Digital Law Online: Stored Information

Subsection (c) covers information stored by users on a service provider’s system. It codifies the general principles of the Netcom decision, giving specific requirements for any notice and what actions must be taken. To remain in this safe harbor, the service provider must not have actual knowledge of the infringing material before it receives notice, or must not be “aware of facts or circumstances from which infringing activity is apparent.” After receiving proper notice, the service provider must act “expeditiously to remove, or disable access to, the material.” The service provider cannot “receive a financial benefit directly attributable to the infringing activity, in a case in which the service provider has the right and ability to control such activity.” In other words, this safe harbor is available only to service providers that might be contributory infringers but are not vicarious infringers.

The Senate Judiciary Committee explained the nature of this safe harbor:

Subsection (c) limits the liability of qualifying service providers for claims of direct, vicarious and contributory infringement for storage at the direction of a user of material that resides on a system or network controlled or operated by or for the service provider. Examples of such storage include providing server space for a user’s web site, for a chatroom, or other forum in which material may be posted at the direction of users. {FN112: Sen. Rep. No. 105-190 at 43}

The safe harbor is available to a service provider who provides “storage at the direction of a user of material that resides on a system or network controlled or operated by or for the service provider” and meets the following conditions:

(A)(i) does not have actual knowledge that the material or an activity using the material on the system or network is infringing;

(ii) in the absence of such actual knowledge, is not aware of facts or circumstances from which infringing activity is apparent; or

(iii) upon obtaining such knowledge or awareness, acts expeditiously to remove, or disable access to, the material;

(B) does not receive a financial benefit directly attributable to the infringing activity, in a case in which the service provider has the right and ability to control such activity; . . . {FN113: 17 U.S.C. §512(c)(1)}

In addition, the notice-and-takedown requirements must be followed by the service provider, so that material alleged to infringe will be removed promptly and before it becomes too widespread.

Congress was particularly concerned with the knowledge standard that should apply to a service provider in the safe harbor. On one hand, it did not want to require that service providers police their users, looking for copyright infringements. On the other hand, it did not want service providers to turn a blind eye to obvious infringements. It described the knowledge requirement above as

met either by actual knowledge of infringement or in the absence of such knowledge by awareness of facts or circumstances from which infringing activity is apparent. The term “activity” is intended to mean activity using the material on the system or network. The Committee intends such activity to refer to wrongful activity that is occurring at the site on the provider’s system or network at which the material resides, regardless of whether copyright infringement is technically deemed to occur at that site or at the location where the material is received. For example, the activity at an online site offering audio or video may be unauthorized public performance of a musical composition, a sound recording, or an audio-visual work, rather than (or in addition to) the creation of an unauthorized copy of any of these works.

Subsection (c)(1)(A)(ii) can best be described as a “red flag” test. As stated in subsection (l), a service provider need not monitor its service or affirmatively seek facts indicating infringing activity (except to the extent consistent with a standard technical measure complying with subsection (h)), in order to claim this limitation on liability (or, indeed any other limitation provided by the legislation). However, if the service provider becomes aware of a “red flag” from which infringing activity is apparent, it will lose the limitation of liability if it takes no action. The “red flag” test has both a subjective and an objective element. In determining whether the service provider was aware of a “red flag,” the subjective awareness of the service provider of the facts or circumstances in question must be determined. However, in deciding whether those facts or circumstances constitute a “red flag”--in other words, whether infringing activity would have been apparent to a reasonable person operating under the same or similar circumstances--an objective standard should be used.

Subsection (c)(1)(A)(iii) provides that once a service provider obtains actual knowledge or awareness of facts or circumstances from which infringing material or activity on the service provider’s system or network is apparent, the service provider does not lose the limitation of liability set forth in subsection (c) if it acts expeditiously to remove or disable access to the infringing material. Because the factual circumstances and technical parameters may vary from case to case, it is not possible to identify a uniform time limit for expeditious action.

Subsection (c)(1)(B) sets forth the circumstances under which a service provider would lose the protection of subsection (c) by virtue of its benefit from and control over infringing activity. In determining whether the financial benefit criterion is satisfied, courts should take a common-sense, fact-based approach, not a formalistic one. In general, a service provider conducting a legitimate business would not be considered to receive a “financial benefit directly attributable to the infringing activity” where the infringer makes the same kind of payment as non-infringing users of the provider’s service. Thus, receiving a one-time set-up fee and flat periodic payments for service from a person engaging in infringing activities would not constitute receiving a “financial benefit directly attributable to the infringing activity.” Nor is subparagraph (B) intended to cover fees based on the length of the message (per number of bytes, for example) or by connect time. It would however, include any such fees where the value of the service lies in providing access to infringing material. {FN114: Sen. Rep. No. 105-190 at 44-45}

Next section: Directories