Thursday, December 29, 2011

Copyright Office Seeks To Make It More Difficult To Retain DMCA Safe Harbors

from the of-course-they-are dept

Almost missed this one, but Eric Goldman alerts us to the dozen comments filed with the US Copyright Office concerning its plan to force everyone to keep re-registering their official DMCA agent in order to keep retaining the DMCA's safe harbors. As we've discussed in the past, in order to make use of the DMCA's safe harbors, you have to register an official DMCA agent with the Copyright Office. In fact, we've suggested that anyone running a blog or forum site do exactly that. Many of the companies that were successfully sued by Righthaven (before it was discovered Righthaven didn't really have the copyrights it needed) were caught because they failed to register a DMCA agent. While I think that such sites could make a reasonable argument in court that they still were not liable, it's a lot more difficult (and costly) to do so.

However, for reasons that escape me, the Copyright Office is thinking of making it much easier for companies to lose their safe harbor protections by requiring them to regularly re-register with the Copyright Office, or have their agent tossed out. This is part of a larger -- and useful -- effort to make the process of registering electronic, rather than the paper one it is today. That's a good thing. But dumping the database and requiring periodic re-registering is fraught with problems. The Copyright Office appears to defend this process on two grounds: first that some companies have gone out of business, and yet their DMCA agent listings live on and second, that copyright holders may want to know if a service provider is in compliance on the date of infringement.

However, as the excellent CCIA response to the request for comment notes, neither reason makes much sense. If a company is out of business, it's not doing anyone any harm to keep their names in the list:
These outdated entries impose little cost on prospective rightsholders using the database, however, since few rightsholders will ever want to send takedown notices to a service provider that no longer exists. This scenario does not justify any substantial compliance costs on the industry, startups, or members of the public who would want to claim safe harbor protections.
The second reason is equally mystifying:
However, existing [law] already requires registrations of agents to be dated, such that Copyright Office records can already enable rightsholders to ascertain whether a service provider was in compliance on a particular data. This proposed feature therefore does not provide sufficient value to justify new regulatory obligations.
The CCIA piece also notes that this retroactive yanking of safe harbors almost certainly goes against the law, as the Copyright Office has no mandate under the safe harbors of the DMCA to remove such safe harbors just because it doesn't like the fact that there are a few "dead" entries in the database. The biggest issue, of course, is that this imposes significant compliance costs on pretty much anyone running a website that wishes to avail themselves of the DMCA's safe harbors. Even worse, simply forgetting to re-register your DMCA agent when the time comes could cause you to lose the protections entirely. That seems ridiculous.

Others who came out against this insanity include Public Knowledge (pdf), EFF, with Jason Schultz & Eric Goldman (pdf) and Microsoft (pdf). There's also a short and sweet filing from Matthew Neco (the only individual who filed a comment by himself), which notes that it would be an "unreasonable burden" to have to keep re-filing. It notes that a simple calendaring mistake might lead to the loss of safe harbor protections which would be "draconian" for such a simple mistake.

Amazingly, the MPAA actually appears to kinda/sorta agree with those above (pdf) in saying that "resubmitting designations through the online form may be costly and burdensome for those companies with a large number of designations if separate manual entry of new forms for every existing designation is required." It later warns that this "risks being a trap for the unwary." Of course, rather than totally coming out against the idea, the MPAA says that the Copyright Office should "make clear in the designation process that failure to keep the records current (in the Copyright Office database and on the service providers' own websites) is a basis for losing DMCA safe-harbor protection." Yes, because putting a single sentence on the website will keep it from being a trap for the unwary. Huh?

On the other side of the coin entirely is the RIAA who enthusiastically supports anything that might weaken the DMCA's safe harbors. It goes so far into the ridiculous as to call such periodic re-registrations as "essential," apparently ignoring all of the legal points raised by the other filings. Somewhat surprisingly, both Verizon and the Internet Commerce Coalition don't seem to think it's that big of a deal to have to re-register every couple of years, and each provides minor suggestions for making the process simpler.

Others weighing in on the request for comment seem to focus on other issues. Google has a short comment (pdf) about why it doesn't make sense to require service providers to file separately for every subdomain, and separately argues that takedown notices should be written, rather than allowing phone calls. A bunch of organizations representing rural and small telecom companies focus (pdf) on making sure third parties can maintain and update the agent info.

Then... there's the filing of MiMTiD (pdf). If you don't recall, we've written about the anti-piracy outfit MiMTiD a few times in the past, and it always has to do with some wacky, totally detached from reality, argument the company has -- such as claiming that it's infringing to pass on DMCA takedown notices to ChillingEffects.org, or that the music industry has been destroyed, because Congress preferred to protect Farmville rather than record labels. Not surprisingly, MiMTiD's filing is more of the same. Much of it simply complains about Google:
From what we understand, Google takes it upon itself to conduct a manual investigation of each infringing link identified and ultimately decides, using unpublished criteria, whether or not Google agrees with the copyright owner that the link is indeed an infringement of the relevant copyright owner’s rights. As noted above, all notices sent by MiMTiD on behalf of copyright owners are DMCA compliant, so they satisfy the extensive, carefully-crafted criteria that Congress established for a notice to be valid.

The DMCA also provides other built-in safeguards and checks and balances, such as a counter-notice process for a party to object to the removal of its content and penalties against copyright owners that abuse the notice process. Nonetheless, Google inserts itself as an extra-statutory, self-appointed arbiter of the validity of DMCA-compliant notices that Congress has already determined as valid under the statute. If Google does not unilaterally agree that the links submitted in a take down notices are infringing, under whatever standard it chooses to use, Google informs the copyright owner or its agent as follows: "In accordance with the Digital Millennium Copyright Act, we have completed processing your infringement complaint. ... At this time, Google has decided not to take action on these URLs: [list of ignored links]".
I'm not sure what that has to do with anything in the RFC from the Copyright Office. It also seems to suggest a misunderstanding of the DMCA. That is, it seems to suggest that if you send a DMCA compliant takedown, the service provider must remove the content. But that's not true at all. They only have to do that if they want to retain safe harbors. But if they believe the notice is bunk, and there's nothing to fear from a lawsuit, they don't have to remove the material at all.

When MiMTiD finally gets around to the RFC, it still doesn't appear to understand what it's talking about. It seems to not realize that the DMCA already requires service providers to designate an agent, and instead suggests what a great idea it would be to have that requirement (seriously):
Therefore, we support the proposal to require "Designation of Agent To Receive Notification of Claimed Infringement", which we believe will enable the DMCA to function as contemplated by Congress by eliminating confusion and inefficiencies, enabling a party to object to the removal of the content and the alleged infringing links from search, enabling these websites to pursue penalties against copyright owners that abuse the notice process and requiring websites seeking to receive the benefits of section 512 to be required to file designation of an agent.
Yeah. Perhaps the reason Google rejects some of your takedowns is because you don't understand the DMCA... Just saying...

No comments:

Post a Comment