Digital Millennium Copyright Act (DMCA): Difference between revisions

From HORSE - Holistic Operational Readiness Security Evaluation.
Jump to navigation Jump to search
Line 231: Line 231:
<br>
<br>


<br>
===Copyright Office Triennial DMCA Rule-Making===
===Copyright Office Triennial DMCA Rule-Making===
In the House of Representatives, the DMCA was sequentially referred to the Committee on Commerce after it was reported out of the Judiciary Committee. See S. Rep. No. 105-190 (1998), and H.R. Rep. No. 105-551, pt. I (1998). The Commerce Committee was concerned that section 1201, in its original form, might undermine Congress' commitment to fair use. While acknowledging that the growth and development of the Internet has had a significant positive impact on the access of students, researchers, consumers, and the public at large to information, the Committee was concerned that “marketplace realities may someday dictate a different outcome, resulting in less access, rather than more, to copyrighted materials that are important to education, scholarship, and other socially vital endeavors.” In order to address such possible developments, the Commerce Committee proposed a modification of § 1201 which it characterized as a “‘fail-safe’ mechanism.” In the words of the Committee Report, “This mechanism would monitor developments in the marketplace for copyrighted materials, and allow the enforceability of the prohibition against the act of circumvention to be selectively waived, for limited time periods, if necessary to prevent a diminution in the availability to individual users of a particular category of copyrighted materials.”
In the House of Representatives, the DMCA was sequentially referred to the Committee on Commerce after it was reported out of the Judiciary Committee. See S. Rep. No. 105-190 (1998), and H.R. Rep. No. 105-551, pt. I (1998). The Commerce Committee was concerned that section 1201, in its original form, might undermine Congress' commitment to fair use. While acknowledging that the growth and development of the Internet has had a significant positive impact on the access of students, researchers, consumers, and the public at large to information, the Committee was concerned that “marketplace realities may someday dictate a different outcome, resulting in less access, rather than more, to copyrighted materials that are important to education, scholarship, and other socially vital endeavors.” In order to address such possible developments, the Commerce Committee proposed a modification of § 1201 which it characterized as a “‘fail-safe’ mechanism.” In the words of the Committee Report, “This mechanism would monitor developments in the marketplace for copyrighted materials, and allow the enforceability of the prohibition against the act of circumvention to be selectively waived, for limited time periods, if necessary to prevent a diminution in the availability to individual users of a particular category of copyrighted materials.”

Revision as of 20:59, 11 April 2011

DMCA’s Safe Harbors for Online Service Providers

Limitations on Liability

“Safe Harbors” are limitations on liability, not copyright exceptions. “The [safe harbor] limitations … protect qualifying service providers from liability for all monetary relief for direct, vicarious and contributory infringement. Monetary relief is defined in subsection [(k)(2)] as encompassing damages, costs, attorneys’ fees, and any other form of monetary payment. These subsections also limit injunctive relief against qualifying service providers to the extent specified in subsection [(j)].” U.S. Senate, Committee on the Judiciary, The Digital Millennium Copyright Act of 1998 (S. Rpt. 105-190), 20, http://www.hrrc.org/File/S._Rept._105-190.pdf (last visited on 6/14/09) [hereinafter “Senate Report”].

Injunctive relief is limited to the following for conduct falling within the 512(a) “conduit” safe harbor (see below).

  1. “An order restraining the service provider from providing access to a subscriber or account holder of the service provider's system or network who is using the provider's service to engage in infringing activity and is identified in the order, by terminating the accounts of the subscriber or account holder that are specified in the order.” 17 U.S.C. § 512(j)(1)(B).
  2. “An order restraining the service provider from providing access, by taking reasonable steps specified in the order to block access, to a specific, identified, online location outside the United States.” Id.

Injunctive relief is limited to the following for conduct falling within the 512(b), (c) or (d) safe harbors (see below).

  1. “An order restraining the service provider from providing access to infringing material or activity residing at a particular online site on the provider's system or network.” 17 U.S.C. § 512(j)(1)(A).
  2. “An order restraining the service provider from providing access to a subscriber or account holder of the service provider's system or network who is engaging in infringing activity and is identified in the order, by terminating the accounts of the subscriber or account holder that are specified in the order.” Id.
  3. “Such other injunctive relief as the court may consider necessary to prevent or restrain infringement of copyrighted material specified in the order of the court at a particular online location, if such relief is the least burdensome to the service provider among the forms of relief comparably effective for that purpose.” Id.

Falling outside the safe harbors does not make one liable for infringement.

  1. “The failure of a service provider's conduct to qualify for limitation of liability under this section shall not bear adversely upon the consideration of a defense by the service provider that the service provider's conduct is not infringing under this title or any other defense.” 17 U.S.C. § 512(l).
  2. “New section 512 does not define what is actionable copyright infringement in the online environment, and does not create any new exceptions to the exclusive rights under copyright law. … Even if a service provider’s activities fall outside the limitations on liability specified in the bill, the service provider is not necessarily an infringer; liability in these circumstances would be adjudicated based on the doctrines of direct, vicarious or contributory liability for infringement as they are articulated in the Copyright Act and in the court decisions interpreting and applying that statute, which are unchanged by section 512. In the event that a service provider does not qualify for the limitation on liability, it still may claim all of the defenses available to it under current law.” Senate Report, 55.
  3. See Perfect 10 v. CCBill, 488 F.3d 1102, 1109 (9th Cir. 2007) (“These safe harbors limit liability but ‘do not affect the question of ultimate liability under the various doctrines of direct, vicarious, and contributory liability.’”); Io Group v. Veoh Networks, 586 F.Supp.2d 1132, 1142 (N.D. Cal. 2008) (same); Perfect 10 v. Cybernet Ventures, 213 F.Supp.2d 1146, 1174 (C.D. Cal. 2002) (same).

Thus compliance with the requirements of the safe harbors is optional for service providers, not mandatory. The increased certainty provided by the safe harbors, however, creates a strong incentive for service providers to take advantage of them, if they can.

Causes of Action

The DMCA safe harbors only apply to copyright infringement, not trademark or patent infringement or other causes of action. Most service providers, however, also enjoy broad immunity from most state law causes of action because of Section 230 of the Communications Decency Act (“CDA 230”). See, e.g., Perfect 10 v. CCBill, 488 F.3d 1102, 1118-19 (9th Cir. 2007) (CDA 230 preempts all state intellectual property statutes, including right of publicity); Barrett v. Rosenthal, 146 P.3d 510, 51 Cal.Rptr.3d 55 (Cal. 2006).

Functions Covered Under DMCA Safe Harbors

The DMCA safe harbors only apply to “service providers” (defined below) performing certain “functions” (defined in § 512(a), (b), (c) and (d)). “To qualify for these protections service providers must meet the conditions set forth in subsection [(i)], and service providers’ activities at issue must involve a function described in subsection (a), (b), (c), (d) or [(g)], respectively.” Senate Report, 41. Accordingly, copyright owners have an incentive to characterize their lawsuits as involving activities that fall outside the defined functions protected by the safe harbors (e.g., intermediate copying, trans-coding, server-side data processing).

  1. 512(a): “Conduit” or ISP Safe Harbor
   This is the most expansive safe harbor for a service provider, as it has the fewest prerequisites and disqualifiers, but it is only available to those who can meet the narrow definition of “service provider” and only covers “conduit” activities that fall within the statutory language. See, e.g., Ellison v. Robertson, 357 F.3d 1072 (9th Cir. 2004) (holding that AOL’s provision of Usenet newsgroups to subscribers falls within 512(a)).
   “A service provider shall not be liable for monetary relief, or, except as provided in subsection (j), for injunctive or other equitable relief, for infringement of copyright by reason of the provider's transmitting, routing, or providing connections for, material through a system or network controlled or operated by or for the service provider, or by reason of the intermediate and transient storage of that material in the course of such transmitting, routing, or providing connections, if (1) the transmission of the material was initiated by or at the direction of a person other than the service provider; (2) the transmission, routing, provision of connections, or storage is carried out through an automatic technical process without selection of the material by the service provider; (3) the service provider does not select the recipients of the material except as an automatic response to the request of another person; (4) no copy of the material made by the service provider in the course of such intermediate or transient storage is maintained on the system or network in a manner ordinarily accessible to anyone other than anticipated recipients, and no such copy is maintained on the system or network in a manner ordinarily accessible to such anticipated recipients for a longer period than is reasonably necessary for the transmission, routing, or provision of connections; and (5) the material is transmitted through the system or network without modification of its content.” 17 U.S.C. § 512(a).
   “Subsections (a)(1) through (5) limit the range of activities that qualify under this subsection to ones in which a service provider plays the role of a ‘conduit’ for the communications of others.” Senate Report, 41. See Perfect 10 v. CCBill, 488 F.3d 1102, 1116 (9th Cir. 2007) (“Section 512(a) provides a broad grant of immunity to service providers whose connection with the material is transient.”).
  1. 512(b): Caching
   There is very little case law on the 512(b) safe harbor, and it is not clear that the statutory language adequately addresses the sophisticated caching activities that have arisen since 1998. However, one court has held that Google’s Web cache is covered by 512(b). See Field v. Google, 412 F.Supp.2d 1106 (D. Nev. 2006).
   “For subsection (b) to apply, the material must be made available on an originating site, transmitted at the direction of another person through the system or network operated by or for the service provider to a different person, and stored through an automatic technical process so that users of the system or network who subsequently request access to the material from the originating site may obtain access to the material from the system or network. Subsections (b)(1) through (b)(5) further refine the circumstances under which subsection (b) applies….” Senate Report, 42.
   “In terminology describing current technology, this storage is a form of “caching,” which is used on some networks to increase network performance and to reduce network congestion generally, as well as to reduce congestion and delays to popular sites. This storage is intermediate in the sense that the service provider serves as an intermediary between the originating site and ultimate user. The material in question is stored on the service provider’s system or network for some period of time to facilitate access by users subsequent to the one who previously sought access to it.” Senate Report, 42.
  1. 512(c): Hosting
   Safe harbor applies for any “infringement of copyright by reason of the storage at the direction of a user of material that resides on a system or network controlled or operated by or for the service provider…” 17 U.S.C. § 512(c). “Examples of such storage include providing server space for a user’s web site, for a chatroom, or other forum in which material may be posted at the direction of users.” Senate Report, 44.
   The 512(c) safe harbor requires designation and registration of a “copyright agent” and implementation of a “notice-and-takedown” regime (see below). This safe harbor is also subject to two disqualifiers: “actual or red flag knowledge” and “control + direct financial benefit” (see below).
   Numerous activities beyond “providing server space for a user’s web site, for a chatroom, or other forum” have been found to fall within the 512(c) safe harbor. See, e.g., Io Group v. Veoh Networks, 586 F.Supp.2d 1132 (N.D. Cal. 2008) (video hosting); Corbis v. Amazon, 351 F. Supp. 2d 1090 (W.D. Wash. 2004) (Amazon zShops); CoStar v. LoopNet, 164 F. Supp. 2d 688 (D. Md. 2001), aff’d, 373 F.3d 544 (4th Cir. 2004) (user-generated real estate listings); Hendrickson v. eBay, 165 F. Supp. 2d 1082 (C.D. Cal. 2001) (eBay listings).
   The 512(c) safe harbor extends to automated functions (e.g., post-upload processing, extracting thumbnails, transcoding, streaming, downloading) that facilitate access and are closely related to storage of materials at the direction of users. See Universal Music Group v. Veoh Networks, 2008 WL 5423841 at *10 (C.D. Cal. Dec. 29, 2008) (“The four software functions that UMG challenges fall within the scope of § 512(c), because all of them are narrowly directed toward providing access to material stored at the direction of users.”); Io Group v. Veoh Networks, 586 F.Supp.2d 1132, 1147-48 (N.D. Cal. 2008) (holding post-upload transcoding and thumbnail extraction covered by 512(c) safe harbor).
  1. 512(d): Information Location Tools (Linking and Search Engines)
   Safe harbor applies for any “infringement of copyright by reason of the provider referring or linking users to an online location containing infringing material or infringing activity, by using information location tools, including a directory, index, reference, pointer, or hypertext link….” 17 U.S.C. § 512(d).
   “The reference to ‘infringing activity’ is intended to refer to wrongful activity that is occurring at the location to which the link or reference refers, without regard to whether copyright infringement is technically deemed to occur at that location or at the location where the material is received. The term information location tools includes, for example: a directory or index of online sites or material such as a search engine that identifies pages by specified criteria, a reference to other online material such as a list of recommended sites, a pointer that stands for an Internet location or address, or a hypertext link which allows users to access material without entering its address.” Senate Report, 47.
   The 512(d) safe harbor requires designation and registration of a “copyright agent” and implementation of a “notice-and-takedown” regime (see below). It is also subject to two disqualifiers: “actual or red flag knowledge” and “control + direct financial benefit” (see below).

Service Provider: Narrow and Broad Definitions

Safe harbors only cover “service providers,” which may be defined narrowly or broadly. To qualify for the 512(a) “conduit” safe harbor, one must satisfy the narrow definition of “service provider.” In contrast, to qualify for the 512(b), (c) or (d) safe harbors, one must only satisfy the broad definition.

  1. Narrow Definition for 512(a) “Conduit” Safe Harbor
   “As used in [section 512](a), the term ‘service provider’ means an entity offering the transmission, routing, or providing of connections for digital online communications, between or among points specified by a user, of material of the user's choosing, without modification to the content of the material as sent or received.” 17 U.S.C. § 512(k)(1)(A). For example, traditional ISPs, like Verizon or Comcast, that provide simple bandwidth fit the narrow definition of service provider.
   There has been some uncertainty regarding the outer limits of the narrower 512(a) definition, especially as applied to P2P systems where end-users do the transmitting, routing, or provision of connections, rather than the service provider. Compare Perfect 10 v. CCBill, 488 F.3d 1102, 1116 (9th Cir. 2007) (“We reject Perfect 10’s argument that CCBill is not eligible for immunity under § 512(a) because it does not itself transmit the infringing material….There is no requirement in the statute that the communications must themselves be infringing….”) with A&M Records v. Napster, 2000 WL 573136 (N.D. Cal. 2000) (“Napster enables or facilitates the initiation of connections, but these connections do not pass through the system within the meaning of § 512(a).”).
   
  1. Broad Definition for Other Safe Harbors
   As used in this section, other than [section 512](a), the term ‘service provider’ means a provider of online services or network access, or the operator of facilities therefor, and includes an entity described in subparagraph [512(k)(1)](A).” 17 U.S.C. § 512(k)(1)(B). The language of the definition encompasses businesses that operate websites or other Internet services or facilities and likely also company LANs and intranets.
   As one court stated, “A plain reading of [17 U.S.C. § 512(k)] reveals that ‘service provider’ is defined so broadly that we have trouble imagining the existence of an online service that would not fall under the definitions….” In re Aimster Copyright Litig., 252 F.Supp.2d 634, 658 (N.D. Ill. 2002), aff’d, 334 F.3d 643 (7th Cir. 2003). Courts have held that Amazon, eBay, and Aimster all qualify as “service providers” under this definition. See Corbis v. Amazon.com, 351 F.Supp.2d 1090 (W.D. Wash. 2004) (holding that Amazon meets DMCA definition of service provider); In re Aimster Copyright Litig., 334 F.3d 643, 655 (7th Cir. 2003) (affirming district court ruling that Aimster is a service provider); Hendrickson v. eBay, Inc., 165 F. Supp. 2d 1082, 1087 (C.D. Cal. 2001) (acknowledging the broad definition of a service provider and stating that eBay “clearly” falls within this definition).

Prerequisites and Disqualifiers

Prerequisites Applicable to All Safe Harbors (512(i))

  1. Policy of Terminating Repeat Infringers
   A service provider must “adopt and reasonably implement, and inform subscribers and account holders of the service provider's system or network of, a policy that provides for the termination in appropriate circumstances of subscribers and account holders of the service provider's system or network who are repeat infringers.” 17 U.S.C. § 512(i)(1)(A).
   The statute provides no definition of “repeat infringer”—can mere allegations or DMCA takedown notices make someone a “repeat infringer”? Compare Nimmer & Nimmer, 3 NIMMER ON COPYRIGHT § 12B.10[B][3] (describing what makes a “repeat infringer” and concluding that allegations or multiple takedown notices alone are insufficient); Corbis v. Amazon, 351 F.Supp.2d at 1105 n.9 (“[N]otices alone do not … conclusively determine that the user is an infringer.”), with Perfect 10 v. CCBill, 340 F.Supp.2d 1077, 1088 (C.D. Cal. 2004) (multiple 512(c) takedown notices requires termination of the user under 512(i)), aff’d on other grounds, 488 F.3d 1102 (9th Cir. 2007).
   “[A] service provider ‘implements’ a policy if it has a working notification system, a procedure for dealing with DMCA-compliant notifications, and if it does not actively prevent copyright owners form collecting information needed to issue such notifications.” Perfect 10 v. CCBill, 488 F.3d 1102, 1109 (9th Cir. 2007). See also Ellison v. Robertson, 357 F.3d 1072, 1080 (9th Cir. 2004) (failing to read emails sent to registered Copyright Agent may not be reasonable implementation); Io Group v. Veoh Networks, 586 F.Supp.2d 1132, 1143 (N.D. Cal. 2008) (finding that infringer termination policies of video hosting service had been reasonably implemented); Perfect 10 v. Cybernet Ventures, 213 F. Supp. 2d 1146, 1176-78 (C.D. Cal. 2002) (finding little likelihood that defendant had adequately implemented a policy of terminating infringers).
   Courts have concluded that a policy is reasonably implemented where a service provider blocked terminated users from re-registering from the same email addresses, but did not also screen users by IP address or other means. See Io Group v. Veoh Networks, 586 F.Supp.2d 1132, 1145 (N.D. Cal. 2008) (“[S]ection 512(i) does not require service providers to track users in a particular way or to affirmatively police users for evidence of repeat infringement.”); see also Corbis v. Amazon, 351 F.Supp.2d at 1104 (“The mere fact that [the repeat infringer] appeared on zShops under a different user name and identity does not, by itself, create a legitimate question of fact regarding the procedural implementation of Amazon’s termination policy.”).
  1. Accommodate Technical Measures
   Service provider must “accommodate and not interfere with standard technical measures…used by copyright owners to identify or protect copyrighted works.” 17 U.S.C. § 512(i)(1)(B).
   In order to qualify as a “standard technical measure,” the measure must have been developed “pursuant to a broad consensus of copyright owners and service providers in an open, fair, voluntary, multi-industry standards process,” be available on reasonable and nondiscriminatory (RAND) terms, and not impose “substantial costs” on service providers. 17 U.S.C. § 512(i)(2)(A), (B), and (C).
   As of 2008, nothing appears to qualify as a “standard technical measure” under the definition of the statute, as no “broad consensus” has emerged from any relevant “multi-industry standards process.”

Additional Prerequisites for § 512(b), (c), and (d)

  1. Designate a Copyright Agent
   Service providers must designate an agent to receive copyright infringement notices, register the agent with the Copyright Office ($80 filing fee), and make the agent’s contact information available on its website. 17 U.S.C. § 512(c)(2); 37 CFR § 201.38.
   The Copyright Office makes the list of registered copyright agents available on its website.
  1. Notice-and-Takedown
   Service providers must “upon notification of claimed infringement as described in paragraph [512(c)](3), respond[] expeditiously to remove, or disable access to, the material that is claimed to be infringing or to be the subject of infringing activity.” 17 U.S.C. § 512(c)(1)(C); see Io Group v. Veoh Networks, 586 F.Supp.2d 1132, 1150 (N.D. Cal. 2008) (finding no material issue of fact where service provider responded to takedown notices “on the same day the notice is received (or within a few days thereafter).”).
   In order to be effective, takedown notices must be in writing and: (1) contain the physical or electronic signature of claimant; (2) identify the work allegedly infringed; (3) identify the allegedly infringing material sufficiently to permit its removal or limit access; (4) provide information sufficient to contact the party providing the notice; (5) contain a statement that the complaining party has a good faith belief that use of the material is not authorized; and (6) contain a statement that the information in the notice is accurate and, under penalty of perjury, that either the owner or the complaining party is authorized to act on behalf of the owner of an exclusive right that is allegedly infringed. 17 U.S.C. § 512(c)(3). See also Perfect 10 v. CCBill, 488 F.3d 1102, 1112 (9th Cir. 2007) (“The statute thus signals that substantial compliance means substantial compliance with all of § 512(c)(3)’s clauses, not just some of them.”); but see ALS Scan v. RemarQ Communities, 239 F.3d 619, 625 (4th Cir. 2001) (suggesting that substantial compliance is sufficient in some circumstances).
   “The DMCA notification procedures place the burden of policing copyright infringement—identifying the potentially infringing material and adequately documenting the infringement—squarely on the owners of the copyright.” Perfect 10 v. CCBill, 488 F.3d 1102, 1113 (9th Cir. 2007).
   Counter-Notice and Putback. Section 512(g) creates a “counter-notice” regime protecting service providers from liability both for taking down material in response to infringement notices, and for restoring access (“put-back”) to material upon receiving a “counter-notice” from a subscriber contesting the infringement notice. It is important to note, however, that a “counter-notice” regime is not a prerequisite for the DMCA safe harbor. Instead, it provides a service provider with certain immunities vis-à-vis claims brought by its own subscribers.

Disqualifiers (Only for § 512(c) and (d))

  1. Actual or “Red Flag” Knowledge
   A service provider enjoys the (c) and (d) safe harbors only so long as it:
i) does not have actual knowledge that the material or an activity using the material on the system or network is infringing; or
(ii) in the absence of such actual knowledge, is not aware of facts or circumstances from which infringing activity is apparent [e.g., “red flag” knowledge]; or
(iii) upon obtaining such knowledge or awareness, acts expeditiously to remove, or disable access to, the material…. 17 U.S.C. § 512(c)(1)(A); § 512(d)(1).
   The Senate Report further describes the disqualifiers below.
       Under this standard, a service provider would have no obligation to seek out copyright infringement, but it would not qualify for the safe harbor if it had turned a blind eye to ‘red flags’ of obvious infringement. Senate Report, 48.
       For instance, the copyright owner could show that the provider was aware of facts from which infringing activity was apparent if the copyright owner could prove that the location was clearly, at the time the directory provider viewed it, a ‘pirate’ site of the type described below, where sound recordings, software, movies or books were available for unauthorized downloading, public performance or public display. Absent such ‘red flags’ or actual knowledge, a directory provider would not be similarly aware merely because it saw one or more well known photographs of a celebrity at a site devoted to that person. The provider could not be expected, during the course of its brief cataloguing visit, to determine whether the photograph was still protected by copyright or was in the public domain; if the photograph was still protected by copyright, whether the use was licensed; and if the use was not licensed, whether it was permitted under the fair use doctrine. Id.
       The important intended objective of this standard is to exclude sophisticated ‘pirate’ directories—which refer Internet users to other selected Internet sites where pirate software, books, movies, and music can be downloaded or transmitted—from the safe harbor. Such pirate directories refer Internet users to sites that are obviously infringing because they typically use words such as ‘pirate,’ ‘bootleg,’ or slang terms in their uniform resource locator (URL) and header information to make their illegal purpose obvious to the pirate directories and other Internet users. Id.; but see Perfect 10 v. CCBill, 488 F.3d 1102, 1114 (9th Cir. 2007) (“illegal.net and “stolencelebritypics.com” do not constitute red flags, because describing material as “illegal” or “stolen” may be an attempt to increase appeal rather than be an admission; also a site featuring hacked passwords is insufficient to be a red flag of infringement).
       In this way, the ‘red flag’ test in section 512(d) strikes the right balance. The common-sense result of this ‘red flag’ test is that online editors and catalogers would not be required to make discriminating judgments about potential copyright infringement. If, however, an Internet site is obviously pirate, then seeing it may be all that is needed for the service provider to encounter a ‘red flag.’ A provider proceeding in the face of such a red flag must do so without the benefit of a safe harbor. Senate Report, 49.
       The knowledge or awareness standard should not be applied in a manner which would create a disincentive to the development of directories which involve human intervention. Absent actual knowledge, awareness of infringement as provided in subsection (d) should typically be imputed to a directory provider only with respect to pirate sites or in similarly obvious and conspicuous circumstances, and not simply because the provider viewed an infringing site during the course of assembling the directory.” Id. 
   Cases interpreting the “knowledge disqualifier” include Perfect 10 v. CCBill, 488 F.3d 1102, 1114 (9th Cir. 2007) (noncompliant notices do not count toward knowledge, use of “illegal” or “stolen” in domain name does not create red flag knowledge for hosting service); Io Group v. Veoh Networks, 586 F.Supp.2d 1132, 1148 (N.D. Cal. 2008) (“[A]pparent knowledge requires evidence that a service provider turned a blind eye to ‘red flags’ of obvious infringement.”); Corbis v. Amazon, 351 F. Supp. 2d 1090, 1108-09 (W.D. Wash. 2004) (neither general knowledge of infringement on the site nor third party notices are not enough to constitute a “red flag”); Hendrickson v. Amazon, 298 F. Supp. 2d 914, 917 (C.D. Cal. 2003) (Amazon lacked prospective knowledge of infringing DVD sales, even after rights holder informed it that the title in question had never been released on DVD); Hendrickson v. eBay, 165 F. Supp. 2d 1082, 1093 (C.D. Cal. 2001).
   Control + Direct Financial Benefit
   A service provider will be disqualified from the (c) and (d) safe harbors if it “receive[s] a financial benefit directly attributable to the infringing activity, in a case in which the service provider has the right and ability to control such activity.” 17 U.S.C. § 512(c)(1)(B); § 512(d)(2)).
   The Senate report explains that:
       [i]n determining whether the financial benefit criterion is satisfied, courts should take a common-sense, fact-based approach, not a formalistic one. In general, a service provider conducting a legitimate business would not be considered to receive a ‘financial benefit directly attributable to the infringing activity’ where the infringer makes the same kind of payment as non-infringing users of the provider’s service. Thus, receiving a one-time set-up fee and flat periodic payments for service from a person engaging in infringing activities would not constitute receiving a ‘financial benefit directly attributable to the infringing activity.’ Nor is subparagraph (B) intended to cover fees based on the length of the message (per number of bytes, for example) or by connect time. It would however, include any such fees where the value of the service lies in providing access to infringing material. Senate Report, 44.
   Several courts have held that the mere ability to remove or block access to materials, or to exclude users, is not enough to constitute “right and ability to control” within the meaning of the DMCA safe harbors. See Io Group v. Veoh Networks, 586 F.Supp.2d 1132, 1151 (N.D. Cal. 2008) (“[T]he plain language of section 512(c) indicates that the pertinent inquiry is not whether Veoh has the right and ability to control its system, but rather, whether it has the right and ability to control the infringing activity.”) (emphasis in original); Corbis v. Amazon, 351 F. Supp. 2d 1090, 1110 (W.D. Wash. 2004); Perfect 10 v. CCBill, 340 F. Supp. 2d 1077, 1104 (C.D. Cal. 2004); Perfect 10 v. Cybernet Ventures, 213 F. Supp. 2d 1146, 1181-82 (C.D. Cal. 2002).
   One court has suggested that the “financial benefit” prong “should be interpreted consistent with the similarly-worded common law standard for vicarious copyright liability.” See Perfect 10 v. CCBill, 488 F.3d 1102, 1117 (9th Cir. 2007); see also Io Group v. Veoh Networks, 586 F.Supp.2d 1132, 1150 (N.D. Cal. 2008) (following CCBill). This interpretation is problematic to the extent it may render the safe harbors a dead letter as applied to vicarious liability claims, which is at odds with legislative history that indicates that the safe harbors were meant to reach those claims. See Senate Report, 40 (safe harbors bar monetary damages for “direct, vicarious, or contributory infringement”).

Steps to Take upon Notice of Infringement

The protection from liability available under Sections 512(c) and (d) of the DMCA applies only if the service provider responds expeditiously to remove or disable access to material in accordance with the DMCA’s notice and takedown provisions. The DMCA shields the service provider from liability upon good faith removal of allegedly infringing material in response to a notice received under the DMCA. The service provider must also respond to any counter notifications received and possibly replace the removed material. Therefore, a service provider should take and document the following steps upon receipt by a designated agent of a proper notice of alleged infringement:

   Verify the Notice. Proper notice must substantially comply with the requirements of the DMCA. 17 U.S.C. § 512(c)(3). The notice must: (1) contain the physical or electronic signature of claimant; (2) identify the allegedly infringing material sufficiently to permit its removal or limit access; (3) provide information sufficient to contact the party providing the notice; (4) contain a statement that the complaining party has a good faith belief that use of the material is not authorized; and (5) contain a statement that the information in the notice is accurate and, under penalty of perjury, that either the owner or the complaining party is authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.
   Promptly Remove the Material. Upon receipt of a proper notice, promptly remove or disable access to the material in question.
   Notify the Person Whose Material Was Removed. Take reasonable steps to promptly notify the affected user that the material has been removed or access to it has been disabled.
   Notify Complaining Party Upon Receipt of Counter Notification. Upon receipt of a “counter notification” from the affected user, promptly provide the complaining party with a copy of the counter notification, and inform that person that access to the removed material will be restored in 10 business days. A “counter notification” must: (1) contain either the physical or electronic signature of the user; (2) identify the material that has been removed or to which access has been disabled and the location at which such material appeared before its removal or disabling; (3) contain a statement under penalty of perjury that the user has a good faith belief that the material was removed or disabled as a result of mistake or misidentification; and (4) contain the user’s name, address and telephone number, and a statement that the user consents to the jurisdiction of the federal district court for the jurisdiction where the user is located. 17 U.S.C. § 512(g)(3).
   Replace Material Unless Complaining Party Proceeds with Infringement Action. Replace the removed material or re-enable access to it in not less than 10 nor more than 14 business days following receipt of the counter notice, unless the designated agent first receives notice from the person who submitted the original notification that that person has filed an action seeking a court order to restrain the infringing activity relating to the material on the service provider’s system. 

DMCA Misuse

Section 512(f) of the DMCA creates a cause of action for a service provider or an end-user against “[a]ny person who knowingly materially misrepresents under this section (1) that material or activity is infringing, or (2) that material or activity was removed or disabled by mistake or misidentification.” Those injured by misrepresentations in DMCA takedown notices or counter-notices are entitled to bring suit and recover actual damages, as well as costs and attorney’s fees. 17 U.S.C § 512(f).

“‘Knowingly’ means that a party actually knew, should have known if it acted with reasonable care or diligence, or would have had no substantial doubt had it been acting in good faith, that it was making misrepresentations.” Online Policy Group v. Diebold, Inc., 337 F.Supp.2d 1195, 1204 (N.D.Cal. 2004) (finding misuse when DMCA notice targeted a clear fair use).

The Ninth Circuit has held that the “good faith” requirement in sending DMCA takedown notices “imposes a subjective good faith requirement upon copyright owners.” Rossi v. Motion Picture Ass'n of America, 391 F.3d 1000, 1004 (9th Cir. 2004) (interpreting “good faith” in § 512(c)(3)(A)(v)). “A copyright owner cannot be liable simply because an unknowing mistake is made, even if the copyright owner acted unreasonably in making the mistake. Rather, there must be a demonstration of some actual knowledge of misrepresentation on the part of the copyright owner.” Id. at 1005. This standard may prove problematic insofar as it appears to reward unreasonable mistakes on the part of copyright owners—the more unreasonable the person sending the takedown, seemingly the more leeway he would enjoy in sending takedowns. This seems at odds with Congress’ purpose in enacting § 512(f).

"'Material' means that the misrepresentation affected the ISP's response to a DMCA letter." Id. See also Rossi v. Motion Picture Ass'n of America, 391 F.3d 1000 (9th Cir.2004); Dudnikov v. MGA Entertainment, Inc., 410 F.Supp.2d 1010 (D. Colo. 2005) ('MGA was required to show that it had a sufficient basis to form the required good faith belief that the Plaintiffs’ auction infringed on its rights, and that its actions therefore complied with the notice and takedown requirements under the DMCA.').

“[I]n order for a copyright owner to proceed under the DMCA with ‘a good faith belief that use of the material in the manner complained of is not authorized by the copyright owner, its agent, or the law,’ the owner must evaluate whether the material makes fair use of the copyright. 17 U.S.C. § 512(c)(3)(A)(v). An allegation that a copyright owner acted in bad faith by issuing a takedown notice without proper consideration of the fair use doctrine thus is sufficient to state a misrepresentation claim pursuant to Section 512(f) of the DMCA.” Lenz v. Universal Music Corp., 572 F.Supp.2d 1150, 1154-55 (N.D. Cal. 2008).

Preliminary Injunctions

In Novotny v. Chapman, 2006 WL 2335598 (W.D.N.C. 2006) the Court denied a motion for preliminary injunction to stop improper notices, finding "injury is not likely to reoccur since the plaintiffs neither are posting the videos-at-issue on their website, nor have they cited any interest in re-posting these videos before the underlying legal issues are resolved."

In Biosafe-One, Inc. v. Hawks, 524 F.Supp.2d 452 (S.D.N.Y. 2007) the Court granted a preliminary injunction to stop improper notices. In that case defendants alleged that plaintiff violated 512(f), but had "not submitted any evidence that plaintiffs were aware or understood that they were misrepresenting the fact that defendants' website was infringing when they filed their notices." The Court held:

   While defendants have not demonstrated their likely success on the merits, they have demonstrated sufficiently serious questions going to the merits to make them fair grounds for litigation and a balance of hardships tipping in their favor. To succeed on their claim, defendants need only prove plaintiffs knew defendants were not infringing when they submitted the DMCA notices. Defendants have not yet had the opportunity to fully develop this theory. Id. at 469.

DMCA Subpoenas

Section 512(h) of the DMCA allows copyright holders to subpoena service providers for user identity information without filing a lawsuit.

   Recording Ind. Ass'n of Am. v. Verizon Internet Servs., Inc., 351 F.3d 1229 (D.C. Cir. 2003), cert. denied, 125 S.Ct. 309, 160 L.Ed.2d 222 (2004), cert. denied sub nom, Verizon Internet Servs., Inc. v. Recording Industry Ass'n of America, Inc., 125 S.Ct. 347, 160 L.Ed.2d 222 (2004). The D.C. Circuit held that as a matter of statutory interpretation, the DMCA's subpoena provisions did not apply to cases in which the ISP was merely a conduit for alleged peer-to-peer file transfer. Since the RIAA could not properly send a 512(c)(3)(a) notification of claimed infringement for alleged peer-to-peer infringements, it could not use the 512(h) subpoena that depended on such notification. The court granted Verizon's motion to quash without reaching the constitutional arguments addressed below.
   Recording Industry Ass'n of America, Inc. v. Verizon Internet Servs., Inc., 351 F.3d 1229 (D.C. Cir. 2003). In a consolidated case, the Court of Appeals reversed the District Court’s orders to compel Verizon to disclose the identity of subscribers. The court reasoned that under the DMCA, a subpoena may not be issued to a service provider acting as a conduit for peer-to-peer file sharing, which does not involve the storing of infringing material on its server.
   In re Charter Communications, Inc., Subpoena Enforcement Matter, 393 F.3d 771 (8th Cir. 2005). The 8th Circuit followed the D.C. Circuit's lead, granting Charter's motion to quash subpoenas on the same statutory interpretation grounds.
   Pacific Bell Internet Servs. v. RIAA, 2003 U.S. Dist. LEXIS 21659 (N.D. Cal. 2003). Pacific Bell Internet Services challenged subpoenas issued by RIAA, MediaSentry, and Titan Media. That suit was ordered transferred to the D.C. District prior to the D.C. Circuit's decision in RIAA v. Verizon, above.
   In re Subpoena To University of North Carolina at Chapel Hill, 367 F.Supp.2d 945 (M.D.N.C. 2005). The court quashed the Doe subpoena, holding that 512(h) subpoenas are not applicable to 512(a) ISPs. 

Denial of the RIAA's DMCA subpoenas has not stopped their efforts to identify and sue peer-to-peer infringers. The RIAA's member record labels have turned to Doe lawsuits, filing complaints against as many as 250 Does and then issuing pre-service discovery subpoenas to ISPs to obtain identifying information for the Does. Most courts have granted these discovery requests, despite arguments about the suits' jurisdictional flaws or impingement on constitutionally protected rights to anonymous speech. See EFF's RIAA v. The People.

Case Law Interpreting the DMCA Safe Harbor Provisions

   ALS Scan v. Remarq Communities, Inc., 239 F.3d 619 (4th Cir. 2001)
   Hendrickson v. eBay, 165 F. Supp. 2d 1082 (C.D. Cal. 2001)
   Arista Records, Inc. v. MP3Board, Inc., 2002 WL 1997918, 2002 U.S. Dist. LEXIS 16165 (S.D.N.Y. 2002)
   A & M Records, Inc. v. Napster Inc., 239 F.3d 1004 (9th Cir. 2001).
   Ellison v. Robertson, 189 F. Supp. 2d 1051 (C.D. Cal. 2002); 357 F.3d 1072 (9th Cir. 2004)
   In Re Aimster Copyright Litig., 252 F. Supp. 2d 634 (N.D. Ill. 2002); 334 F.3d 643 (7th Cir. 2003)
   Rossi v. Motion Picture Ass'n of Am., Inc., 391 F.3d 1000 (9th Cir. 2004)
   CoStar Group, Inc. v. LoopNet, Inc., 373 F.3d 544 (4th Cir. 2004)
   Corbis Corp. v. Amazon.com, Inc., 351 F. Supp. 2d 1090 (W.D. Wash. 2004)
   Perfect 10, Inc. v. CCBill LLC, No. 04-57143, 04-57207 (9th Cir. March 29, 2007) 

Anti-Circumvention and Anti-Trafficking Provisions

Sections 1201(a) and (b) of the DMCA prohibit the circumvention of technological measures that control access to or uses of copyrighted works and also prohibit trafficking in circumvention technology. Prior to its enactment, courts had permitted the sale of devices that unlocked copyright protection mechanisms on other products, so long as such products were capable of substantial noninfringing uses. See Vault Corp. v. Quaid Software, 847 F.2d 255 (5th Cir. 1988). The DMCA anti-circumvention provisions create civil remedies and provide for criminal sanctions. See 17 U.S.C. §§ 1203, 1204.

Scope of Circumvention Prohibition

Section 1201(a) addresses “access control” measures, prohibiting both the conduct of circumventing those measures and devices that circumvent them. Section 1201(a)(1) provides: “No person shall circumvent a technological measure that effectively controls access to a work protected under this title.” Section 1201(a)(2) prohibits the manufacture, importation, offering to the public, providing or otherwise trafficking in any technology, product, service, device, or component to circumvent access control measures. Thus, §1201(a) prohibits both the act of circumventing access control measures, as well as trafficking in products, services and devices that circumvent access control measures.

Section 1201(b) prohibits the manufacture, importation, offering to the public, providing or otherwise trafficking in any technology, product, service, device, or component to circumvent protection afforded by a technological measure that effectively protects a right of a copyright owner under the Copyright Act, including the right to reproduce, distribute, publicly perform, or publicly display a copyrighted work. The type of technological measure addressed in §1201(b) includes copy-control measures and other measures that control uses of works that would infringe the exclusive rights of the copyright owner. The technologies protected by 1201(b) are frequently referred to as "copy controls." Unlike §1201(a), which prohibits both the act of circumvention and trafficking in devices that circumvent, §1201(b) does not prohibit the act of circumventing copy control measures. This preserves the ability to circumvent in order to make non-infringing uses of copyrighted works that are protected by copy control measures.

The following grid illustrates the relationship between these concepts:

tech controls access to work tech controls copying, distribution, public display, public performance of work
Act of Circumvention 1201(a)(1) no prohibition (general copyright law applicable)
Trafficking in Circumvention Tools


1201(a)(2) 1201(b)



Copyright Office Triennial DMCA Rule-Making

In the House of Representatives, the DMCA was sequentially referred to the Committee on Commerce after it was reported out of the Judiciary Committee. See S. Rep. No. 105-190 (1998), and H.R. Rep. No. 105-551, pt. I (1998). The Commerce Committee was concerned that section 1201, in its original form, might undermine Congress' commitment to fair use. While acknowledging that the growth and development of the Internet has had a significant positive impact on the access of students, researchers, consumers, and the public at large to information, the Committee was concerned that “marketplace realities may someday dictate a different outcome, resulting in less access, rather than more, to copyrighted materials that are important to education, scholarship, and other socially vital endeavors.” In order to address such possible developments, the Commerce Committee proposed a modification of § 1201 which it characterized as a “‘fail-safe’ mechanism.” In the words of the Committee Report, “This mechanism would monitor developments in the marketplace for copyrighted materials, and allow the enforceability of the prohibition against the act of circumvention to be selectively waived, for limited time periods, if necessary to prevent a diminution in the availability to individual users of a particular category of copyrighted materials.”

Accordingly, Congress enacted 1201(a)(1)(C), which requires the Register of Copyrights to conduct a rulemaking proceeding and, after consulting with the Assistant Secretary for Communications and Information of the Department of Commerce, recommend to the Librarian whether he should conclude “that persons who are users of a copyrighted work are, or are likely to be in the succeeding 3-year period, adversely affected by the prohibition under [§ 1201(a)(1)(A)] in their ability to make noninfringing uses under [Title 17] of a particular class of copyrighted works.”

Based on these recomendations, the Librarian is empowered to grant exemptions for conduct that would otherwise violate 1201(a)(1). Such exemptions last for three year periods. “The goal of the proceeding is to assess whether the implementation of technological protection measures that effectively control access to copyrighted works is adversely affecting the ability of individual users to make lawful uses of copyrighted works .... The primary goal of the rulemaking proceeding is to assess whether the prevalence of these technological protections, with respect to particular categories of copyrighted materials, is diminishing the ability of individuals to use these works in ways that are otherwise lawful."

Unfortunately, the triennial rulemaking has been largely ineffective at protecting fair use and other noninfringing activities impaired by technical protection measures. First, the Librarian is not empowered to grant any exemptions to the trafficking prohibitions contained in 1201(a)(2) or 1201(b). Accordingly, only those who have the technological ability to circumvent are directly assisted by the exemptions. Second, the Copyright Office has imposed a heavy burden on those who seek exemptions.

The Librarian, acting on the recommendations of the Register of Copyrights, has granted the following exemptions:

2000-2003 Exemptions

1. Compilations consisting of lists of websites blocked by filtering software applications.

2. Literary works, including computer programs and databases, protected by access control mechanisms that fail to permit access because of malfunction, damage, or obsoleteness.

2003-2006 Exemptions

1. Compilations consisting of lists of Internet locations blocked by commercially marketed filtering software applications that are intended to prevent access to domains, websites or portions of websites, but not including lists of Internet locations blocked by software applications that operate exclusively to protect against damage to a computer or computer network or lists of Internet locations blocked by software applications that operate exclusively to prevent receipt of e-mail.

2. Computer programs protected by dongles that prevent access due to malfunction or damage and which are obsolete.

3. Computer programs and video games distributed in formats that have become obsolete and which require the original media or hardware as a condition of access.

4. Literary works distributed in ebook format when all existing ebook editions of the work (including digital text editions made available by authorized entities) contain access controls that prevent the enabling of the ebook's read-aloud function and that prevent the enabling of screen readers to render the text into a "specialized format.

Additional resources regarding DMCA triennial rulemaking:

Copyright Office DMCA Rulemaking Page

Seth Finkelstein, How to Win (DMCA) Exemptions and Influence Policy

Statutory Exceptions

1201(d): Previewing by Libraries, Archives and Educational Institutions

1201(e): Law Enforcement, Intelligence and Government Activities

1201(f): Reverse Engineering

1201(g): Encryption Research

1201(h): Censorware

1201(i): Protection of Personally Identifying Information

1201(j): Security Testing

Anti-Circumvention Cases

   Universal City Studios v. Reimerdes, 111 F.Supp.2d 294 (S.D.N.Y. 2000), aff'd sub nom Universal City Studios, Inc. v. Corley, 273 F.3d 429 (2d Cir. 2001). Plaintiffs brought suit against defendant Eric Corley and his company, 2600 Enterprises, Inc., for posting DeCSS on the 2600 website and for providing links to other websites on which DeCSS is posted. DeCSS is a program that circumvents a DVD’s CSS encryption technology, thereby allowing users to make copies of DVDs on their computers. After trial, the district court ruled that distribution of DeCSS violated 1201(a)(2), rejected First Amendment challenges to the application of the statute, and found that simply linking to DeCSS could, in some circumstances, constitute prohibited trafficking under 1201(a)(2). The Court of Appeals affirmed.
   United States v. Elcomsoft Ltd., 203 F. Supp. 2d 1111 (N.D. Cal. 2002). Elcomsoft, a Russian software company, was indicted by a federal jury for making available for purchase on the company website software that allegedly circumvented copyright protections on Adobe eBooks. The district court denied Elcomsoft’s motion to dismiss, finding that the DMCA bans all tools that circumvent technological protections, regardless of whether the tools are used to infringe copyrights or to enable fair use. The court also rejected Elcomsoft’s claims that the DMCA was too restrictive of its First Amendment rights and too vague to be enforced under the Fifth Amendment due process clause. A jury found defendants not guilty of five counts of copyright violations.
   RealNetworks, Inc. v. Streambox, Inc., 2000 U.S. Dist. LEXIS 1889 (W.D. Wash. 2000). The court granted a preliminary injunction against Streambox with respect to its Streambox VCR and Ferret products, and denied a preliminary injunction with respect to its Ripper software. The court found that the Streambox VCR violated the DMCA by circumventing copy controls placed by RealNetworks on streamed copyrighted materials so as to allow end users to make copies of the streamed files. However, the court held that defendant’s Ripper software, which converted media files between various formats including the RealMedia format, did not violate the DMCA. The court also held that defendant’s Ferret software, which altered the appearance and operation of RealNetworks’ media player, vicariously and contributorily infringed RealNetworks’ copyright in the player and created an unlawful derivative use.
   Lexmark Int’l v. Static Control Components, Inc., 387 F.3d 522 (6th Cir. 2004). Lexmark filed suit against defendants for copyright infringement and DMCA Section 1201 violations. Lexmark’s practice was to install chips in replacement toner cartridges that were necessary for the printer to function, thereby preventing Lexmark printer owners from buying replacement ink from third party manufacturers. Defendants manufactured and sold to toner manufacturers chips that allowed non-Lexmark ink cartridges to function in Lexmark printers. The district court entered a preliminary injunction against defendants. The Court of Appeals reversed.
   Complaint, Felten v. Recording Indus. Ass'n of Am., No. CV-0102669 (D.N.J. Nov. 27, 2001). Princeton University computer science professor Edward Felten filed a declaratory judgment action against the Recording Industry Association of America (RIAA) after the RIAA allegedly threatened Professor Felten with a lawsuit under the anti-circumvention provisions of the DMCA if he presented his paper revealing the weaknesses in digital copy protection technologies at a conference. Felten’s declaratory relief action claimed that the DMCA violated his First Amendment rights to publish his research. The court dismissed the case for lack of an actual controversy after the RIAA promised not to sue Felten for presenting the paper.
   Sony Computer Entm't Am., Inc. v. GameMasters, 87 F. Supp. 2d 976 (N.D. Cal. 1999). Sony Computer Entertainment America (SCEA) sued defendant retailers of allegedly counterfeit products for violation of the DMCA, trademark infringement, and trademark counterfeiting. Defendants sold a “Game Enhancer” device that allowed consumers to configure their PlayStation console to play “import” games that SCEA did not intend to be played outside their geographical market of origin. The District Court granted SCEA’s motion for preliminary injunction, holding, inter alia, that defendants' sale of “Game Enhancer” violated the DMCA because "Game Enhancer appears to be a device whose primary function is to circumvent 'a technological measure (or a protection afforded by a technological measure) that effectively controls access to a system protected by a registered copyright....' 17 U.S.C. § 1201(a)(2)(A)." Id. at 987.
   321 Studios v. Metro-Goldwyn-Mayer Studios, Inc., 307 F.Supp.2d 1085 (N.D. Cal. 2004). Court granted partial summary judgment in favor of movies studios, finding that distribution of DVD copying software violated 1201(a)(2) and (b). The court found that authority of DVD purchasers to access their own DVDs did not protect 321 Studios and rejected constitutional challenges based on the First Amendment and Copyright and Commerce Clauses. See also Paramount Pictures, Corp. v. 321 Studios, No. 03-CV-8970 (RO), slip op. (S.D.N.Y. Mar. 3, 2004) (injunction against manufacturing or distributing DVD-copying software).
   Pearl Invs., LLC v. Standard I/O, Inc., 257 F.Supp.2d 326 (D.Me. 2003). Pearl Investments (“Pearl”), a developer of automated stock-trading computer systems, sued Standard I/O (“Standard”), a custom software company, and its owner (collectively called “defendants”). One of Pearl’s assertions was that defendants violated the DMCA by circumventing the protections of Pearl's password-protected, encrypted virtual private network (“VPN”) to gain unauthorized access to information that included Pearl's copyrighted software. Defendants sought summary judgment (“S/J”) on the DMCA claim. The District Court held, inter alia, that, as a matter of first impression, Pearl’s VPN was protected by DMCA's anti-circumvention provision because the “VPN, as described by Pearl, squarely fits the definition of ‘a technological protection measure put in place by a copyright owner to control access to a copyrighted work.’” Id. at 350. The court granted Standard’s S/J motion on the DMCA claim but not its owner’s because “the conduct in issue is that of Chunn [Standard’s owner], qua individual, and that Pearl's evidence and arguments fall short of creating a triable issue as to Standard's liability.” Id. at 349.
   I.M.S. Inquiry Management Systems, Ltd. v. Berkshire Information Systems, Inc., 307 F.Supp.2d 521 (S.D.N.Y. 2004). I.M.S. Inquiry Management Systems, Ltd., (“plaintiff”), a provider of advertising tracking services, sued Berkshire Information Systems, Inc., (“defendant”), a competitor, alleging copyright violations through unauthorized use of plaintiff's computer system and its contents. Defendant obtained and used a password issued by plaintiff for tracking advertising information and allegedly copied features of plaintiff's service in developing its competitive service. The court held that defendant “did not ‘circumvent’ technological measure[s] that effectively controlled access to copyrighted work, in violation of Digital Millennium Copyright Act (DMCA)." Id. at 521. The court stated that DMCA required defendant to avoid or bypass protective technological measures.
   Davidson & Associates v. Jung, 422 F.3d 630 (8th Cir. 2005). Plaintiff-appellees Davidson & Associates (“plaintiffs”), owners of copyrights in computer game and online gaming software sued creators of an alternative online service for circumvention of copyright protection system, trafficking in circumvention technology, and breach of contract. Plaintiffs created Battle.net, “a free service that allows owners of [plaintiffs’] games to play each other on their personal computers via the Internet.” Id. at 633. Defendant-appellants Jung et al. (“defendants”) created bnetd.org, an online service that “attempted to mirror all of the user-visible features of Battle.net” and allowed users to access the online gaming mode without the need for plaintiffs’ encoded identification key. The court held that defendants' development of the alternative service violated DMCA's anti-circumvention and anti-trafficking provisions.
   Chamberlain Group, Inc. v. Skylink Techs., Inc., 381 F.3d 1178 (Fed. Cir. 2005). Court affirmed summary judgment for Defendant on other grounds, finding that in order for a plaintiff to bring a successful claim under Section 1201, it needed to show that the act of circumvention or device that circumvented the copy-protection technology at issue also "facilitates infringing a right protected by the Copyright Act" and thus creates a nexus between the circumvention and copyright protection. Since access to the garage door opening software in the instant case did not facilitate infringement of the software in any way, no claim under Section 1201 could stand.
   Storage Tech. Corp. v. Custom Hardware Eng'g & Consulting, Inc., 421 F.3d 1307 (Fed. Cir. 2005). The Federal Circuit affirmed its holding in Chamberlain that any act of circumvention or circumvention device must facilitate infringement of a protected right under the Copyright Act in order for Section 1201 to be violated. Finding that Section 117 protected Defendants' actions from any claim of infringement, the Court reversed the preliminary injunction granted by the court below. On summary judgment, the district court dismissed plaintiff's DMCA claim, noting that it had not shown any evidence of the alleged circumvention facilitating infringement. It also found that under a theory similar to that in the Lexmark case, much of the software allegedly protected by the technological measure was "freely available" in an unrestricted format on the hard drive and floppy disks that the Plaintiff provided to all its customers. Finally, the court distinguished this case from the Davidson case by noting that in that case, the copyrighted works were "not freely available," even to purchasers of the product.
   Egilman v. Keller & Heckman, LLP, 401 F.Supp.2d 105 (D.D.C. 2005). The court cited with approval I.M.S. Inquiry Management Systems, Ltd. v. Berkshire Information Systems, Inc., 307 F.Supp.2d 521 (S.D.N.Y. 2004), holding that defendants’ use of “a username/password combination as intended--by entering a valid username and password, albeit without authorization--does not constitute circumvention under the DMCA.” Id. at 113.
   Auto Inspection Services, Inc. v. Flint Auto Auction, Inc., 2006 WL 3500868 (E.D. Mich. 2006). Plaintiff sought a preliminary injunction against defendants for violation of the DCMA concerning plaintiff’s automotive inspection program. The court found that plaintiff failed to demonstrate that defendant circumvented a technological measure that controlled access to plaintiff’s source code and thus dissolved a temporary restraining order against defendant and denied plaintiff’s motion for preliminary injunction. 

Webcasting

The Digital Millenium Copyright Act sets a statutory procedure for obtaining a license for webcasts, 17 U.S.C. §114(d)(2), with a lengthy list of requirements to qualify for the statutory license for webcasting. 17 U.S.C. §114(d)(2)(A); (d)(2)(C). The requirements include:

   The payment of royalties as set by the negotiated or statutory rate;
   A webcaster may not play in any three-hour period (1) more than three songs from a particular album, including no more than two consecutively, or (2) four songs by a particular artist or from a boxed set, including no more than three consecutively. This limit is called the "sound recording performance complement;"
   Prior announcements of when a song will be played are not permitted;
   Programs that are posted on a website for listeners to hear repeatedly on-demand may not be less than five hours in duration;
   Looped or continuous programs may not be less than three hours in duration;
   When performing a sound recording, a webcaster must identify the sound recording, the album, and the featured artist, if receivers of the service are capable of displaying this information;
   A webcaster may not perform a sound recording in a way that falsely suggests a connection between the copyright owner or recording artist and a particular product or service; and
   A webcaster must accommodate and cooperate with certain technical copyright protection measures. 

Vessel Hull Design Protection

Listed for completeness, the Vessel Hull Design Protection Act provides sui generis protection for vessel hulls (overriding the result of Bonito Boats v. Thunder Craft Boats, 489 U.S. 141 (1989)). See http://www.copyright.gov/reports/vhdpa-report.pdf