The holidays proved to be less than stellar for cable provider Cox Communications. November saw a court invalidate the DMCA safe harbor protection claimed by the company. December saw a jury in the same courtroom issue a $25 million dollar judgment against the company for copyright infringement. While many have commented on the decision, few commentators seem to be focusing on the simple lesson businesses seeking protection under the DMCA should take from the case.
DMCA Safe Harbor
The Digital Millennium Copyright Act was enacted in 1998 to address copyright infringement issues online. In 1998, the Internet was a newborn baby from a commercial perspective, and Congress sought to build in certain protective foundations to let the medium grow. The “DMCA” was such an act, and protected “Internet service providers” from copyright infringement claims based on content transferred by third parties through the provider’s systems.
Put simply, an Internet service provider cannot be sued for monetary damages based on copyright infringement claims associated with content uploaded or transferred through the Internet service provider by a third party. For example, a cable company providing Internet connectivity to residents of a city cannot be held liable for copyright infringement based on content those residents upload or download from the web.
However, there is a catch.
The DMCA only provides protection to Internet service providers if certain compliance steps are met. Fail to meet each milestone, and the protection is waived. The $25 million dollar judgement against Cox Communications highlights one compliance area where companies small and large often go wrong.
Cox Employees Waive DMCA Protection
BMG Rights Management, LLC brought suit for copyright infringement against Cox Communications in federal court in Virginia. Cox pled the DMCA safe harbor protections as an affirmative defense. BMG argued Cox waived the protections by failing to comply with the repeat infringer elements of the law. The key language is found in subsection (i) of 17 U.S. Code § 512:
(i) Conditions for Eligibility. –
(1)Accommodation of technology. – The limitations on liability established by this section shall apply to a service provider only if the service provider –
(A) has adopted and reasonably implemented, and informs subscribers and account holders of the service provider’s system or network of, a policy that provides for the termination in appropriate circumstances of subscribers and account holders of the service provider’s system or network who are repeat infringers; and
(B) accommodates and does not interfere with standard technical measures.
Courts have interpreted this language as requiring Internet service providers to terminate the accounts of repeat infringers. Otherwise, the law creates a “whack-a-mole” scenario that renders the law useless.
Unfortunately for Cox, emails surfaced during the discovery phase of the BMG litigation revealing the repeat infringer requirements of the DMCA were not met. For example, Jason Zabek, Cox’s Manager of Customer Abuse Operations, wrote:
As we move forward in this challenging time we want to hold on to every subscriber we can. With this in mind if a customer is terminated for DMCA, you are able to reactivate them after you give them a stern warning about violating our AUP and the DMCA. We must still terminate in order for us to be in compliance with safe harbor but once termination is complete, we have fulfilled our obligation. After you reactivate them the DMCA ‘counter’ restarts; The procedure restarts with the sending of warning letters, just like a first offense. This is to be an unwritten semi-policy… We do not talk about it or give the subscriber any indication that reactivating them is normal. Use your best judgment and remember to do what is right for our company and subscribers… This only pertains to DMCA violations. It does not pertain to spammers, hackers, etc.
There is no “restart” provision in the DMCA. Repeat infringers are to be terminated outright, and prevented from signing up for a new account. Given this obvious breach of the DMCA compliance process and other email messages passed between Cox employees of an equally painful message, it is little surprise a jury returned the $25 million dollar judgment.
The DMCA Lesson
The lesson to take from this case is simple. Businesses small and large must make sure that all employees involved in the chain of command for copyright matters understand what is required under the DMCA. The “repeat infringer” attack brought in the Cox Communications case is hardly a new tactic. Copyright owners have been pursuing these types of claims for years, yet Cox Communications employees clearly did not understand the concept or the company’s obligations pursuant to dealing with repeat infringers.
That is a $25 million dollar mistake.
The DMCA is an incredibly helpful law to businesses operating online facing user-generated content issues. Well, so long as the compliance requirements are met. Fail to meet those requirements, however, and your exposure to copyright infringement liability goes through the roof.
Unless you are using outside legal counsel such as myself to handle DMCA claims, make sure every single person involved in the decision-making process for copyright infringement complaints understands the obligations under the DMCA. Don’t suffer the same fate as Cox Communications.
Richard A. Chapo, Esq.