Twenty Years of the DMCA: Notice and Takedown in Hindsight (Part II) by Terrica Carrington
This is part 2 of a 2-part series on the history of Section 512 of the DMCA. Read part 1 here.
The consensus over the years seems to be that the DMCA is not working as it was intended to. The balance that Congress envisioned has not come to fruition. Instead, copyright owners struggle to keep pace with the speed and volume of online piracy, sending hundreds or thousands of takedown notices relating to the same content on the same site. As quickly as they are able to send a notice, the content reappears threefold. Likewise, ISPs find it difficult to keep pace with the number of takedown notices they receive on a regular basis. Many of these ISPs are reluctant to take proactive measures to combat infringement for fear of opening themselves up to liability or upsetting their users. As a result, we have two industries working toward completely separate end-goals under the guise of cooperation: copyright owners are forced to locate and identify specific links, preparing and sending takedown notices for each individual link, and internet providers and platforms are narrowly focused on limiting their own liability by doing the bare minimum required by law—sometimes even falling short of that—to avail themselves of safe harbor protection. All the while, these efforts have had no effect in decreasing online piracy. But increasing internet speeds and the shifting internet landscape—although largely to blame—paint only a portion of the story. Judicial interpretation of many provisions of Section 512 have also played a role in the legislation’s inability to serve its intended purpose.
Flag on the Play: Red-Flag Knowledge
Under Section 512(c) of the DMCA, an ISP cannot qualify for immunity from copyright liability if it has “actual knowledge that the material or an activity using the material on the system or network is infringing” or if it is “aware of facts or circumstances from which infringing activity is apparent.” These two standards, known as actual knowledge and “red flag” knowledge, respectively, play a crucial role in ensuring that the DMCA fosters cooperation by placing some of the burden on ISPs to remove infringing content “even if the copyright owner or its agent does not notify it of a claimed infringement.” In 2012, in Viacom International v. YouTube, the Second Circuit Court of Appeals explained,
The difference between actual and red flag knowledge is  not between specific and generalized knowledge, but instead between a subjective and an objective standard. In other words, the actual knowledge provision turns on whether the provider actually or “subjectively” knew of specific infringement, while the red flag provision turns on whether the provider was subjectively aware of facts that would have made the specific infringement “objectively” obvious to a reasonable person. The red flag provision, because it incorporates an objective standard, is not swallowed up by the actual knowledge provision under our construction of the § 512(c) safe harbor. Both provisions do independent work, and both apply only to specific instances of infringement.
However, in 2016, in Capitol Records v. Vimeo—a case in which Capitol Records asserted that Vimeo, a platform that allows its users to upload videos, was “not only aware of the copyright infringement taking place on its system, but [was] actively promot[ing] and induc[ing] that infringement … [and] refusing to filter or block videos by using copyrighted recordings”—the Second Circuit issued a decision that dealt an enormous blow to the balance Congress intended. The Court held that, even where a copyright owner provides evidence that an ISP’s employee viewed “a video that plays all or virtually all of a recognizable copyrighted song,” that evidence is insufficient to establish red flag knowledge. Despite having previously held that the “red flag provision turns on whether the provider was subjectively aware of facts that would have made the specific infringement “objectively” obvious to a reasonable person,” the Court opined that “[t]he hypothetical “reasonable person” to whom infringement must be obvious is an ordinary person—not endowed with specialized knowledge or expertise concerning music or the laws of copyright.” In other words, the Second Circuit gutted the provision by articulating a formulation of obviousness under the red flag knowledge provision that is essentially a subjective standard, akin to the standard set for actual knowledge. Paired with the Court’s position that any evidence of red flag knowledge must be specific to the content at issue in the suit, this decision effectively placed the entirety of the burden of dealing with infringement online on the shoulders of copyright owners and effectively rendered the red flag knowledge standard useless.
Sending Takedown Notices Gets More Complicated
In 2007, Stephanie Lenz filed a lawsuit against Universal Music, alleging that Universal, in violation of Section 512(f) of the DMCA, “knowingly materially” misrepresented that the “Dancing Baby” video infringed its copyright in the song “Let’s Go Crazy” when it sent a takedown notice to YouTube regarding the video. The video, which was posted on YouTube, showed Lenz’s 13-month old son “dancing to the Prince song “Let’s Go Crazy,” which was playing in the background on the Lenz family CD player.” As a part of the analysis of the case, the Ninth Circuit Court of Appeals, in 2016, held that “a copyright holder must consider the existence of fair use before sending a takedown notification under § 512(c).” This further compounded the burden on creators of sending countless takedown notices to combat high frequency and high-volume infringement, especially as many of the major corporations have had to embrace automated processes, instead of or in conjunction with human review, just to keep up.
A Clear Definition of “Repeat Infringer”
Adding insult to injury, copyright owners were also dealing with ISPs that either had no repeat infringer policy in place, or were not properly enforcing the policies as required by the DMCA.
In 2014 BMG Rights Management filed a lawsuit for vicarious and contributory copyright infringement against Cox Communications, based on allegations of copyright infringement by its subscribers. Specifically, BMG alleged that Cox’s subscribers illegally reproduced and distributed 1,397 copyright-protected songs via peer-to-peer file-sharing networks. Despite receiving at least 1.8 million notifications, in addition to weekly letters, regarding the ongoing activity, Cox ignored the behavior entirely, even failing to implement its own (rather lenient) thirteen-strike policy. In December 2015, a jury found Cox liable for willful contributory infringement, awarding BMG $25 million in damages. That ruling was affirmed in 2016 when the court determined the ISP to be ineligible for safe harbor protection under the DMCA on the grounds that it failed to reasonably implement a repeat infringer policy, and Cox was again found liable for willful contributory infringement.
The principal argument raised by Cox in its defense was that the phrase “repeat infringer” as used in Section 512(i) of the DMCA referred to “adjudicated repeat infringers: people who have been held liable by a court for multiple instances of copyright infringement.” As a result, Cox argued, it should be eligible for safe harbor protection because “BMG did not show that Cox failed to terminate any adjudicated infringers.” In a major win for BMG and the copyright community as a whole, the court rejected that argument. Relying in part of the bill’s legislative history, the court said “[Congress made] clear that if persons ‘abuse their access to the Internet through disrespect for the intellectual property rights of others’ — that is, if they infringe copyrights — they should face a ‘realistic threat of losing’ their Internet access. The passage does not suggest that they should risk losing Internet access only once they have been sued in court and found liable for multiple instances of infringement. Indeed, the risk of losing one’s Internet access would hardly constitute a ‘realistic threat’ capable of deterring infringement if that punishment applied only to those already subject to civil penalties and legal fees as adjudicated infringers.’ Had the court found Cox’s argument compelling, such a ruling may very well have been the final nail in the coffin for balance and cooperation under Section 512.
Standard Technical Measures—The Missing Link?
A discussion about Section 512 of the DMCA is not complete without mention of standard technical measures. Section 512(i) disqualifies an ISP from safe harbor protection if it fails to accommodate or interferes with “standard technical measures,” (STMs) defined as “technical measures that are used by copyright owners to identify or protect copyrighted works and have been developed pursuant to a broad consensus of copyright owners and service providers, … are available to any person on reasonable and nondiscriminatory terms[,] and do not impose substantial costs on service providers or substantial burdens on their systems or networks.” This provision is arguably one of the most important parts of the DMCA, but, to date, it has had zero impact. The reason? The industries have yet to come to a consensus on measures that should qualify as STMs. In all of this discussion about the highs and lows of the notice-and-takedown regime, STMs and other, similar voluntary initiatives, are perhaps the key to turning the tide and breathing life back into the cooperative element of notice and takedown. But for that to happen ISPs need to be willing to come to table, which is something they have been unwilling to do.
Looking back over the last twenty years of the DMCA, and more specifically notice-and-takedown, it is clear that it has not worked out the way Congress intended. It is clear that far too many ISPs regard the DMCA as a tool to avoid liability, rather a tool for combatting infringement. It is clear that the balance integral to making the legislation effective has been chipped away, so that the burden falls almost entirely on copyright owners. And it is clear that this largely one-sided effort, where copyright owners send takedown notices by the boatload, is simply not working, as content is immediately reposted again and again. To give an example, on April 30, 2015, Fox sent 697 takedown notices to a single website after discovering copies of the film Kingsman: The Secret Service, which had been uploaded by users. Three months later, on July 21, Fox had to send an additional 881 notices to the same site, for copies of the same movie. Were the DMCA working as intended, that number should have decreased, and continued to decrease over time. Instead, we see the opposite.
What’s less clear is the path forward. While some advocate for legislative reform, a simpler and more effective approach would be to build upon the framework that is already in place through voluntary agreements and initiatives, and development of STMs.
At the end of the day, this legislation is about accountability. The internet has changed and will continue to change. Circumstances will inevitably always change. That cannot be the excuse for a failure of accountability or integrity. Twenty years ago, when representatives from both industries sat down to negotiate the terms of the DMCA, they understood that each side had a role to play in a joint effort to prevent the internet from becoming a haven for infringement. And it is that understanding that will place the trajectory of the DMCA back on course as it continues into its twenty-first year and beyond.