Road to Safe Harbor: Implementation of Repeat Infringer Policy Necessary for DMCA Safe Harbor Protection from Copyright Infringement Liability
In the cloud-based age where numerous tech giants such as Google, Amazon, and Apple have launched cloud music services, many kept abreast of ongoing legal battles over online service providers’ liability for users’ music copyright infringement offenses using their platforms and what internet service providers must do to avoid contributory infringement liability. Case in point – MP3tunes. Michael Robertson, the founder of MP3tunes LLC, operated two websites: MP3tunes.com (“MP3tunes”) and Sideload.com (“Sideload”). MP3tunes enabled users to store music on a cloud-based server and Sideload enabled users to search for free music online and directly upload the songs to MP3tunes’ digital storage lockers. The songs stored on MP3tunes were then added to Sideload’s index of searchable songs, which were made available to other users. Due to infringed material, various record label publishing houses (EMI Music Group and fourteen other record companies, collectively, “EMI”) sued Robertson and his website MP3tunes for copyright infringement. See Capitol Records, Inc. v. MP3tunes, LLC, 821 F. Supp. 2d 627 (S.D.N.Y. 2011).
One of the main contested issues was whether MP3tunes was eligible for safe harbor protection under the Digital Millennium Copyright Act (DMCA). As a threshold matter, to be eligible for safe harbor, “a service provider must (i) adopt a policy that provides for the termination of service access for repeat infringers; (ii) inform users of the service policy; and (iii) implement the policy in a reasonable manner.” See 17 U.S.C. 512(i)(1)(A); see also Wolk v. Kodak Imaging Network, Inc., 840 F. Supp. 2d 724, 744 (S.D.N.Y. 2011). As the Capitol Records Court observed, “[t]he purpose of subsection 512(i) is to deny protection to websites that tolerate users who flagrantly disrespect copyrights.” 821 F. Supp. 2d at 637. The DMCA safe harbors shield online service providers from liability only if they implement policies for terminating users who are “repeat infringers”, comply with takedown notices, not have actual or “red flag” knowledge of infringement, and not directly benefit from infringement when the provider has control over the infringing activity. See Perfect 10, Inc. v. CCBill LLC, 488 F.3d 1102, 1113 (9th Cir. 2007) (“A policy is unreasonable . . . if the service provider failed to respond when it had knowledge of the infringement. . . .”); Perfect 10, Inc. v. Cybernet Ventures, Inc., 213 F. Supp. 2d 1146, 1177-78 (C.D. Cal. 2002) (Section 512 does not endorse business practices that “would encourage content providers to turn a blind eye to the source of massive copyright infringement while continuing to knowingly profit, indirectly or not, from every single one of these same sources until a court orders the provider to terminate each individual account”).
In the suit, EMI claimed MP3tunes was not eligible for DMCA safe harbor because it (1) failed to reasonably implement a repeat-infringer policy by not identifying users who had sideloaded works identified in takedown notices; (2) failed to act expeditiously to remove the sideloaded works identified in takedown notices; (3) ignored red flags of widespread infringement; and (4) controlled and benefitted from the infringing activity. EMI claimed that as a result of MP3tunes’ failure to terminate users that had sideloaded infringing music from unauthorized websites, MP3tunes had failed to execute an adequate repeat infringer policy. The district court, however, sided with defendant and held that MP3tunes was generally eligible for DMCA safe harbor protection.
The court reasoned that users who sideloaded music for personal use did not constitute repeat infringers because they did not know whether the music was infringing or not. Additionally, the court looked to the 153 users that MP3tunes did terminate for sharing illegal music as evidence of the implementation of a reasonable repeat infringer policy. The court concluded that repeat infringers were “blatant infringers” and that only users who knowingly uploaded infringing content could be classified as such. Based on this interpretation, the District Court determined MP3tunes was eligible for safe harbor protection as long as the other statutory requirements were satisfied.
EMI appealed and the Second Circuit appellate court reversed finding there was sufficient evidence to allow a reasonable jury to conclude that MP3tunes had red-flag knowledge of, or was willfully blind to, infringing activity involving those categories of protected material, and therefore, could not invoke DMCA safe harbor protections. The appellate court took issue with the District Court’s determination that users who download or copy “songs from third-party sites for their personal entertainment” do not know for certain whether the material they download violates the copyrights of others, and therefore, could not be “repeat infringers.” Noting copyright infringement is a “strict liability offense” in the sense that unlawful intent or culpability are not required elements, all it takes to be a “repeat infringer” is to “repeatedly sideload copyrighted material for personal use.” EMI Christian Music Grp., Inc. v. MP3tunes, LLC, 844 F.3d 79, 89 (2d Cir. 2016). Thus, a “repeat infringer” engages in repeated infringing activity using the online service provider’s platform or services but “does not need to know of the infringing nature of its online activities.”
The Second Circuit held a reasonable jury could find MP3tunes failed to implement a reasonable repeat infringer policy because MP3tunes failed to attempt to connect known infringing activity to “users who repeatedly created links to that infringing content” or “consciously avoided knowing about specific repeat infringers using its services, even though the infringement was rampant and obvious.” Accordingly, the Second Circuit vacated the lower court’s grant of summary judgment to MP3tunes on the basis of safe harbor protection.
While online services providers are not required to affirmatively monitor their users for infringement or proactively seek facts indicating infringing activities, they cannot turn a blind eye and instead must act reasonably and expeditiously to curb repeat infringement after receiving notice of such activities. See, e.g., Cybernet Ventures, 213 F. Supp. 2d at 1177-78 (a service provider fails to properly implement an infringement policy where it fails to terminate a user even though it has sufficient knowledge of that user’s blatant, repeat infringement of a willful and commercial nature … the repeat infringer policy requirement should provide “strong incentives” for service providers to prevent their services from becoming safe havens or conduits for known repeat copyright infringers); In re Aimster Copyright Litig., 334 F.3d 643, 654-55 (7th Cir. 2003) (DMCA safe harbors require that the service provider “do what it can reasonably be asked to do to prevent the use of its service by ‘repeat infringers’”).