An Overview of the DMCA “Safe Harbors”
17 U.S.C. § 5121
March 2017
I.
What are the OSP safe harbors?
A.
The “safe harbors” are limitations on liability, not copyright exceptions.
1.
“The [safe harbor] limitations … protect qualifying service providers from
liability for ​all monetary relief​ for direct, vicarious and contributory
infringement. Monetary relief is defined in subsection [(k)(2)] as
encompassing damages, costs, attorneys’ fees, and any other form of
monetary payment. These subsections ​also limit injunctive relief​ against
qualifying service providers to the extent specified in subsection [(j)].”
(Senate Report, p.402).
2.
The safe harbors cover four functions (discussed in greater detail below):
conduit (512(a)), caching (512(b)), hosting (512(c)) and information
location tools (512(d)).
3.
Injunctive relief is limited to the following for conduct falling within the
512(a) “conduit”
​ safe harbor, ​see 17 U.S.C. § 512(j)(1)(B):
a.
“An order restraining the service provider from providing access to
a subscriber or account holder of the service provider's system or
network who is using the provider's service to engage in infringing
activity and is identified in the order, by terminating the accounts
of the subscriber or account holder that are specified in the order.”
b.
“An order restraining the service provider from providing access,
by taking reasonable steps specified in the order to block access, to
a specific, identified, online location outside the United States.”
4.
Injunctive relief is limited to the following for conduct falling within the
512(b), (c)
​ or (d) safe harbors, ​see 17 U.S.C. § 512(j)(1)(A):
a.
“An order restraining the service provider from providing access to
infringing material or activity residing at a particular online site on
the provider's system or network.”
b.
“An order restraining the service provider from providing access to
a subscriber or account holder of the service provider's system or
network who is engaging in infringing activity and is identified in
the order, by terminating the accounts of the subscriber or account
holder that are specified in the order.”
c.
“Such other injunctive relief as the court may consider necessary to
prevent or restrain infringement of copyrighted material specified
The complete statutory text can be found at the Copyright Office website:
<http://www.copyright.gov/title17/92chap5.html#512>.
2
The complete legislative history of the DMCA, including the Senate Judiciary Committee
Report, S. Rep. 105-190, can be found at <http://cyber.law.harvard.edu/openlaw/DVD/dmca/>.
1
1
B.
C.
​
​
​
in the order of the court at a particular online location, if such relief
is the least burdensome to the service provider among the forms of
relief comparably effective for that purpose.”
Falling outside the safe harbors does not make you liable for infringement.
1.
“The failure of a service provider's conduct to qualify for limitation of
liability under this section shall not bear adversely upon the consideration
of a defense by the service provider that the service provider's conduct is
not infringing under​ this title or any other defense.” 17 U.S.C. § 512(​l).
2.
“New section 512 does not define what is actionable copyright
infringement in the online environment, and does not create any new
exceptions to the exclusive rights under copyright law. … Even if a
service provider’s activities fall outside the limitations on liability
specified in the bill, the service provider is not necessarily an infringer;
liability in these circumstances would be adjudicated based on the
doctrines of direct, vicarious or contributory liability for infringement as
they are articulated in the Copyright Act and in the court decisions
interpreting and applying that statute, which are unchanged by section
512. In the event that a service provider does not qualify for the limitation
on liability, it still may claim all of the defenses available to it under
current law.” (Senate Report, p.55).
3.
So compliance with the requirements of the safe harbors ​is optional
for service providers, not mandatory​. The increased certainty provided
by the safe harbors, however, creates a strong incentive for service
providers to take advantage of them, if they are applicable.
The DMCA safe harbors only apply to copyright infringement (not
trademark or patent infringement, or other causes of action).
1.
Most service providers also enjoy broad immunity from most state law
causes of action, thanks to Section 230 of the Communications Decency
Act (“CDA 230”). ​See, e.g., Barrett v. Rosenthal, 146 P.3d 510, 51
Cal.Rptr.3d 55 (Cal. 2006); ​Nemet Chevrolet Ltd. v. Consumeraffairs.com,
Inc., 591 F.3d 250, 254 (4th Cir. 2009) (§ 230 “bar[s] state-law plaintiffs
from holding interactive computer service providers legally responsible
for information created and developed by third parties.”); ​Perfect 10, Inc.
v. CCBill LLC, 488 F.3d 1102, 1118 (9th Cir. 2007) (§ 230 establishes
“broad federal immunity to any cause of action that would make service
providers liable for information originating with a third-party user of the
service,” including non-federal “intellectual property” claims) (internal
citations and quotations omitted).
2.
There is an on-going disagreement among the courts on the question of
whether the DMCA safe harbors apply to state law copyright claims.
Compare UMG Recordings, Inc. v. Escape Media Group, Inc., 107 AD 3d
51, 964 N.Y.S.2d 106 (1st Dep’t 2013) ​with Capitol Records, LLC v.
Vimeo, LLC, 826 F. 3d 78, 83 (2d Cir. 2016) (holding the DMCA does
apply to state law copyright claims);​ Capitol v. MP3tunes, 821 F. Supp. 2d
627, 640-42 (S.D.N.Y. 2011). ​See also U.S. Copyright Office, Federal
2
II.
III.
Copyright Protection for Pre-1972 Sound Recordings (Dec. 2011),
available at http://www.copyright.gov/docs/sound/pre-72-report.pdf
(finding that Congress should extend federal copyright protection to
pre-1972 sound recordings currently protected by state copyright laws, in
part because this would bring them within the scope of the DMCA safe
harbors, and opining that ​Capitol v. MP3tunes was wrongly decided on
applicability of 512 to state law claims).
D.
The safe harbors only apply to “service providers” performing certain
“functions” (defined in § 512(a), (b), (c) and (d)).
1.
“To qualify for these protections service providers must meet the
conditions set forth in subsection [(i)], and service providers’ activities at
issue must involve a function described in subsection (a), (b), (c), (d) or
[(g)], respectively.” (Senate Report, p.41)
Who is a “service provider”: Two definitions.
A.
Narrow definition:
1.
“As used in [section 512](a), the term ‘service provider’ means an entity
offering the transmission, routing, or providing of connections for digital
online communications, between or among points specified by a user, of
material of the user's choosing, without modification to the content of the
material as sent or received.” 17 U.S.C. § 512(k)(1)(A).
2.
E.g., traditional ISPs, like Verizon or Comcast, providing simple
bandwidth.
B.
Broad definition:
1.
“As used in this section, other than [section 512](a), the term ‘service
provider’ means a provider of online services or network access, or the
operator of facilities therefor, and includes an entity described in
subparagraph [512(k)(1)](A).” 17 U.S.C. § 512(k)(1)(B).
2.
In the words of one court: “A plain reading of [17 U.S.C. § 512(k)] reveals
that ‘service provider’ is defined so broadly that we have trouble
imagining the existence of an online service that would not fall under the
definitions….” ​In re Aimster Copyright Litig., 252 F.Supp.2d 634, 658
(N.D. Ill. 2002), ​aff’d, 334 F.3d 643 (7th Cir. 2003).
What “functions” are covered?
A.
512(a): “conduit” or ISP safe harbor
1.
“A service provider shall not be liable for monetary relief, or, except as
provided in subsection (j), for injunctive or other equitable relief, for
infringement of copyright by reason of the provider's transmitting, routing,
or providing connections for, material through a system or network
controlled or operated by or for the service provider, or by reason of the
intermediate and transient storage of that material in the course of such
transmitting, routing, or providing connections, if (1) the transmission of
the material was initiated by or at the direction of a person other than the
service provider; (2) the transmission, routing, provision of connections,
or storage is carried out through an automatic technical process without
selection of the material by the service provider; (3) the service provider
3
B.
does not select the recipients of the material except as an automatic
response to the request of another person; (4) no copy of the material
made by the service provider in the course of such intermediate or
transient storage is maintained on the system or network in a manner
ordinarily accessible to anyone other than anticipated recipients, and no
such copy is maintained on the system or network in a manner ordinarily
accessible to such anticipated recipients for a longer period than is
reasonably necessary for the transmission, routing, or provision of
connections; and (5) the material is transmitted through the system or
network without modification of its content.” 17 U.S.C. § 512(a).
2.
“Subsections (a)(1) through (5) limit the range of activities that qualify
under this subsection to ones in which a service provider plays the role of
a ‘conduit’ for the communications of others.” (Senate Report, p. 41).
3.
This is the most expansive safe harbor for a service provider, as it has the
fewest prerequisites and disqualifiers, but is only available to those who
can meet the narrow definition of “service provider” and only
encompasses “conduit” activities that fall within the statutory language.
See, e.g., Columbia Pictures Industries, Inc. v. Fung, 710 F. 3d 1020,
1041-42 (9th Cir. 2013) (torrent trackers not eligible for 512(a) safe harbor
because they serve to collect users into a swarm and dictate which other
users a user will download from, rather than being a “mere conduit”);
Ellison v. Robertson, 357 F.3d 1072 (9th Cir. 2004) (holding that AOL’s
provision of Usenet newsgroups to subscribers falls within 512(a)).
512(b): caching
1.
“For subsection (b) to apply, the material must be made available on an
originating site, transmitted at the direction of another person through the
system or network operated by or for the service provider to a different
person, and stored through an automatic technical process so that users of
the system or network who subsequently request access to the material
from the originating site may obtain access to the material from the system
or network. Subsections (b)(1) through (b)(5) further refine the
circumstances under which subsection (b) applies….” (Senate Report, p.
42).
2.
“In terminology describing current technology, this storage is a form of
“caching,” which is used on some networks to increase network
performance and to reduce network congestion generally, as well as to
reduce congestion and delays to popular sites. This storage is intermediate
in the sense that the service provider serves as an intermediary between
the originating site and ultimate user. The material in question is stored on
the service provider’s system or network for some period of time to
facilitate access by users subsequent to the one who previously sought
access to it.” (Senate Report, p. 42).
3.
There is very little case law on the 512(b) safe harbor, but one court has
held that Google’s Web cache is covered by 512(b). ​See Field v. Google,
412 F.Supp.2d 1106 (D. Nev. 2006).
4
C.
D.
512(c): hosting
1.
Safe harbor applies to any “infringement of copyright by reason of the
storage at the direction of a user of material that resides on a system or
network controlled or operated by or for the service provider…” 17 U.S.C.
§ 512(c).
2.
“Examples of such storage include providing server space for a user’s web
site, for a chatroom, or other forum in which material may be posted at the
direction of users.” (Senate Report, p. 44).
3.
Requires designation and registration of a “copyright agent” and
implementation of a “notice-and-takedown” regime. (see below).
4.
Subject to two disqualifiers: “actual or red flag knowledge” and “control +
direct financial benefit” (see below).
5.
Numerous activities beyond “providing server space for a user’s web site,
for a chatroom, or other forum” have been found to fall within the 512(c)
safe harbor. ​See, e.g., Wolk v. Kodak Imaging Network, Inc., 840 F. Supp.
2d 724, 744 (S.D.N.Y. 2012) (photo hosting and sharing service), ​aff’d
No. 12-420-cv (2d Cir. June 17, 2014); ​Viacom Int’l Inc. v. YouTube Inc.,
718 F. Supp. 2d 514 (S.D.N.Y. 2010) (video hosting platform);​ UMG
Recordings, Inc. v. Veoh Networks, Inc., 665 F. Supp. 2d 1099 (C.D. Cal.
2009), ​aff’d ​as ​UMG Recordings, Inc. v. Shelter Capital Partners LLC,
718 F.3d 1006 ​(9th Cir. 2013) (video hosting platform); ​Corbis v. Amazon,
351 F. Supp. 2d 1090 (W.D. Wash. 2004) (Amazon zShops);​ CoStar v.
LoopNet, 164 F. Supp. 2d 688 (D. Md. 2001), ​aff’d, 373 F.3d 544 (4th Cir.
2004) (user-generated real estate listings); ​Hendrickson v. eBay, 165 F.
Supp. 2d 1082 (C.D. Cal. 2001) (eBay listings).
6.
The Ninth Circuit has said that “by reason of storage” in the statute
includes “access-facilitating processes that automatically occur when a
user uploads” content. ​UMG v. Shelter Capital, 718 F.3d at 1016. ​See also
Obodai v. Demand Media, Inc., 2012 WL 2189740 (S.D.N.Y. June 13,
2012) (allowing users to post and share content does not vitiate the 512(c)
safe harbor).
7.
A service provider’s use of reviewers or moderators to screen or select
from user-submitted materials does not put its activities outside the 512(c)
safe harbor. ​See Costar v. Loopnet, 164 F. Supp. 2d at 701-02 (user
submitted real estate listings screened before posting); ​Mavrix
Photographs LLC v. LiveJournal, Inc., No. 8:13-cv-00517-CJC-JPR (C.D.
Cal. Sept. 19, 2014) (moderators select among user-submitted posts).
8.
Contractors vetted by and paid by the site operator, whose contracts
disclaim that they are agents or employees of the operator, can count as
“users” for the purposes of 512(c). ​BWP Media USA v. Clarity Digital
Group, 820 F.3d 1175, 1180-81 (10th Cir. 2016). Directing those
contractors to upload stories, including providing topics and maintaining
editorial control, does not render the uploads outside the definition of “at
the direction of the user.” Id. at 1182.
512(d): information location tools (linking and search engines)
5
Safe harbor applies for any “infringement of copyright by reason of the
provider referring or linking users to an online location containing
infringing material or infringing activity, by using information location
tools, including a directory, index, reference, pointer, or hypertext link….”
17 U.S.C. § 512(d).
2.
“The reference to ‘infringing activity’ is intended to refer to wrongful
activity that is occurring at the location to which the link or reference
refers, without regard to whether copyright infringement is technically
deemed to occur at that location or at the location where the material is
received. The term information location tools includes, for example: a
directory or index of online sites or material such as a search engine that
identifies pages by specified criteria, a reference to other online material
such as a list of recommended sites, a pointer that stands for an Internet
location or address, or a hypertext link which allows users to access
material without entering its address.” (Senate Report, p.47).
3.
Requires designation and registration of a “copyright agent” and
implementation of a “notice-and-takedown” regime. (see below).
4.
Subject to two disqualifiers: “actual or red flag knowledge” and “control +
direct financial benefit” (see below).
5.
Although there are fewer reported opinions applying 512(d) than 512(c),
courts have recognized that search engines and links posted in blogs are
covered. ​See Perfect 10 Inc. v. Google Inc., No. 04-9484, 2010 U.S. Dist.
LEXIS 75071, *16 (C.D. Cal. Jul. 26, 2010) (applying 512(d) to Google
Web Search and Image Search, and recognizing that links in Blogger are
also covered).
Prerequisites and Disqualifiers
A.
Prerequisites applicable to all safe harbors (512(i))
1.
Policy of Terminating Repeat Infringers
a.
Service provider must “adopt and reasonably implement, and
inform subscribers and account holders of the service provider's
system or network of, a policy that provides for the termination in
appropriate circumstances of subscribers and account holders of
the service provider's system or network who are repeat
infringers.” 17 U.S.C. § 512(i)(1)(A).
b.
The statute does not define “repeat infringer.” 3 Nimmer on
Copyright § 12B.10 (2011) (noting that “the statute fails to set
forth standards for meeting that policy,” and reviewing available
authorities); ​see generally David Nimmer, ​Repeat Infringers, 52 J.
of Copyright Soc’y of the USA 170 (Winter 2005) (exploring in
detail what makes a “repeat infringer”).
c.
“[A] service provider must (i) ​adopt​ a policy that provides for the
termination of service access for repeat infringers; (ii) ​inform
users of the service policy; and (iii) ​implement​ the policy in a
reasonable manner.’” ​Wolk v. Kodak, 840 F.Supp.2d at 744;
accord Capitol Records v. Escape Media, No. 12–CV–6646, 2015
1.
IV.
6
d.
e.
f.
g.
WL 1402049, at *46 (S.D.N.Y. Mar. 25, 2015).
With respect to what satisfies the “implementation” obligation,
several courts have further segregated the analysis into two
components: “first, whether a service provider implements a
policy, and second, whether that implementation is reasonable.”
Perfect 10 v. Giganews, 993 F.Supp.2d 1192, 1196 (C.D. Cal.
2014), ​aff’d on other grounds, ​Perfect 10 v. Giganews, No.
15-55500, 2017 WL 279504 (9th Cir. Jan. 23, 2017); ​accord BMG
Rights Management (US) LLC et al v. Cox Communications, Inc.,
No. 1:14-cv1611, 2015 WL 7756130 (E.D. Va. Dec. 1, 2015);
Capitol Records v. Escape Media, 2015 WL 1402049, at *47
(S.D.N.Y. Mar. 25, 2015).
The Ninth Circuit has held “that a service provider ‘implements’ a
policy if it has a working notification system, a procedure for
dealing with DMCA-compliant notifications, and if it does not
actively prevent copyright owners from collecting information
needed to issue such notifications.” ​Perfect 10 v. CCBill, 488 F.3d
1102, 1109 (9​th​ Cir. 2007); ​see also BMG v. Cox, No. 1:14-cv1611,
2015 WL 7756130 (E.D. Va. Dec. 1, 2015) (summary judgment
order applying ​CCBill framework); ​Arista Records LLC v. Myxer
Inc., No. CV-08-3935 GAF, 2011 WL 11660773 (C.D. Cal. Apr.
1, 2011) (summary judgment order applying the ​CCBill holding,
holding that defendant had raised a material issue of fact sufficient
to defeat plaintiffs’ motion).
Courts agree that service providers need not shoulder the burden of
policing infringement in order to “reasonably implement” a policy
of terminating repeat infringers. ​See ​Perfect 10 v. CCBill, 488 F.3d
at 1111 (“To identify and terminate repeat infringers, a service
provider need not affirmatively police its users for evidence of
repeat infringement.”); ​Capitol Records v. Vimeo, 972 F. Supp. 2d
at 514 (“[T]he case law provides that a reasonably implemented
policy can utilize a ‘variety of procedures’ and does not require
that the service provider ‘affirmatively police its users for evidence
of repeat infringement.’”), ​vacated in part by ​Capitol Records,
LLC v. Vimeo, LLC, 826 F. 3d 78 (2d. Cir. 2016); ​Corbis v.
Amazon, 351 F. Supp. 2d at 1104 (“Because it does not have an
affirmative duty to police its users, failure to properly implement
an infringement policy requires a showing of instances where a
service provider fails to terminate a user even though it has
sufficient evidence to create actual knowledge of that user’s
blatant, repeat infringement of a willful and commercial nature.”);
Perfect 10 v. Cybernet Ventures, 213 F. Supp. 2d 1146, 1176 (C.D.
Cal. 2002) (“The service provider might not need to provide for
active investigation of possible infringement.”).
Courts recognize that 512(i) leaves service providers with
7
h.
i.
j.
k.
substantial latitude in crafting and reasonably implementing a
policy and have accordingly approved a variety of different “strike
counting” mechanisms. ​See, e.g., Viacom Int’l Inc. v. Youtube Inc.,
718 F. Supp. 2d at 528 (three strikes policy counting “only one
strike against a user both (1) a single DMCA takedown notice
identifying multiple videos uploaded by the user, and (2) multiple
take-down notices identifying videos uploaded by the user received
by YouTube within a two-hour period” was a reasonably
implemented policy); ​UMG Recordings v. Veoh Networks, 665 F.
Supp. 2d at 1116 (failure to terminate a user’s account after
receiving a single DMCA notice identifying multiple instances of
infringement may still constitute a reasonable policy); ​Capitol
Records v. Vimeo, 972 F. Supp. 2d 500, 514-17 (S.D.N.Y. 2013)
(notices received within a three-day window grouped as one
“strike” for the purposes of calculating whether a user is a repeat
infringer).
A termination policy need not be written down. ​Hempton v. Pond5,
Inc., No. 3: 15-cv-05696-BJR (W.D. Wash. Oct. 25, 2016).
A termination policy may fall short, however, where a defendant
“allowed notices of potential copyright infringement to fall into a
vacuum and to go unheeded.” ​Ellison v. Robertson, 357 F.3d 1072,
1080 (9th Cir. 2004). Similarly, a court has rejected a policy where
the defendant, “[f]ar from doing anything to discourage repeat
infringers of the plaintiffs’ copyrights, … invited them to do so,
showed them how they could do so with ease using its system, and
by teaching its users how to encrypt their unlawful distribution of
copyrighted materials disabled itself from doing anything to
prevent infringement.” ​In re Aimster, 334 F.3d at 655. A repeat
infringement policy that focuses on whether materials are publicly
available, and ignores the question whether the materials infringe
copyright, is not adequate. ​Flava Works, Inc. v. Gunter, No 10 C
6517, 2011 WL 3205399 (N.D. Ill. July 27, 2011), ​vacated on
other grounds, 689 F. 3d 754 (7th Cir. 2012).
Courts have found that a failure to keep adequate records of
takedown notices and subscriber termination can be relevant to the
question of “reasonable implementation.” ​See Capitol Records v.
Escape Media, 2015 WL 1402049, at *6 (“[S]ervice providers that
purposefully fail to keep adequate records of the identity and
activities of their users and fail to terminate users despite their
persistent and flagrant infringement are not eligible for protection
under the safe harbor.”) (​quoting Capitol Records v. MP3tunes,
821 F. Supp. 2d at 637).
A failure to terminate subscribers under appropriate circumstances
can deprive a service provider of the safe harbor. ​See BMG v. Cox,
No. 1:14-cv1611, 2015 WL 7756130 (E.D. Va. Dec. 1, 2015)
8
B.
(holding that cable ISP lost 512(a) safe harbor where it failed to
follow its written procedures, failed to terminate subscribers after
multiple notices, and reinstated immediately upon subscriber
request after terminations).
l.
For services that maintain notice-and-takedown procedures as
required by 512(b), (c), or (d), ignoring DMCA notices in your
repeat infringer calculation can deprive you of the safe harbor. ​See
Capitol Records v. Escape Media, 2015 WL 1402049, at *13
(“[P]erhaps the strongest indicator of Escape’s failure to terminate
the uploading privileges of repeat infringers in appropriate
circumstances is the undisputed facts showing that hundreds or
thousands of users were not stripped of their uploading privileges
after receiving notices of infringement.”); ​Disney Enterprises, Inc.
v. Hotfile Corp., 1:11-cv-20427-KMW, 2013 WL 6336286, at *18
(S.D. Fla. Sept. 20, 2013) (finding repeat infringer policy
unreasonable where, in spite of 10 million complaints about 8
million videos, Hotfile terminated only 43 users, apparently only
those who were the subject of a court order or threatened
litigation).
m.
Services that do not have “subscribers” such as web search
engines, need not have termination policies in order to satisfy
512(i). ​See Perfect 10 v. Google, 2010 U.S. Dist. LEXIS 75071,
*13.
2.
Accommodate Technical Measures
a.
Service provider must “accommodate and not interfere with
standard technical measures…used by copyright owners to identify
or protect copyrighted works.” 17 U.S.C. § 512(i)(1)(B).
b.
In order to qualify as a “standard technical measure,” the measure
must have been developed “pursuant to a broad consensus of
copyright owners and service providers in an open, fair, voluntary,
multi-industry standards process,” be available on RAND terms,
and not impose “substantial costs” on service providers.
c.
Providing image-editing software that ​could be used to remove
watermarks and copyright notices is not interfering with standard
technical measures. ​Wolk v. Kodak, 840 F.Supp.2d at 745.
d.
As of 2017, nothing appears to qualify as a “standard technical
measure” under the definition of the statute, as no “broad
consensus” has emerged from any relevant “multi-industry
standards process.” ​See U.S. Copyright Office, Section 512 Study:
Request for Additional Comments, 81 Fed. Reg. 78636, 78641
(Nov. 8, 2016) (“[S]ince passage of the DMCA, no standard
technical measures have been adopted​ pursuant to section 512(i).”)
Additional prerequisites for § 512(c) and (d)
1.
Designate a Copyright Agent
a.
Service provider must designate an agent to receive copyright
9
2.
infringement notices, register the agent with the Copyright Office,
and make the agent’s contact information available on its website.
17 U.S.C. § 512(c)(2); 37 CFR § 201.38. ​ See generally
<​http://www.copyright.gov/onlinesp/​>.
b.
In December 2016, the Office introduced an online registration
system and electronically generated directory to replace the
Office’s old paper-based system and directory. To designate an
agent, a service provider must register with and use the Office’s
online system.
c.
A service provider that has designated an agent with the Office
under the previous version of this section (which was effective
between November 3, 1998 and November 30, 2016) must submit
a new designation electronically using the online registration
system by December 31, 2017. Any designation not made through
the online registration system will expire and become invalid after
December 31, 2017.
Notice-and-Takedown
a.
Service provider must “upon notification of claimed infringement
as described in paragraph (3), respond[] expeditiously to remove,
or disable access to, the material that is claimed to be infringing or
to be the subject of infringing activity.” 17 U.S.C. § 512(c)(1)(C).
b.
In order to be effective, takedown notices must be in writing and:
(1) contain the physical or electronic signature of claimant; (2)
identify the work allegedly infringed; (3) identify the allegedly
infringing material sufficiently to permit its removal or limit
access; (4) provide information sufficient to contact the party
providing the notice; (5) contain a statement that the complaining
party has a good faith belief that use of the material is not
authorized; and (6) contain a statement that the information in the
notice is accurate and, under penalty of perjury, that either the
owner or the complaining party is authorized to act on behalf of the
owner of an exclusive right that is allegedly infringed. ​See 17
U.S.C. § 512(c)(3).
c.
A notice that fails to include all of the relevant information will not
be admissible to demonstrate actual or “red flag” knowledge (see
below) on the part of the service provider, provided, however, that
if the notice identifies the work infringed, includes information
sufficient to locate the infringing work, and provides contact
information, the service provider has attempted to contact the
submitter in order to assist in obtaining a complete notice. 17
U.S.C. § 512(c)(3)(B).
d.
A district court in California has held that a notice is defective if
the material it identifies is no longer posted at the URL. ​In re
Maximized Living, Inc. v. Google, Inc., No. C11-80061 MISC
CRB (EDL) (N.D. Cal. Dec. 22, 2011) (Laporte, MJ).
10
Courts have rejected notices that require service providers to
cobble information together from multiple documents. ​See, e.g.,
Perfect 10 v. CCBill, 488 F.3d at 1113 (“Permitting a copyright
holder to cobble together adequate notice from separately defective
notices … unduly burdens service providers.”); ​Perfect 10, Inc. v.
Giganews, Inc., 993 F. Supp. 2d 1192 (C.D. Cal. 2014) (addressing
who bears the burden of extracting Message IDs from Usenet
newsgroup postings); ​Perfect 10 v. Google, 2010 U.S. Dist. LEXIS
75071, *21-36 (examining several kinds of notices); ​but see ALS
Scan v. RemarQ Communities, 239 F. 3d 619, 625 (4​th​ Cir. 2001)
(concluding that incomplete notices can be substantially
compliant).
f.
Counter-Notice: Section 512(g) creates a “counter-notice” regime
protecting service providers from liability both for taking down
material in response to infringement notices, and for restoring
access (“put-back”) to material upon receiving a “counter-notice”
from a subscriber contesting the infringement notice. It is
important to note, however, that a “counter-notice” regime is not a
pre-requisite for the DMCA safe harbors—instead, it provides a
service provider with protection vis-à-vis its own subscribers. 17
U.S.C. 512(g)(1).
Disqualifiers (only for § 512(c) and (d))
1.
Actual or “Red Flag” Knowledge
a.
A service provider enjoys the (c) and (d) safe harbors only so long
as it:
“(i) does not have actual knowledge that the material or an
activity using the material on the system or network is infringing;
or
(ii) in the absence of such actual knowledge, is not aware of
facts or circumstances from which infringing activity is apparent
[e.g., “red flag” knowledge]; or
(iii) upon obtaining such knowledge or awareness, acts
expeditiously to remove, or disable access to, the material….”
17 U.S.C. § 512(c)(1)(A); § 512(d)(1).
b.
“Under this standard, a service provider would have no obligation
to seek out copyright infringement, but it would not qualify for the
safe harbor if it had turned a blind eye to ‘red flags’ of obvious
infringement.” (Senate Report, p. 48).
c.
“For instance, the copyright owner could show that the provider
was aware of facts from which infringing activity was apparent if
the copyright owner could prove that the location was clearly, at
the time the directory provider viewed it, a ‘pirate’ site of the type
described below, where sound recordings, software, movies or
books were available for unauthorized downloading, public
performance or public display. Absent such ‘red flags’ or actual
e.
C.
11
d.
e.
f.
g.
h.
knowledge, a directory provider would not be similarly aware
merely because it saw one or more well known photographs of a
celebrity at a site devoted to that person. The provider could not be
expected, during the course of its brief cataloguing visit, to
determine whether the photograph was still protected by copyright
or was in the public domain; if the photograph was still protected
by copyright, whether the use was licensed; and if the use was not
licensed, whether it was permitted under the fair use doctrine.”
(Senate Report, p. 48).
“The important intended objective of this standard is to exclude
sophisticated ‘pirate’ directories—which refer Internet users to
other selected Internet sites where pirate software, books, movies,
and music can be downloaded or transmitted—from the safe
harbor. Such pirate directories refer Internet users to sites that are
obviously infringing because they typically use words such as
‘pirate,’ ‘bootleg,’ or slang terms in their uniform resource locator
(URL) and header information to make their illegal purpose
obvious to the pirate directories and other Internet users.” (Senate
Report, p. 48).
“In this way, the ‘red flag’ test in section 512(d) strikes the right
balance. The common-sense result of this ‘red flag’ test is that
online editors and catalogers would not be required to make
discriminating judgments about potential copyright infringement.
If, however, an Internet site is obviously pirate, then seeing it may
be all that is needed for the service provider to encounter a ‘red
flag.’ A provider proceeding in the face of such a red flag must do
so without the benefit of a safe harbor.” (Senate Report, p.49).
“The knowledge or awareness standard should not be applied in a
manner which would create a disincentive to the development of
directories which involve human intervention. Absent actual
knowledge, awareness of infringement as provided in subsection
(d) should typically be imputed to a directory provider only with
respect to pirate sites or in similarly obvious and conspicuous
circumstances, and not simply because the provider viewed an
infringing site during the course of assembling the directory.”
(Senate Report, p. 49).
"On the issue of disqualifying knowledge . . . the burden falls on
the copyright owner to demonstrate that the service provider
acquired knowledge of the infringement, or of facts and
circumstances from which infringing activity was obvious, and
failed to promptly take down the infringing matter, thus forfeiting
its right to the safe harbor." ​Capitol Records, LLC v. Vimeo, LLC,
826 F.3d at 95.
The standard for “red flag knowledge” has been hotly contested in
the courts, but a growing body of authority suggests that the bar is
12
i.
set fairly high. Cases interpreting the “knowledge disqualifier”
include​ Capitol Records, LLC v. Vimeo, LLC, 826 F. 3d 78, 96 (2d.
Cir 2016) (“A copyright owner's mere showing that a video posted
by a user on the service provider's site includes substantially all of
a recording of recognizable copyrighted music, and that an
employee of the service provider saw at least some part of the
user's material,[12] is insufficient to sustain the copyright owner's
burden of proving that the service provider had either actual or red
flag knowledge of the infringement.”); ​Columbia Pictures
Industries, Inc. v. Fung, 710 F. 3d 1020, 1043 (9th Cir. 2013) (red
flag knowledge exists where operator of torrent sites “urg[ed] his
users to both upload and download particular copyrighted works,
provid[ed] assistance to those seeking to watch copyrighted films,
and help[ed] his users burn copyrighted material onto DVDs” and
where he “personally used the ... website to download infringing
material.”); ​UMG Recordings, Inc. v. Shelter Capital Partners
LLC, 718 F. 3d at 1023 (9th Cir. 2013) (“Veoh’s general
knowledge that it hosted copyrightable material and that its
services could be used for infringement is insufficient to constitute
a red flag.”);​ Perfect 10 v. CCBill, 488 F.3d at 1114 (noncompliant
takedown notices cannot create red flag knowledge); ​Arista v.
Myxer, No. CV-08-3935 GAF (C.D. Cal. Apr. 1, 2011)
(“[K]nowledge of the general proposition that infringing material
is often uploaded to websites” is insufficient to constitute a “red
flag”); ​Columbia Pictures Indus., Inc. v. Fung, No. 06-5578, 2009
WL 6355911, at *17-18 (C.D. Cal. Dec. 21, 2009), ​aff’d, 710 F. 3d
1020 (9th Cir. 2013) (evidence that over 90% of the material on
the website was infringing, tens of millions of U.S. users accessed
the website, and the website was designed to include lists such as
“Top 20 Movies” and “Box Office Movies” constituted
knowledge); ​Corbis v. Amazon, 351 F. Supp. 2d at 1109 (general
knowledge of infringement on the site is not enough to constitute a
“red flag”); ​Hendrickson v. Amazon, 298 F. Supp. 2d 914, 917-18
(C.D. Cal. 2003) (Amazon lacked forward-looking knowledge of
infringing DVD sales, even after rightsholder informed it that the
title in question had never been released on DVD); ​Hendrickson v.
eBay, 165 F. Supp. 2d 1082, 1090-91 (C.D. Cal. 2001)
(noncompliant notices found insufficient to create material dispute
regarding knowledge).
The difference between “actual” and “red flag” knowledge is that
the former is a subjective standard and the latter an objective
standard. ​Viacom, 676 F.3d at 31. “Red flag” knowledge may be a
narrow ground for liability, but as long as it is not read out of the
statute entirely, that is as Congress intended. ​Capitol Records, LLC
v. Vimeo, LLC, 826 F. 3d at 97 (“If the facts actually known by an
13
j.
k.
l.
m.
employee of the service provider make infringement obvious, the
service provider cannot escape liability through the mechanism of
the safe harbor on the ground that the person with knowledge of
those facts never thought of the obvious significance of what she
knew in relation to infringement.”).
For actual knowledge, willful blindness, and “red flag” knowledge,
the relevant knowledge or awareness is of ​specific infringements;
general knowledge that infringements are occurring is insufficient.
Viacom v. YouTube, 676 F.3d 19, 35 (2d. Cir. 2012) (“Based on the
text of § 512(c)(1)(A), as well as the limited case law on point, we
affirm the District Court's holding that actual knowledge or
awareness of facts or circumstances that indicate specific and
identifiable instances of infringement will disqualify a service
provider from the safe harbor.”); ​UMG Recordings, Inc. v. Shelter
Capital Partners LLC, 718 F. 3d at 1022 (holding “Veoh’s general
knowledge that it hosted copyrightable material and that its
services could be used for infringement is insufficient to constitute
a red flag” and that the purchase of Google AdWords such as ‘50
Cent,’ ‘Avril Lavigne,’ and ‘Britney Spears’ insufficient to
constitute a red flag); ​Corbis v. Amazon, 351 F. Supp. 2d at 1109
(general knowledge of infringement on the site is not enough to
constitute a “red flag”). ​See also ​BWP Media, 820 F.3d at 1182
(“Prior cases clearly establish that merely hosting a category of
copyrightable content, such as music videos, with the general
knowledge that one's services could be used to share infringing
material, is insufficient to meet the actual knowledge requirement
under § 512(c)(1)(A)(i).” ​citing Shelter Capital Partners LLC, 718
F.3d at 1022-23). ​Accord Capitol Records, LLC, 826 F. 3d at 99.
Evidence that a service provider knew that a particular work, or
work by particular artists, was not available in the format in which
they were found on the service can support a jury verdict that the
service provider had disqualifying knowledge. ​EMI Christian
Music Grp, Inc. v. MP3tunes, LLC, Nos. 14-4369-cv(L),
14-4509-cv(XAP) (2d Cir., Dec. 13, 2016).
Review of only video portions of clips does not give rise to an
inference that the service provider was willfully blind to possible
infringement in the audio portion. ​Capitol Records, 826 F. 3d at
97-98 (“[W]e can see no reason to construe the statute as vitiating
the protection of § 512(m) and requiring investigation merely
because the service provider learns facts raising a ​suspicion of
infringement (as opposed to facts making infringement ​obvious)”).
Willful blindness can also stand in for knowledge, as in other areas
of the law. ​Viacom, 676 F.3d at 35 (“[W]e hold that the willful
blindness doctrine may be applied, in appropriate circumstances, to
demonstrate knowledge or awareness of specific instances of
14
infringement under the DMCA.”) (remanding for fact-finding on
this issue). On reconsideration in the light of ​Viacom, Judge Pauley
in the ​MP3Tunes case held that certain emails might reasonably
have given rise to a duty to investigate specific acts of
infringement further, and vacated the summary judgment for
Defendant with respect to those particular infringements. ​Capitol
Records v. MP3Tunes, 1:07-civ-09931-WHP-FM, 2013 WL
1987225 at *4 (S.D.N.Y. May 14, 2013).
2.
Control + Direct Financial Benefit
a.
A service provider will be disqualified from the (c) and (d) safe
harbors if it “receive[s] a financial benefit directly attributable to
the infringing activity, in a case in which the service provider has
the right and ability to control such activity.” (17 U.S.C. §
512(c)(1)(B); § 512(d)(2))
b.
“In determining whether the financial benefit criterion is satisfied,
courts should take a common-sense, fact-based approach, not a
formalistic one. In general, a service provider conducting a
legitimate business would not be considered to receive a ‘financial
benefit directly attributable to the infringing activity’ where the
infringer makes the same kind of payment as non-infringing users
of the provider’s service. Thus, receiving a one-time set-up fee and
flat periodic payments for service from a person engaging in
infringing activities would not constitute receiving a ‘financial
benefit directly attributable to the infringing activity.’ Nor is
subparagraph (B) intended to cover fees based on the length of the
message (per number of bytes, for example) or by connect time. It
would however, include any such fees where the value of the
service lies in providing access to infringing material.” (Senate
Report, p.44).
c.
Mere ability to remove or block access to materials, or to exclude
users, is not enough to constitute “right and ability to control”
within the meaning of the DMCA safe harbors. ​See UMG
Recordings, Inc. v. Shelter Capital Partners LLC, 718 F.3d at
1029; ​Wolk v. Kodak Imaging, 840 F. Supp. 2d at 748 (“‘[T]he
right and ability to control infringing activity, as the concept is
used in the DMCA, cannot simply mean the ability of a service
provider to remove or block access to materials posted on its
website’” [quoting ​Corbis] “Instead, such a right and ability to
control must take the form of prescreening content, rendering
extensive advice to users regarding content and editing user
content.”);​ Arista v. Myxer, No. CV-08-3935 GAF (C.D. Cal. Apr.
1, 2011) (“The mere ability of a service provider to remove content
after it has been uploaded is insufficient as a matter of law to
establish the right and ability to control the infringing activity
15
d.
e.
f.
g.
required by § 512(c)(1)(B).”); ​Corbis v. Amazon, 351 F. Supp. 2d
at 1110 (“Merely because Amazon could identify the zShops
defendants and terminate their accounts does not mean they
exercised the type of right and ability to control that would
disqualify them from § 512(c) safe harbor.”); ​Perfect 10 v.
Cybernet Ventures, 213 F. Supp. 2d at 1181 (“[C]losing the safe
harbor based on the mere ability to exclude users from the system
is inconsistent with the statutory scheme.”).
Right and ability to control requires “a service provider’s exertion
of substantial influence on the activities of users” such as helping
optimize with the content they upload or inducing them to infringe
through purposeful, culpable conduct. ​Viacom 676 F.3d at 37;
accord UMG v. Shelter Capital Partners, 718 F.3d at 1030 (“We
agree with the Second Circuit and hold that, in order to have the
‘right and ability to control,’ the service provider must ‘exert[]
substantial influence on the activities of users.’"). Monitoring
content to enforce posting guidelines and emailing technical
support to users are not “substantial influence.” ​Capitol Records v.
Vimeo, 972 F. Supp. 2d at 525-30. Similarly, rules and moderators
that encouraging users to submit material from third-party sources
is not enough to constitute substantial influence. ​Mavrix v.
LiveJournal, No. 13-cv-517, at page ID #4342-44 (C.D. Cal. Sept.
19, 2014).
One court has suggested that sufficiently culpable inducing
conduct, including encouraging users to upload specific infringing
content, removing corrupted or “bad” versions of infringing
content, and assisting users to find particular infringing content,
may exclude a defendant from the safe harbor for ​all infringing
activity on the site, not just activity directly the subject of that kind
of conduct. ​Columbia Pictures v. Fung, 710 F.3d at 1046.
The Ninth Circuit has stated “that ‘direct financial benefit’ should
be interpreted consistent with the similarly-worded common law
standard for vicarious copyright liability.” ​Perfect 10 v. CCBill,
488 F.3d at 1117. This view, however, has come in for criticism.
See 3 ​Nimmer on Copyright § 12B.04[A][2][b] (characterizing the
9th Circuit view as erroneous dicta and noting that the legislative
history “clearly intends to extend this safe harbor to vicarious
liability.”). The Ninth Circuit itself has apparently retreated from
its former view, embracing a more nuanced approach, at least in
the context of an ad-supported site, focused on the “connection
between the infringing activity and [the] income stream derived
from advertising.” ​Columbia Pictures v. Fung, 710 F.3d at 1045;
accord ​BWP Media v. Clarity Digital, No. 14-cv-467 (D. Colo.
Mar. 31, 2015), ​aff’d BWP Media, 820 F.3d 1175.
Receiving proceeds from sale of infringing articles, where the site
16
D.
is not a significant source of infringing articles, is not a direct
financial benefit. ​Hempton v. Pond5, Inc., No. 3: 15-cv-05696-BJR
(W.D. Wash. Oct. 25, 2016).
DMCA Material Misrepresentation, 17 USC 512(f)
1.
Section 512(f) of the DMCA creates a cause of action against “[a]ny
person who knowingly materially misrepresents under this section (1) that
material or activity is infringing, or (2) that material or activity was
removed or disabled by mistake or misidentification.” 17 U.S.C. 512(f). A
claim may be brought by “the alleged infringer, by any copyright owner or
copyright owner's authorized licensee, or by a service provider, who is
injured by such misrepresentation.” ​Id.
2.
Submitting a takedown notice without considering fair use can be a
misrepresentation under 512(f), according to the Ninth Circuit. ​Lenz v.
Universal Music Corp., 815 F. 3d 1145 (9th Cir. 2016). Section
512(c)(3)(A)(v) requires a DMCA takedown notification to include a
“statement that the complaining party has a good faith belief that the use
of the material in the manner complained of is not authorized by the
copyright owner, its agent, or the law.” Because 17 U.S.C. § 107 created a
type of non-infringing use, fair use is “wholly authorized by the law” and
a copyright holder must consider the existence of fair use before sending a
takedown notification under § 512(c). ​Id. at 1151. The relevant test is
whether the copyright owner formed “a subjective ​good faith belief the
allegedly infringing material does not constitute fair use.” ​Id. at 1154-55.
3.
The willful blindness doctrine may be used to determine whether a
copyright holder knowingly materially misrepresented that it held a good
faith belief the offending activity was not a fair use. ​Lenz, 815 F.3d at
1155. In order to establish willful blindness, a plaintiff must demonstrate a
genuine issue as to whether — before sending the takedown notification
— the copyright owner (1) subjectively believed there was a high
probability that the video constituted fair use, and (2) took deliberate
actions to avoid learning of this fair use. ​Id.
4.
At least one court has found that if there was no takedown of the material,
there is no cause of action under 512(f). ​Amaretto Ranch Breedables, LLC
v. Ozimals, Inc, 790 F.Supp.2d 1024 (N.D. Cal. 2011).
5.
Where the facts demonstrate that a complainant’s goals in sending
takedown notices are broader than preventing infringement of its own
works, a 512(f) action may survive summary judgment. ​Disney v. Hotfile,
1:11-cv-20427-KMW, at *34 (S.D. Fla. Sept. 20, 2013).
6.
Nominal damages are enough to support a claim under 512(f). ​Lenz, 815
F. 3d at 1156.
17