Copyright infringement liability is one of the most publicized and potentially costly legal risks facing online video sites, social networks and other Internet sites which enable and commercialize “user-generated” content. Whether launching, operating, investing in or planning an acquisition of an online business involving user-generated content, there is some risk that such a business could attract copyright infringement lawsuits. New media, social networking, gaming and Internet companies (and venture capital and private equity firms that invest in such companies) are advised to adopt practical strategies for minimizing risk exposure to copyright infringement and other liability arising from user-generated content.
Section 512(c) of the Digital Millennium Copyright Act (“DMCA”) provides online service providers with defenses against claims of copyright infringement liability for the infringing acts of end users. Qualifying for eligibility under this “safe harbor” is the most effective strategy for minimizing copyright infringement liability, but failing to qualify for this “safe harbor” does not mean an online service provider is necessarily liable for infringement as other defenses (e.g., fair use) may apply.
To help avoid lawsuits involving user-generated content, here are 10 steps to help online service providers navigate into the safe harbor provided by Section 512(c) of the DMCA:
1. Designate a DMCA Agent with the Copyright Office
Designating an agent to receive notices of claimed copyright infringement with the U.S. Copyright Office is straightforward (mail in/deliver a form which contains identification and contact information) and inexpensive ($80 filing fee). The individual chosen should be knowledgeable about the DMCA procedures. The DMCA imposes brief times to respond to DMCA compliant notices of infringement, so consider also appointing an alternate agent who has been trained and can act in compliance with the DMCA’s requirements in the event that the designated agent is temporarily unable to do so.
2. Have a Working DMCA Notification System
3. Have a Reasonable Process for Dealing with DMCA Notices and Terminate Repeat Infringers
Below are components of a policy that the court in Io Group. v. Veoh Networks recently held to be “reasonably implemented”:
- Respond to each infringement notice within a few days of receipt
- Issue users a warning for first time upload of infringing content
- Terminate the account of any user who has previously received a warning if notice is received that user has uploaded infringing content
- Block and/or disable all content provided by user terminated for repeat infringement
- Block repeat infringer’s email address to prevent establishment of new account under same email address
- Generate “hash” or digital fingerprint for each video file and use that technology to terminate access to other identical files and prevent additional identical files from being uploaded
4. If a DMCA Compliant Notice is Received, Quickly Take Down Infringing Content
Establish, implement and document procedures which include (i) consistent and prompt review of all notices of claimed infringement to determine whether such notices “substantially comply” with the informational and procedural requirements of the DMCA and (ii) expeditious removal or denying access to content identified as infringing in any such DMCA compliant notice. Time is of the essence so a removal or disabling of access within 24 hours is best, though a 48-72 hour period may be sufficient.
5. Do Not Turn a Blind Eye to Red Flags of Obvious Infringement
If there are blatant factors or “red flags” of obvious infringement, expeditiously remove or deny access to such materials. Here are some examples of what might be considered “red flags” of obvious infringement:
- Copyright notices that are prominently and consistently displayed in the content
- User statements indicating content is bootlegged or pirated
- Discussions amongst users on how the online business’ service can be used to circumvent copyright law
The DMCA does not impose any obligation on an online service provider to monitor and police its sites for infringing activity. Accordingly, many have criticized the “red flag” test as providing a disincentive for service providers to take technologically reasonable and feasible measures to prevent infringing files from being made available.
6. Consider Using Fingerprinting, Filtering and/or Other Technology
Myspace, YouTube, Veoh and other top providers of user-generated online content have implemented copyright protection technologies such as digital fingerprinting and content filtering in an effort to block clips containing infringing materials. Though there is debate on the effectiveness of these technologies, given their widespread use and support among top publishers, service providers should strongly consider implementing such technologies as part of a market-based approach for protecting copyright. When implementing any such technology, do so uniformly (i.e., do not discriminate between different sets of content) and consistently in order to steer clear of knowledge by willful blindness.
7. Notify Uploader of Take Down; If Uploader Files Counternotice, Reinstate Content After 10-Day “Quiet” Waiting Period
In an effort to prevent copyright owners from abusively or mistakenly demanding the removal of non-infringing materials, the DMCA requires online service providers to notify the uploader of a removal of content and provide them with an opportunity to send a counternotice to challenge such removal. Here is how to satisfy this counternotice and reinstatement requirement:
- Promptly notify in writing the uploader whose content has been eliminated
- If a counternotice is received from the uploader, forward a copy to sender of the original takedown notice along with a letter indicating that the removed content will be replaced or access to it will be restored in 10 business days unless a notice of court action seeking to restrain the infringing activity is received
- Unless notice of court action is received, replace removed content or stop blocking access to it within 10-14 business days following receipt of the counternotice. If such notice of court proceeding is received do not repost the content
Service providers are not required to evaluate or determine whether the DMCA complaint was made in good faith or whether the subject content makes fair use of copyright.
8. Content Must Be Stored at the Direction of the User
Only material residing on a service provider’s system or network that is stored at the discretion of a user is eligible for the safe harbor under the DMCA. Recent cases such as Io v. Veoh and UMG Recordings v. Veoh have analyzed this concept of the DMCA and held that performing the following activities, which facilitate user access to material on a service provider’s website, does not result in the loss of safe harbor protection: (i) the automated process of encoding files to different formats (such as flash format); (ii) the creation of screenshots; (iii) the automatic creation of smaller chunks of uploaded video files; and (iv) allowing users to access streaming videos and download whole video files. However, a service provider would likely be precluded from safe harbor protection if it actively participates in or supervises the uploading of content, or previews or selects the files before the upload is completed.
9. Right and Ability to Control Infringing Activity
As the DMCA assumes that a service provider has control over its system or network, courts have held that the ability to “control” the infringing activity is something more than the ability to take down or block access to content. The “something more” concept has been found to exist in situations where the service provider (i) previewed content before posting, (ii) edited content descriptions, (iii) gave advice about content, (iv) controlled the content users chose to upload before it was uploaded, or (v) encouraged copyright infringement on its system. Service providers have no obligation to pre-screen any videos their users upload. Courts have held that the monitoring and/or reviewing by a service provider of its website to look for and remove obvious criminal and illegal activities or pornography does not amount to the ability to “control.”
10. Do Not Receive a Financial Benefit Directly Attributable to Infringing Activity Within the Company’s ControlIf an online service provider has the right and ability to control infringing activity, it is eligible for the safe harbor if it does not receive a financial benefit directly attributable to such infringing activity. The “direct financial benefit” issue is complex and necessarily dependent on applicable facts and circumstances. Although this issue still remains to be clarified by the courts, Viacom has made arguments regarding direct financial benefit in its lawsuit against YouTube. To the extent that the Viacom v. YouTube case results in a decision, this issue would be one of the more interesting DMCA legal questions the case addresses.