|
University
Liability for
|
Recently the rock band Metallica filed suit against Yale University, Indiana University and the University of Southern California, five additional unnamed universities as well as other defendants alleging that the universities' failures to block access to a relatively new Internet search software called "Napster" make them liable for contributory and vicarious copyright infringment. This has caused many universities that provide Internet access to their students to question whether they should block access to the Napster site. Some have already blocked access for reasons unassociated with legal liability, most notably, because of the bandwidth use associated with searching for and transferring large files. Such a decision is appropriate as an administrative matter, but it may not remain a viable basis for blocking a site such as Napster with improvements in the blocked search technology or in our ability to provide greater bandwidth. On the other hand, news reports of even more powerful search programs such as Gnutella and Freenet suggest that bandwidth demands on university networks will continue to rise. Nevertheless, even universities that block access to Napster for technology reasons may wish to understand the legal liabilities associated with continuing to provide access.
Of course, most universities do not want to endure the stresses of a lawsuit if they don't have to, even to prove a point, but because Metallica dropped two of the universities from the lawsuit after they agreed to block access to Napster, there will not likely be a responsive pleading that sets out the defenses available to universities. Thus, many universities may not know exactly how and to what extent the law provides protection for them as Internet service providers. Even if universities do not have liability for the actions of their users who access Napster and transfer illegal files, which I will explore more fully below, universities may have concerns about their liability for employees who use Napster in the course and scope of their employment, and the liability of their students who may be engaging in direct acts of infringment. While the universities may be able to qualify for the protections for Internet service providers contained in Section 512 of the Copyright Act (unless their employees are involved in transmissions of infringing content), students will not. Further, universities' obligations under Section 512 to remove access to material on their servers when they know, should know or are given notice that it infringes can itself become administratively burdensome. Additionally, universities may have obligations under Section 512(h) to respond to subpoenas to identify alleged infringers. Thus, the answer to the question, "Should universities block access to Napster?" may not be an easy one.
Napster is a search technology that enables individuals who have downloaded Napster software onto their computers and registered with the Napster site ("users") to search a database on Napster's central server for other users who have certain compressed music files (commonly referred to as mp3 files) available for download from their computers. A search for a particular song or artists' works reveals all the other users who have the requested mp3 file or files and the speed of their Internet connections. Within a few minutes after clicking on one of the database entries, a user can be listening to the requested mp3 file on his or her own computer. Thus, Napster facilitates direct computer to computer file transfers. The mp3 files do not reside on or go through Napster's central server.
To learn more about Napster and other technologies such as Gnutella and Freenet, please see the Resources section at the end of this paper.
Metallica alleges that Napster violates its copyrights in the way it operates its business, and that students who use Napster's software to provide illegal copies of mp3 files to others or acquire illegal copies from others are also infringing. They further allege that universities knowingly contribute to unauthorized reproductions and distributions because they know what Napster is, what it does, how it works, and they know that students use it to transfer illegal files, yet they do nothing to prevent students on their networks from infringing Metallica's rights when they could prevent these infringements if they would just block access to Napster. Thus, they allege the essential elements of a claim for contributory copyright infringement: a direct infringement and a knowing and material contribution to it.
Metallica also argues that universities are vicarious copyright infringers. To satisfy this cause of action, Metallica must allege that universities have the right and ability to control, and derive a direct financial benefit from student infringements. Metallica attempts to satisfy these requirements by alleging that universities can block access to Napster's website (the right and ability to control infringing conduct) and that universities obtain money from students who access university networks (the direct benefit).
Both of these claims of indirect copyright infringement can be defended on their merits. Universities can argue that one (or more) of the elements of each cause of action is not satisfied by the facts, for example, that the benefit derived from students who use university networks is not related at all to student infringing conduct since universities receive tuition and fees regardless of whether a student ever accesses Napster's website. They could also argue that as a policy matter, blocking access to others' servers is too sweeping a response when other more reasonable actions might also work. For example, educational efforts, including alerting students to their own liability for infringing conduct, can be effective controls. Universities could also argue that it may not be good social policy to require Internet service providers to block access to others' servers as a response to allegations that those servers contain infringing materials or facilitate the exchange of infringing materials. This remedy could quite easily become justification for blocking access to any site that aids the search for materials that may be available without permission from their owners, applying equally to every Internet search engine and to other similar technologies such as Internet Chat. Of course, Metallica alleges that Napster has no other function than to copy and distribute and facilitate the exchange of illegal mp3 files. This fact, too, could be refuted insofar as Napster is a technology that can facilitate the exchange of legal mp3 files. In fact, it and other new search technologies may revolutionize the way the Web works. This has implications for how a university or any Internet service provider should respond to an allegation that access to a search technology should be blocked.
The need to resolve the thorny issues of how much control an Internet service provider has, whether it derives any benefit directly from allegedly infringing user actions, how much knowledge it really can have about particular materials on its servers, what it should do when it does know about a particular infringement on its servers, and what its liability should be for providing access to infringing materials on others' servers led to the enactment of Title II of the Digital Millennium Copyright Act in October, 1998. Title II is now codified in Section 512 of the Copyright Act. If a university qualifies for the protections of Section 512, it does not have to defend on the merits a claim of contributory or vicarious copyright infringement caused by any or all of the following kinds of activities routinely engaged in by Internet service providers: transitory digital network communications (providing internet service as a "passive conduit") as detailed in Section 512(a), system caching as detailed in Section 512(b), storing materials on its servers at the direction of its users, detailed in Section 512(c), or links on its servers to infringing materials, Section 512(d). It may invoke the statute's protections, which eliminate nearly all remedies to which a copyright owner would otherwise be entitled, by complying with the statute's requirements. Each of these four sections provides a different set of protections tailored to separate and distinctly different functions. They are independent of each other. Section 512(n). For example, an Internet service provider doesn't "lose" passive conduit protection under Section 512(a) because it has been notified that it has infringing materials on its servers under Section 512(c).
The statute requires that a university disable access in response to knowledge of infringing materials stored on its servers or linked to from its servers. Sections 512(c) and (d). For example, a university Internet service provider would have to disable access to allegedly infringing files if a copyright owner like Metallica properly notified the university that a student's computer on the university's network or a computer owned by the university contained such files. But, Metallica's suit alleges a different kind of responsibility: responsibility for infringing materials on others' servers -- on the machines owned by the individuals who trade illegal mp3 files. The liability of an Internet service provider for infringing materials on others' servers is covered by the sections providing protection for passive conduit and caching activities, Sections 512(a) and (b). Those sections say that Internet service providers will not be liable for such materials, so long as they qualify for protection under that section.
The conditions for eligibility to claim many of Section 512's protections are not insignificant. I have addressed these requirements in Complying with the DMCA. Most of the conditions apply to protections for materials that reside on the Internet service provider's servers covered in Sections 512 (c) and (d). To defend a claim that an Internet service provider is responsible for merely providing connections that permit access to a site that contains infringing materials, which materials are thereby transmitted or routed through the university's network (i.e., being a passive conduit), an Internet service provider must comply with the two requirements that apply to all sections: have (and advertise) a policy of terminating repeat infringers and not interfere with standard technical measures to protect copyrighted works. Sections 512(a) and (i). To defend a claim that cached files in the Internet service provider's network are infringing, the Internet service provider must additionally remove cached infringing files upon receipt of notice that the same files have been removed from the originating site or access to them has been blocked, and impliedly, the Internet service provider must have an agent for service of the notice, though this is not expressly set forth in the subsection on system caching. Section 512(b).
It is necessary, of course, that the Internet service provider be truly nothing more than an Internet service provider to qualify for protection against claims against passive conduit activities. That means that it must not itself initiate transmitting, routing, or providing connections, its storage of user files must be automatic without the Internet service provider's involvement in selecting the files or the recipients of the files, it must not maintain copies on its system except as normally needed to make the material available to the intended recipient, and the Internet service provider should not modify the transmitted content. Sections 512(a) and (k)(1)(A). Similar requirements to be "uninvolved" apply to system caching. Section 512 (b).
University involvement in direct infringements would take it outside the protections of Section 512(a). For example, if university employees were to use Napster to trade files in connection with their employment duties, such activities would likely result in university liability for the employee's infringement under the laws of agency -- the employee would be considered the agent of the university.
Metallica has urged in media reports that universities are involved with providing connections to students in ways that should disqualify them from passive conduit protections. For example, Metallica points to the fact that universities "provid[e] it as part of the educational process for their students, and they're getting involved in determining what goes in those pipelines and what doesn't -- evidenced by their banning Napster while they had network problems." Thus, Metallica is arguing that doing exactly what it wants universities to do (selectively blocking access to certain websites) strips them of their Internet service provider protections. This certainly is not a good argument to make to persuade universities to help curb infringements. It attacks routine technical network administration as the kind of involvement that should negate reliance on Section 512. Internet service providers, however, must manage their resources and that action should never be taken as evidence that they are involved with the selection of files transferred through their networks.
As for the argument that universities should not be entitled to Section 512(a) protections because they provide Internet service to students, Congress has already considered whether to protect only a narrow range of Internet service providers and decided instead to define who is an Internet service provider quite broadly. Section 512(k)(1).
Thus, as a policy matter, we do not hold Internet service providers liable for being mere passive conduits, for providing Internet service that makes it possible for users of that service to access infringing materials on others' servers. Napster itself may be liable for contributory or vicarious infringement, but Internet service providers are not liable for providing the connections that make it possible for their users to access Napster. Metallica alleges in its suit that, "hypocritical universities and colleges who could easily block this insidious and ongoing thievery scheme" facilitate Napster's "abetting and encouraging the pirating of the creative efforts of the world's most admired and successful musical artists." The same allegation might have been made against commercial Internet service providers such as AOL or CompuServe and their users. Since Sections 512 (a) and (b) were crafted specifically to protect Internet service providers from exactly the liability that Metallica alleges they have, it seems unlikely that a commercial Internet service provider would ignore those protections and take an action, blocking access to a server on the Internet, that threatens to undermine its statutory protections and perhaps even the workings of the Internet. So why might a university, as an Internet service provider, do exactly that?
As mentioned earlier, universities might have technical as well as other legal reasons to block access: to address bandwidth concerns, to protect themselves from liability for the acts of their employees, to protect students from liability, or to avoid the administrative burden of responding to large numbers of notices under Section 512(c) to remove infringing files from university servers or large numbers of subpoenas to identify alleged infringers under Section 512(h).
So, as a prospective matter, I would not advise any of the University of Texas System component institutions to block Napster to avoid contributory or vicarious liability for student copyright infringements, though they may take such action as they deem expedient to deal with the technological and administrative concerns referenced above. State institutions are, of course, bound to protect individuals' rights of free speech, but so long as limits on access are not content based, they should not offend our U.S. Constitution's First Amendment.
It is also appropriate, given our institutional mission to educate, to advise students of their obligations, rights and responsibilities under Copyright law and to explain the law's provisions for punishing infringement. Students may wrongly believe that they are anonymous and invulnerable. That clearly is not the case. As reported in early May, Metallica uncovered the names of 350,000 people it accuses of making available unauthorized copies of its music and delivered the names to Napster for it to "disable" the users. We certainly can help to convince students of their vulnerability and the seriousness of the alleged infringements. As always, our online Copyright Crash Course is available for their review and our Crash Course Tutorial, though oriented towards faculty members, may prove helpful.
The Concept of Copyright Fights for Internet Survival, by John Markoff, the New York Times on the Web, May 10, 2000.
No Purchase Necessary, by Erica C. Barnett, The Austin Chronicle, May 5, 2000.
Metallica Drops Yale U. From Napster Lawsuit; Indiana U. Also Blocks Site, by Scott Carlson, The Chronicle of Higher Education, April 21, 2000.
Top
| Search
Crash Course in Copyright | Intellectual
Property Section | Office of General
Counsel