A discussion of the mechanics of the DMCA safe harbors and subpoena power, as applied in RIAA v. Verizon Internet Services.(Digital Millennium Copyright Act of 1998)

Publication: Santa Clara Computer & High Technology Law Journal

Publication Date: 01-FEB-05

Bookmark this article Print this article Link to this article Email this article Digg It! Add to del.icio.us RSS

COPYRIGHT 2005 University of Santa Clara, School of Law

INTRODUCTION

This comment begins with a brief synthesis of basic theories of copyright infringement and a short history of litigation related to Peer-To-Peer ("P2P") file sharing, which is followed by a general explanation of the safe harbors of the Digital Millennium Copyright Act ("DMCA" or the "Act") (1) and a more detailed explanation of the DMCA subpoena power. It then examines and criticizes the analysis and application of the DMCA subpoena power in Recording Industry Association of America v. Verizon Internet Services, (2) and concludes that the holding in Verizon was incorrect because (a) the statutory interpretation applied in that case was faulty, (b) the interpretation given was plainly contrary to the stated legislative intent of the DMCA, and (c) the final holding implicitly endorsed an impermissible violation of the equal protection clause (as incorporated into the due process clause) of the Fifth Amendment.

BACKGROUND

The dawn of the Internet has provided substantial benefits to society as a whole through economic globalization, electronic commerce, online communication, and instantaneous access to a plethora of information. Along the way, however, it has also given rise to substantial legal issues. This article focuses on P2P file sharing technology, its facilitation of copyright infringement, and the battle that the recording industry has faced in trying to enforce its copyrights. The Record Industry easily prevailed over Napster, showing that due to Napster's centralized indexing function, the company was guilty of contributory infringement for the acts of its users. (3) But as distributed architectures became more popular among P2P software vendors, and P2P vendors removed the indexing function from their own servers and pushed it out to the individual users, companies like Grokster and Morpheus were able to escape secondary liability. (4) Such advances in technology left copyright holders without a remedy against the vendors of such applications, and relegated them to lawsuits against the direct infringers, the file traders themselves. The record industry initially pursued these users by use of the DMCA subpoena power, but as is discussed below, plaintiffs are now forced to institute Doe actions against file traders and appear before a judge before any such subpoena may be issued or any subscriber information may be obtained.

I. COPYRIGHT INFRINGEMENT, GENERALLY

To prevail on a claim of copyright infringement, a Plaintiff must show ownership of a valid copyright and that the defendant copied protected expression. (5) Three main theories exist under which a defendant may be liable for copyright infringement: direct infringement, contributory infringement, and vicarious infringement. Direct infringement exists when the defendant himself is engaged in infringing activity. (6) A plaintiff may also sue a party other than the direct infringer on theories of contributory or vicarious infringement. To prevail on either of these theories, a plaintiff must first make a threshold showing of direct infringement by someone other than the defendant. (7) Once that threshold is met, a third-party may be liable for contributory infringement when, with knowledge of the direct infringing activity, he "induces, causes, or materially contributes to the infringing conduct of another." (8) A third-party may be liable for vicarious infringement when "he has a right and ability to supervise the [direct] infringing activity and has a direct financial interest in such activities." (9) There is no requirement that a party have knowledge of the infringing activity to be liable on a theory of vicarious infringement. (10) This is equally true for direct infringement. (11) Hence only contributory infringement requires an element of knowledge; direct and vicarious infringement of copyright are strict liability offenses.

II. THE DIGITAL MILLENNIUM COPYRIGHT ACT, GENERALLY

"The DMCA was enacted [in 1998] both to preserve copyright enforcement on the Internet and to provide immunity to service providers from copyright . . . liability for 'passive,' 'automatic' actions in which a service provider's system engages through a technological process initiated by another without the knowledge of the service provider." (12) "Service providers" are afforded four safe harbors, and the term service provider is defined broadly in the Act. The Act states "[a]s used in subsection [512](a), 'service provider' means an entity offering the transmission, routing, or providing of connections for digital online communications, between or among points specified by a user, of material of the user's choosing, without modification to the content of the material as sent or received." (13) It then says "[a]s used in this section, other than subsection (a), the term 'service provider' means a provider of online services or network access, or the operator of facilities therefor, and includes an entity described in subparagraph (A)." (14) The second definition includes providers of more than just Internet connections, but presumably any type of service offered over the Internet. (15)

The first safe harbor, "Transitory Digital Network Communications," excludes service providers from liability for damages and limits the scope of injunctive relief arising from copyright infringement for purely passive transmissions over the service provider's infrastructure, provided that (i) someone other than the service provider initiated the transmission, (ii) the transmission is carried out by automated technical processes without selection of the material being made by the service provider, (iii) the service provider does not actively select the recipients of the transmission, (iv) no copy of the transmission is made for any period longer than necessary to complete the transmission and only the intended recipient may access the transmission, and (v) the content of the transmission is not modified by the service provider. (16)

The second safe harbor, "System Caching," limits, under certain circumstances, liability for the intermediate and temporary storage of transmissions on the service provider's network. (17) This ostensibly addresses the issue of random access memory copies raised by MAI Systems Corp. v. Peak Computer, Inc. (18) The third safe harbor, "Information residing on systems or networks at direction of users," limits, under certain circumstances, liability for service providers when infringing files are actually stored on their own physical networks provided they (i) have no actual knowledge of such storage, (ii) no constructive knowledge of such storage, or (iii) upon obtaining knowledge, they act expeditiously to remove or disable access to the files. (19) The fourth safe harbor, "Information location tools," limits, under certain circumstances, liability for service providers who aid their users in locating infringing material by maintaining an index, directory, reference, pointer, or hypertext link, provided that the service provider does not have actual knowledge that the material or activity is infringing, does not have constructive knowledge that the material or activity is infringing, or upon obtaining such knowledge, acts expeditiously to remove access to such infringing material. (20)

To take advantage of any of these safe harbors, the service provider must also satisfy several general requirements. It must first adopt, implement, and inform its users of a policy providing for the termination of repeat infringers. (21) In order to identify and to protect copyrighted works, the provider must also accommodate "standard" technical measures used by copyright owners. (22) Notably, service providers are not required to pro-actively monitor or take any positive action to seek out infringing material. (23) For service providers to moor in the safe harbors provided by [section] 512(c) and [section] 512(d), however, there is one final requirement that the service provider not receive a financial benefit directly attributable to the infringing activity where the service provider has the right and the ability to control such activity. (24)

III. THE DMCA SUBPOENA POWER

Given the anonymity inherent in Internet communication, copyright holders require cooperation from an Internet Service Provider ("ISP") to obtain the identity of individual infringers before they can effectively sue them. At best, a copyright holder can identify a user of P2P applications by his or her Internet Protocol ("IP") address, (25) and only the ISP is in a position to reveal the true identity of that person so that a complaint may be filed against him. (26) The provisions of [section] 512(h) of the DMCA allow copyright holders, after providing particularized information, to obtain subpoenas from the clerk of the court. (27) The subpoenas may be presented to the ISP to compel disclosure of the identity of the person behind the IP address so that the copyright holder may then properly bring suit against him. (28)

It is worth noting that these safe harbors are non-exclusive and refer not to types of service providers, but rather activities engaged in or uses made by the service provider's subscribers of the services it provides. A service provider may seek refuge in [section] 512(a) in a lawsuit alleging passive transport of data by its subscriber, yet the same ISP could nonetheless assert the [section] 512(c) safe harbor in a separate case alleging that a user stored infringing material on the ISP's server. The choice of which safe harbor should apply is therefore determined not by the form of the ISP, but by the alleged infringing act of the individual subscriber.

IV. RIAA V. VERIZON INTERNET SERVICES, INC.--APPLICATION OF THE SUBPOENA POWER

In a series of highly publicized cases, the record industry has aggressively defended its copyrights. After it became clear that companies like Grokster and Morpheus could escape secondary liability for the acts of their users due to the decentralized nature of their applications, attention was turned to the individuals engaged in direct infringement. Taking advantage of the provisions in [section] 512(h), the Recording Industry Association of America ("RIAA") began obtaining DMCA subpoenas seeking the identities of individual P2P users from ISPs who provided the users' Internet connections. (29) The first wave of subpoenas was sent to ISPs in July 2003 to identify and contact customers who were alleged copyright infringers. (30) Later that year, the RIAA filed 382 more lawsuits (261 in September, plus 80 in October, plus 41 in December of 2003). (31) While most ISPs complied with the subpoenas, Verizon Internet Services refused to comply with two separate subpoenas. (32) At the enforcement proceedings for the first subpoena, Verizon argued that, based on a prolix interpretation of [section] 512(h) and its interaction with language in [section] 512(a)-(d), the DMCA subpoena provision did not apply to Verizon as a mere provider of passive transport of data. (33) Verizon also questioned the constitutionality of [section] 512(h). (34) The constitutional arguments called into question the court's Article III power to issue the subpoena in the absence of an actual case or controversy, and referred to the First Amendment freedom to engage in anonymous speech. The court declined to discuss the constitutional issues because the issues had not been fully briefed by Verizon, and it disagreed with Verizon's analysis of the general applicability of [section] 512(h). (35) The motion to enforce the subpoena was granted.

In the enforcement hearings for the second subpoena, Verizon fully developed its constitutional arguments based on Article III and First Amendment grounds, but the court was unmoved. Equally unmoved by Verizon's construction of the statute, which interpreted [section] 512 as inapplicable to Verizon, the court ordered the second subpoena enforced as well. (36) On appeal, however, Verizon won the day, as the circuit court found that the DMCA subpoena in question was not enforceable against Verizon. (37) Although the victory was touted by Verizon as a win for privacy and safety, (38) the holding in fact turned solely on statutory interpretation.

The court, applying complex and arguably strained statutory interpretation, found that the DMCA subpoena power did not apply to Verizon as a provider of mere transport services, that...

Read the full article for free courtesy of your local library.