosts, where the issues are much clearer. However, BMG claimed here that Cox violated the DMCA’s requirement for a repeat infringer policy — and the court agreed. Cox was, partly, undone by some pretty bad behavior behind the scenes, that seemed to tar it as a “bad actor” and obscure the underlying copyright issues. Even more ridiculous was that Judge O’Grady later argued that Cox should pay the other side’s legal fees, because even bringing up the idea that it was protected by safe harbors was “objectively unreasonable.” That, itself, was crazy, since tons of copyright experts actually think Cox was correct.
On appeal there were two key issues raised by Cox. The main issue was to argue that O’Grady was incorrect and that the DMCA safe harbors covered Cox. The second pertained to the specific jury instructions given to the jurors in the case. The new ruling unfortunately upholds the ruling that Cox is not covered by the DMCA’s safe harbors, but does say that the instructions given to the jury were incorrect. Of course, it then proceeds to make a huge muddle of what copyright law says in the process. But we’ll get to that.
The Impact on Safe Harbors
Let’s start with the safe harbors part of the ruling, which is what most people are focusing on. As the court notes, Cox (correctly, in my view), pointed out that even if it was subject to a repeat infringer policy, that should cover actual infringers, not just those accused of infringing. After all, it’s not like there aren’t tons upon tons of examples of false copyright infringement accusations making the rounds, and that’s doubly true when it comes to trolling operations. If the rule is that people can lose all access to the internet based solely on unproven accusations of infringement, that seems like a huge problem. But, here, the court says that it’s the correct way to read the statute:
Cox contends that because the repeat infringer provision uses the term ?infringer? without modifiers such as ?alleged? or ?claimed? that appear elsewhere in the DMCA, ?infringer? must mean ?adjudicated infringer.? But the DMCA?s use of phrases like ?alleged infringer? in other portions of the statute indicates only that the term ?infringer? alone must mean something different than ?alleged infringer,? otherwise, the word ?alleged? would be superfluous. Using the ordinary meaning of ?infringer,? however, fully accords with this principle: someone who actually infringes a copyright differs from someone who has merely allegedly infringed a copyright, because an allegation could be false. The need to differentiate the terms ?infringer? and ?alleged infringer? thus does not mandate Cox?s proposed definition.
Moreover, other provisions of the Copyright Act use the term ?infringer? (and similar terms) to refer to all who engage in infringing activity, not just the narrow subset of those who have been so adjudicated by a court. For example, § 501(a), which creates a civil cause of action for copyright owners, states that ?[a]nyone who violates any of the exclusive rights of the copyright owner? provided for in the statute ?is an infringer of the copyright or right of the author.? 17 U.S.C. § 501(a) (emphasis added).
Similarly, the DMCA itself provides that ISPs who store copyrighted material are generally not liable for removing ?material or activity claimed to be infringing or based on facts or circumstances from which infringing activity is apparent, regardless of whether the material or activity is ultimately determined to be infringing.? Id. § 512(g)(1) (emphases added). This provision expressly distinguishes among three categories of activity: activity merely ?claimed to be infringing,? actual ?infringing activity? (as is apparent from ?facts or circumstances?), and activity ?ultimately determined to be infringing.? The distinction between ?infringing activity? and activity ?ultimately determined to be infringing? in ? 512(g) shelters ISPs from being liable for taking down material that is ?infringing,? even if no court ?ultimately determine[s]? that it is infringing ? because, for example, the copyright holder simply does not file a lawsuit against the person who uploaded the infringing material. As this provision illustrates, Congress knew how to expressly refer to adjudicated infringement, but did not do so in the repeat infringer provision.
Again, the obvious implications of this are… insane. It means that you can potentially get people completely kicked off the internet with a series of knowingly false accusations of copyright infringement. How could anyone justify that as a reasonable policy?
The court insists that the legislative history supports this… but the only way it does is if you torture the legislative history and ignore what it says. Here’s what the court says:
The legislative history of the repeat infringer provision supports this conclusion. Both the House Commerce and Senate Judiciary Committee Reports explained that ?those who repeatedly or flagrantly abuse their access to the Internet through disrespect for the intellectual property rights of others should know that there is a realistic threat of losing that access.? H.R. Rep. No. 105-551, pt. 2, at 61 (1998); S. Rep. No. 105-190, at 52 (1998). This passage makes clear that if persons ?abuse their access to the Internet through disrespect for the intellectual property rights of others??that is, if they infringe copyrights ? they should face a ?realistic threat of losing? their Internet access.
But, again, based on the ruling here, this still applies even if the accusations are totally false and no infringement occurred. The court seems to ignore the word “abuse” in this statement and doesn’t even bother to consider that there may be abuse on the other side — in the form of copyright trolling against non-infringers (or simply trying to harm or silence the speech of a non-infringer).
Next up, the court has to determine whether or not Cox’s repeat infringer policy was “reasonable.” This, itself, is a minefield. The law provides no guidance beyond that to qualify for the safe harbor the provider has to have “adopted and reasonably implemented… a policy that provides for the termination in appropriate circumstances of subscribers… who are repeat infringers.” That seems to leave an awful lot of discretion to the provider — which the court admits… before determining that it doesn’t think Cox’s policy was reasonably implemented. And this is where a few bad actions by Cox employees comes back to haunt the company:
Here, Cox formally adopted a repeat infringer ?policy,? but, both before and after September 2012, made every effort to avoid reasonably implementing that policy. Indeed, in carrying out its thirteen-strike process, Cox very clearly determined not to terminate subscribers who in fact repeatedly violated the policy.
The words of Cox?s own employees confirm this conclusion. In a 2009 email, Jason Zabek, the executive managing the Abuse Group, a team tasked with addressing subscribers? violations of Cox?s policies, explained to his team that ?if a customer is terminated for DMCA, you are able to reactivate them,? and that ?[a]fter you reactivate them the DMCA ?counter? restarts.? The email continued, ?This is to be an unwritten semi-policy.? Zabek also advised a customer service representative asking whether she could reactivate a terminated subscriber that ?[i]f it is for DMCA you can go ahead and reactivate.? Zabek explained to another representative: ?Once the customer has been terminated for DMCA, we have fulfilled the obligation of the DMCA safe harbor and can start over.? He elaborated that this would allow Cox to ?collect a few extra weeks of payments for their account. ;-).? Another email summarized Cox?s practice more succinctly: ?DMCA = reactivate.? As a result of this practice, from the beginning of the litigated time period until September 2012, Cox never terminated a subscriber for infringement without reactivating them.
One would hope that this part of the ruling would at least, somewhat, protect other ISPs that don’t send stupid emails like that. But, you never know.
The Messed Up Jury Instructions
To fully follow the issues here, we have to take a quick tour to key copyright cases of years past. In the Betamax Case, Hollywood sued the makers of VCR devices (okay, okay, Betamax devices) for selling a product that its customers used to infringe. In 1984, the Supreme Court said that was crazy, and since the VCR had “substanitial non-infringing uses,” it was legal to sell it, even if it was used to infringe. Almost 20 years later, the Supreme Court chopped away at this standard a bit in the unfortunate (and still wrong) Grokster case, that said even if the tool had substantial non-infringing uses, if the company “induced” infringement, then it could still be liable. But there had to be fairly strong evidence of actual inducement by the company — in Grokster, the company more or less encouraged people to infringe.
Cox asked the court to use the Betamax standard in the jury instructions, saying that it’s not contributory copyright infringement if there are substantial non-infringing uses — but the lower court rejected that, and this court does too, pointing to Grokster (but not actually groking what the Grokster court said). But a second complaint about the jury instructions does win the support of the appeals court. Cox, rightly, argued that the jury instruction telling jurors that the standard for contributory infringement was if the company “knew or should have known of such infringing activity.” The big problem here is the “should have known” part. That is not the law. It’s not in the law. It’s not supported by court decisions and has been rejected by numerous court decisions. And, here, the court finally gives Cox a break and says that those jury instructions went too far. “Should have known” is a negligence standard — it suggests even if you didn’t know, you were negligent in not knowing, and therefor still liable. But copyright law demands actual knowledge. And thus, the original ruling is thrown out and sent back to the court.
But… even with the jury verdict being tossed, this discussion is… weird. And troubling. Remember, the Grokster standard is about “inducement” which involved a level of intent on the part of the service provider. That’s about taking specific actions to encourage the use for infringement. But, the court here keeps slipping into a separate question of “knowledge.” The knowledge question and the inducement/intent question are two separate questions. But it’s not clear that the court even realizes that. It keeps going back and forth between questions about inducement and questions about actual knowledge, to the point that it almost appears the court thinks these are the same things. But knowledge alone is not enough to prove a party induced others to infringe on a copyright.
See the following discussion:
First, Grokster?s recitation of the standard?that ?[o]ne infringes contributorily by intentionally inducing or encouraging direct infringement? ? is on its face difficult to reconcile with a negligence standard. See 545 U.S. at 930 (emphasis added). In addition, it would have been unnecessary for the Court to discuss in detail the situations in which intent may be presumed, and those situations, like Sony, in which it may not, if liability did not require intent at all, but merely required negligence….
Looking to patent law, as the Supreme Court did in Sony and Grokster, further counsels against a negligence standard. The Supreme Court has long held that contributory patent infringement requires knowledge of direct infringement. Aro Mfg. Co. v. Convertible Top Replacement Co., 377 U.S. 476, 488 (1964). And in 2011, the Court held that willful blindness satisfies this knowledge requirement, but recklessness (?one who merely knows of a substantial and unjustified risk of . . . wrongdoing?) and negligence (?one who should have known of a similar risk but, in fact, did not?) do not. Global-Tech, 563 U.S. at 769?71. The Court reaffirmed this holding in 2015, stating that contributory patent infringement ?requires proof the defendant knew the acts were infringing,? and that Global-Tech ?was clear in rejecting any lesser mental state as the standard.? Commil USA, LLC v. Cisco Sys., Inc., 135 S. Ct. 1920, 1928 (2015). The Court expressly rejected the possibility ?that a person, or entity, could be liable even though he did not know the acts were infringing.? Id. Thus, in the patent context, it is clear that contributory infringement cannot be based on a finding that a defendant ?should have known? of infringement.
In both Grokster and Sony, the Supreme Court adopted now-codified patent law doctrines? the staple article doctrine and the inducement rule. The Court did so because of ?the historic kinship between patent law and copyright law,? Sony, 464 U.S. at 439?42, and the similar need in both contexts to impose liability on ?culpable expression and conduct? without ?discouraging the development of technologies with lawful and unlawful potential,? Grokster, 545 U.S. at 936?37. We are persuaded that the Global-Tech rule developed in the patent law context, which held that contributory liability can be based on willful blindness but not on recklessness or negligence, is a sensible one in the copyright context. It appropriately targets culpable conduct without unduly burdening technological development.
Note that the first paragraph is about inducement, which has specific characteristics, and the latter two are about “knowledge.” But knowledge isn’t what proves the intent for inducement. So… even as it’s right to kick this back to the lower court, it feels like the 4th Circuit got twisted up by its own reasoning.
Then there’s the issue of what the court means when it talks about “specific instances of knowledge.” See this paragraph:
Selling a product with both lawful and unlawful uses suggests an intent to cause infringement only if the seller knows of specific instances of infringement, but not if the seller only generally knows of infringement. See Ludvarts, 710 F.3d at 1072 (holding that contributory copyright infringement ?requires more than a generalized knowledge . . . of the possibility of infringement?; it requires ?specific knowledge of infringement?). A seller who only generally knows of infringement is aware that ?some of [his] products will be misused? ? but critically, not which products will be misused.
This same issue came up in the Viacom v. YouTube case, in which it was found that YouTube wasn’t infringing just because it had “general knowledge” that it was hosting some infringing content. It could only be liable if it had actual knowledge of infringing content and then failed to take it down. But… how the hell do you apply that standard here? You can see how it would apply to YouTube, where YouTube can go and see the file still hosted on its servers after being notified that it’s infringing and then check to see that it is, indeed, the same material as the copyright holder claims. For an ISP, however, where the data is in motion, as opposed to at rest, all you have to go on are these often erroneous notifications from Rightscorp claiming infringement. But by the time an ISP like Cox would look at it… the transmission would be complete. So how can Cox have “actual knowledge” of infringement — absent a court ruling that the activity was infringing (bringing us all the way back around to the first point made above)?
Either way, this case is hardly over yet, as there’s still another trial to now go through. But, as it stands, it’s making a big mess out of copyright law. And that’s not good.