In its "first full analysis" of whether Section 512 of the 1998 Digital Millennium Copyright Act (DMCA) "is … achieving its aim of balancing the needs of online service providers with those of creators," the U.S. Copyright Office opined that courts have construed the statute far more favorably for online providers than intended. SECTION 512 OF TITLE 18, A REPORT OF THE REGISTER OF COPYRIGHTS (MAY 2020), https://www.copyright.gov/policy/section512/section-512-full-report.pdf.
In other words, courts too willingly have found that internet service providers (ISPs) that host content and provide internet access are protected by the safe harbor for infringement by users. The Copyright Office is not "recommending any wholesale changes to section 512," but encourages Congress to make changes to restore the section to the Copyright Office's perception of the proper balance.
Prompted by a 2015 request from the then-ranking member of the House Judiciary Committee, the Copyright Office based the report on a multi-year study, thousands of written responses, nine empirical studies, and roundtables nationwide. Published on May 21, 2020, the report demonstrates a rightsholder-friendly view of Congress's intent in enacting the DMCA and recommends several changes.
Availability of Safe Harbor
Under 17 U.S.C. § 512(c), a provider is immune from damages for infringement that occurs "by reason of the [ISP's] storage" if it meets certain threshold requirements and expeditiously removes the allegedly infringing content that it is hosting upon knowledge, usually in the form of a particularized notice from the rightsholder. The report opines that courts have expanded the safe harbor beyond Congress's intent, in particular by finding immunity for activities "related to" hosting, such as those performed by payment processors and peer-to-peer file sharing systems.
"Repeat Infringer" Requirements
The safe harbor requires providers to implement a policy that provides for the termination of users who are repeat infringers. 17 U.S.C. § 512(i). The report weighs in on a split in jurisdictions concerning whether a "repeat infringer" is an alleged infringer or an adjudicated infringer:
"If only those infringers who had repeatedly been adjudged by a court to be liable for copyright infringement—and thereby were already potentially liable for monetary damages—had to worry about having their access to an [ISP's] facilities terminated, it is unlikely that such a threat would serve as a deterrent where monetary damages already had not."
The Copyright Office also suggested that to qualify for a safe harbor, an ISP should be required to implement and share with its users a clear, written repeat-infringer policy. While the statute already requires that service providers adopt, reasonably implement, and "inform subscribers and account holders of" a repeat-infringer policy, it does not require that they post the terms of the policy or even that it be in writing.
In addition, the Copyright Office reasoned, notices cannot "fall into a vacuum and [ ] go unheeded," and the policy must also be enforced to be considered "implemented." The report also suggested there might be circumstances where a provider should terminate a user's account after repeated infringement, even when no one has sent a formal takedown notice.
Standards for Knowledge
The report suggests that the standard for knowledge of infringement that would disqualify a provider from the safe harbor has been interpreted too generously in favor of providers. The statute requires that the provider not possess actual knowledge of infringement and "not be aware of facts or circumstances from which infringing activity is apparent" —so-called "red flag" knowledge—even though Section 512(m) disclaims any requirement that a provider "monitor" its service.
The report opines that a standard that requires knowledge of a specific infringement incident "effectively remove[s] the [red flag knowledge] standard from the statute in some cases, while carving an exceptionally narrow path in others that almost requires a user to 'fess up' before the [ISP] will have a duty to act."
The report also criticizes courts' interpretations of the DMCA's willful blindness standard. The Copyright Office found that the widely cited standard from Viacom International, Inc. v. YouTube, Inc., 676 F.3d 19 (2d Cir. 2012)—under which ISPs have no affirmative duty to monitor for infringing behavior and rightsholders must show an ISP was aware of specific instances of infringement to prevail—is at odds with Congress's intent:
"By requiring evidence of specific instances of infringing material, rather than facts relating to infringement of specific copyrighted content, the courts have adopted a bar for demonstrating an [ISP]'s willful blindness that is both higher than the criminal willful blindness standard articulated by the Supreme Court and higher than the standard of willful blindness traditionally required in copyright cases."
The report also disapproves of the 9th Circuit's decision in Lenz v. Universal Music Corp., 801 F.3d 1126 (9th Cir. 2015), which imposes liability on rightsholders who submit takedown notices with willful blindness to the non-infringing nature of the complained-of content. The Copyright Office found that, read correctly, the statute allows such punishment only when the rightsholder has actual knowledge that the content is not infringing.
The report concludes that "a lower knowledge standard could potentially raise the risk of liability for even good-faith notice senders, deterring legitimate takedown or put-back requests and ultimately undermining the notice-and-takedown framework."
Subpoena Power Under Section 512(h)
Under Section 512(h), rightsholders may serve court clerk-issued subpoenas on an ISP for the identity of alleged infringers. The report found that that power has been infrequently used because courts have construed it narrowly, such that ISPs providing internet access, or conduit functions, do not have to respond to subpoenas for the identity of peer-to-peer infringers.
The report acknowledged there are strong public policy arguments in favor of such a construction to avoid scenarios where rightsholders use subpoenas to shake down small-time infringers, rather than end the infringement. Still, it found that such arguments do not justify "stripping rightsholders from any realistic ability to enforce their (congressionally mandated and constitutionally supported) rights, even if doing so may prevent some bad actors from abusing the primary mechanism by which rightsholders may vindicate those rights."