What web developers should know about copyright
For some reason (maybe a weeklong trial?) I kind of missed the Megaupload story from mid-January. My bad.
What story? Oh, this Megaupload story:
Police in New Zealand raided homes and businesses with links to the founder of Megaupload.com, one of world’s biggest Internet file-sharing sites U.S. authorities shut down Friday. U.S. official sources say the site earned $42 million in 2010 alone.U.S. authorities are accusing Megaupload.com of facilitating illegal downloads of films, music and other copyrighted content making owners lose at least $500 million in revenues. New Zealand Police, according to Huffington Post, served 10 search warrants at several businesses and homes connected to Megaupload.com.
Yeah, that story. Which, of course, implicates the whole SOPA and PIPA thing. And for some reason it didn’t seem to impress most of the “usual suspects” among IP blogs (i.e, those I usually read) so much as the tech-blog crowd. Notable, and unsurprising, exception: Mike Masnick, who writes: “DOJ Gives Its Opinion On SOPA By Unilaterally Shutting Down ‘Foreign Rogue Site’ Megaupload… Without SOPA/PIPA.” The post kind of writes itself!
[T]he dramatic events of January 20, when New Zealand authorities descended on the multi-million dollar pad of Megaupload founder Kim Dotcom (and cutting him out of a “safe room” — What’s the point of a “safe room” if the police can still cut you out? ), are old news now. The fall-out has shaken out, with several music-sharing/locker services radically altering their business practices.
[A] few days ago, the Department of Justice filed a superseding indictment against MU (which you can access here). It’s honestly not that big a deal, but I can pretend it’s significant enough to write a couple of “timely” blog posts.
Looked at one way, the MU Indictment isn’t that strange or rare. The DOJ indicts wealthy people for white-collar crime all the time. Here in Nashville, we’ve had a rash of criminal indictments against companies and executives for financial and real-estate fraud, packaged together with charges of money laundering and racketeering. Nobody comes to the defense of these guys, alleges that there is a government conspiracy to destroy a line of business, and certainly nobody calls these guys “heroes.” It’s just the DOJ doing its job.
Looked at another way, the MU Indictment is breathtaking. Never before has the United States government brought its powers to bear against a file-sharing site (that I’m aware of, anyway). Since there are so many competitors to MU, it didn’t look like just another white-collar indictment, but an attack on a whole industry. If what MU did was criminal, then a lot people who didn’t regard themselves as criminals felt they needed to reassess that assumption, and it’s not a nice feeling. It you’re not used to federal criminal practice, it is terrifying to see what the U.S. government can accomplish when it puts its mind to it–even before it puts anyone in prison.
Rick subsequently posted another piece on the implications of the Megaupload adventures, and promises a third — good stuff:
In the first part of this three-part series, we tried to put the MU Indictment into a practical context. Last time, we started to look at the substance of the legal issues, starting with the government’s case. We concluded that, because of some essential differences between civil and criminal copyright infringement, the government’s case isn’t as easy as we civil lawyers would have thought (though I think the government will find some way to make it work).
Now, we’ll apply the same logic to MU’s DMCA safe-harbor defense. It turns out there probably isn’t such a thing as a DMCA safe-harbor defense in criminal actions, but that may not make much of a practical difference because of the criminal action’s willfulness requirement. . . .
If the “hard” definition of “willfulness” is correct, then complying with the DMCA safe-harbor requirements becomes a pretty good proxy for avoiding willfulness. This is because, under the “hard” definition, you would need to know that you were infringing someone’s copyright before you could be said to be “willfully” infringing it. And that sounds a lot like the “knowledge” requirement of Section 512(c) and (d), the two most relevant DMCA safe harbors . . .
It seems to me, if you’re getting rid of any material on your system that you know is infringing, expeditiously upon obtaining such knowledge, then you’re not willfully infringing. At least, that’s a pretty strong argument. Then again, what choice do we have? If compliance with the DMCA safe-harbor knowledge requirement isn’t enough, many of us are pretty much screwed if the DOJ decides to go after service providers hard. (An unlikely event, to be sure, but not a very happy one!)
However, the “knowledge” requirement isn’t perfectly coextensive with “willfulness.” Take, for example, the hallmark of the DMCA safe harbor, the takedown notice. Under the DCMA safe harbor, a defective takedown notice from a putative rights holder has absolutely no effect–it’s as though it didn’t exist. There’s a good reason for such a counterintuitive rule: we need to encourage rights holders to send fully compliant takedown notices, which in turn protects the rights of users.
But what about for willfulness purposes? The DMCA takedown framework doesn’t apply to criminal actions, so the civil rule regarding defective DMCA takedown notices shouldn’t apply either. For criminal purposes, a defective DMCA takedown notice would be evidence of willfulness. (Not necessarily conclusive evidence, just a step in the direction of willfulness.)
This works both ways. For example, under the DMCA safe-harbor, failure to comply with the highly technical requirements can lead to a partial waiver of the safe-harbor protection, at least with respect to certain works–and sometimes much worse. But willfulness is a fuzzier concept, so one failure technical failure might not be viewed by a jury as a sign of willfulness.
Using the Megaupload seizure as a launching point, the Pittsburgh Trademark Lawyer blog also has a handy and thoughtful guest post featuring excerpts from an article by law student Megan Costello that was recently published in the Fall edition of the World Jurist Association Journal of Law and Technology. I’m not sure if it’s ironic or not that you can’t get the whole article online, or at least not readily, but the piece is called ”Look Before You Leap: A Developer’s Guide to Copyright Infringement and Stopping Secondary Liability Before it Starts.” This article is a somewhat more entry-level treatment of the issues, and thus might be a handy link to share with a web developer you know whose overseas compound has not yet been attacked by commandos. (You already know where to go for anything having to do with secondary liability for trademark, of course.)
Anyway, yes, Megaupload. Whoa.