The accused, Richard O’Dwyer, owned and operated the site that offered to the public free downloading and/or streaming of thousands of copyrighted movies and television programs, without authorization from the copyright holders. His site was hosted at an ISP in the Netherlands. The site, TVShack.net, contained links to third party websites that hosted thousands of movies and television programs from which copyrighted first run and other movies and television programs could be downloaded or streamed. Through his site he encouraged users to add links to infringing content including by giving users a step by step “how to” guide and FAQ.

O’Dwyer did not charge users for access to the site. However, the complaint suggested he earned substantial advertising revenues with over $230.000 in payments from advertising been identified. The site was very popular. According to Alexa.com, TVShack.net was the 1779^th most popular website in the world and the 1419th in the United States.

O’Dwyer’s site was shut down when its domain was seized. Not to be deterred, he promptly registered a new domain name, TVShack.cc. This site was allegedly hosted on a server located at an ISP either in Germany or the Netherlands.

The request for O’Dwyer to stand trial in the US required the UK prosecution to prove that the alleged offense would be a crime in the US as well as a comparable offense carrying a minimum of 12 months imprisonment under UK law. The prosecution contended the comparable offence would be a violation of S.107 (2A) of the Copyright, Designs and Patents Act 1988 (the CDPA). This section makes the following a crime:

“A person who infringes copyright in a work by communicating the work in public  (a) in the course of business, or

(b) otherwise than in the course of business but to such an extent as to affect prejudicially the owner of the copyright commits an offence if he knows or has reason to believe that, by doing so  he is infringing copyright in that work”.

Section 20(2) of the CDPA provides that references to communication to the public are to communication to the public by electronic transmission, and in relation to a work include the making available to the public of the work by electronic transmission in such a way that members of the public may access it from a place and at a time individually chosen by them. So for the extradition condition to be met it had to be shown that the links accessible from TVShack  made available the files stored on the remote cyberlockers and that the acts of making available would be covered by the territorial scope of the CDPA.

O’Dwyer had argued that the links at his site did not make the content available to the public. Rather, he contended that operators of the cyberlockers made them available. He also argued, relying on an earlier UK case R v Rock & Overton (Crown Court in Gloucester (T20097013) Ticehurst J., on 6^th February 2010) and a decision of Tamberlin, J of the Australian Federal Court in Universal Music Australia Pty Ltd v Cooper [2005] FCA 972 affirmed [2006] FCAFC 187 (18 December 2006) that TVShack was an innocent intermediary protected by the conduit exemption in the UK Electronic Commerce (E.C. Directive) Regulations 2002. These arguments were rejected by the Judge who held that O’Dwyer would be criminally liable under the CDPA for making available infringing content from the foreign cyberlocker sites from the TVShack linking site. In so ruling he said the following:

I am grateful to both learned counsel for their original and additional written submissions as well as oral argument. Without, I hope, discourtesy the lengthy submissions come to a comparatively narrow dispute. Mr Cooper argues nothing in the instant Request amounts to a basis for saying Richard O’Dwyer “made available” copyright material that came from remote websites not the two domain names operated by Richard O’Dwyer… Reliance is placed on HHJ Ticehurst’s adopting of Tamberlin, J’s approach in the Australian case of Cooper supra. At para 48 HHJ Ticehurst found “no recordings were actually stored on the defendant’s website” and that, adopting Tamberlin, J’s words “it is the remote websites which make available the sound recordings”, hence his Honour’s upholding of the “mere conduit” defence. Mr Jones… contends S.107 (2A) is properly reflective of Richard O’Dwyer’s conduct which can be distinguished from Rock & Overton. Firstly both TVShack websites were entirely in the hands of Richard O’Dwyer and his co conspirators requiring third parties to sign up to TVShack and be vetted before going further. Secondly he argues, unlike Rock & Overton, there was no attempt to protect copyright, he, Richard O’Dwyer, knew materials were subject to copyright and actively taunted already cited efforts in June 2010 to seize TVShack.net. Accordingly Mr Jones argues (@ para 15 of his written submissions of 31^st October 2011) “O’Dwyer would not be able to avail himself of the “mere conduit” defence enumerated in Regulation 17 because he was intimately involved in deciding who was allowed to post links on the TVShack websites, which links would be posted…” (etc) & ( para 16 continues) “… a plain reading of the phrase “make available” in this context makes clear O’Dwyer “made available copyrighted material”. HHJ Ticehurst (@ para 71) in Rock & Overton held “make available should bear its ordinary and natural meaning”. He distinguished between providing money “directly to” another as opposed to a financial adviser who may “point” another to a bank meaning the bank alone “makes available the money”.

I have endeavoured to weigh these subtle distinctions. The diagrams of how as a matter of electronic mechanics (if I may term it) the TVShack websites actually operated favour HHJ Ticehurst’s restrictive construction. To my mind there is much in the distinction factually, always remembering these matters are allegations of conduct which a trial court alone can resolve – that Mr Jones contends between the instant matter and Rock & Overton. I also have in mind the mischief Parliament had in mind. Accordingly in my judgement I am satisfied the conduct alleged in the instant request meets the dual criminality test and would be an offence in this jurisdiction…

This has necessarily been a lengthy ruling given the arguments and material put  forward. A dispassionate appraisal of all matters is the essential function of any court. I acknowledge the endeavours of both learned counsel.  I repeat again all matters have been considered even if not expanded upon or cited directly here.  That said, for the reasons given, I reject all challenges advanced to this Request. No bars or other challenge being raised or found I send the case to the Secretary of State (for her consideration of the statutory criteria) pursuant to  Section 87(3) Ex Act 2003. Richard O’Dwyer has the right to pursue an appeal to the High Court so long as it is submitted in time and in proper form (s 103 Ex Act 2003) but cannot be heard until after the Secretary of State has confirmed an order for extradition.

The liability of linking sites for copyright infringement is being actively litigated in the US.  The U S Seventh Circuit Court of Appeals has an appeal before it in the Flava Works, Inc. v. Gunter. case that is examining whether inline linking can give right to a claim for direct infringement. A District Court judge ruled in the case that inline linking sites can be liable for direct infringement of copyright.

Richard O’Dwyer has the right to appeal the decision to the High Court. He has already announced his intention to do so. It is likely these issues will therefore be dealt with again in the UK by the High Court.

The decision of the Federal Court of Appeal contained several important copyright rulings. In particular the Court ruled that:

• When an entity provides a service for use with its own designed and manufactured devices e.g., a satellite radio service and radio receiving set, and the use of the device with the service will necessarily result in automatic copying of the content by the user, the provider of the service (in this case XM and Sirius), can be liable for the copying which occurs on the device under a theory of authorization.
• The Copyright Act does not extend to acts of reproduction that take place wholly within another country (here the US), even if the act of copying is authorized from Canada or if the act of copying is initiated from Canada. The real and substantial connection test is not applicable to acts that take place wholly within another country.

The Court also held that copying of small amounts of information of a work in a rolling (temporary) buffer is not a reproduction of a substantial part of a work. Similar rulings were  recently made by the European Court of Justice in the Football Association Premier League case, and by the UK High court in ITV Broadcasting Ltd & Ors v TV Catchup Ltd [2011] EWHC 1874 (Pat) (18 July 2011).

The UK process was introduced expressly to address the rise in unlawful peer-to-peer file sharing, “which can reduce the incentives to invest in the development, production and distribution of new content by preventing investors in the creative industries from fully appropriating the returns on their investment.” The DEA’s grauduated response process purpose is to reduce online infringement of copyright “by introducing a system of mass notifications designed to educate consumers about copyright and bring about a change in consumer behaviour”.

Graduated response is viewed by many policy makers as a fair and effective means of addressing the problem of online unauthorized file sharing. Its key characteristics are: (1) rights holders monitor P2P networks for illegal downloading activities; (2) rights holders provide ISPs with convincing proof of infringements being committed by an individual at a given IP address; (3) educational notices are sent through an ISP to the account holder informing him or her of the infringements and of the consequences of continued infringement and informing the user that content can be lawfully acquired online; and (4) if the account holder repeatedly ignores the notices, some sanction may follow. See, Graduated response and copyright: an idea that is right for the times.

Some critics of graduated response contend that it is flawed because it results in unreasonable or arbitrary sanctions against innocent individuals. The Full Court of Australia in the recent iiNet case backed the reasonableness of graduated response to stop illegal file sharing. Last year the Irish High Court in EMI Records & Ors -v- Eircom Ltd, [2010] IEHC 108 held that a graduated response solution to illegal file sharing involving “detection, notification and termination” “is viable and proportionate”. The documents released by Ofcom last week highlight the processes including appeals processes used in these systems to build in procedural fairness for those identified as repeat copyright infringers.

United Kingdom

The online copyright provisions inserted into the UK Communications Act 2003 by the DEA place obligations on ISPs, when informed by copyright owners, to notify subscribers of their unlawful behaviour by generating copyright infringement reports (CIRs”). Each CIR includes a description of the apparent infringement along with supporting evidence, including the subscriber’s IP address and the time at which the evidence was gathered. The ISP matches the IP address to a subscriber and sends them a letter notifying them of the CIR(s). The ISP records the number of CIRs made against subscribers in an anonymised copyright infringement list. The copyright owner can request this list in order to see which of the reports it has made are linked to the same subscriber. It can then seek a court order to reveal the details of the subscriber, with a view to taking court action against them.

The subscriber can, however, choose to appeal each notification and each CIR within a notification. The DEA sets out the minimum grounds for appeal to an independent appeals body appointed by Ofcom. (Ofcom has discretion to add further grounds for appeal and must approve the procedures of the appeals body.)

The minimum grounds for appeal are to be set out in a code to be developed by Ofcom and which must have the following elements:

The code must provide that an appeal on any grounds must be determined in favour of the subscriber unless the copyright owner or internet service provider shows that, as respects any copyright infringement report to which the appeal relates or by reference to which anything to which the appeal relates was done (or, if there is more than one such report, as respects each of them) the apparent infringement was an infringement  of copyright, and the report relates to the subscriber’s IP address at the time of that infringement.

The code must provide that, where a ground mentioned…is relied on, the appeal must be determined in favour of the subscriber if the subscriber shows that the act constituting the apparent infringement to which the report relates was not done by the subscriber, and the subscriber took reasonable steps to prevent other persons infringing copyright by means of the internet access service.

The powers of the person determining subscriber appeals must include power to secure so far as practicable that a subscriber is not prejudiced for the purposes of the copyright infringement  provisions by an act or omission in respect of which an appeal is determined in favour of the subscriber; to make an award of compensation to be paid by a copyright owner or internet service provider to a subscriber affected by such an act or omission; and where the appeal is determined in favour of the subscriber, to direct the copyright owner or internet service provider to reimburse the reasonable costs of the subscriber.

France

As the Ofcom report describes, France has implemented a regulated ‘three strikes’ scheme for tackling online copyright infringement.

The HADOPI law also enables copyright owners to have notices of infringement sent to allegedly infringing customers. There is no specific appeal from the correctness of each notice, but there are broad rights to dispute the information in notices before any sanction can be applied. Ofcom descibes the procedural safeguards in the French process as follows:

It is not possible to appeal subscriber notifications alleging infringement under the French ‘three strikes’ regime, as these are considered ‘reminders’ of the law, without legal effect in themselves. However, Hadopi (the government agency created to administer the Hadopi law) has chosen to accept contact from subscribers and we understand that around 10% of those who received first notifications have contacted them. Often this may often be with a view to securing more information about the allegation, rather than as a precursor to a claim of innocence.

There is a right to an administrative hearing before Hadopi, as part of Hadopi’s consideration of a case before deciding whether to forward it to the judiciary, who may decide to apply sanctions. It is a private hearing before three magistrates from the Hadopi Board. No conditions or payment for accessing the hearing are envisaged…

Based on its findings, Hadopi may choose not to pursue a case further, or to refer the file to the public prosecutor…

Two routes are available to the public prosecutor, where he considers there is sufficient evidence to prosecute:

A new, streamlined procedure before a single magistrate in the criminal courts, introduced as part of the Hadopi laws (where there is considered to be ‘no significant harm’)…

Under this procedure, the magistrate considers the file prepared by Hadopi. He has no powers to investigate further, and decides the case without a hearing…  The magistrate may dismiss the case or issue a criminal order imposing sanctions…

If the subscriber does not challenge the decision, it becomes final. If he wishes to challenge the decision, the public prosecutor may bring the case before the magistrate (sitting alone) for a hearing…

A standard procedure before a single magistrate in the criminal courts under general copyright law (used where there has been ’significant harm’, e.g. a high number of downloads or history of infringing)….

The magistrate may dismiss the case or [impose] sanctions…

Alternatively, if the prosecutor considers there is not sufficient evidence to prosecute, he may refer the file to the Police for criminal investigation.

The decision of the magistrate in the streamlined procedure (following a challenge) or of the criminal court in the standard procedure may both be appealed to the Court of Appeal.

New Zealand

The New Zealand Copyright (Infringing File Sharing) Amendment Act 2011 was enacted into law on 18 April 2011 and is due to become in force on 1 September 2011. The Act provides “copyright owners with a fast-track civil law alternative to existing remedies under general copyright law in order to enforce their rights against infringing file sharing by internet account holders.”

The New Zealand process was summarized by Ofcom as follows:

The 2011 Act provides for a three notification process, with the possibility of sanctions in the form of a fine or Internet suspension. The latter remedy requires secondary legislation in order to enter into force. All notifications may be challenged and sanctions may be appealed.

When a copyright owner provides an ‘internet protocol address provider’ (IPAP)  with information identifying an IP address at which copyright infringement is alleged to have occurred as a result of file sharing, the IPAP must match the IP address and send an ‘infringement notice’ to the subscriber. The subscriber can challenge the notification by contacting the IPAP, which forwards the challenge to the rights holder for consideration.

The rights holder responds to a challenge via the IPAP. A challenge is deemed to be accepted if it has not been rejected by the rights holder within 28 days from the date of the notice. In this case, the notice is cancelled and treated as if it had not been issued, unless the infringement subject to challenge did not itself trigger a notice, in which case the notice remains valid but the infringement is treated as if it were not included.

If the rights holder rejects the challenge, the subscriber may raise it again in any enforcement proceedings…

The Act provides for a fast-track system of enforcement, to sit alongside existing copyright enforcement provisions. Once a subscriber has been issued with a third notification, the rights holder may seek an order from the Copyright Tribunal for a sum of up to $15,000 (c. £7,000) and/or an order from a District Court for the IPAP to suspend the account holder’s internet account for up to six months (civil remedy). The provisions on suspension do not come into effect immediately but only following secondary legislation (‘Order in Council’) by the Governor General, specifying the date after which applications may be made to the District Court…

In order to take a complaint to the Tribunal, the loss must be quantified as under $15,000. Claims for over $15,000 may be pursued in the District Court under existing law.

Proceedings before the Copyright Tribunal will take place without a hearing, unless the account holder requests a hearing or the Tribunal considers that one should be held. It is presumed that each incidence of filesharing identified in an infringement notice constituted copyright infringement, the information in the notification is correct, and the notice was issued in accordance with the Act. A subscriber may submit evidence or give reasons why any of those presumptions do not apply to any of the identified infringements. It is then up to the rights holder to satisfy the Tribunal that the relevant presumptions are correct.

Appeals of the decisions of the Copyright Tribunal and the District Court are to the High Court.

As can be seen, all three of the legislated graduated response systems provide for extensive procedural protection to ensure that sanctions are only able to be imposed after consecutive notices are sent to alleged file sharers and such notices are not effective to prevent repeat infringements. Further, these protections also provide one or more appeals to independent entities to ensure that sanctions are only imposed on those responsible for online file sharing.

The UK, France, and New Zealand graduated response processes all involve legislative solutions to online file sharing. In other countries, graduated response systems have been implemented voluntarily by ISPs under agreements with copyright holders. An example is the Irish ISP Eircom which voluntarily implemented a graduated response process.

In the US, leading ISPs reached agreements with rights holders in July 2011 to implement a new a common framework for “Copyright Alerts”. The new Copyright Alert System provides a series of early alerts — up to six — in electronic form, notifying the subscriber that his or her account may have been misused for online content theft of film, TV shows or music. It will also put in place a system of “mitigation measures” intended to stop online content theft on those accounts that appear persistently to fail to respond to repeated Copyright Alerts. The system will also give subscribers the opportunity for an independent review to determine whether a consumer’s online activity in question is lawful or if their account was identified in error. Termination of a subscriber’s account is not part of this agreement. Further, under the Copyright Alert System, ISPs will not provide their subscribers’ names to rights’ holders under this agreement.

Canada’s Bills C-60, C-61 and C-32 would have implemented a less effective “notice and notice” system. Unlike any of the processes set out above, this process did not build in any deterrent for those repeatedly found to engage in online copyright infringement.

The lawsuit involves Belgian press publishers, their Belgian authors and journalists (represented by their Belgian rights management companies) who had published press articles on sites operated in Belgium, the electronic address of which ended in “.be”. These articles were targeted at readers in Belgium. The dispute also involves Google which offers Google News using servers located in the US. The plaintiffs claim Google is liable for copyright infringement by copying articles from Belgium websites and disseminating the title and extracts of the articles from its Google.be and Google.com websites, without having obtained the prior authorisation of the publishers and authors.

The decision is lengthy and canvasses many issues including 

• the choice of law to apply to evaluate the claims of infringement,
• whether Google’s caching of news articles is infringement,
• whether the transmission of article titles and short extracts violates the reproduction and communication to the public rights,
• whether Google News violates the moral rights of authors,
• whether statutory fair dealing defenses apply,
• whether Google can rely on implied licenses from publishers and authors to publish Google News, and
• whether intermediary safe harbors are available under Belgium law for providers of these services.

While news about the decision was widely disseminated after its release, the far reaching holdings in the case were not as readily discernable. Perhaps this is because the decision is in French and no English translation was released when the decision was published.

The following is a summary of the main reasons in the case.

Choice of law

Google claimed that US copyright law was applicable to determine its liability as that was the place it cached the articles and from which it transmitted article titles and extracts to Belgium readers. The authors and publishers claimed the copyright laws of Belgium should apply to all claimed acts of infringement because Belgium had the closest connection to the acts of infringement.

The Belgium court held that all of the infringing acts were subject to Belgium copyright law. The court held that the infringement consisted of a set of complex acts which were located in different countries (the United States for the caching and transmission of query results and Belgium where the article titles and extracts were accessed). It ruled that this required the applicable law to be that of the law of the country most closely connected with these acts, which it said was Belgium.

In reaching this conclusion the Court relied on several authorities including the prior ruling of the Paris Court of Appeal in the La société Des Auteurs des Arts Visuels et de L’image Fixe Visual Auteurs (SAIF) v Google France  S.A.R.L. and Google Inc case. That case held that French copyright laws applied to Google’s image search service because that was the country in which, according to Article 5.2 of the Berne Convention, copyright protection was sought. In essence, the Paris Court held that Google’s acts of indexing and caching visual works of French authors and transmitting them to France from California were subject to the copyright laws of France. The Belgium court reached the same conclusion by holding that Google’s acts of indexing and caching news articles of Belgium authors and publishers and transmitting them to Belgium from California are subject to the copyright laws of Belgium.

The Belgium Court, like the Paris Court, might have concluded that the acts of indexing and caching which involve acts of reproduction that take place wholly in California should be analyzed under US copyright law and that the acts of communication to the public to persons located in Belgium should be determined in accordance with Belgium law. But, it did not do so.

The infringement claims

A central issue in the case was whether Google infringed copyright by reproducing the title and extracts of news articles. In response to a user search, Google presented to users an article title taken from a news agency. It also copied the first three lines of the article and other titles on the same subject (by copying only the titles), an indication of the publisher and of the number of articles dealing with the same subject.

The Court ruled that this copying amounted to a reproduction of a significant portion of the publishers’ articles.[1] It held that Google could not reproduce the titles and excerpts from the articles without having first obtained their authorisation. It also ruled that the transmissions of this content to the public in Belgium infringed the communication to the public right.

The Court rejected various defences raised by Google including that the acts were permitted under fair dealing exceptions for the purposes of criticism, discussion, review, instruction, or scientific work. The Court also ruled that these exceptions would have to be read to be compliant with the Three Step Test which was carried into EU law by virtue of Article 5.5 of the EU Copyright Directive.[2] These exceptions could not be met as the reproductions in Google’s cache interfered with the normal exploitation of the works because internet users were able to gain access to articles that had either been removed from the publishers’ sites or were only available from the sites for a fee. Further, the Google News service deprived rights holders of reasonable compensation for new publications of their works. 

The Court also rejected Google’s claim that it had an implied license to offer its service because the publishers did not elect to opt out of Google News by using appropriate website meta-tags. The Court also ruled that none of the safe harbours applicable to information society providers in the EU E-Commerce Directive applied to Google in the circumstances.

Google argued that the users of Google News were responsible for the acts of reproduction and communication, not Google. It contended that it only provided users facilities which an enabled these acts and so was exempt from infringement under the EU Copyright Directive. The Court rejected this argument holding that Google’s caching on its servers constituted a physical act of reproduction for which it alone was responsible.

The moral rights claim

As in Canada, under Belgium law authors have the moral rights of paternity and integrity. The Court ruled that both these rights were violated. The Google News service infringed the right of paternity because the authors’ names were not mentioned in the search results. The right of integrity was infringed because only extracts of articles were reproduced and the works had been modified. The Court ruled that even though an Internet user knew, or should know, that what he or she was viewing was only an extract from an article and that it was possible to read it in its entirety by clicking on the hyperlink, that did not imply that the author had given his or her consent that only excerpts from the work could be published.

What’s next?

Google has the right to appeal the decision to the Cour de Cassation, Belgium’s highest court. Such an appeal appears likely given the importance of the issues. Accordingly to IPKat, a knowledgeable observer, it is also possible that Google may find a way to engineer a reference to the European Court of Justice either to buy time or generate a favorable ruling.

[2]  Article 5 states: The exceptions and limitations provided for in paragraphs 1, 2, 3 and 4 shall only be applied in certain special cases which do not conflict with a normal exploitation of the work or other subject-matter and do not unreasonably prejudice the legitimate interests of the rightholder.“

Here are some of the important findings made by Justice Charleton, the same judge who presided over the EMI Records & Ors -v- Eircom Ltd, [2010] IEHC 108 case :

• The business of the recording industry is “being devastated by internet piracy”. Internet piracy undermines their business but also “ruins the ability of a generation of creative people in Ireland, and elsewhere, to establish a viable living. It is destructive of an important native industry.”
• The “scourge of internet piracy” strongly affects Irish musicians. Internet piracy is an economic and a moral problem.
• Surveys show a loss of between 20% to 30% as a proportion of decline in sales to what is illegally downloaded. The ratio of unauthorized downloaders per broadband internet line is 1:0.42.
• ISPs “have an economic and moral obligation to address the problem”. In the case UPC it did not do so, fully knowing it facilitated infringing conduct, to increase its levels of profits. UPC’s attitude towards illegal file sharing by its subscribers was neither reasonable nor fair. UPC had “no interest in doing anything other than making deceptive noises by reference to its acceptable usage policy”. UPC intended to do nothing about copyright piracy.
• Norwich orders are available to identify persons sharing files illegally, as was recognized by the Canadian Federal Court of Appeal in the BMG case. However, this process “is burdensome and, ultimately, futile as a potential solution to the problem of internet piracy”.
• A graduated response solution involving “detection, notification and termination” “is viable and proportionate”. According to Justice Charleton “The evidence analysed in the course of this judgment also establishes that detection, warning, and discontinuance are, each of them, proportionate to the vast scale of the problem established in evidence”.
• A graduated response solution comprising detection and three warning notices with the threat of account termination “will succeed in strongly alleviating the problem of internet piracy”. “There is a strong probability that a graduated response would yield a majority level of desistence from the practice of illegal downloading on a first warning”.
• Privacy considerations  would be no bar to granting the form of relief requested.
• The evidence convinced the trial judge that “there is no just or convenient solution open to the record companies other than seeking injunctive relief against the” ISP, in this case UPC.
• The record labels had also asked the court to grant an injunction requiring UPC to block access to the Pirate Bay. The court was willing to do so, but could not because Irish law did not authorize such relief, although it was available in other European jurisdictions.

A lot has been written about graduated response solutions to the problems of illegal file sharing over the internet. See, Prof.Bomsel Decreasing Copyright Enforcement Costs: The Scope of a Graduated Response,Prof. Bridy, Graduated Response and the Turn to Private Ordering in Online Copyright Enforcement, Prof.Strowel, Internet Piracy as a Wake-up Call for Copyright Law Makers—Is the ‘‘Graduated Response’’ a Good Reply?, Barry Sookman and Dan Glover Graduated response and copyright: an idea that is right for the times. The EMI v UPC case adds further reflections on the issue. This case is a must read for anyone concerned about internet piracy and the legislative solutions needed to help curb it.

The judgment in full is set out below.

EMI v. UPC

The MGE case

The MGE case involved uninterruptible power supply (“UPS”) machines manufactured by MGE, some of which require the use of MGE’s copyrighted software programs Pacret and Muguet during servicing. The software requires connection of an external hardware security key (a “dongle”) to the laptop serial port. When the software is activated, it searches for a properly programmed dongle before it will fully launch. Once launched, the software will go through a second series of protocol exchanges with the data located on the UPS machine’s microprocessors to confirm that MGE software is communicating with MGE hardware. If the protocol exchange is successful, MGE’s software proceeds to collect system status information for the technician.

MGE’s dongle does not prevent the literal code or text of MGE’s copyrighted computer software from being freely read and copied once access to its programs is obtained. The dongle does not use any encryption or other form of protection to prevent copyright violations.

After MGE introduced its security technology, software hackers published information on the Internet disclosing general instructions on how to defeat the external security features of a hardware key. Once the software is cracked and the security key is defeated, the software can be accessed and used without limitation. MGE did not adduce any evidence that any of the defendant’s employees were responsible for altering (circumventing) the Pacret and Muguet software such that a dongle was not required to use the software.

The Court gave two reasons for finding no DMCA violations. The defendants had only used software that had already been circumvented. There was no evidence that they had circumvented the MGE TPM. The DMCA’s anti-circumvention provision does not apply to the use of copyrighted works after the technological measure has been circumvented, targeting instead the act of circumvention itself. Universal City Studios, Inc. v. Corley, 273 F.3d 429, 443 (2d Cir.2001). The DMCA case, therefore, had to fail.

“Moreover, the DMCA’s anti-circumvention provision does not apply to the use of copyrighted works after the technological measure has been circumvented, targeting instead the circumvention itself. Universal City Studios, Inc. v. Corley, 273 F.3d 429, 443 (2d Cir.2001)… Without proving GE/PMI actually circumvented the technology (as opposed to using technology already circumvented), MGE does not present a valid DMCA claim. See id. (“[T]he DMCA targets the circumvention of digital walls guarding copyrighted material (and trafficking in circumvention tools), but does not concern itself with the use of those materials after circumvention has occurred.)

Because the DMCA does not apply to mere use of a copyrighted work, and because MGE has not shown that GE/PMI circumvented MGE’s software protections in violation of the DMCA, the district court did not err in granting GE/PMI’s Rule 50(a) motion dismissing MGE’s DMCA claim.”

That ground alone should have disposed of the case. However, the Court also stated, in what is arguably obiter dicta, that the DMCA case also failed because MGE had not shown that its dongle protected its software against an infringement of a right under the Copyright Act. Citing a previous decision of the Federal Circuit in Chamberlain Group, Inc. v. Skylink Techs., Inc., 381 F.3d 1178 (Fed.Cir.2004) the Court stated that:

“The DMCA prohibits only forms of access that would violate or impinge on the protections that the Copyright Act otherwise affords copyright owners. See Chamberlain Group, Inc. v. Skylink Techs., Inc., 381 F.3d 1178, 1202 (Fed.Cir.2004). The Federal Circuit, in analyzing the DMCA’s anti-circumvention provision, concluded that it “convey[s] no additional property rights in and of themselves; [it] simply provide[s] property owners with new ways to secure their property.” Id. at 1193-94. Indeed, “virtually every clause of § 1201 that mentions ‘access’ links ‘access’ to ‘protection.’ ” Id. at 1197. Without showing a link between “access” and “protection” of the copyrighted work, the DMCA’s anti-circumvention provision does not apply. The owner’s technological measure must protect the copyrighted material against an infringement of a right that the Copyright Act protects, not from mere use or viewing.”

As can be seen from the above, Prof. Geist’s summary of the case is not accurate. The MGE case did not state that the “DMCA is limited to guarding access controls only to the extent that circumvention would violate the copyright rights of the copyright owner”; in other words it did not hold that circumvention of an access control TPM is illegal only when done for an infringing purpose. Rather it stated that there must merely be a link between “access” which the TPM protects and “protection” of some right of the copyright owner, e.g., the TPM must only protect a work from some unauthorized act covered by copyright.

Accordingly, even under the MGE decision, infringement as a purpose of the circumvention need not be shown. The circumvention of an access control TPM would violate the DMCA as long as the TPM protects a work against some unauthorized act that the copyright holder has the right to control. There would still be liability, for example, if the access control TPM is circumvented for a non-infringing purpose, such a fair use, as long as the TPM also prevents other uses not authorized by the copyright owner.

Prof. Geist’s summary of the case is also incomplete. Readers of his blog would be left with the impression that the MGE case is rightly decided and that it reflects the state of US law. However, both assumptions would be inaccurate.

In suggesting that a technological measure must protect copyrighted material against an infringement of a right that the Copyright Act protects, the Court misinterpreted Section 1201(a) of the DMCA and, as other commentators have pointed out (such as here and here) has created a split in the US courts which have construed the anti-circumvention provisions of the DMCA not to require any proof that an access control TPM must protect a work against some unauthorized act covered by copyright.

The MGE decision is contrary to the legislative history of the DMCA

The relevant provisions of the DMCA are as follows:

Section 1201 of the DMCA

VIOLATIONS REGARDING CIRCUMVENTION OF TECHNOLOGICAL MEASURES-

(1)(a) No person shall circumvent a technological measure that effectively controls access to a work protected under this title …

(2) No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that—

(A) is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title;

(B) has only limited commercially significant purpose or use other than to circumvent a technological measure that effectively controls access to a work protected under this title; or

(C) is marketed by that person or another acting in concert with that person with that person’s knowledge for use in circumventing a technological measure that effectively controls access to a work protected under this title.

(3) As used in this subsection—

(A) to `circumvent a technological measure’ means to descramble a scrambled work, to decrypt an encrypted work, or otherwise to avoid, bypass, remove, deactivate, or impair a technological measure, without the authority of the copyright owner; and

(B) a technological measure `effectively controls access to a work’ if the measure, in the ordinary course of its operation, requires the application of information, or a process or a treatment, with the authority of the copyright owner, to gain access to the work.

(b) ADDITIONAL VIOLATIONS- (1) No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that—

(A) is primarily designed or produced for the purpose of circumventing protection afforded by a technological measure that effectively protects a right of a copyright owner under this title in a work or a portion thereof;

(B) has only limited commercially significant purpose or use other than to circumvent protection afforded by a technological measure that effectively protects a right of a copyright owner under this title in a work or a portion thereof; or

(C) is marketed by that person or another acting in concert with that person with that person’s knowledge for use in circumventing protection afforded by a technological measure that effectively protects a right of a copyright owner under this title in a work or a portion thereof.

Section 1201 of the DMCA divides technological measures into two categories: measures that prevent unauthorized access to a copyrighted work and measures that prevent unauthorized copying of a copyrighted work. Making or selling devices or services that are used to circumvent either category of technological measure is prohibited in certain circumstances. As to the act of circumvention in itself, the provision prohibits circumventing the first category of technological measures, but not the second.

The DMCA “anti-trafficking” provisions are similar, except that section 1201(a)(2) covers those who traffic in technology that can circumvent “a technological measure that effectively controls access to a work;” whereas section 1201(b)(1) covers those who traffic in technology that can circumvent “protection afforded by a technological measure that effectively protects a right of a copyright owner.” In other words, although both sections prohibit trafficking in a circumvention technology, the focus of s. 1201(a)(2) is circumvention of technologies designed to prevent access to a work, and the focus of s. 1201(b)(1) is circumvention of technologies designed to prevent copying of the work or some other act that infringes a copyright.

The legislative history shows that although the prohibitions in ss. 1201(a) and (b) are worded similarly and employ similar tests, they are designed to protect two distinct rights and to target two distinct classes of devices. The legislative history of s. 1201(a) shows that Congress had intended to confer upon copyright owners the ability to preclude unauthorized access to a work using TPMs without the need for any proof that the circumvention of the TPM would result in an infringement or facilitate an infringement. For example, the Senate Report stated the following:

Although sections 1201(a)(2) and 1201(b) of the bill are worded similarly and employ similar tests, they are designed to protect two distinct rights and to target two distinct classes of devices. Sub-section 1201(a)(2) is designed to protect access to a copyrighted work. Section 1201(b) is designed to protect the traditional copyright rights of the copyright owner. As a consequence, subsection 1201(a)(2) prohibits devices primarily designed to circumvent effective technological measures that limit access to a work. Subsection 1201(b), on the other hand, prohibits devices primarily designed to circumvent effective technological protection measures that limit the ability of the copyrighted work to be copied, or otherwise protect the copyright rights of the owner of the copyrighted work. The two sections are not interchangeable, and many devices will be subject to challenge only under one of the subsections. For example, if an effective technological protection measure does nothing to prevent access to the plain text of the work, but is designed to prevent that work from being copied, then a potential cause of action against the manufacturer of a device designed to circumvent the measure lies under subsection 1201(b), but not under subsection 1201(a)(2). Conversely, if an effective technological protection measure limits access to the plain text of a work only to those with authorized access, but provides no additional protection against copying, displaying, performing or distributing the work, then a potential cause of action against the manufacturer of a device designed to circumvent the measure lies under subsection 1201(a)(2), but not under subsection 1201(b).

This, in turn, is the reason there is no prohibition on conduct in 1201(b) akin to the prohibition on circumvention conduct in 1201(a)(1). The prohibition in 1201(a)(1) is necessary because prior to this Act, the conduct of circumvention was never before made unlawful. The device limitation in 1201(a)(2) enforces this new prohibition on conduct. The copyright law has long forbidden copyright infringements, so no new prohibition was necessary. The device limitation in 1201(b) enforces the longstanding prohibitions on infringements.

Professor Jane C. Ginsburg summarized the legislative history on this point as follows:

… there is considerable evidence from the text and from the legislative history that Congress did intend to create an additional copyright regime, based on the control over access to digitally distributed works of authorship. The text indicates that the “access” that section 1201(a) protects goes beyond traditional copyright prerogatives; it distinguishes “access” from a “right of the copyright owner under this title.” Some activities subject to access controls do not implicate traditional copyright owner rights such as reproduction and public performance. For example, an access control may limit the number of viewings of a motion picture distributed on a DVD. But if the viewings occur at home, they likely do not come within the traditional scope of exclusive rights. Thus, suppose I purchase a time-loaded or limited-viewing DVD, for a lower price than an unlimited viewing DVD, and that I circumvent an access protection in order to obtain unlimited number of private viewings of the film for an unlimited time. I have not committed copyright infringement, because the public performance right does not reach the extra viewings. I have, however, defeated the purpose of offering the film on a pay per-view or similar basis. The legislative history indicates that the DMCA was designed in part specifically to foster a variety of business models offering the public a diversity of levels of access, for a diversity of prices. As the House Commerce Committee reported:

[A]n increasing number of intellectual property works are being distributed using a “client-server” model, where the work is effectively “borrowed” by the user (e.g., infrequent users of expensive software purchase a certain number of uses, or viewers watch a movie on a pay-per-view basis). To operate in this new environment, content providers will need both the technology to make new uses possible and the legal framework to ensure they can protect their work from piracy.

Acts prohibited: Section 1201 prohibits the act of circumventing an access control, and the “trafficking” in devices that circumvent either access controls or “rights” controls. It does not prohibit the act of circumventing a rights control, in part because the results of that act will be directly infringing (or will qualify for an exception), and in part because the most economically significant act is the distribution of the device that will allow the end-user to circumvent. By contrast, circumvention of an access control does not directly result in an infringement. If circumvention of an access control is not unlawful, then, arguably, dissemination of a device that enables circumvention of an access control would not be wrongful either. By making the act of access circumvention unlawful, the DMCA lay a stronger foundation for prohibiting the dissemination of enabling devices as well.

In considering the legislative history of Section 1201(a), Columbia Professor June Besek also explained that, “providing copyright owners with the ability to preclude unlimited access was a goal of the DMCA, not just an unforeseen and unfortunate consequence.”

MGE is inconsistent with prior decisions interpreting the DMCA

A number of cases have interpreted the access control and trafficking in access control device prohibitions provisions of the DMCA provisions explicitly rejecting any contention that such claims are tied to any requirement that the access control TPM also prevent unauthorized copying or another act that would be infringing.

For example, an injunction was obtained in Universal City Studios, Inc. v. Reimerdes to restrain the dissemination of the DeCSS program under the anti-trafficking access control prohibition in s. 1201(a)(2). The principal issue was whether that provision of the DMCA applied to conduct that was non-infringing such as fair use. The Court held that Congress had explicitly considered the issue and had made a clear policy choice to make the anti-trafficking access control provision apply even where the uses of the circumvention device would be for non-infringing purposes. Congress specifically decided not to permit statutory defenses to infringement such as fair use to be grounds for not violating the anti-trafficking access control provision or the anti-circumvention prohibition in s. 1201(a)(1)(A). Instead it crafted a series of exemptions to those provisions, exemptions which would have been redundant if the statutory exemptions to infringement also applied as defenses to the anti-trafficking access control provision and the anti-circumvention provision.

The Second Circuit in Corley affirmed the decision in Reimerdes. In doing so it confirmed that fair use is not a defense to unauthorized circumvention of TPMs.

[The Appellants] … contend that subsection 1201(c)(1), which provides that “[n]othing in this section shall affect rights, remedies, limitations or defenses to copyright infringement, including fair use, under this title,” can be read to allow the circumvention of encryption technology protecting copyrighted material when the material will be put to “fair uses” exempt from copyright liability. We disagree that subsection 1201(c)(1) permits such a reading. Instead, it clearly and simply clarifies that the DMCA targets the circumvention of digital walls guarding copyrighted material (and trafficking in circumvention tools), but does not concern itself with the use of those materials after circumvention has occurred. Subsection 1201(c)(1) ensures that the DMCA is not read to prohibit the “fair use” of information just because that information was obtained in a manner made illegal by the DMCA. The Appellants’ much more expansive interpretation of subsection 1201(c)(1) is not only outside the range of plausible readings of the provision, but is also clearly refuted by the statute’s legislative history.

Another case which reached a similar conclusion is Real Networks Inc. v. Streambox, Inc. The case involved an interpretation of the anti-trafficking access control prohibition in s. 1201(a)(2) and the anti-trafficking rights control prohibition in s. 1201(b)(2). Streambox’s primary defense was that its anti-circumvention tools allowed “consumers to make `fair use’ copies of RealMedia files, notwithstanding the access control and copy protection measures that a copyright owner may have placed on that file.” The Court rejected the contention that the anti-trafficking provisions had a linkage to a showing that the potential uses had to be infringing or to facilitate infringement. The Court held that the fair use defense to copyright infringement did not apply to the anti-trafficking provisions in the DMCA. The DMCA was interpreted in this way in Sony Computer Entertainment America Inc. v. GameMasters as well. There a California court enjoined the sale of a device that circumvented technological measures used by Sony to prevent access to software embedded in Sony’s PlayStation console.

The holding in the MGE case clearly conflicts with the above authorities. So how did the MGE case reach the conclusion it did? Besides (apparently) failing to consider the legislative history, the Court also inaptly relied on dicta from the Chamberlain and Lexmark cases without appreciating what was in issue or what was decided in those cases.

The Chamberlain case involved an attempt by Chamberlain to prevent a competitor, Skylink, from bypassing a security system in order to make its universal transmitters interoperable with Chamberlain’s Security+ line of garage door openers. Chamberlain contended that this violated s1201(a)(2) of the anti-trafficking clause of the DMCA. Chamberlain’s allegation was simply that the only way for the transmitter to interoperate with a Security+ GDO was by “accessing” copyrighted software, something which the court held the copyright holder had consented to. This meant that it was impossible for Chamberlain to prove that any circumvention was carried out “without the authority of the copyright owner,” a statutory prerequisite for all section 1201 violations. That was the ratio of the case. However, even the Chamberlain dicta cited in the MGE opinion are inapposite. There was no conceivable way that unauthorized access to the GDO protected by the TPM could have led to infringement of a right protected by copyright: it simply allowed the user to open a garage door. The TPM was designed to be used to bar the interoperability of an independent product, not to protect any copyright related interest that Chamberlain had in its software.

The Lexmark case involved an attempt by Lexmark to prevent third parties from using unauthorized printer cartridges with its printers. Lexmark claimed infringement of a program that controlled the printer’s operation. Lexmark sought to control access to the program and to printer operation, through use of an “authentication sequence,” which was satisfied only when Lexmark-approved toner cartridges were used. The defendant sold a microchip that performed the authentication sequence, thereby allowing customers to use Lexmark printers without using Lexmark-approved toner. Lexmark sued, claiming that the defendant had circumvented the authentication sequence in violation of the DMCA. The Sixth Circuit ruled against Lexmark. The chief ground for doing so was that all three of the anti-circumvention liability provisions of the DMCA require the claimant to show that the “technological measure” at issue “controls access to a work protected under this title” which is to say a work protected under the general copyright statute. The Court found that one of Lexmark’s programs protected by the TPM was so trivial that it did not qualify as a “work protected under [the copyright statute],” … so the DMCA necessarily would not protect it. In the case of another program involved in the case, which was subject to copyright protection, the Court also held that the authentication sequence did not effectively control access to the program within the meaning of the DMCA, because alternative means approved by the copyright owner could be used to access the program.

It is also striking that the MGE decision absolved the defendant of liability under the DMCA in a case in which the defendant, assuming it circumvented the dongle at all (rather than simply taking advantage of a program from which dongle protection had previously been removed), used its resulting access to infringe copyright, a conclusion that even the defendant did not dispute. The Chamberlain and Lexmark cases are thus entirely inapposite to the facts in the MGE case.

The Fifth Circuit’s apparent conclusion that the circumvention of a dongle that controls access to a computer program does not amount to a violation of section 1201(a)(1) also flies in the face of a full decade of administrative precedent in U.S. law. Under section 1201(a)(1)(C), the U.S. Copyright Office holds a proceeding every three years to consider whether the prohibition on circumvention of access controls is unduly impeding non-infringing uses of copyright works, and is authorized to adopt limited exceptions to the prohibition in order to remedy these problems. In all four such proceedings that have been held since the first one in 2000, an exception has been recognized to permit the circumvention of dongles under specific circumstances (generally, when the dongle is obsolete and no longer supported by the software publisher). In the most recent proceeding, earlier this week, an exception to section 1201(a)(1) to allow by-passing of dongles was once again recognized. Since, under the statute, the Copyright Office is allowed to adopt an exception only as to conduct that would otherwise be a violation of section 1201(a)(1); AND since the basis for adopting an exception is to foster non-infringing conduct that would otherwise be unduly burdened by the DMCA prohibition; it seems incontrovertible that a dongle controlling access to a computer program is an access control technology whose circumvention (absent any exception) is a violation of section 1201(a)(1); and that this is so even when the use of the software program that the dongle prevents is not itself an infringement of copyright. The MGE decision does not even refer to this unbroken series of decisions, by the expert agency in U.S. copyright matters, that are entirely inconsistent with the Court’s conclusions.

The above analysis shows that the MGE case is in conflict with prior decisions and does not reflect the state of US law on this issue, except perhaps in the three states comprising the 5^th Circuit.

Conclusion

Prof. Geist’s assertions about the MGE case cannot be supported. As noted above, the MGE case did not state that the “DMCA is limited to guarding access controls only to the extent that circumvention would violate the copyright rights of the copyright owner”. Moreover, Prof. Geist’s statement is not complete. It carefully avoids the legislative history of the provisions in issue and fails to point out that the decision, which can still be subject to an en banc review and a cert motion to the US Supreme Court, diverges from the other leading cases decided under the DMCA and the administrative precedent under U.S. law.

According to the Court, “Plaintiffs’ power to control their rights has been so compromised by the means through which [Defendants] encouraged end users to infringe (digital files plus the internet) that the inducement amounts to irreparable harm.” Further, “it is axiomatic that the availability of free infringing copies of Plaintiffs’ works through Defendants’ websites irreparably undermines the growing legitimate market for consumers to purchase access to the same works.”

The Court also re-iterated its previous finding that “strongly suggests that some 2.5 million United States citizens visited Defendants’ websites each month” and that “at one point, Defendants’ websites were accessed over 50 million times from the United States in a single month.” The Court had already also found that Defendants’ “websites are used overwhelmingly for copyright infringement, with upwards of 95% of all dot-torrent files downloaded from Defendants’ websites corresponding to works that are infringing or at least highly likely to be infringing.”

The Court also based its order, among other things, on its conclusions that Isohunt was likely to continue to induce copyright infringement because it’s “very business model, at its core, depends upon copyright infringement” and it would “financially benefit from further infringement”.

The Court’s order requires Isohunt to block all access to the motion pictures and other works owned by the plaintiffs. The order specifically extends to “the conduct of Defendants wherever they may be found, including without limitation in Canada”.

The Court also clarified that the “injunction covers any acts of direct infringement, as defined in 17 U.S.C. § 106, that take place in the United States.” To the extent  “an act of reproducing, copying, distributing, performing, or displaying takes place in the United States” it is covered by the order. It thus extends to any act of uploading or downloading which takes place in the US. “Each download or upload of Plaintiffs’ copyrighted material violates Plaintiffs’ copyrights if even a single United States-based user is involved in the “swarm” process of distributing, transmitting, or receiving a portion of a computer file containing Plaintiffs’ copyrighted content.”

The full order is set out below.
Isohunt Permanent Injunction