Filelocked: Hotfile liable for rampant copyright infringement

[infringement] originally appeared on [#protected_0#]


Hotfile is liable for the “staggering” amount of infringement it financially benefitted from, and it is not protected by the DMCA safe harbor for online service providers.

That is the conclusion of U.S. District Court Judge Kathleen Williams of the Southern District Court of Florida. Williams [#protected_1#], but the decision had been under seal until this past Friday.

What makes this case notable is that it was brought by the five major motion picture studios (Disney Enterprises, Inc., Twentieth Century Fox Film Corporation, Universal City Studios Productions LLLP, Columbia Pictures lndustries, Inc., and Warner Bros. Entertainment Inc.) against a fairly popular filelocker service (at least at the time the suit was filed). This appears to be the first time an infringement lawsuit from major players in the creative industries had been brought against a filelocker service specifically — previous efforts have aimed at P2P services and the like. Add to that the fact that the suit was filed in Florida, outside the 2nd and 9th Circuits where the bulk of copyright litigation occurs, and you have a situation where the court is interpreting many DMCA provisions on a blank slate.

Oh, and [#protected_2#] also comes in at just under 100 pages.

I had [#protected_2#] and both parties’ arguments. That was over a year ago, which is an unusually long time between hearing and order on a summary judgment motion. Part of that may have been the sheer complexity of the issues; part of that may have been the aggressive litigation posture taken by both sides. The court diplomatically refers to the many “robust pleadings” filed without leave of court and notes, certainly an understatement, that “the parties do not agree on much.”

Whatever the case may be, the issue boils down to a familiar one. Hotfile, an “off-shore technology company” provides online file storage. As is often the case, infringing works are among the files that were stored and shared by Hotfile users. The film studios argued that Hotfile should be held liable for such infringement because it contributes to, encourages, or benefits from such infringement.

As the court explains, Hotfile’s storage locker service allows registered users to upload any file they want from their computer to Hotfile’s servers to be stored. The service automatically generates a link where the file can be accessed. The files or links are not otherwise private; any member of the public can access them so long as they know the link. Hotfile operated an affiliate program which paid users when they directed others to Hotfile file locations, encouraging affiliates to catalog and broadcast Hotfile links. Hotfile also provided premium service, which gave users additional file space and faster download speeds for a monthly fee.

The court begins with a careful, comprehensive discussion of the facts (nearly 35 pages worth). As we’ll see in a moment, the question of whether Hotfile had adopted and reasonably implemented a repeat infringer policy will play a key role in determining whether the service is protected by the DMCA safe harbor, but I do want to highlight the court’s discussion regarding the policy that was in place — some of these numbers are staggering. The evidence reveals that when the studios had filed their complaint, Hotfile had received a total of 10 million takedown notices for infringing content, yet had only terminated 43 users – 33 of those as a result of a court order from prior litigation. At the same time, nearly 25 thousand Hotfile users had accumulated more than three infringement notices; 61 of those users had over 300 notices each. After the litigation began, Hotfile adopted a “revamped” repeat infringement policy, and the results were dramatic: 444 of its 500 highest paid affiliates were terminated for repeated infringement.

The DMCA safe harbor and the repeat infringer policy

Turning to the legal issues, the court begins with the DMCA safe harbor.[infringement] As it notes, if Hotfile qualifies for the safe harbor, it is immunized from any liability for infringement. If it doesn’t, the court must then separately consider if Hotfile is liable. The court cites to the relevant legislative history of the DMCA to explain the law’s motivations in striking a balance between protecting creators’ rights and promoting the growth of online services.

The DMCA applies to online service providers, which Hotfile clearly is, and one of the safe harbors covers storage at the direction of the user, which the court says covers the activities at issue here.[#protected_0#]

The DMCA safe harbor requires that a service provider

has adopted and reasonably implemented, and informs subscribers and account holders of the service provider’s system or network of, a policy that provides for the termination in appropriate circumstances of subscribers and account holders of the service provider’s system or network who are repeat infringers.[#protected_1#]

The court here turned to the legislative history and other courts to flesh out the details of this provision, since the terms are not defined in the statute. It determined that a policy is “reasonably implemented” if it terminates users, under appropriate circumstances, who “repeatedly or blatantly infringe copyright.” At a minimum, this means that a policy “must be capable of tracking infringers.” Hotfile, said the court, “effectively did nothing to tie notices to repeat infringers.” This, in addition to the breathtaking scope of infringement that Hotfile essentially ignored took the service provider outside the protection of the DMCA safe harbor. The court concluded:

Here, the scale of activity – the notices of infringement and complaints from copyright holders — indicated to Hotfile that a substantial number of blatant repeat infringers made the system a conduit for infringing activity. Yet Hotfile did not act on receipt of DMCA notices and failed to devise any actual policy of dealing with those offenders, even if it publicly asserted otherwise. It has presented no evidence to show that the small number of removals that did occur were for any reason other than threatened Iitigation or by court order. lndeed, it has been unable to point to a single specific user who was terminated pursuant to its policy of manual review and exercise of ”discretion.” Documents and statistics indicate that there was never any realistic threat of termination to Hotfile’s users, whose activities were protected by the company’s indifference to infringement notices.

Read the rest

Congress Misaligned the DMCA Online Copyright Safe on Grooveshark

Grooveshark runs a user-generated content (UGC) website that allows users to upload and download sound recordings.  UMG Recordings (a subsidiary of Vivendi, VIV:FP) sued Grooveshark for copyright infringement based on its users’ activities.

This week, a New York state appellate court partially denied Grooveshark’s eligibility for the online safe harbors enacted by Congress in the 1998 Digital Millennium Copyright Act.

This ruling creates several problems for UGC websites that let users post sound recordings, and it demonstrates one way Congress mishandled drafting its online safe harbors.

The Ruling

In 1998, Congress provided UGC websites with a safe harbor for user-caused copyright infringement (17 U.S.C. 512(c)).  To be eligible for the safe harbor, UGC websites must satisfy some preconditions.  If they do, copyright owners unhappy about users committing copyright infringement can send takedown notices to the UGC website.  If the UGC website responds quickly to a takedown notice, the DMCA online safe harbor says that the website avoids further copyright liability for the items identified in the takedown notice.   In contrast, if the UGC website ignores/rejects the takedown notice, it potentially bears legal responsibility for its users’ actions.  Obviously, most UGC websites prefer to limit their risk, so they routinely take down items identified in the takedown notices.

I acknowledge that you probably think most court opinions address arcane legal issues, but even I think this ruling dealt with unusually arcane legal issues.  The DMCA online safe harbors apply to “copyright” claims, but it turns out the word “copyright” is ambiguous.  In the 1976 Copyright Act, Congress attempted to eliminate most state copyright laws.  As a result, today most potentially copyrightable works either are protected under federal law, or they are not protectable under federal or state copyright law at all.  However, Congress preserved a few categories of works that can be covered by state copyright law–the most commonly-encountered example is certain bootleg recordings of concerts.  Congress also said that sound recordings made before 1972 remain protected under state copyright laws.  Some of these pre-1972 sound recordings are hugely important and highly recognizable cultural assets; for example, the Grooveshark court cites the UMG-owned recordings of “Peggy Sue” by Buddy Holly, “Johnny B. Goode” by Chuck Berry, “My Girl” by the Temptations and “Baby Love” by the Supremes.

It’s this latter group of pre-1972 sound recordings at issue in the Grooveshark case.  Grooveshark argued that the DMCA safe harbors applied to both federal and state copyrighted works.  UMG argued that the safe harbors only apply to federal copyrighted works, not state copyrighted works.  In a short and relatively unenlightening opinion, the New York state appellate court sided with UMG and ruled that the DMCA  safe harbor’s “notice-and-takedown” scheme doesn’t apply to state copyrighted works.


I see at least three problems with the court’s ruling:

Problem #1: In 20111, a New York federal court (in Capitol v. MP3Tunes) reached the directly opposite conclusion and held that state copyrighted works are covered by the DMCA.  (The Grooveshark opinion acknowledged this precedent but made no effort to distinguish it).  In 2007, the federal Ninth Circuit Court of Appeals held in 2007 that all state IP claims against UGC websites (including, presumably, state copyright laws) categorically are preempted by a different federal website immunity, 47 U.S.C. 230 (see Perfect 10 v. ccBill).

Thus, we have three different and conflicting interpretations of the DMCA’s applicability to pre-1972 sound recordings.  What a mess!  It’s never good for anyone when courts have three different answers to the same legal question.  It also means litigants may engage in wasteful forum-shopping efforts to find the judicial venue where the rules are most favorable them.

Problem #2: The ruling doesn’t hold Grooveshark liable for users’ copyright infringement of pre-1972 sound recordings.  Instead, Grooveshark simply failed to qualify for the safe harbor for those works, so the judicial inquiry will now turn to the default laws applicable to “secondary” infringement of state copyrighted works.  Unfortunately, we have no idea what those rules are.  Because most UGC-related copyright infringement cases have been resolved by the DMCA safe harbor, we don’t have many rulings interpreting the secondary infringement rules in those rare situations when the safe harbor doesn’t apply (see this post for more about that).  Furthermore, we have even scarcer caselaw interpreting secondary liability for infringement of state copyrighted works.  (It’s probable the rules will track the federal copyright laws, but that’s not guaranteed).  Thus, this case now involves novel and unpredictable legal questions.

Problem #3: Grooveshark has no easy way to distinguish which user-submitted sound recordings are covered by federal copyright versus state copyright.  However, its legal liability depends this difference.  Operationally, how should Grooveshark proceed?  Without universal protection from the DMCA’s safe harbor “notice-and-takedown” scheme, Grooveshark may be required to pre-screen user uploads to assess whether the file is a pre-1972 sound recording or not, and then it may have to handle those files differently.

However, if that’s the result, Grooveshark probably doesn’t have a viable business.  The pre-screening costs would be exorbitant, Grooveshark would make many classification errors, and copyright owners would subsequently argue (probably unsuccessfully, though we are not sure) that Grooveshark should lose the DMCA safe harbor if it fails to catch infringing files during its pre-screen.  (See the latest Viacom v. YouTube ruling for examples of copyright owners’ arguments about website operator scienter).

More importantly, if Grooveshark must build a uniform site-wide operational process to deal with the small minority of user-uploaded recordings protected by state copyright law, then the DMCA online safe harbors failed at a fundamental level.  Even if the safe harbor applies to 99% of the works, the safe harbor doesn’t help UGC websites with their business planning because the UGC website must still anticipate and address the 1%–and this becomes impossible if, without further research, the 1% looks identical to the 99%.

In a recent post, I discussed some key design attributes of safe harbors and immunities.  One element I identified was “global preemption,” meaning that a successful safe harbor has to swipe out all overlapping claims covering the same activity.  

Read the rest