Bringing Accountability to the Internet: Web Services Aiding and Abetting Rogue Sites Must Comply With Injunctions

Background

This week, the Southern District of New York provided copyright owners an important victory in being able to enforce their copyrights when it clarified that a third-party Internet service used by an infringer was required to comply with a preliminary injunction. The decision in Arista Records LLC v. Vita Tkach comes in the wake of the recent Grooveshark settlement. More background can be found here, but essentially, Escape Media operated popular music streaming service Grooveshark, where the vast majority of the works available on its site were unauthorized (including much of the music uploaded by Escape Media’s own employees), and where it failed to reasonably implement a policy designed to deter repeat infringers from using its service.

However, within a week of the settlement, which shut down the Grooveshark website and transferred the Grooveshark marks to the labels, someone registered the domain names “grooveshark.io” and “grooveshark.pw” and launched a copycat site to deliberately circumvent the settlement. They further publicized their bad-faith actions, claiming to be the new Grooveshark service.

The labels swiftly filed a sealed complaint against these anonymous actors alleging trademark infringement and counterfeiting, false designation of origin, cybersquatting, and direct and secondary copyright infringement; and moved ex parte for a temporary restraining order (TRO), seizure order, and an Order to Show Cause for Preliminary Injunction, pursuant to Federal Rule of Civil Procedure 65, Section 34 of the Lanham Act, and the All Writs Act. The TRO applied not only to defendants, but also to registrars and other third parties with knowledge of the order who provided services used in connection with defendant’s operations. The court granted the TRO, on the grounds that (1) the labels were likely to succeed in showing that defendants engaged in trademark and copyright infringement, (2) unless defendants were enjoined by the court, the labels would face immediate and irreparable harm, and, (3) if the labels were to proceed on notice, defendants would likely destroy, move, hide, or otherwise make the infringing site inaccessible to the court, frustrating the labels’ relief. Notice of the TRO was promptly served on Namecheap, the US-based registrar for the rogue domains. Namecheap complied, severing access to the domains.

Relentless, the defendants soon registered a new domain name, “grooveshark.vc,” with US-based registrar Dynadot to provide a new location for the infringing site. However, the domain name did not stay active long—Dynadot immediately complied after being served with notice of the TRO. The defendants continued their freeriding mission though, soon moving their site to yet another domain name, “gooveshark.li,” and registering the domain with a Switzerland-based registrar so as to be outside the reach of US courts.

In an effort to render the defendant’s new domain ineffective, the labels served notice of the TRO to US-based CloudFlare, a company that provided the authoritative domain name system (DNS) server and accompanying content delivery network (CDN) and reverse proxy services used by the defendants. However, unlike Namecheap and Dynadot, CloudFlare refused to comply with the court order, claiming its service was not necessary for the website to operate (and thus any injunction will not provide relief), and that, even if it was, it was not a party to the action, and was not acting “in active concert or participation” with defendants as required under Fed. R. Civ. P. 65(d), a prerequisite for the court to assert authority over CloudFlare in this case.

CloudFlare’s Service

CloudFlare, as mentioned briefly above, provides authoritative domain name system servers to website owners as a means of providing content delivery network (CDN) and reverse proxy services. As the court found in its order, this essentially means that “when someone types a domain name such as ‘grooveshark.li’ into a web browser, the Defendants have engaged CloudFlare to convert the domain name into the IP address for the website associated with the domain name so that the user can connect to the website they are trying to reach.”

Represented by Goodwin Proctor and the Electronic Frontier Foundation (EFF), CloudFlare characterized itself in its memorandum as a service that “optimizes the delivery of customers’ websites from the customers’ origin server to visitors’ browsers.” While it provides faster load times, better performance, and more security, it is “not necessary to the operation of the website.” According to CloudFlare, if it were to stop serving a customer, “their domain name still exists and can easily continue functioning.” Interestingly though, CloudFlare seemed to severely downplay it’s own importance. The EFF has previously characterized CloudFlare as a “major infrastructure provider,” providing the proxy and caching infrastructure to “distribute on behalf of other sites, making them faster and greatly increasing their capacity to serve large numbers of users at once.” (emphasis added). In other words, if defendants want to maintain the high traffic necessary to support their hosting costs, they need a service like CloudFlare to operate smoothly. More importantly though, the court found that without CloudFlare’s services, a user could only get to grooveshark.li if the user had the actual IP address for the website associated with the domain name.

The Appropriateness and Scope of TROs

The legal basis for the relief sought here is actually well-settled. Under Fed. R. Civ. P. 65(b), a court “may issue a temporary restraining order without written or oral notice to the adverse party or its attorney only if: (A) specific facts in an affidavit or a verified complaint clearly show that immediate and irreparable injury, loss, or damage will result to the movant before the adverse party can be heard in opposition; and (B) the movant’s attorney certifies in writing any efforts made to give notice and the reasons why it should not be required.” The very purpose of a TRO is to preserve an existing situation in status quo until the court has an opportunity to pass upon the merits of the demand for a preliminary injunction. Pan Am. World Airways, Inc. v. Flight Engineers’ Int’l Ass’n, 306 F.2d 840, 842-43 (2d Cir. 1979). In fact, it’s exactly in cases like these—cases where providing notice may prompt a defendant to further take action to evade the law—where an ex parte TRO without notice is especially appropriate, as “providing notice all too often would serve only to render fruitless further prosecution of the action.” In re Vuitton Et Fils S.A., 606 F.2d 1, 5 (2d Cir. 1979). Yet even without notice, the defendants still had ample opportunity to be heard, as they had 14 days to show cause for why a preliminary injunction should not be granted, and never did so.

Indeed, the labels already sat on strong legal ground asking for a TRO to enjoin trademark and copyright infringement. Section 34 of the Lanham Act (15 U.S.C. § 1116(d)), provides that, in civil actions arising out of use of a counterfeit mark in connection with the distribution of goods or services, the court may, “upon ex parte application, grant an order . . . providing for the seizure of goods and counterfeit marks involved in such violation and the means of making such marks, and records documenting the manufacture, sale, or receipt of things involved in such violation.” And section 502 of the Copyright Act (17 U.S.C. § 502(a)) provides that any court having jurisdiction of a civil action arising under the Act may “grant temporary and final injunctions on such terms as it may deem reasonable to prevent or restrain infringement of a copyright.” Finally, Fed. R. Civ. P. 65(d)(2) provides the scope of an injunction, which binds all the following who receive actual notice: “(A) the parties; (B) the parties’ officers, agents, servants, employees, and attorneys; and (C) other persons who are in active concert or participation with anyone described in Rule 65(d)(2)(A) or (B).”

As the court made clear in its order, a third party that aids and abets a party violating an injunction is in “active concert or participation” with that party. This requires a showing that a third party had actual knowledge of the court order, violated that order, and in doing so, took action that benefitted or assisted the defendants. The court pointed to ample precedent to support the notion that third parties in similar positions to CloudFlare have been found to be in “active concert or participation” with the defendant. For instance, in The North Face Apparel Corp. v. Fujian Sharing Imp. & Exp. Ltd. Co., No. 10 Civ. 1630 (AKH), slip op. (S.D.N.Y. June 24, 2011), the court stated that Public Interest Registry, the registry operator that maintains the authoritative database of all “.org” domain names, could be subject to an injunction enjoining it from allowing customers to connect to the defendant’s websites. In that case, like here, the defendants operated a variety of rogue websites that blatantly infringed the plaintiffs’ intellectual property rights, and continued to evade enforcement by simply shifting their illegal business to new domains.

Perhaps even more telling, at least one court had already specifically included CloudFlare within the reach of an injunction aimed at an infringing website. In Dish Network LLC v. Dillion, No. 12cv157 BTM(NLS), slip op. (S.D. Cal. Feb. 3, 2012), a court granted a preliminary injunction against not only the defendants, but against the associated registrars, registries, and “all website hosting, website optimization, and any other company that provides website services for the [infringing] domains, including, without limitation, CloudFlare, Inc.” (emphasis added). Again, like in this case, the defendants in Dillion (1) blatantly provided illegal services through rogue websites designed to infringe on the rights of copyright owners, (2) publicized their bad-faith goal of harming copyright owners (even threatening to move their domain out of the country, and stating to its members that “Dish is pathetic if they think they can stop the freedom of speech”), and (3) continued to relaunch its content on new domains to evade enforcement.

Why the TRO Applies to CloudFlare

In this case, it was abundantly clear that CloudFlare was aiding and abetting the defendants by willingly continuing to offer defendants its highly beneficial services even after it had been served with notice of the TRO. Not only did CloudFlare refuse to cease providing services to the domains configured prior to notice of the TRO, but CloudFlare actually allowed a user to configure the grooveshark.li domain after being served notice of the TRO. From there, grooveshark.li was able to rapidly gain Internet traffic. By actively allowing a user to register a “Grooveshark” domain name to use its services in the face of a court order prohibiting the user from operating the “Grooveshark” site, CloudFlare was not simply a passive service provider, but instead was consciously providing user access and optimization to a website it knew was operating in defiance of the TRO.

And while CloudFlare (and the EFF) expressed concern that the labels were essentially trying to turn service providers into copyright and trademark police, the court pointed out that the TRO was sufficiently narrow in scope. In doing so, the court observed that CloudFlare was not an attenuated service provider offering indirect support, but was instead “directly engaged in facilitating access to Defendants’ sites with knowledge of the specific infringing names of those sites.”

Lastly, CloudFlare’s argument that compliance with the injunction would still not necessarily shut down grooveshark.li or other incarnations of Grooveshark fell short. The court found this to be irrelevant, as the labels only had to show that CloudFlare was in active concert or participation with defendants, not that defendants’ site would be inaccessible but for CloudFlare’s services. The court was additionally unpersuaded by what it considered to fundamentally amount to a “futility” argument—just because others might aid and abet the defendants didn’t give CloudFlare the right to as well.

Copyright Critics Use SOPA As a Crutch

This case provides a particularly cogent illustration of the disingenuousness in the EFF and other copyright-critics’ continuous narrative that any attempt to hold Internet services accountable for online copyright enforcement is a misguided attempt to revive the Stop Online Piracy Act (SOPA). Riding off the public backlash against SOPA, the EFF and others seem to return to it constantly to advance its narrative that copyright owners who are trying to bring greater accountability to Internet actors that facilitate infringement are a threat to free speech, innovation, and the Internet itself. This case is no different. In its memorandum opposing compliance with the TRO, CloudFlare attempted to argue that the labels were really trying to act as if SOPA had been passed: “Plaintiffs ask the Court to construe its injunction power as though H.R. 3261 had in fact become law.” The court, of course, shot this argument down. But more importantly, it is a curious argument to make when a majority of the claims brought by the labels were based on trademark infringement.

In fact, actions that affect third party Internet actors are quite normal in the world of trademark law. For instance, in 1999, Congress passed the Anti-Cybersquatting Consumer Protection Act (codified as Section 43 of the Lanham Act, or 15 U.S.C. § 1125(d)), which provides that a person with bad-faith intent could be held liable for registering, trafficking in, or using a domain name that was identical or confusingly similar to a mark, and specifically authorizes rightsholders to file in rem actions against infringing domain names in order to require registrars and registries to cancel the domain name or transfer the domain name to the rightsholder. Even without this explicit statutory authority, domain name seizures and injunctions against Internet providers requiring them to cease providing services to defendants are not uncommon in trademark infringement and counterfeiting cases. Yet the EFF and copyright critics have really spent little attention fighting such actions, despite the fact that they are some of the very actions claimed to be “breaking the Internet.”

Of course, as of writing this, the Internet still appears to be working. It therefore makes little sense that as soon as a claim of copyright infringement is being made in addition to conventional trademark claims, the EFF steps in to provide representation and state that it will “block the recording industry’s move to force Internet infrastructure companies into becoming copyright police with far-reaching restraining orders.” In light of the court’s decision, it could not be more clear that arguments invoking SOPA are really not about protecting the Internet, but about avoiding accountability for Internet services that facilitate copyright infringement.

Conclusion

As we’ve mentioned before, a free and open Internet does not mean an unrestrained Internet free of accountability, but an Internet in which the rule of law still holds true. For copyright protection to hold any meaning, there must be a means to actually protect one’s copyright. The recent order holding CloudFlare accountable for knowingly and directly facilitating an obviously infringing site is a perfect example of how the law is intended to work. It is simply no longer practical, realistic, or even a legally strong argument for an Internet company to continue to aid and abet bad-faith copyright infringers while hiding behind the veil of being a “passive” actor that simply provides services. Instead, we must cooperate so that the Internet continues to allow for innovation, opportunity, and growth.

photo credit: Photodisc/Photodisc/thinkstock