On December 1, a federal court in Virginia entered partial summary judgment for music publisher BMG in BMG Rights Management v. Cox Communications, a closely watched case on the applicability of the DMCA safe harbors to a broadband Internet access provider. BMG sued Cox for contributory and vicarious infringement based on Cox users’ peer-to-peer file sharing activity. Cox asserted the DMCA safe harbors in its defense, and BMG argued that Cox should be ineligible for safe harbor for failing to comply with section 512(i) of the DMCA, which requires providers to adopt and reasonably implement a policy for terminating the accounts of repeat infringers in appropriate circumstances.
The DMCA doesn’t define “repeat infringer” or “appropriate circumstances,” leading courts to conclude that Congress intended for providers to have broad discretion over the substance and implementation of their section 512(i) policies. The case law has never been clear on whether a provider may legitimately take the position that the only customers who should be treated as repeat infringers under the DMCA are those who have been adjudicated and found liable for infringement. In this case, Cox failed to persuade the court that it should be required to terminate user accounts only in cases involving adjudicated infringers:
Cox did not have leeway to wait until an account holder was adjudicated as an infringer to find that circumstances were appropriate for termination.…[T]he Court disagrees that a repeat infringer policy applies only to those who have been held liable in a copyright suit. Rather, an account holder must be considered an infringer, at minimum, when the service provider has actual knowledge that the account holder is using its services for infringing purposes.
Cox also struck out with its argument that notices of infringement from copyright owners are insufficient to confer actual knowledge of a user’s infringement on a provider. The court acknowledged conflicting decisions on the point but quoted the Ninth Circuit’s decision in UMG Recordings v. Shelter Capital Partners for the proposition that notices are “powerful evidence of a service provider’s knowledge,” whether or not they are sufficient on their own to establish that knowledge. The evidence of knowledge in Cox’s case was particularly strong, the court said, because Cox received not one or two but at least fourteen notices of infringement for multiple individual users over a six-month period. In addition, emails from customers who were the subjects of repeat notices and whose accounts were eligible for termination under Cox’s policy contained admissions from the customers themselves that they had been sharing copyrighted files. On the facts, this was not a good case for Cox; the record quite clearly showed that Cox was calculatedly lax in its enforcement of its repeat infringer policy, hanging on to violators for the stated purpose of preserving revenue.
With Cox stripped of safe harbor protection, this case is set to go to trial on BMG’s secondary infringement claims. The court denied Cox’s motion for summary judgment on both contributory and vicarious infringement. Of particular concern for all broadband access providers should be the court’s reasoning with respect to BMG’s claim of vicarious infringement. To establish vicarious infringement, a plaintiff has to show that the defendant had the right and ability to control the direct infringer’s activities and derived a direct financial benefit from those activities. Under the court’s reasoning, which closely tracks Judge Kozinski’s dissents in the Perfect 10 cases, any service provider with a contractual right to terminate a customer’s service has the right and ability to control that customer’s infringing activity on the service. This is a broad reading of the control element. The court rejected Cox’s argument that the right and ability to control should be read more narrowly to mean control over an individual customer’s infringing conduct, as opposed to control (writ large) over the means the customer uses to infringe.
On the direct financial benefit element of vicarious infringement, the court said that a jury could conclude that Cox benefited financially from illegal file sharing because the availability of infringing material through its network was a draw to customers. BMG’s evidence on this point was a survey showing that 16% of respondents used Cox’s service to infringe, and 70% of that 16% said they subscribed to the service at least in part because they could use it to infringe. By this logic, any provider of access to the open Internet can be held to use infringement as a draw to sell service. For what access provider is it not true that a subset of a subset of its customers counts the ability to access infringing material as one reason among many—the vast majority of them perfectly legal—to subscribe?
Considering the fact that the roots of vicarious liability are in the “thick” privity of the master-servant relationship, the application of the doctrine in the copyright context to cover the “thin” privity between Internet access providers and their millions of customers seems like a stretch. In the Perfect 10 cases, the Ninth Circuit rejected claims of vicarious liability against search and payment intermediaries as a matter of law, but the court in this case held that Internet access providers are differently situated. Given the court’s broad interpretation of the scope of vicarious liability, the loss of the safe harbor for Cox is potentially crushing. Whatever revenue Cox preserved by stinting enforcement of its repeat infringer policy pales in comparison to the damages to which it is now exposed.