Archives for May 2015

Too Soon to Worry about the Anti-Counterfeiting Trade Agreement (ACTA)?

25 May 2015 By Leave a Comment

Digital media law update: Despite the tremors caused by the Lenz case, a recent decision by a Wisconsin District Court shows that it can still be difficult to obtain a judgment holding a defendant liable for sending a false DMCA notice. See Third Education Group, Inc. v. Phelps, E.D.Wisc., No. 07-c-1094, Decision and Order Following Court Trial (November 25, 2009).

The Digital Millennium Copyright Act puts a powerful tool in the hands of a person who claims to be the owner of a copyright. Copyright law provides for six-figure statutory damages against an ISP who permits infringing material to reside on a site under its control after receiving notice of the presence of the material. However, the DMCA provides immunity from these civil damages if an ISP takes down such material in response to a notice from the putative owner of the copyright, and meets certain other tests. This provides a strong incentive for an ISP to reflexively take down infringing material — such as by disabling an entire website — upon receiving a DMCA takedown notice.

This puts serious weapon in the hands of the general public that can be used protect legitimate copyright interests — or can be misused by someone who has no rights in material used by a competing business to get its site shut down.

To prevent abuse of the notice and take down system, Congress put two major protective measures into the DMCA: the counter-notice procedures in § 512(g) and the misrepresentation rule in § 512(f). Section 512(f) provides that a person who “knowingly” misrepresents that material on a site is infringing is liable for any damages, including attorneys fees, incurred by the alleged infringer.”

It can be very hard to prove a knowing misrepresentation occurred. Courts interpreting this statute have generally found that to be liable, the person who sent a false DMCA notice must have lacked the honest belief that material was infringing. As stated by the 9th Circuit, “Congress’s apparent intent [was] that the statute protect potential violators from subjectively improper actions by copyright owners.” Rossi v. MPAA, 391 F.3d 1000, 1005 (9th Cir. 2004).

To determine whether the sender of a false DMCA notice had a good faith belief in the truth of the notice, courts do not limit themselves to the testimony of the sender. Rather, courts consider the information that the sender relied on. However, it doesn’t take much evidence for the court to find that the author of a DMCA notice acted in good faith.

For example, the Rossi case concerned the website www.internetmovies.com, which Rossi described as an online magazine that provided visitors with a directory of websites containing information about movies. Rossi’s site contained the words “Join to download full length movies online now!” In fact, users could actually download no movies through Rossi’s site or through the links to which he referred users — a fact that MPAA investigators missed because they never attempted to download any movies from Rossi’s site.

However, the 9th Circuit stated that the sender of a DMCA takedown notice is not required to perform a “reasonable investigation” and “cannot be held liable simply because an unknowing mistake is made, even if the copyright owner acted unreasonably in making the mistake.” Id. at 1005. Accordingly, the 9th Circuit found that the MPAA acted in subjective good faith because the language on Rossi’s site “led the MPAA employees to conclude in good faith that motion pictures owned by MPAA members were available for immediate downloading from the website.”

In a more recent case, a director and president of a small Wisconsin corporation, Third Education Group, Inc., which operated an online magazine at thirdeducationgroup.net and thirdeducationgroup.org, had a falling out with the other directors. He resigned from the board, and then changed the passwords to the two sites, locking the corporation from access to the sites. He then utilized the domain names as the home for his own independent organization which he incorporated in Iowa under the same name — Third Education Group, Inc.

After being locked out of its own websites, the Wisconsin corporation created a new site under the domain name tegr.org and populated it with material largely copied from thirdeducationgroup.net and thirdeducationgroup.org. In response, the absconding former president of the Wisconsin corporation sent DMCA takedown notices to the ISPs which hosted the terg.com site, resulting in the ISPs blocking access to the tegr.com site. See Third Education Group, Inc. v. Phelps, E.D.Wisc., No. 07-c-1094, Decision and Order Following Court Trial, November 25, 2009).

The absconding president argued that he could not be held liable for under Section 512(f) because he believed that he the right to take control of the websites. He was the person that had registered them, and he had registered them prior to the formation of the Wisconsin corporation — although after he had agreed with the other directors to form Third Education Group.

The Court ultimately found that the absconding president’s belief that he had a right to the websites was ill-founded and that the domain names belonged to the Wisconsin corporation. However, the Court nevertheless found that he could not be held liable for misrepresenting his entitlement to the domain names. The Court stated that “[d]etermining the ownership of the website material required resolution of complex and somewhat novel questions common law related to unincorporated associations and how the intellectual property of a voluntary association is affect when the association subsequently incorporates.” The absconding president was also largely responsible for coming up with the idea of the journal, and did or paid for nearly all the work on the website, including writing the allegedly infringing content at issue. As such, the judge concluded that there was no evidence that he acted in bad faith when he issued his DMCA notices. Id. at p. 16.

Many reading this are no doubt shouting, “What about the Lenz case?” Didn’t that essentially impose a duty on the sender of a DMCA notice to at least investigate whether the use of the content at issue was fair? See Lenz v. Universal Musical Corp., 572 F.Supp.2d 1150 (N.D. Cal. 2008). Actually, what Judge Fogel stated in Lenz was that the DMCA requires copyright owners to make an “initial review of the potentially infringing material prior to sending a takedown notice.” Id. at 1155 (emphasis added). As part of that initial review, there must a consideration of factors that relate to whether the use of copyrighted material is infringing, including the possible applicability of the fair use doctrine.

The impact of the Lenz case is that it implies that to act in good faith, the person sending a DMCA notice must have at least a basic knowledge of copyright law. This means that when reviewing a potentially infringing site (or setting up a review system), a copyright holder should consult with an expert on copyright law so that it can appropriately take into account the numerous factors that determine whether a use is infringing.

However, the case law on Section 512(f), as a whole also indicates that a copyright holder’s review of a potentially infringing site does not have to go very far. If the facially obvious evidence supports a conclusion that a use is infringing and there is no other evidence that the copyright holder acted in bad faith, a Court is unlikely to hold it liable for sending a DMCA notice that ultimately proves to rest on a false claim of infringement.

Filed Under: Blog, Cybercrime, News Tagged With: , ,

4th Circuit Sides with the Schoolmasters in On-line Plagiarism Detection Service Case

25 May 2015 By Leave a Comment

The complaint in Vanderhye v. IParadigms, LLC represented an interesting attempt to attack an on-line, computerized plagiarism detection service by accusing the service of copyright infringement. See Vanderhye v. IParadigms, LLC, 562 F.3d 630 (4th Cir. 2009).

IParadigm operates an on-line plagiarism detection service called Turnitin. Schools require students to submit writing assignments to Turnitin, which are compared to other writings in Turnitin’s database. The database contains other student papers, as well as commercial and academic journal articles. Turnitin supposedly creates a “fingerprint” of the student’s papers by applying various mathematical algorithms. Turnitin then compares this digital fingerprint to the fingerprints of the other works in its database and generates an “Originality Report” which indicates the percentage of the student’s work that appears not to be original.

With permission from participating schools, Turnitin will place the submitted writing assignments into its database, so that they become part of the database used to evaluate the originality of subsequent student papers. The plaintiffs included three students who had submitted their papers to Turnitin for testing and whose papers were then archived in the database. The plaintiffs alleged that Turnitin’s inclusion of their papers in the database constituted copyright infringement.

The Fourth Circuit’s analysis focused on the “fair use” doctrine, which it characterized as “a privilege in others than the owner of the copyright to use the copyrighted material in a reasonable manner without the [copyright holder’s] consent.” 17 U.S.C. § 107 provides that fair use includes “criticism, comment, news reporting, teaching . . . scholarship or research.” The statute provides a four factor test to determine whether the use is fair.

The Court rejected the argument that because IParadigm’s use of the student papers was commercial that this required a finding that its use was unfair. Looking at the four factor test in the statute, the Court instead found that Turnitin’s use of the student papers was transformative, since the papers were being used for a different purpose in the Turnitin database than that for which they were originally prepared. It further found that Turnitin’s use of the papers did not discourage, but rather encouraged creative expression. While Turnitin used the whole of the plaintiff’s works, its use was so transformative that this factor was not decisive. Finally, it found no substantial evidence that Turnitin’s use of the papers in its database would affect the market for the papers.

It is not surprising that the 4th Circuit took the side of the schoolmasters in this case. Of course, any time a Court rules that it is OK for a third party to copy and then use an entire copyrighted work, it will raise eyebrows in some quarters.

Filed Under: Blog, News Tagged With: , ,

On-line Privacy Update: FTC Uses Its Mandate to Expand Reach of Consumer Data Security Laws to Non-Financial Businesses

22 May 2015 By Leave a Comment

The Federal Trade Commission (FTC) is increasingly using its broad powers to require businesses to enact privacy measures to protect their customers’ personal data. According to the FTC, all companies must “maintain reasonable and appropriate measures to protect sensitive consumer information.” And the FTC is ready and willing to step in and make them implement such measures — regardless of whether Congress has enacted a specific statute requiring the business to do so.

When most people think about the Federal Trade Commission (FTC), they think about a federal agency that fights monopolies or big consumer frauds. However, the FTC Act, the statute that created the FTC, gave it a very broad mandate: “to prevent persons, partnerships or corporations . . . from using unfair methods of competition in or affecting commerce and unfair or deceptive acts or practices in or affecting commerce.” 15 U.S.C. § 45(a)(2). In the digital media world, throughout the past decade, the FTC has used this vague “unfairness” mandate to require consumer-based businesses to enact data security measures.

There are federal laws that impose data security requirements, such as the Fair Credit Reporting Act (15 U.S.C. § 1681e) and the Gramm-Leach-Bliley Act (15 U.S.C. § 6801 et seq.). These laws apply to financial institutions and credit reporting agencies. However, in its recent enforcement actions, the FTC has begun apply these data security rules to consumer businesses as a whole. (Fn1) According to a June 17, 2009 statement by the FTC to the U.S. House (Fn2), since 2001, the FCT has brought 26 cases against businesses that allegedly failed to protect consumer’s personal information. This includes cases against Microsoft, TJX, LexisNexis, Tower Records, Petco, Reed Elsevier, CVS and Compgeeks.com. None of these companies would commonly be considered financial or credit reporting companies.

The legal authority for the FTC’s actions in each case differed, but in some cases, such as the TJX and Compgeeks.comcases, rested solely on the FTC’s broad mandate to fight “unfairness.” (Fn3) Nevertheless, the terms of the consent orders reached in both cases imposed on TJX and Compgeeks.com the same obligations required of financial companies under the Gramm-Leach-Bliley Act. Both consent orders required the implementation of “a comprehensive information security program that is reasonably designed to protect the security, confidentiality, and integrity of personal information collected from or about consumers.” This is language taken directly from 16 C.F.R. §314.3, the FTC’s rules implementing Gramm-Leach-Bliley.

The FTC complaints in its cases against non-financial businesses “have alleged such practices as the failure to (1) comply with posted privacy policies; (2) take even the most basic steps to protect against common technology threats, (3) dispose of data properly, and (4) take reasonable steps to ensure that they do not share customer data with unauthorized third parties.” According to the FTC, “all of the cases stand for the principle that companies must maintain reasonable and appropriate measures to protect sensitive consumer information.”

Some may wonder about the breadth of the FTC’s powers. However, prior case law had held that the FTC is not limited to merely enforcing specific laws that the Congress has elsewhere enacted. To the contrary, the FTC has the power to declare legal practices as unfair or deceptive, hence making them illegal.

Filed Under: Blog, Cybercrime, News Tagged With: , ,

Update on Proposed California Efficiency Standards for TVs: Given the Efficiency of our Market System, Does Consumer Demand for Green Technology Make this Regulation Unnecessary?

20 May 2015 By Leave a Comment

Several months ago, the California Energy Commission made big news by announcing that it was considering new energy efficiency standards for televisions. California’s current regulations only apply when a television is in “stand-by” mode and limit and limit such stand-by power usage to 3.0 watts. The current rules also only apply to stand-alone TVs designed to receive broadcast signals, and do not apply to combination TV/DVD or VCR units or computer monitors.

Pacific Gas & ElectricThe proposed rules were based on recommendations from Pacific Gas & Electric, a large California utility. The proposed rules would regulate TVs in both their stand-by and “on” modes and would apply to combination as well as stand-alone TVs. They would not cover computer monitors — a significant exception given the increasing encroachment of computer monitors into the entertainment space. The new rules would require significantly recued power usage: In stand-by mode, power usage would be limited to 1.0 watts. In “on-mode”, power usage limits would be based on screen size — ultimately based on the following formula: [{0.12 watts x the screen area (in square inches)} + 25 watts].

Immediately after the new proposed rules were announced, the major consumer electronics players, such as the Consumer Electronics Association (“CEA”) cried foul. The typical objection was that the new rules would primarily impact larger-sized and more richly-featured LCD and plasma TVs. Because these sets carry higher profit margins, the new rules could have a devastating impact on TV manufacturers and installers.

The California Energy Commission, which planned to move slowly on these regulations, has continued to seek and accept public comment. One such submission, from the CEA, which was recently released by the Commission on June 12, 2009, suggests that the CEA intends to mount a court challenge if the Commission moves forward with the proposed standards.

Filed Under: Blog, Cybercrime, News Tagged With: , ,

Court Split Widens over Whether DMCA Rules against Removal of Copyright

10 May 2015 By Leave a Comment

Among the anti-circumvention rules in the Digital Millennium Copyright Act (DMCA) are prohibitions against the removal or alteration of “copyright management information.” (17 USC §1202). While the popular understanding of the DMCA is that its provisions are specifically targeted to digital media, the definition of “copyright management information” appears very broad and includes:

• The title and other information identifying a work, including the information set forth in a notice of copyright.
• The name(s) and other identifying information of the author, owner and/or performer of the work.
• Terms and conditions for use of the work, and
• Identifying numbers or symbols referring to such information or links to such information.

At face value, nothing about these definitions appears to limit “copyright management information” to digital or other electronic information. However, the earliest District Court cases decided that Congress had intended to limit this provision to “automated copyright management systems functioning within a computer network environment.” IQ Group, Ltd. v. Wiesner Publishing, LLC, 409 F.Supp.2d 587, 596 (D. New Jersey 2006); Textile Secrets International, Inc. v. Ya-Ya Brand Inc., 524 F.Supp.2d 1184 (C.D. Cal. 2007). Among technological measures that these decisions indicated would qualify under this standard were electronic envelopes and digital watermarks. This interpretation was followed, without significant comment, in another recent Southern District of New York decision. See Silver v. Lavandeira, Southern District of New York, 08 Civ. 6522 (JSR) (January 7, 2009 Magistrate’s Report and Recommendation).

That early trend is meeting some resistance. In March 2007, a court in the Western District of Pennsylvania held that Section 1202(c) defines “copyright management information” broadly to include “any” of the information set forth in its defined categories, whether digital or not. McClatchey v. Associated Press, 2007 WL 776103 (W.D. Pa. 2007). This meant that cropping the title, author’s name and copyright notice on printouts of photographs could violate this provision of the DMCA. In February 2009, directly rejecting the IQ Group and Textile Secrets rulings, a court in the Southern District of New York stated that the phrase “the technological measures of automated systems” is not found in the statute. As such, it found that the statute could cover manual removal of copyright information. See Associated Press v. All Headline News Corp., Southern District of New York, 08 Civ. 323 (PKC) (February 17, 2009 Memorandum and Order).

It is too early to tell how this split will be resolved. If the broader view of the statute is accepted, it could substantially change the requirements even for fair use of copyrighted information. Under the statute removal or alteration of copyright information is prohibited “without the authority of the copyright owner or law” — without exception. Section 1202(b).

Filed Under: Blog, Cybercrime Tagged With: , , , , , , , ,