Hotfile is Out Cold, But Google’s DMCA Safe Harbor Debate Is Heating Up

Google recently threw down in the ongoing legal battle between the MPAA and Hotfile with amicus curiae panache. But Google wouldn’t file an amicus brief from the kindness of its algorithmic heart. Larger issues are at play – namely, safe harbor protection under the Digital Millennium Copyright Act (DMCA).

As Google’s counsel stated on Friday, “Google’s aim in seeking to participate in this case is to underscore the importance of the Court’s decision to a wide array of legitimate and socially beneficial Internet services, and to the overall climate of free expression online.”

The stakes are absolutely huge, both for Google and the Internet as a whole. The DMCA safe harbor protections enabled Google to successfully defend a multi-billion dollar lawsuit filed by Viacom against YouTube in 2007 (although the case is still on appeal). The safe harbor provisions have also been used by Amazon, eBay, Photobucket, Veoh, and MP3tunes to defeat otherwise crippling lawsuits. Facebook, Twitter, and Wikipedia likewise rely on the safe harbor provisions to protect their everyday operations. Without the DMCA safe harbors, the Internet would look entirely different.

Here’s a more detailed look at the legal issues in play.

For those of you who need some background, the DMCA was passed in 1998 before the bubble burst. The law criminalized circumvention of digital rights management technology but also limited the liability of ISPs for copyright infringement. The so-called DMCA safe harbors were designed to address the concern that online communication and commerce would be chilled if ISPs were held subject to potentially expansive infringement liability for material that their users posted, stored, transmitted, or made available for viewing.

Contrary to popular belief, however, Google is not Hotfile’s tag-team legal wrestling partner. Google doesn’t really care what happens to Hotfile. Google just wants to spread the precedential seeds of recent cases (including Viacom v. YouTube) to the Eleventh Circuit, which has yet to interpret the DMCA safe harbor provisions.

Frankly, Hotfile is out cold. Google acknowledges that in order to receive protection under the DMCA safe harbor, “a service provider must meet certain threshold conditions for eligibility, including the adoption and implementation of a repeat-infringer policy, and must designate an agent to receive notifications of claimed infringement from copyright owners.” For Hotfile, their efforts in this regard were too little, too late.

First, Hotfile failed to register and disclose a DMCA agent until May 2010 (15 months after launch) and was, according to the MPAA, still technically in violation of this provision as of 3/5/2012. As explained in Google’s brief, “the agent’s role is to facilitate the notice-and-takedown regime at the heart of the safe harbor … by expeditiously removing or disabling access to the material that is claimed to be infringing.” Hotfile’s complete lack of a designated agent for this purpose (at least initially) may disqualify it from safe harbor protection altogether.

Second, Hotfile did not reasonably implement a repeat-infringer policy until after the MPAA filed suit. Although key facts were redacted in the public version of the MPAA’s motion for summary judgment, the evidence seems fairly strong that Hotfile did not have in place any system to track repeat infringers – which would make it fairly impossible to implement a meaningful repeat-infringer policy. This is not to say that Hotfile has an affirmative duty to monitor its services for infringing activity, but it does suggest that Hotfile didn’t really have a repeat-infringer policy at all, or at least didn’t have one until the lawsuit.

But what happens to Hotfile is not really important to Google anyway. What matters is how the Eleventh Circuit interprets DMCA section 512(c)(1)(A), which can be used to disqualify an ISP from safe harbor protection. This section provides that no safe harbor protection is available to an ISP that acquires “actual knowledge” that particular material stored on its system is infringing, or becomes “aware of facts or circumstances from which infringing activity is apparent,” but then fails to act expeditiously to remove, or disable access to, the material in question – this is the infamous notice-and-takedown procedure.

To make matters more complicated (and also more interesting), section 512(c)(3)(B)(i) provides that a notification from a copyright owner that fails to comply substantially with the DMCA takedown notice requirements shall not be considered in determining whether an ISP has “actual knowledge” or is “aware of facts or circumstances” from which infringing activity is apparent.

So we have two issues: First, what exactly constitutes knowledge that would disqualify an otherwise eligible service provider from safe harbor protection; Second, what exactly constitutes substantial compliance with the DMCA takedown notice requirements.

These issues are at the heart of Google’s amicus brief. Google cites Viacom v. YouTube to argue that the phrases “actual knowledge” and “facts or circumstances” indicating infringement are extremely specific. In Google’s interpretation of the law, these phrases actually describe “knowledge of specific and identifiable infringements of particular individual items. Mere knowledge of the prevalence of such activity in general is not enough.”

So if you run a website and you have knowledge that infringing activity is taking place in general, that’s fine. You’re good, as long as you don’t have specific knowledge that a particular item of intellectual property belonging to a specific copyright owner has been infringed.

Moreover, in addressing the MPAA’s claims that Hotfile turned a blind eye to red flags of obvious infringement, Google points to relevant legal authority affirming that those flags “must be brightly red indeed – and waiving blatantly in the provider’s face.” The infringement “must be apparent from even a brief and casual viewing.” Google then takes it one step further, citing a case holding that “if any investigation is required to determine whether material is infringing, then those facts and circumstances are not red-flags.”

The logic is this: according to the legislative history, Congress recognized the fact that websites permitting users to contribute their own content often contain infringing items. This was common knowledge at the time. But if the DMCA safe harbor protects only those ISPs that do not have even this common knowledge, it would protect no one at all because everyone knows, generally at least, that infringement is taking place. The DMCA would then totally fail in its stated goal of “ensuring that the variety and quality of services on the Internet would continue to expand.”

Congress therefore placed the burden of policing copyright infringement on the copyright owners themselves (i.e., through the notice-and-takedown procedure) – which makes sense since they are in the best position to determine whether infringement is actually taking place and because they have the greatest incentive to do so.

As to the issue of compliance with takedown notice requirements, Google cites voluminous case law to argue that a copyright owner must “provide the specific location of the allegedly infringing works in each instance for the notice to be effective.” As a result, notices that do not identify the specific location of the alleged infringement are not sufficient to confer actual knowledge on the ISP. This is a critical point, because it’s directly relevant to the question of whether an ISP has the “actual” or “red-flag awareness” that would disqualify it from safe harbor protection based on previous takedown notices it has received. Google does an excellent job of raising the bar for copyright owners who wish to protect their material through the notice-and-takedown procedure.

And that’s the key point: If Google can shift the burden of policing copyright infringement to the copyright owners, and further make this burden somewhat onerous, then in the long run Google wins and Hollywood loses. Practically speaking, it would also be a win for the free flow of content across the Internet, for better or for worse.

But we’re not done. The MPAA makes one last argument, namely, that if Hotfile intentionally< induced infringement, then it should not be eligible for safe harbor protection. That’s because “inducement liability” is based on active bad faith while the DMCA safe harbor protections are meant to protect only good faith conduct aimed at operating legitimate Internet businesses. This is essentially the rule articulated in MGM Studios v. Grokster – that inducement liability arises from providing a service with the object of promoting its use to infringe copyright. The MPAA argues that inducement liability arises from an ISP’s culpable intent – not from its storage services – while the DMCA safe harbor only protects against liability that arises from storage.

Google rejects this argument by claiming that the DMCA safe harbor is so broad that it bars liability for all direct, vicarious, and contributory infringement claims that arise from storage services offered by an ISP, which include any “automated process for allowing replication, transmittal, and display of user-submitted materials covered by the storage provision.”

Google contends that inducement is simply one form of contributory infringement and is therefore covered by the DMCA safe harbor. But then Google seems to back-pedal somewhat by arguing that “the court should hold simply that whether a service provider is eligible for DMCA safe-harbor protection is distinct from whether it is liable for inducement under Grokster.”

That seems to leave unanswered the question of whether eligibility under the DMCA safe harbor can be used as a shield to guard against inducement liability; my initial sense is that it cannot, since Google acknowledges that each analysis should be distinct. But at the same time, it’s evident that each analysis will likely depend on common or interrelated facts – so it’s somewhat of a gray area that results from the interplay of the statutory DMCA safe harbor carve out and the judge-made inducement infringement standards articulated in Grokster.

Legal arguments aside, Google’s amicus brief underscores the historic importance of the Hotfile lawsuit in particular and IP litigation in general. These legal battles will ultimately define the flow of revenue streams across the internet and will have a deciding impact on the course of innovation in internet services. Competition and innovation will always create winners and losers. In the new digital millennium, Google has been winning so far, but that could change if the legal landscape is altered significantly. In the meantime, Google is doing what it can to draw that landscape favorably, while simultaneously preparing its appellate defense in Viacom v. YouTube.