opinion

DMCA, Safe Harbor — Tube Sites Take Note

On March 14, the 9th U.S. Circuit Court of Appeals handed down an important ruling for companies that operate websites that allow users to upload content for display, as well as for content producers whose material is uploaded to such sites without their permission.

The case, Universal Music Group (UMG) vs. Veoh, focused on the issue of what a company that operates a website containing such user uploaded material must and must not do to obtain the limitations of liability for copyright infringement provided by the “safe harbor” provision of the Digital Millennium Copyright Act (DMCA) regarding user uploaded material that infringes a copyright owner’s copyright in the material.

The safe harbor provisions of the DMCA are clearly of critical importance for both adult online businesses operating websites that display user-uploaded content and for content producers whose works are often infringed on such websites.

The case involved a tube-style content sharing website, Veoh.com, that allowed, and continues to allow, users to upload and tag videos that other users can stream or download, much like Google’s YouTube website. Also, like You Tube and many other similar file sharing platforms, Veoh has required users to agree to terms of service that prohibits users from uploading copyrighted materials without permission. Also, Veoh, like many similar sites, has displayed a published policy stating that it would remove content from its service in response to proper takedown notices from copyright owners of content displayed on its website.

In 2007, UMG, a large music publishing company, brought suit in federal district court against Veoh for direct, vicarious, and contributory copyright infringement, as well as for inducement of infringement in regard to certain music videos that Veoh users had uploaded without UMG’s authorization. UMG did not, however, provide Veoh with any takedown notices regarding the allegedly infringing videos before it filed its action against Veoh. UMG proceeded against Veoh on a theory that no prior takedown notice was required to be provided to Veoh for two reasons. First because the activity on the Veoh site was not a type that qualifies for the liability limitation provided by DMCA, and second because the company should have recognized what UMG called “red flags” of infringement, obviating the need for a specific notice from UMG. Essentially, UMG’s red flags theory was based on the assertion that Veoh must have known the allegedly infringed content was unauthorized because of certain facts or circumstances that came to Veoh’s attention, or should have, and because of Veoh’s general knowledge that its services could be used to post infringing material.

With respect to UMG’s first argument, the Court rejected UMG’s view that Veoh was not entitled to the DMCA’s safe harbor protection under § 512(c) of the DMCA. Section 512(c) provides limitations on liability relating to material residing on systems or networks at the direction of users. This safe harbor provision clearly applies to web hosts and web hosting services such as storage of content provided by users. UMG claimed, however, that § 512(c) should only apply to data storage activities, and therefore, only to companies that are exclusively in the business of data storage. The court rejected this narrow interpretation of § 512(c), noting that UMG’s theory “fails to account for the reality that web hosts, like Veoh, also store user-submitted materials in order to make those materials accessible to other Internet users. The reason one has a website is so that others may view it.” The court also noted that adoption of UMG’s narrow interpretation of § 512(c) would incorrectly limit § 512(c) to a type of service that “would be more aptly described as an online back-up service.”

The court also rejected UMG’s second argument, that even if Veoh did not receive any formal DMCA notice of infringement and takedown request, Veoh should have been aware that the alleged copyright infringement was taking place on its site.

Pointing to the difficulty facing a website owner regarding determination of whether content uploaded by another is an infringement in the absence of actual notice, the court was unwilling to substitute a “constructive knowledge” or “red flags” approach to notice of infringement in place of an “actual knowledge” requirement that requires the site owner to actually receive a proper takedown notice of infringement from the copyright owner or representative, as specified in the DMCA. The court stated in its opinion that:

“Copyright holders know precisely what materials they own, and are thus better able to efficiently identify infringing copies than service providers like Veoh, who cannot readily ascertain what material is copyrighted and what is not.”

While the court’s ruling clearly affirmed an earlier decision finding that Veoh fell squarely within the safe harbor provision of the DMCA, it is important to note that its opinion also emphasized that Veoh had implemented certain procedures to prevent copyright infringement on its network. These included hiring an outside company which used digital fingerprinting of content to help find infringing videos that had been uploaded to Veoh’s site so that Veoh’s own “hash filtering” technology could be used to automatically disable access to any identical videos and block any future-submitted duplicates.

It is important to note that in its opinion, the Court highlighted not only that Veoh had been proactive in attempting to prevent display of repeat infringement, but also that Veoh’s anti-infringement actions resulted in the termination of thousands of user accounts as repeat violators of Veoh’s terms of use and the removal of tens of thousands videos from Veoh’s network. Companies hoping to benefit from the safe harbor provisions of § 512(c) of the DMCA, therefore, should, in my opinion take careful note of this. It is possible that the outcome in the case might have been substantially different if Veoh was not able to demonstrate that it had been as proactive as it was in trying to prevent repeat infringements of content for which it had previously received a proper infringement notice and takedown request. Therefore a policy of “we just take it down when we get a takedown notice” may not be enough to obtain the protection of § 512(c) if the “it” continues to be repeatedly uploaded to the site after repeated receipt of takedown notices.

The safe harbor provisions of § 512(c) of the DMCA are clearly of critical importance for both adult online businesses operating websites that display user-uploaded content and for content producers whose works are often infringed on such websites. As such, I have included the following excerpt from § 512 of the DMCA:

“(c) Information Residing on Systems or Networks at Direction of Users.—

(1) In general. — A service provider shall not be liable for monetary relief, or, except as provided in subsection (j), for injunctive or other equitable relief, for infringement of copyright by reason of the storage at the direction of a user of material that resides on a system or network controlled or operated by or for the service provider, if the service provider -

(A)(i) does not have actual knowledge that the material or an activity using the material on the system or network is infringing; (ii) in the absence of such actual knowledge, is not aware of facts or circumstances from which infringing activity is apparent; or

(iii) upon obtaining such knowledge or awareness, acts expeditiously to remove, or disable access to, the material;

(B) does not receive a financial benefit directly attributable to the infringing activity, in a case in which the service provider has the right and ability to control such activity; and

(C) upon notification of claimed infringement as described in paragraph (3), responds expeditiously to remove, or disable access to, the material that is claimed to be infringing or to be the subject of infringing activity.

(2) Designated agent. — The limitations on liability established in this subsection apply to a service provider only if the service provider has designated an agent to receive notifications of claimed infringement described in paragraph (3), by making available through its service, including on its website in a location accessible to the public, and by providing to the Copyright Office, substantially the following information:

(A) the name, address, phone number, and electronic mail address of the agent.

(B) other contact information which the Register of Copyrights may deem appropriate.

The Register of Copyrights shall maintain a current directory of agents available to the public for inspection, including through the Internet, and may require payment of a fee by service providers to cover the costs of maintaining the directory.

(3) Elements of notification.

(A) To be effective under this subsection, a notification of claimed infringement must be a written communication provided to the designated agent of a service provider that includes substantially the following:

(i) A physical or electronic signature of a person authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.

(ii) Identification of the copyrighted work claimed to have been infringed, or, if multiple copyrighted works at a single online site are covered by a single notification, a representative list of such works at that site.

(iii) Identification of the material that is claimed to be infringing or to be the subject of infringing activity and that is to be removed or access to which is to be disabled, and information reasonably sufficient to permit the service provider to locate the material.

(iv) Information reasonably sufficient to permit the service provider to contact the complaining party, such as an address, telephone number, and, if available, an electronic mail address at which the complaining party may be contacted.

(v) A statement that the complaining party has a good faith belief that use of the material in the manner complained of is not authorized by the copyright owner, its agent, or the law.

(vi) A statement that the information in the notification is accurate, and under penalty of perjury, that the complaining party is authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.

(B)(i) Subject to clause (ii), a notification from a copyright owner or from a person authorized to act on behalf of the copyright owner that fails to comply substantially with the provisions of subparagraph (A) shall not be considered under paragraph (1)(A) in determining whether a service provider has actual knowledge or is aware of facts or circumstances from which infringing activity is apparent.

(ii) In a case in which the notification that is provided to the service provider’s designated agent fails to comply substantially with all the provisions of subparagraph (A) but substantially complies with clauses (ii), (iii), and (iv) of subparagraph (A), clause (i) of this subparagraph applies only if the service provider promptly attempts to contact the person making the notification or takes other reasonable steps to assist in the receipt of notification that substantially complies with all the provisions of subparagraph (A).

(f) Misrepresentations. - Any person who knowingly materially misrepresents under this section —

(1) that material or activity is infringing, or

(2) that material or activity was removed or disabled by mistake or misidentification, shall be liable for any damages, including costs and attorneys’ fees, incurred by the alleged infringer, by any copyright owner or copyright owner’s authorized licensee, or by a service provider, who is injured by such misrepresentation, as the result of the service provider relying upon such misrepresentation in removing or disabling access to the material or activity claimed to be infringing, or in replacing the removed material or ceasing to disable access to it.”

In addition to the limitations of liability provided by § 512(c) to online service providers regarding information on the provider’s system or network at the direction of users, there are similar limitations of liability for a number of other online activities. These limitations apply to transitory digital network communications (§ 512(a)), system caching (§ 512(b)), information location tools § 512(d), and to certain actions by nonprofit educational Institutions § 512(e).

Finally, it is also important to note that for a company to obtain the benefits of the DMCA’s copyright liability limitations pertaining to content that users upload to the company’s website, the company must also meet certain eligibility requirements in addition to complying with the naming and registration of a designated agent with the Copyright Office as required in §512(c)(2). These eligibility requirements are set forth in § 512(i):

“(i) Conditions for Eligibility.— (1) Accommodation of technology. — The limitations on liability established by this section shall apply to a service provider only if the service provider —

(A) has adopted and reasonably implemented, and informs subscribers and account holders of the service provider’s system or network of, a policy that provides for the termination in appropriate circumstances of subscribers and account holders of the service provider’s system or network who are repeat infringers; and

(B) accommodates and does not interfere with standard technical measures.

(2) Definition. — As used in this subsection, the term “standard technical measures” means technical measures that are used by copyright owners to identify or protect copyrighted works and—

(A) have been developed pursuant to a broad consensus of copyright owners and service providers in an open, fair, voluntary, multi-industry standards process;

(B) are available to any person on reasonable and nondiscriminatory terms; and

(C) do not impose substantial costs on service providers or substantial burdens on their systems or networks.”

Technological advancements that allow users to create or copy content and instantly upload it to a website with unprecedented ease have given birth to an explosion of business models that encourage user-uploading of content. Tube sites, dating sites, and social networks, for example, all commonly involve the use of user-generated content. But it is important to know that website and network operators that allow such user content uploading run the risk of exposure to potentially crushing contributory copyright infringement claims unless they can effectively use the safe harbor provisions of the DMCA.

So if your company is operating an online business that enables user content uploading or if you are considering the addition of a user-generated content feature, I strongly encourage you to consult with an attorney to evaluate the attendant risks, and the potential availability of the DMCA’s safe harbor provisions.

This article is not intended to be, nor should it be considered to be, legal advice. If you have a legal question or other matter related to the any of the topics discussed in this article, I strongly urge you to contact our office at the number below or seek the counsel of another qualified and experienced attorney familiar with the legal matters discussed in this article.

Gregory A. Piccionelli is an intellectual property attorney specializing in adult entertainment matters. He can be reached at Piccionelli & Sarno at (818) 201-3955 or greg@piccionellisarno.com.

Related:  

Copyright © 2024 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More Articles

opinion

Best Practices for Payment Gateway Security

Securing digital payment transactions is critical for all businesses, but especially those in high-risk industries. Payment gateways are a core component of the digital payment ecosystem, and therefore must follow best practices to keep customer data safe.

Jonathan Corona ·
opinion

Ready for New Visa Acquirer Changes?

Next spring, Visa will roll out the U.S. version of its new Visa Acquirer Monitoring Program (VAMP), which goes into effect April 1, 2025. This follows Visa Europe, which rolled out VAMP back in June. VAMP charts a new path for acquirers to manage fraud and chargeback ratios.

Cathy Beardsley ·
opinion

How to Halt Hackers as Fraud Attacks Rise

For hackers, it’s often a game of trial and error. Bad actors will perform enumeration and account testing, repeating the same test on a system to look for vulnerabilities — and if you are not equipped with the proper tools, your merchant account could be the next target.

Cathy Beardsley ·
profile

VerifyMy Seeks to Provide Frictionless Online Safety, Compliance Solutions

Before founding VerifyMy, Ryan Shaw was simply looking for an age verification solution for his previous business. The ones he found, however, were too expensive, too difficult to integrate with, or failed to take into account the needs of either the businesses implementing them or the end users who would be required to interact with them.

Alejandro Freixes ·
opinion

How Adult Website Operators Can Cash in on the 'Interchange' Class Action

The Payment Card Interchange Fee Settlement resulted from a landmark antitrust lawsuit involving Visa, Mastercard and several major banks. The case centered around the interchange fees charged to merchants for processing credit and debit card transactions. These fees are set by card networks and are paid by merchants to the banks that issue the cards.

Jonathan Corona ·
opinion

It's Time to Rock the Vote and Make Your Voice Heard

When I worked to defeat California’s Proposition 60 in 2016, our opposition campaign was outspent nearly 10 to 1. Nevertheless, our community came together and garnered enough support and awareness to defeat that harmful, misguided piece of proposed legislation — by more than a million votes.

Siouxsie Q ·
opinion

Staying Compliant to Avoid the Takedown Shakedown

Dealing with complaints is an everyday part of doing business — and a crucial one, since not dealing with them properly can haunt your business in multiple ways. Card brand regulations require every merchant doing business online to have in place a complaint process for reporting content that may be illegal or that violates the card brand rules.

Cathy Beardsley ·
profile

WIA Profile: Patricia Ucros

Born in Bogota, Colombia, Ucros graduated from college with a degree in education. She spent three years teaching third grade, which she enjoyed a lot, before heeding her father’s advice and moving to South Florida.

Women In Adult ·
opinion

Creating Payment Redundancies to Maximize Payout Uptime

During the global CrowdStrike outage that took place toward the end of July, a flawed software update brought air travel and electronic commerce to a grinding halt worldwide. This dramatically underscores the importance of having a backup plan in place for critical infrastructure.

Jonathan Corona ·
opinion

The Need for Minimal Friction in Age Verification Technology

In the adult sector, robust age assurance, comprised of age verification and age estimation methods, is critical to ensuring legal compliance with ever-evolving regulations, safeguarding minors from inappropriate content and protecting the privacy of adults wishing to view adult content.

Gavin Worrall ·
Show More