Are Internet Service Providers Liable for Unlawful Conduct by their Customers?

The Internet has afforded astonishing new channels to engage in lawful commerce as well as unlawful activities.  Previously in order to engage in widespread libel one needed access to print media.  Now, with a press of a button, a libelous communication can be uploaded to the Internet and instantly published worldwide.   Search sites such as Google and auction sites such as eBay have created new channels for ordinary citizens to search for, purchase and sell millions of goods, including those that may infringe the rights of third parties.

Aggrieved parties who want to assert legal claims for wrongs perpetrated through the Internet may be unable to identify the wrongdoer, or s/he may have no locatable assets.  A number of cases have therefore been filed against Internet service providers (“ISPs”), the deep pocket intermediary whose Internet services allegedly provided the conduit or forum for the wrongful actions of its customers.

In the 1990’s ISPs complained to Congress that their nascent growth was threatened by unwarranted expense and potential liability for legal wrongdoing in which they played no direct role.  Among the most important results was passage by Congress of the Digital Millennium Copyright Act (“DMCA”) and the Communications Decency Act (“CDA”).

Provisions of the DMCA provide ISPs – those who transmit, host or cache material or facilitate searches for such material — with “safe harbors” against most liability for copyright infringement, provided that they respond reasonably and promptly to infringement notifications, do not ignore actual or constructive knowledge of infringement and maintain reasonable methods to track infringement notifications and terminate customers who repeatedly infringe the rights of others.

The DMCA has played a central role thus far in the much watched Viacom v. YouTube action, in which Viacom accuses YouTube of ignoring massive instances of infringing material on the YouTube website.See the complaint at this link: Viacom Youtube Complaint.

In 2010 the district court judge ruled that Google, which had purchased YouTube, was entitled to the safe harbors of the DMCA, and threw out Viacom’s suit.  The judge reasoned that although Google had generalized knowledge that copyrighted materials were being uploaded to YouTube, Google did not necessarily know which particular videos were uploaded with permission or were infringing, and that YouTube had acted properly in response to infringement notifications by Viacom. See, “Judge Sides With Google in Viacom Video Suit.”  The case is now pending before the federal court of appeal.  See, “Will the 2d Circuit Continue to Shield YouTube From Liability Under the DMCA for Welcoming Infringement on Its Site.”

Unlike the DMCA, which provides safe harbors against liability under federal copyright law, the CDA provides immunity to ISPs against most state law claims where the ISP is blamed for the actions of others.  A classic application of the CDA would be to a libel claim where an allegedly libelous statement is posted by a third party onto a forum maintained by an ISP, which argues that it is little more than a bulletin board for the postings of others.

I was lead counsel in the oft-cited case of Perfect 10 v. CCBill, 488 F.3d 1102 (9th Cir. 2007), in which Perfect 10, an adult magazine, accused CCBill, a payment processing company, and CWIE, a hosting company, of secondary liability for copyright infringement and various state law claims as a result of allegedly infringing images on their clients’ sites.  The courts found that CCBill and CWIE did not have actual or constructive knowledge of infringing activity and had acted correctly in response to infringement notifications.  The Ninth Circuit largely upheld the trial court’s decision to throw out Perfect 10’s copyright claims under the DMCA.  The Ninth Circuit also ruled that CCBill and CWIE were entitled to immunity under the CDA on all of Perfect 10’s state law claims, which included unfair competition, false advertising and violation of rights of publicity, on the grounds that the claims arose from the conduct of third parties.  View the Ninth Circuit opinion here:

Copyright holders have enjoyed their greatest court successes on theories of secondary liability for infringement against proprietors of peer to peer sites, such as Napster and Limewire, which were found to have induced or had knowledge of infringement and failed to take appropriate corrective action.  See, “The Napster Decision: The Overview; Appellate Judges Back Limitations on Copying Music,”  and “Limewire Case Settles Mid-Trial for $105 Million.”

By contrast, in important part because of passage of the DMCA and CDA, copyright holders will likely continue to have more difficulty successfully asserting cases against Internet service providers, businesses the Congress and courts have concluded that they provide important and lawful services to the public.  ISP proprietors can be assured that courts are likely to reject claims that they should serve as “Internet police” by hiring additional staff to patrol sites for potentially unlawful activity, in the absence of actual notice of infringing conduct or “red flags” that such activity is occurring.  In the event of receipt of actual notice of infringements, ISPs should react promptly and in writing in the manner prescribed by the DMCA.  Reliable records should be kept of infringement notices and follow up actions, and problem accounts should be terminated.  Whether an ISP can be successfully accused of ignoring “red flags” that infringing activity is occurring on clients’ sites is a more subjective matter.  When in doubt, ISPs should consult legal counsel concerning their exposure to secondarily legal liability for activity occurring on their clients’ sites.