Copyright Legitimacy vs. Defending Clients? 58
trmj asks: "I run a hosting company, and today I received an e-mail, claiming to be from an animation firm, about one of my clients hosting pirated information. As usual, before entertaining a claim of this sort, I researched the claim (there was a bit of legitimacy in it) and what the laws are governing this issue. After that, I replied in the appropriate manner, however, found that the original e-mail address was not valid, leading to the discovery that neither was the e-mail. As a hosting provider, how far should I go to protect the rights of my clients while upholding the law, and still verify every claim that comes in?"
As far as I'm concerned . . . (Score:4, Insightful)
Hmmm ... as far as I'm concerned ... (Score:2)
Pretty simple. Ain't your problem.
There are books in the library that have been, at one time, by one group or another, banned - censored - forbidden.
Tom Sawyer/ Adventures of Huck Finn.
The Bible.
The koran.
Dear Xavier.
People say illegal things on cell phones, but the guys at SprintPCS don't lose much sleep over it.
There exist means of legal recourse for a copyright holder to 'punish' those that exceed fair use of their material. Cooperate with the legal proceedings once they are brought to you, but until the courts issue a decree saying that you in particular must do something in particular, blow it off.
Re:Hmmm ... as far as I'm concerned ... (Score:4, Interesting)
Re:Hmmm ... as far as I'm concerned ... (Score:3, Insightful)
A cell phone is, and is intended to be, a radio transmitter and receiver, and it was probably simpler to just extend the existing rules and regulations governing transmitters and receivers instead of writing up a special batch just for cell phones. It has to do with using airwaves (electromagnetic spectrum) that are administered by the FCC acting as stewards for the public, whose property that spectrum is, and with the
Re:As far as I'm concerned . . . (Score:4, Interesting)
you score points with me for not just whacking the user, no questions asked, like the major ISPs seem to be doing.
Amen. Kudoes to you for it.
Seems to me that the volume of specious email like the fabricated one you received is such that you can not practically afford to give an increasing fraction of your valuable time to sifting the claims submitted by email.
Has anyone come up with an auto-responder that ISP's can use that pretty much automate the task of
I would imagine that would help cut down the volume to genuine concerns.Re:As far as I'm concerned . . . (Score:2)
Mmmmm.... tasty. I love Kudos. The real milk chocolate chips combined with the wholesome goodness of granola. Your family will love them, and you'll feel good about them too!
Re:As far as I'm concerned . . . (Score:2)
You now know. Knowing !=plausible deniability (Score:4, Insightful)
But, IANAL
NarraterDan
You know the /. answers (Score:3, Insightful)
Ethical Opinions -
See no evil, hear no evil, your client is accountable for himself.
You are honor bound to protect your defenseless client to the best of your abilities.
Keep him informed of the situation and let him deal with it. That's the extent of your duties.
Harshly warn your client for jeopardizing your business and your credibility. Kick him out if doesn't comply. Protect your livelihood.
Insert coins and ask again.
Legal Opinion -
Ask elsewhere. A LAWYER would be good.
Sorry if this is curt. I just think that if an entire thread can be covered in one post then it should be.
Errr... (Score:4, Funny)
You know, if you're looking for crucial legal advice, I really don't think you should be relying on Slashdot. "But, *your Honor*, 'autopr0n' on Slashdot *said* that it would be okay!"
We already know that most Slashdotters would *like* you to do nothing, for example, so your chance of getting a legally useful opinion is about zip.
Re:Errr... (Score:3, Informative)
Actually, this slashdotter has had to handle WAY too many of these. It's MY opinion that a trivially forgable email is NOT a proper notification as required by the DMCA. Autoreplying requesting documents by certified mail gets rid of most of the bozos, and has the added bonus of costing the bounty hunters another $500 in legal time to prepare the paperwork.
Also entertaining is pointing out the blatent and obvious fallacies in their email, and reminding them that it is an official document prepared under penalty of perjury. I've gotten DMCA notices about usenet postings on other ISPs due to it having an ao.net email address. (Cult of Scientology, generally)
Once you get rid of the bozos by requesting documents, you're left with probable legitimate claims... people with EBooks in their web folders, things like that. At that point we comply with the letter of the law with a chmod 600 and tell the subscriber to deal with it.
It's pragmatic. You protect most of your users from the bozos, and don't take an (expensive) corperate stand one way or the other on real copyright infringement cases.
--Dan
Motivation? (Score:3, Insightful)
As you know, you are potentially liable for the copyright offenses of your customers, limited by the safe harbor exception I can't recall the details of. Once you've been notified, it may be foolhardy to ignore the wanring, as you could go down with the client. If you're like me, you may personally be kind of offended at people using your wares for criminal enterprises -- e.g., selling pirated songs. It appears the possibly malicious email writer has in fact brought a problem to your attention, and so you can't look the other way. (If they weren't malicious but wanted anonymity, maybe they could have just said so.)
I would strongly suggest you talk to a lawyer on this for legal advice to can rely on, and that you establish a written policy on how inquiries like this email are handled. You will want a paper trail to show your diligence later, and for your own conscience to make sure nothing falls through the cracks. I don't know whether you'll want to discuss the email when you talk to your client, or just use the generic "it has come to our attention that..."
Let us know what you do, OK?
Re:Motivation? (Score:3, Insightful)
> copyright offenses of your customers, limited by
> the safe harbor exception I can't recall the
> details of.
One of the details is that the notice must be in writing.
> Once you've been notified, it may be foolhardy to
> ignore the wanring...
He hasn't been notified. An email with no return address is not a legal notice.
> I would strongly suggest you talk to a lawyer on
> this for legal advice to can rely on...
Yes.
Re:Motivation? (Score:2)
Details. [chillingeffects.org]
Re:Motivation? (Score:3, Informative)
No I don't.
> The poster already has actual knowledge of the
> problem thanks to his/her diligence.
I doubt that the copyright owner can prove that.
> Had the poster simply stumbled on the problem,
> it would have to be dealt with.
He should deal with it anyway, but that has nothing to do with my point, which is that anonymous emails are not DMCA takedown notices. No ISP is obligated to investigate allegations contained in anonymous emails. The suggestion that one should respond to such with a reply saying that the sender should follow up with a valid takedown notice via registered mail is excellent. If the reply bounces, tough.
Re:Motivation? (Score:3, Informative)
As for notice, greater formality is required before the ISP is *forced* to act. Registered mail is unnecessary (anyway, it's for valuable documents like stock certificates). Certified mail and even paper itself are also unnecessary. DMCA requires "A physical or electronic signature of a person authorized to act on behalf of the owner of an exclusive right that is allegedly infringed." Electronic signature?
Last, I wouldn't blow off a halfway credible notification anyway, unless investigating it was simply impractical. This one was evidently credible and fraudulent, not anonymous, as discovered only when the person tried to reply. The email was also correct, though perhaps trivially. (I wonder as to the motivation, a peripheral issue.) Also aside from just wanting to do the right thing -- as the poster appears to -- the email could be one bit of evidence that the ISP had actual knowledge, even if it didn't. Staying out of court is often a lot cheaper than having a great defense when you get there.
I would at a minimum follow up with a request for a DMCA-compliant takedown notice rather than take a chance on my being wrong or ending up in hot water regardless.
This is not an attempt to provide the legal advice this person should get if they are unfamiliar with their legal obligations, even if I do happen to be a lawyer.
Re:Motivation? (Score:2)
Wow, credible and fraudulent. Now there's a combination you don't see every day.
Re:Motivation? (Score:2)
Re:Motivation? (Score:2)
Familiar problems of encryption and authentication.
But legally, at some point you are expected to suspend disbelief and act.
Last, registered mail is the wrong product! I painfully sorted this out with a patient post office agent a long time ago. Moreover, registered/certfied mail proves nothing as to the sender's identity; rather it protects the sender by providing tracking and, if paid for, delivery confirmation and/or signature and/or return re
Results (Score:2)
1) E-mailed a real address at the animation company, requesting a written takedown claim. Result: No reply.
2) E-mailed the client, informing him that he needs to take down any copyrighted content. Result: Client returns e-mail saying he has a disclaimer. Yeah. Well If I get the written complaint, his site gets taken down.
This client is a rich kid in Texas going rampant with his mom's credit card. If I get the takedown notice, it wouldn't be uncharacteristic of him to buy a
Re:Results (Score:1)
You've gone above and beyond the call of duty. Hey, it's insurance against future headaches. Save your notes and the docs somewhere.
It sure doesn't sound like fair use, does it.
Invalid email address (Score:1)
A similar situation (Score:3, Informative)
If they are, then I tar up their files as proof of the content, send them a nice email saying "You're account has been terminated for breaking the following provisions of the Terms of Service you agreed to", delete their account, and BCC in the owner of the copyrighted material. This is the best way I've seen to handle it yet, and it accomplishes a number of things that are important to do IMO: Keep a copy of the data in question before deleting it, let the 'client' know they've broken your TOS and are losing the service as a result, lets the owner of the copyright know that you've dealt with the situation effectivley and you take matters like that serious(which as a hosting provider, you have to)
If the client isn't hosting copyrighted material, an email should get sent back to the person asking for clarification, as you did. As for the question of how far you should go to protecting rights while upholding the law, I don't think they're mutally exclusive and you(and all hosting providers) should do as much as they can to use good judgement..
Re:A similar situation (Score:4, Insightful)
As far as I know, 100% of all content on all websites is copyright. Hell, this post that you're reading right now is copyright.
I really wish that people wouldn't say "hosting copyright content" when they mean unauthorized reproduction of copyright material that exceeds fair use. It really seems that most of the vocabulary we're using for this discussion has been created by people with a vested interest in promoting the idea that only large companies create any content worth the protection of copyright, and that any unauthorized reproduction is illegal. Neither claim is true...
Counterexample (Score:1)
Anyone may quote from it, use it as their own, claim authorship of it, or whatever. See if I care. It's not mine. It's public domain.
Okay, I'm just being pedantic. It's a good point.
Re:Counterexample (Score:1)
Anyone may quote from it, use it as their own, claim authorship of it, or whatever. See if I care. It's not mine. It's public domain.
Okay, I'm just being pedantic. It's a good point.
Re:Counterexample (Score:1)
Re:Counterexample (Score:1)
I guess I was asking for that
Re:A similar situation (Score:2)
How can you possibly believe you investigated something if you haven't contacted the customer for their side of the story?
Even if they've got something that you know someone else holds the copyright to, how do you know that the copyright holder hasn't given them permission to use it?
What would their side of the story be for having 100Mb of mp3 files from Dave Matthews(for example) sitting in a directory underneath their webroot?
As to the second question.. If the copyright holder has given them permission, why is the copyright holder(or their attorneys) contacting me in the first place about it?
It's pretty much common sense that if you discover a warez/mp3 repository being hosted on a client's account, they don't have permission, and 'their side of the story' is irrelevant in that example. As for everything else you asked about, it was in the original post..
Re:A similar situation (Score:1)
You are not a judge and jury in this matter. If the user believes he has a legitimate right to the information, then it's up to the legal system to deal with this.
Re:A similar situation (Score:2)
And it's very, very, easy for someone to send out warning notices for stuff that's legit. See the recent article about unis getting letters about distributing MS Office, when it was actually Open Office. And previous discussion about how in Germany *anybody* can send cease and desist orders for stuff on behalf of people that *aren't their clients*, and if they get money, they get to keep part of it.
Just stuff to keep in mind, when you start throwing around 'their side of the story is irrelevant'...
What have you agreed to do for your clients? (Score:2)
As far as they are paying you to protect their rights. If you go any further, you are bound to lose money. If you don't go as far as your user policies then you'll lose customers. End of equation.
while upholding the law
As far as the law requires you to uphold it. In DMCA land you are required to take some action against copyright infringment. If you thought their website was infringing, I would have expected you to take it down according to the law and your AUP. If your AUP doesn't have a rule against copyright infringement, then you are in for some trouble with your clients when you must comply with even the 'bad' laws.
and still verify every claim that comes in?
Again, you should only go as far as your customer agreement says, and the law requires.
If you go any further then you can get in trouble in all sorts of ways. The email you received may be seen in court as a valid, DMCA compliant request, even if the email subsequently didn't work or was sent through abnormal channels. Perhaps the copyright owner is using another business to send out a lot of these. It doesn't necessarily make them any less DMCA compliant. Therefore, by checking the 'validity' and 'claim' of the email, you are in effect acting as some sort of judge in the matter. You don't want to interpose yourself in that situation, trust me.
If you go the other way, and do too little (ie, your AUP tells your customers you'll notify them and provide them with copies of such emails at or just after the time of disabling their site) then you'll be in essentially the same position, except with the customer.
-Adam
Re:What have you agreed to do for your clients? (Score:1)
First responsibility is yourself. Register (you or a responsible employee) as an agent of copyright. Registering limits an ISP's liability right off the bat (punitive type liability). There is a U.S goverment web page [copyright.gov] with a form and $30 dollar fee. It might even be a good way to find the addresses of others in your situation. (Your local *.edu might helpful.)
If you create new and unique contact information for this copyright registry, they you safely suspect all claims of copyright sent to any other address.
If the claim is bogus, that might be actionable. When I get just such a nastygram it says:
Talk to a lawyer about how to use this to your advantage.Secondly, let the customer know that someone is out to get them. Also remind them (in a friendly, non email way) that copyright infringment is against your AUP and just isn't cool. Parody is cool. So is political speech. You and another reasonable person should be able to make a determination that infringement has taken place.
Was it a violation? (Score:2)
If you are asking them for more information before you can assess the situation accurately, then ignore it until they contact you again.
If their email is fucked up, then they can't claim they notified you - who's to know you aren't running something like tmda?
If, on the other hand, it's a clear violation, tell your client to remove the offending files.
Responding to email complaints (Score:2)
If I received an email complaint, I would respond with a form message advising the sender that no action will be taken until the complaint is submitted by fax or hardcopy.
My Reply (Score:4, Insightful)
This was my real reply to
anti-piracy@sonymusic.com. They didn't reply back, and nothing happened.
A friend suggested me I could also have replied with a "Sory, me not understaind english". But I thought this reply would be more amusing for them.
Re:My Reply (Score:1)
Finally! A valid use for HTML mail:
<P>Please shove this fucking DMCA in your ass you greedy bastards.
<P><IMG SRC="http://www.goatse.cx/hello.jpg">
Oh well... maybe next time?
Re:My Reply (Score:2)
> have no fear of DMCA
You misunderstand. This particular part of the DMCA requires that copyright owners contact ISPs hosting unauthorized copies and give them a chance to remove the offending material. If the ISP does so the copyright owner may not sue him. In the absence of this law the copyright owner could just up and sue the ISP without warning and have an excellent chance of collecting damages. This may be the case in your country.
Re:My Reply (Score:2)
This is true. If the ISP owns the media containing the alleged copyrighted material, and they are contacted, they have to act.
But if the ISP doesn't own the system on which the material resides, but their system only serves it up from automated requests, then they have no obligation to act u
I too run a hosting company (Score:1)
Darwin, I believe, said something to the effect of "oh though I may not agree with what you are saying, I will fight to the death for your right to say it."
-neil
Re:I too run a hosting company (Score:1)
Fishing expedition? (Score:2)
I suspect the E-mail you got was related to this, but there are a few problems - or, at least, new twists to the game:
Let me get this straight... (Score:2)
Yeah, if you do that, expect some of the information sent through it to be untruthful.
DMCA safe harbor provsion (Score:1)
The rules are fairly specific about what information is required for a takedown, but also puts some obligation on the ISP to police its own network.
It sounds like they failed to comply sufficiently to obligate you to provide all the information about the subscriber, but does require that you loook into it, and at least clarify that the user has, or thinks he has permission to use the material. IANAL, so this is guessing.
DMCA (Score:2)
Relevant section here [cyberspacelaw.org]
Now, they can get a court ordered injunction to get you to block access to the offending material, or from the offending user, according to this section. So, tell them to talk to the judge, and short of an injunction, you fail to see how you bear any liability for things hosted by your ISP service.
I'd recommend reading the DMCA section in question - one of the purposes of the DMCA was protecting ISPs from claims against their users. You really don't even need to research the claim.
Re:DMCA (Score:2)
Re:DMCA (Score:2)
I guess you didn't read the link I provided, huh?
ISPs have no need to police themselves. They can tell an alleged infringer to go stuff themselves until they come back with an injunction, and that injunction can only require restriction to materials, or restriction of use from the offending user.
The entire purpose of that section of the DMCA is to prevent crazies from threatening to sue every ISP and utterly shutting off content. Users are responsible for themselves. ISPs bear no liability under a reasonable set of circumstances.
Go read the law - it is quite clear.
Obviously, (Score:2)
(end redundant part)
More to the point, if you are in the hosting business you should have a regular source for legal advice that ain't Slashdot. Find a local lawyer and offer him free hosting if he will handle the occasional bogus DMCA letter.
thank you (Score:2)
I would like to thank you all for your advice on this issue, from these posts I have seen both extremes and have decided what path I will take in the future (well ok I cheated a bit and got some legal advice too).
lawyer's name? legit phone number? (Score:1)