Sean Flaim, an attorney focusing on antitrust, intellectual property, cyberlaw, and privacy, discusses his new paper “Copyright Conspiracy: How the New Copyright Alert System May Violate the Sherman Act,” recently published in the New York University Journal of Intellectual Property and Entertainment Law.

Flaim describes content owners early attempts to enforce copyright through lawsuit as a “public relations nightmare” that humanized piracy and created outrage over large fines imposed on casual downloaders. According to Flaim, the Copyright Alert System is a more nuanced approach by the content industry to crack down on copyright infringement online, which arose in response to a government failure to update copyright law to reflect the nature of modern information exchange.

Flaim explains the six stages of the Copyright Alert System in action, noting his own suspicions about the program’s states intent as a education tool for repeat violators of copyright law online. In addition to antitrust concerns, Flaim worries that appropriate cost-benefit analysis has not been applied to this private regulation system, and, ultimately, that private companies are being granted a government-like power to punish individuals for breaking the law.

Download

Related Links

• Copyright Conspiracy: How the New Copyright Alert System May Violate the Sherman Act, Flaim
• Op-ed: Imminent “six strikes” Copyright Alert System needs antitrust scrutiny, Flaim
• Let’s give the Copyright Alert System a chance, Brito
• Here’s what an actual “six strikes” copyright alert looks like, Ars Technica

The Stop Online Piracy Act (SOPA), a controversial bill before the House of Representatives aimed at combating “rogue websites,” isn’t just about criminal, foreign-based sites that break U.S. intellectual property laws with impunity. Few dispute that these criminal websites that profit from large-scale counterfeiting and copyright infringement are a public policy problem. SOPA’s provisions, however, extend beyond these criminal sites, and would potentially subject otherwise law-abiding Internet intermediaries to serious legal risks.

Before moving forward with rogue websites legislation, it’s crucial that lawmakers take a deep breath and appreciate the challenges at stake in legislating online intermediary liability, lest we endanger the Nozickian “utopia of utopias” that is today’s Internet. The unintended consequences of overbroad, carelessly drafted legislation in this space could be severe, particularly given the Internet’s incredible importance to the global economy, as my colleagues have explained on these pages (1, 2, 3, 4, 5, 6)

To understand why SOPA could be a game-changer for online service providers, it’s important to understand the simmering disagreement surrounding the Digital Millennium Copyright Act (DMCA) of 1998, which grants certain online service providers a safe harbor from liability for their users’ copyright infringing actions. In exchange for these protections, service providers must comply with the DMCA’s notice-and-takedown system, adopt a policy to terminate users who repeatedly infringe, and meet several other conditions. Service providers are only eligible for this safe harbor if they act to expeditiously remove infringing materials upon learning of them. Also ineligible for the safe harbor are online service providers who turn a blind eye to “red flags” of obvious infringement.

The DMCA does not, however, require providers to monitor their platforms for infringing content or design their services to facilitate monitoring. Courts have held that a DMCA-compliant service provider does not lose its safe harbor protection if it fails to act upon generalized knowledge that its service is used for many infringing activities, in addition to lawful ones, so long as the service provider does not induce or encourage users’ infringing activities.

Defenders of the DMCA safe harbor argue that it’s helped enable America’s Internet-based economy to flourish, allowing an array of web businesses built around lawful user-generated content — including YouTube, Facebook, and Twitter — to thrive without fear of copyright liability or burdensome monitoring mandates.

Conversely, some commentators, including UCLA’s Doug Lichtman, argue that the DMCA inefficiently tips the scales in favor of service providers, to the detriment of content creators — and, ultimately, consumer welfare. Pointing to a series of court rulings interpreting the safe harbor’s provisions, critics argue that the DMCA gives online intermediaries little incentive to do anything beyond the bare minimum to stop copyright infringement. Critics further allege that the safe harbor has been construed so broadly that it shields service providers that are deliberately indifferent to their users’ infringing activities, however rampant they may be.

What does SOPA have to do with all of this? Buried in the bill’s 78 pages are several provisions that run a very real risk of effectively sidestepping many of the protections conferred on online service providers by the DMCA safe harbor.

Section 102

Section 102 of SOPA empowers the Attorney General to seek a court order against an allegedly infringing foreign website. Such a court order would, if granted, effectively deny the site access to payment processors, ad networks, and even parts of the domain name system. Under § 102, a foreign, U.S.-directed website is deemed a “foreign infringing site” if:

[T]he owner or operator of such Internet site is committing or facilitating the commission of criminal violations [involving illegal copyright infringement, counterfeiting, or theft of trade secrets] and the Internet site would . . . [therefore] be subject to seizure in the United States . . . if such site were a domestic Internet site.

The part about websites “subject to seizure in the United States” refers to 18 U.S.C. § 2323, which states among other things that “[p]roperty subject to forfeiture” includes:

Any property used, or intended to be used, in any manner or part to commit or facilitate the commission of [criminal copyright or trademark infringement].

This definition of a “foreign infringing site” is enormously troubling. Note the absence of any requirement of actual or constructive knowledge on the part of the site operator, let alone criminal intent. Under § 102, a foreign website built around user-generated content may be deemed an “infringing site” simply because its server has facilitated the criminally infringing acts of a single user — even if the site operator neither induced nor knew of the user’s unlawful activities. While an innocent foreign site operator might eventually be able to persuade a court to vacate an order deeming it a “foreign infringing site,” SOPA imposes an astonishingly low burden on the Attorney General of showing that a site is a “foreign infringing site.” If the bill is enacted as is, foreign websites that contain any user-generated content had better watch out.

SOPA proponents defend § 102 by pointing out that its definition of infringing sites comes straight out of the 2008 PRO-IP Act, which established the aforementioned civil forfeiture provision in 18 U.S.C. § 2323. But this statute’s constitutionality is currently being challenged in federal court by a team of attorneys that includes Stanford law professor and copyright guru Mark Lemley. The law’s breadth raises serious First Amendment concerns since it permits ex parte seizures of entire outlets of speech (e.g., websites) simply because the outlet has been used in some unlawful manner. SOPA may be based on existing law, but why should Congress extend this overbroad provision of the PRO-IP Act to encompass an even broader range of websites? If anything, lawmakers should revisit PRO-IP and narrow its applicability to sites intentionally operated for the purpose of committing or facilitating criminal infringement. Via Techdirt, even Floyd Abrams, a constitutional scholar who represents content companies that strongly back SOPA, conceded in a recent letter to Congress that unanswered questions remain regarding the constitutionality of 18 U.S.C. § 2323.

Section 103

The next section of SOPA, Section 103, isn’t any better. This section provides for private rights holders to seek court orders against U.S.-directed websites — including domestic sites — to deny them access to U.S. payment processors and ad networks. Section 103 deems a website “dedicated to theft of U.S. property” if any of the following conditions are met:

1. [The site] is primarily designed or operated for the purpose of, has only limited purpose or use other than, or is marketed by its operator or another acting in concert with that operator for use in, offering goods or services in a manner that engages in, enables, or facilitates [copyright infringement, circumvention of copyright protection systems, or trademark infringement]; or
2. [The site operator] is taking, or has taken, deliberate actions to avoid confirming a high probability of the use of the . . . site to carry out acts that constitute [copyright infringement or the circumvention of copyright protection systems]; or
3. [The site operator] operates the . . . site with the object of promoting, or has promoted, its use to carry out acts that constitute [copyright infringement or the circumvention of copyright protection systems], as shown by clear expression or other affirmative steps taken to foster infringement.

The first prong of this definition encompasses any website that “has only limited purpose or use other than . . . engag[ing] in, enabl[ing], or facilitat[ing]” copyright infringement, circumvention of copyright protection systems, or trademark infringement. This language comes from 17 U.S.C. § 1201, also known as the DMCA anti-circumvention provisions. Just how “limited” of non-infringing uses must a site have to meet this definition? It’s hard to say. As Rob Pegoraro cheekily observed in a recent Roll Call op-ed, “‘[l]imited’ is one of those wonderfully elastic words — notice the ever-longer yet still ‘limited’ copyright terms granted to artists and creators?” This section of SOPA would be more clear if it relied on the “capable of substantial non-infringing uses” test originally articulated by the U.S. Supreme Court in its famous 1984 Betamax opinion, Sony Corp. v. Universal City Studios, Inc., which has since been interpreted by numerous federal courts in copyright infringement cases.

The second prong of the § 103 definition, which covers websites that take “deliberate actions to avoid confirming a [high probability of infringement],” is perhaps the most worrisome of the three prongs. This language appears to have been lifted directly from a 2011 U.S. Supreme Court decision,  Global-Tech Appliances, Inc. v. SEB S.A. In that case, a patent infringement lawsuit, the Court found the defendant liable for inducement on the grounds that it took willful steps to blind itself of the existence of the patent at suit. The Court held that “willful blindness” exists when (1) a defendant subjectively believes that there is a high probability that a fact exists; and (2) the defendant takes deliberate actions to avoid learning of that fact.

Note, however, that Section 103 omits the first prong of the Global Tech willful blindness test, the subjective belief element. This omission might simply be an oversight — or it could reveal the intent of the bill’s authors to cast aside the subjective knowledge standard (which currently applies to service providers in the context of knowledge for purposes of the DMCA) and replace it with an objective, “reasonable person” standard. If plaintiff bringing a SOPA action is only required to show that a website operator should have known of its users’ infringement from the perspective of a “reasonable” operator, and that the site’s operator acted in some manner that had the effect of contributing to its ignorance of infringing activities by users, a vast array of websites that currently enjoy the protections of the DMCA safe harbor may face significant new legal risks. After all, website operators make design decisions all the time that might foreseeably impact on their awareness (or lack thereof) of user’ potentially infringing activities. Who knows what sort of well-intentioned, albeit deliberate, decisions might amount to”avoiding confirming a high probability” of infringement?

As David Sohn of the Center for Democracy & Technology has pointed out, “[t]his seems like a backdoor way of imposing a monitoring obligation on any website that allows users to post content.”  Temple Law Professor David Post, writing at the Volokh Conspiracy, observed that the bill might make it a “violation of law to keep the prosecutors from ‘confirming’ that you’re violating the law — all the prosecutor has to show, to make you vanish from the Net, is that you’ve somehow tried to keep the prosecutor off of your website!”

Why SOPA Could Endanger the DMCA Safe Harbor

SOPA proponents have dismissed concerns that the bill would risk undermining the DMCA safe harbor. U.S. Register of Copyrights Maria Pallante, testifying in a House Judiciary Committee hearing on SOPA on November 16, told members of Congress that it was extremely unlikely that any actions brought under SOPA would impact websites otherwise shielded by the DMCA safe harbor. Techdirt reports that Viacom executive Stanley Pierre-Louis recently argued that SOPA would not “[expand] the scope of secondary liability claims and [diminish] DMCA protections,” noting that “[t]here is no rule that permits ‘willful blindness’ of obvious wrongdoing under U.S. law, and nothing in the DMCA or any other statute has been deemed to hold otherwise.”

Technically, Pallante and Pierre-Louis are correct; SOPA’s provision at 102(c)(2)(A)(iii) appears to leave existing doctrines of copyright liability vis-à-vis the DMCA safe harbor untouched.

In practice, however, SOPA has the potential to effectively usurp the DMCA safe harbor in important respects. If the bill is enacted, online service providers would face a new worst nightmare: being cut off from payment processors, ad networks, and possibly even Internet service providers. As Eric Goldman recently explained, if a “website goes offline because of cash flow problems caused by the cutoff attributable to a single UGC content item, all of the UGC on that website goes dark because of a single content item.”

To avoid such an outcome, website operators will likely do everything they can to avoid falling under SOPA’s definitions — even if that means going above and beyond the requirements of the DMCA safe harbor. While I’m all for websites voluntarily taking prudent and measured actions to combat unlawful user activities (e.g., YouTube’s Content ID system), there are good reasons to be very skeptical of any legislation that effectively imposes on site operators any duty or obligation to monitor, or facilitate the monitoring of, user activities.

Fair concerns have been raised by thoughtful commentators about the DMCA’s limitations and shortcomings. Those concerns deserve a serious examination in the halls of Congress, and perhaps may even merit some careful, targeted tweaks to the DMCA. But the extraordinary remedies provided contained in SOPA should be reserved for genuine rogue sites that willfully flout U.S. laws with impunity and are beyond the reach of U.S. law enforcement authorities. While there are U.S.-based websites out there that violate copyright and trademark laws, extraordinary remedies (such as “going after the money”) should not be the primary method of penalizing such sites. If a rights holder believes that a domestic website is infringing on its copyright or trademark, the proper means of obtaining recourse is to file a civil lawsuit and, when appropriate, seek injunctive relief. The U.S. Marshals Service is tasked with enforcing civil judgments and other court orders entered against domestic actors by federal courts, and parties may obtain writs of execution to order law enforcement intervention against American individuals or businesses that violate court orders.

We Have To Pass The Bill To Find Out What’s In It

Reasonable people read SOPA’s provisions in very different ways. For instance, Terry Hart, writing at Copyhype, has eloquently defended SOPA’s definitions, arguing that “[t]he actions that would subject a provider to SOPA’s provisions are the same ones that would subject it to a copyright infringement suit under existing law and are actions that would not be protected under DMCA safe harbors.” But while SOPA’s definitions are based largely on well-established, time-tested statutes and precedents, some of the language isn’t as clear-cut as it might seem at first glance, as I explain above.

As a result, it’s tough to predict how SOPA would actually impact online service providers. Federal judges vary widely in the methods they employ in attempting to interpret vague statutes. There is no such thing as stare decisis when it comes to statutory construction; some judges focus on the plain meaning of a statute’s language, while others pour through committee reports and hearing transcripts in hopes of divining the legislature’s true underlying intent.

With apologies to Nancy Pelosi, what this means is that we probably won’t know what’s in SOPA until it’s passed. Even then, only after years of costly litigation will the contours of the bill’s provisions likely begin to approach a state of clarity. Consider that the DMCA, now thirteen years old, continues to engender serious disagreement among federal courts to this day. (For instance, courts disagree on what it means for a service provider to take “volitional acts” that encourage users to engage in infringement.)

SOPA’s potential breadth is especially problematic given that its potential victims are small, entrepreneurial Internet start-ups that lack the resources to pay a team of lawyers to examine their operational decisions for potential SOPA violations. As leading high-tech venture capitalist Fred Wilson has argued, “venture capitalists will think more than twice about putting $3mm of early stage capital into startups if they know that the vast majority of the funds will go to pay lawyers to defend the companies instead of to hire engineers to create and build product.”

Lawmakers Should Tread Carefully

While combating rogue foreign websites that violate U.S. laws flagrantly and with impunity should be a priority for lawmakers, SOPA’s definitions and remedies are simply too broad and too vague in their current form. They would cast a cloud of legal uncertainty over America’s innovative, startup-driven Internet economy. It would be a grave mistake to grant such powerful new tools to Justice Department and rights holders and assume that federal trial judges will interpret SOPA’s provisions as narrowly as is necessary to ensure legitimate Internet companies do not suffer adverse effects.

The recent House Judiciary Committee hearing on SOPA made clear just how much work remains to be done to craft an effective but targeted approach to rogue sites. Serious questions remain unresolved — not only about SOPA’s impact of the DMCA safe harbor, but also about cybersecurity, due process and free speech. Additional hearings are needed to explore these important issues with Internet engineers, law professors, and venture capitalists. Marking up the legislation before the end of 2011 — as Chairman Lamar Smith desires, according to the National Journal — would be a serious mistake.

For more on SOPA and rogue websites legislation; see: 

• Ryan Radia, Preliminary Thoughts  on Stop Online Piracy Act (SOPA)
• Ryan Radia, Congress Should Amend SOPA to Address Cybersecurity, Due Process Concerns
• Ryan Radia, Congress takes another stab at combating Rogue Websites with the PROTECT IP Act
• Ryan Radia, Five Ways Congress Can Fix COICA Copyright Bill
• Joint Letter from Public Interest Groups to the House Judiciary Committee on the Stop Online Piracy Act
• Timothy B. Lee, ArsTechnica, The Stop Online Piracy Act: Big Content’s full-on assault against the Safe Harbor
• Letter from Sens. Ron Wyden, Rand Paul, Jerry Moran, and Maria Cantwell to Congressional Leadership objecting to the PROTECT IP Act
• U.S. Rep. Zoe Lofgren’s Opening Letter on SOPA
• Prof. Eric Goldman, Why I Oppose the Stop Online Piracy Act (SOPA)/E-PARASITES Act
• Prof. David Post, How About Occupy Hollywood?
• Fred Wilson, Protecting The Safe Harbors Of The DMCA And Protecting Jobs
• Terry Hart, SOPA: New remedies for existing liability
• Rob Pegoraro, Online Piracy Act is Copyright Overreach
• Center for Democracy & Technology, The Stop Online Piracy Act: Summary, Problems and Implications
• Sherwin Siy, Public Knowledge, House Version of Rogue Websites Bill Adds DMCA Bypass, Penalties for DNS Workarounds
• Techdirt’s SOPA coverage
• Parker Higgins, Electronic Frontier Foundation, What’s On the Blacklist? Three Sites That SOPA Could Put at Risk
• Corynne McSherry, Electronic Frontier Foundation, SOPA: Hollywood Finally Gets A Chance to Break the Internet
• Larry Downes, TechFreedom, SOPA: Hollywood’s latest effort to turn back time

Last November, I penned an essay on these pages about the COICA legislation that had recently been approved unanimously by the U.S. Senate Judiciary Committee. While I praised Congress’s efforts to tackle the problem of “rogue websites” — sites dedicated to trafficking in counterfeit goods and/or distributing copyright infringing content — I warned that the bill lacked crucial safeguards to protect free speech and due process, as several dozen law professors had also cautioned. Thus, I suggested several changes to the legislation that would have limited its scope to truly bad actors while reducing the probability of burdening protected expression through “false positives.” Thanks in part to the efforts of Sen. Ron Wyden (D-Ore.), COICA never made it a floor vote last session.

Today, three U.S. Senators introduced a similar bill, entitled the PROTECT IP Act (bill text), which, like COICA, establishes new mechanisms for combating Internet sites that are “dedicated to infringing activities.” I’m glad to see that lawmakers adopted several of my suggestions, making the PROTECT IP Act a major improvement over its predecessor. While the new bill still contains some potentially serious problems, on net, it represents a more balanced approach to fighting online copyright and trademark infringement while recognizing fundamental civil liberties.

Some of the major differences between COICA and PROTECT IP include:

• Under COICA, a website would have been deemed “dedicated to infringing activities” if it had no “demonstrable, commercially significant purpose other than” (emphasis added) to facilitate infringing activities. PROTECT IP, however, only covers websites with “no significant use other than” to facilitate infringing activities. This slight change in wording may seem trivial, but it’s actually quite significant, as lots of blogs, forums, and other sites engaged in noncommercial, but still protected, speech that may well have been subject to domain name disabling under COICA would likely be in the clear under PROTECT IP. However, as Public Knowledge’s Sherwin Siy points out, PROTECT IP’s definition of sites “dedicated to infringing activities” remains overly broad, as it doesn’t explicitly exempt online intermediaries that are otherwise protected by the 17 U.S.C. § 512(c) safe harbor. A site operator that is not engaged in direct or willful secondary infringement should be exempt from actions taken under the PROTECT IP Act if the site abides by the DMCA notice and takedown process, has no actual knowledge of infringing activities, does not derive a financial benefit directly attributable to infringement, and does not induce infringement.

• PROTECT IP, unlike COICA, does not categorically deem websites “otherwise subject to civil forfeiture” under 18 U.S.C. § 2323 to be “dedicated to infringing activities.” Given the extraordinary breadth of section 2323, which permits the government to seize any  “property used, or intended to be used, in any manner or part to commit or facilitate the commission of” criminal copyright infringement, it’s a relief that language was removed.

• PROTECT IP requires that the Justice Department or a rights holder, in bringing an action against a site under the statute, attempt to commence an in personam action against the operator of an allegedly infringing website before an in rem action can be brought. From a due process perspective, this change is an improvement over COICA (which only provided for in rem actions), as it’s much more likely that an in personam action will provide a site operator with an opportunity to participate in an adversarial hearing prior to the issuance of a temporary restraining order or preliminary injunction requiring an intermediary to disable service to the site.

• PROTECT IP adds information location tools to the list of intermediaries that are required to disable service or cease linking to a website upon being served with a court order deeming the site “dedicated to infringing activities.” This provision would apply not only to search engines, but also to blogs, chat rooms, and message boards. Like COICA, PROTECT IP also applies to DNS operators, financial transaction providers, and Internet advertising services.

• PROTECT IP allows the Justice Department to take action only against nondomestic domain names. (DHS asserts that it is already empowered to seize domestic domain names in accordance with 18 U.S.C. § 2323, as it has done successfully on numerous occasions in recent months.)

• PROTECT IP contains a new private right of action under which a rights holder may seek a court order against any domain name. Actions initiated by rights holders, if successful, only require ad networks and/or payment processors – but not DNS servers or information location tools – to disable service to infringing sites.

Considering all the changes made to the bill, I’m inclined to disagree with commentators, such as Techdirt’s Mike Masnick, who’ve argued that the PROTECT IP, a.k.a. the “Son of COICA,” is worse than its father. On net, PROTECT IP appears to be less likely to impose incidental burdens on protected expression and more likely to afford website operators a chance to successfully challenge actions brought against their sites.

However, I’m still concerned about several aspects of PROTECT IP. Its private right of action, while limited in scope, may result in small websites whose users frequently post infringing content being targeted by costly, burdensome litigation initiated by rights holders. CDT’s David Sohn elaborates on the risks of creating a private right of action in his superb analysis of the bill.

The voluntary actions clause is also quite troubling, as I’ve argued before and as Wendy Seltzer argues on her blog. While I’m all for voluntary actions in principle, such actions should not override private contracts or terms of service agreements that would otherwise be enforceable.

It’s also unfortunate that the PROTECT IP Act does not include a cost reimbursement section, as I suggested last year, or at least an exemption for small entities. While the bill establishes an affirmative defense for an information location tools that doesn’t comply with an order “by showing that the defendant does not have the technical means to comply . . . without incurring an unreasonable economic burden,” it’s far from clear what exactly court would deem “unreasonable.” News of the Justice Department seeking injunctive relief against a small search site operator for failing to comply with a court order issued under PROTECT IP will have a chilling effect on all kinds of small-time Internet platforms.

As lawmakers consider the PROTECT IP Act in coming weeks and months, they should also revisit 18 U.S.C. § 2323, a civil forfeiture provision enacted in 2008 as part of the PRO-IP Act. This extraordinarily broad statute has recently been criticized by many legal scholars. Rep. Zoe Lofgren, among other legislators, has been very critical of the way in which seizures have been conducted. While seizures are certainly justified in some instances, the statute should be narrowed to include only websites “dedicated to infringing activities,” and it should require the government to attempt to commence in personam actions in all instances. Domain names aren’t movable property — unlike illegal drugs or weapons, there is no risk of a criminal “hiding” a domain name or destroying it before evidence of its illegality can be secured.

Update: The final version of the bill text changed the term “interactive computer service” to “information location tool,” which is a positive change. I’ve changed this essay slightly to reflect the distinction.

In episode #44 of “Tech Policy Weekly,” Berin Szoka and Adam Thierer engage in a debate with Internet security expert Chris Soghoian, who is a student fellow at the Berkman Center for Internet & Society at Harvard University. He is also a Ph.D. candidate at Indiana University’s School of Informatics.

Chris is an up-and-coming star in the field of cyberlaw and technology policy as he has quickly made a name for himself in debates over privacy policy, data security, and government surveillance.  He straddles the line between academic and activist, and the role he often plays in many tech policy debates is somewhat akin to what Ralph Nader has done in many other fields through the years. Except, in this case, instead of “Unsafe at Any Speed” it’s more like “Unsafe at Any Setting,” since Chris is often raising a stink about what he regards as unjust or unreasonable privacy or security settings that various online websites or service providers use.

On the show, Chris talks about two of his recent crusades to get certain online providers to change their default settings to improve user security or privacy: (1) His effort this week to get major email providers—and Google in particular—to change their default security settings on their email offerings; and (2) his earlier crusade to create permanent opt-out cookies to stop behavioral advertising by advertising networks.

There are several ways to listen to today’s TLF Podcast. You can press play on the player below to listen right now, or download the MP3 file. You can also subscribe to the podcast by clicking on the button for your preferred service. (And do us a favor, Digg this podcast!)

[display_podcast]

Finally, here’s some relevant links that were mentioned during today’s show:

• Chris Soghoian’s webpage + his Harvard Berkman Center page
• Chris’s blog (“Slight Paranoia”)
• Chris’s “TACO” (Targeted Advertising Cookie Opt-Out) plug-in for Firefox (and description of it on his home page)
• Chris’s “Caught in the Cloud” paper (+ a video of him presenting it at Harvard)
• The letter from 38 cybersecurity researchers that Chris sent to Google
• Berin Szoka’s response to Chris’s “Caught in the Cloud” paper
• Berin’s discussion of the issue of preserving user choice through permanent opt-out cookies

I reviewed the Veoh case for DRMWatch recently:

The user-generated video site Veoh achieved a victory in court on August 27th when California District Judge Howard Lloyd ruled that it was entitled to the protection of the DMCA’s safe harbor provisions. Veoh was accused of copyright infringement by IO Group, a maker of adult films…

Like eBay v. Tiffany, another case in which one might trumpet a tech-side win… the tech gets at least some protection from liability. But only in a context in which the tech is already taking substantial steps to help the plaintiff trademark/copyright owner with their enforcement problem, steps that would have been hard to conceive of a decade ago, and that many would have grandly declared to be too ambitious and too invasive for online services to attempt. Prediction: the case law is now much more mature, but the business side is just getting started. More and fancier filtering to come.

It’s funny and scary how many of our grand ideas about justice, rights, freedom, fairness and property come down to what we can become accustomed too.  Bad, in the sense that one can easily lose the customary baselines against which freedom is measured in a generation or so. Good, in the sense that one is not limited to identify freedom with just one historic mythical Golden Age; a free society has somewhat more leeway.

I’m fond of paradoxes these days. Tedious things. Almost as annoying to other people, I am sure, as those characters (you know who you are) who make puns all the time.

In the latest C:Spin over at CEI’s website, I examine the record industry’s latest Internet copyright battle and the shortcomings it reveals about U.S. intellectual property laws:

The next potential casualty of America’s deficient copyright regime is MP3Tunes, a San Diego startup founded by Web entrepreneur Michael Robertson, which lets users store digital music files in a secure, Web-based locker they can access from anywhere. MP3Tunes lets listeners access only music they have uploaded themselves. Like a handheld MP3 player, MP3Tunes frees music lovers from dragging around massive album collections on physical discs. But now Robertson’s service has run into a major obstacle. EMI, a major British record label, has sued MP3Tunes for copyright infringement. EMI contends that since users are transferring their music to a third party without getting permission from the record label, MP3Tunes is violating EMI’s exclusive right to distribute its music. MP3Tunes faces tough odds given past rulings in copyright infringement cases. EMI’s argument seems tenuous. MP3Tunes doesn’t “share” files with anybody but the original owner, and paying a third party to act as a custodian does not imply a transfer of ownership. Individuals can already store digital files online using myriad services from Flickr to Mozy. We increasingly back up our entire lives to online repositories, and the individual, not the website, remains the owner.

I also discuss ways that media companies could embrace emerging technologies in ways that are mutually beneficial to consumers and producers:

Content owners have rights, but those should not extend to shutting down music storage websites that are not abetting copyright infringement. And nothing is stopping EMI from developing its own digital locker service. That a Web startup dreamt up an innovative business model to complement consumers’ busy lifestyles is no cause for judicial intervention.

MP3Tunes is neither facilitating piracy nor discouraging people from buying music in any way. In fact, by making music collections more accessible and therefore more valuable, MP3Tunes might actually cause people to buy more music.

This is an old story, familiar since Napster burst upon the scene: Instead of fighting sites like MP3Tunes, major labels would be wise to embrace new ways of delivering value to consumers. Rather than fight Silicon Valley startups, the big music labels could partner with them.

The digital era presents a golden opportunity for consumers and producers alike, if only companies and courts can keep pace with the breakneck pace of technology. Listeners’ appetite for compact discs may have waned, but not so with digital media files. ITunes recently announced that is has sold over 4 billion songs. In addition, the runaway success of satellite radio and online music subscription services point to a bright future for new music distribution media .

Later, this C:Spin discusses the potential pitfalls of sweeping Congressional regulation in the digital age where technology evolves at an unforeseeable pace.