The U.S. Court of Appeals for the Fourth Circuit is currently reviewing BMG Rights Management (US) LLC v. Cox Communications, Inc., an appeal of a decision in a copyright infringement lawsuit.[1]

In the case below, Cox Communications was stripped of its Digital Millennium Copyright Act (“DMCA”) safe harbor, which limits secondary liability copyright infringement claims against qualifying Internet service providers (“ISPs”). A jury then found Cox liable for contributory copyright infringement, stemming from direct infringement by Cox broadband subscribers that used BitTorrent to illegally download music owned by or licensed to BMG. BMG was awarded $25 million in statutory damages and $8.3 million in attorney’s fees and costs.

Part I of this blog series reviewed the general background of the case below that led to the appeal. This blog post – Part II – summarizes the lower court’s summary judgment decision which stripped Cox Communications of its DMCA safe harbor defense.[2] 

DMCA Safe Harbor For Transitory Digital Network Communications (ISPs)

The DMCA establishes a safe harbor from copyright infringement claims ISPs who transmit potentially infringing material over their networks.[3]  Among other things, to qualify for the safe harbor, an ISP must adopt and reasonably implement a policy that provides for the termination in appropriate circumstances of subscribers and account holders of the ISP’s system or network who are repeat copyright infringers.[4]  An ISP must also notify its subscribers and account holders of its repeat infringer policy.

BMG’s Lawsuit & Rightscorp’s Copyright Infringement Detection System

In November 2014, BMG filed a lawsuit against Cox,[5] alleging Cox is liable for contributory and vicarious copyright infringement. BMG’s complaint was based on alleged direct infringement by Cox broadband subscribers, which was discovered by BMG’s agent Rightscorp, Inc. According to the complaint and other court filings, Rightscorp “has developed a technological system that identifies actual infringements and the perpetrators of these infringements (by IP address, port number, time, and date) by monitoring BitTorrent systems and extracting information about the infringing activity, including, inter alia, the IP address, internet service provider, the infringing content being uploaded or downloaded, and the suspected location of the host computer accessing BitTorrent networks.”[6] 

Using this information, Rightscorp, on behalf of BMG, sent notices of copyright infringement to Cox detailing the exact nature of the alleged infringement and requesting that the notices be sent to the applicable subscribers. BMG alleged that it notified Cox of thousands of repeated and blatant direct infringements of its copyrighted works by Cox account holders, but despite the notices and Cox’s actual knowledge of repeat infringement, Cox continued to permit its repeat infringer subscribers to use the Cox network to continue to infringe BMG’s copyrights without consequence. 

As relief, BMG sought maximum statutory damages in the amount of $150,000 with respect to each work infringed, along with injunctive relief and other fees and costs.  In its response to the complaint, Cox asserted a number of defenses, including eligibility for the DMCA’s liability-limiting safe harbor for ISPs.

Summary Judgment Order – No Safe Harbor For Cox

In September 2015, BMG filed a motion for summary judgment, asking the court to find that Cox is not entitled to protection under the DMCA’s safe harbor provisions because Cox does not terminate the service of repeat infringers under appropriate circumstances. The district court agreed with BMG’s argument, and granted summary judgment in its favor, finding that Cox’s failure to terminate service for repeat infringers is sufficient to bar Cox from invoking the DMCA’s safe harbor protection.

According to the court, the dispute over whether a safe harbor applies turns on what it means for a service provider to reasonably implement its repeat infringer policy.[7]  The court acknowledged that the phrase “reasonably implement” is not defined in the copyright statute, but explained that courts have interpreted the phrase to have two separate elements:

(1) whether a service provider implemented its policy; and

(2) whether that implementation was reasonable. 

The court further explained that an ISP has implemented a repeat infringer policy if it has a “working notification system” and “a procedure for dealing with DMCA-compliant notifications,” and it does “not actively prevent copyright owners from collecting information needed to issue such notifications.”[8]  According to the court, “[a] service provider’s implementation is reasonable if it terminates a repeat infringer’s access in appropriate circumstances.”[9]

The court analyzed Cox’s policies for terminating repeat infringers from two different periods of time: before the fall of 2012 and after.  As for the “before fall of 2012” time period, the court concluded that “no reasonable juror could find that Cox implemented a repeat infringer policy” during this time.  Based on the evidence before it, the court concluded that Cox followed an unwritten policy by which accounts used to repeatedly infringe copyrights would be nominally terminated, only to be reactivated upon request. Once these accounts were reactivated, customers were given clean slates, meaning the next notice of infringement Cox received linked to those accounts would be considered the first in Cox’s graduated response procedure.[10]

The court separately analyzed the time period “after the fall of 2012” because in October 2012, Cox added two additional suspension steps to its graduated response procedure.  Citing various pieces of evidence, the court determined that Cox did not reasonably implement its repeat infringer policy after the fall of 2012.  The court addressed a number of important issues in its analysis, which are summarized below.

Who should be considered an infringer?

Cox argued that an “infringer” is someone who has been adjudicated as an infringer in a court of law.  The district court disagreed.  It concluded that an account holder must be considered an infringer, at minimum, when the service provider has actual knowledge that the account holder is using its services for infringing purposes.

What are appropriate circumstances in which a subscriber should be terminated?

Cox argued that by not defining “appropriate circumstances” in the DMCA, Congress left it to service providers to make their own determinations of when such circumstances exist.  The district court found that service providers do not have complete discretion to define “appropriate circumstances.”  It stated that appropriate circumstances arise when an account holder is repeatedly or flagrantly infringing copyrights.

When does an ISP have knowledge of infringement?

Cox argued that knowledge of infringement cannot be established by notices submitted by copyright holders.  First, the court noted that whether or not DMCA-compliant notices are sufficient, standing alone, to establish a service provider’s knowledge for purposes of the statutory safe harbor, they are “powerful evidence of a service provider’s knowledge.”[11]  It then noted that evidence reveals that Cox had knowledge that at least some of its account holders were intentionally and repeatedly infringing.  Specifically, for some subscribers, Cox had received, not one or two, but at least fourteen infringement notices tied to their accounts over a six-month period.  According to the district court, “[b]y the time an account holder reaches the end of Cox’s graduated response procedure, the chance that the account holder is not a willful infringer has substantially lessened.”[12]

Ultimately, the court concluded that Cox had knowledge that at least some of its account holders were intentionally and repeatedly infringing copyrights, yet Cox continued to provide them service rather than terminate their accounts.  Because implementation of a repeat-infringer policy is unreasonable when service providers fail to terminate users who repeatedly or blatantly infringe copyright, the court concluded that Cox is not entitled to a safe harbor under the DMCA.[13]

Cox’s Reluctance to Terminate & Cox’s Graduated Response System

Perhaps the most damning evidence supporting BMG’s summary judgment motion were email correspondence among  employees within Cox’s Customer Abuse Operations Department. The emails concerned instructions on how to carry out, or rather not carry out, Cox’s DMCA repeat infringer policy.

Cox’s policy was based on a graduated response system. It allowed Cox to try to “rehabilitate” a subscriber that had been alleged to have infringed a copyright, instead of terminating the subscriber after multiple complaints. Understandably, Cox did not want to quickly terminate a paying subscriber because doing so would likely result in the subscriber terminating other services provided by Cox, such as cable TV. 

In the Summary Judgment Order, the district court cited such an example where Cox was reluctant to terminate a subscriber that had received multiple DMCA notifications.  Instead of termination, the Cox subscriber was given one final “strike” because, as explained by a Cox representative, “[t]his customer pays us over $400/month and if we terminate their service, they will likely cancel the rest of their services.” To be sure, the DMCA does not require a certain minimum number of “strikes.” It merely requires “termination in appropriate circumstances of subscribers and account holders...who are repeat infringers.” Many ISPs employ a multiple strike system. Remember the now defunct six-strikes initiative pushed by the content industry and the largest ISPs? Nevertheless, Cox stretched its graduated response system so far that in the end, the district court concluded that Cox was not implementing a repeat infringer policy as required by the DMCA.

Those that have read the summary judgment will point out that there were a few other issues that supported BMG’s motion for summary judgment and made Cox ineligible for a safe harbor defense (refusal to accept Rightscorp DMCA notices, immediate reactivation of terminated subscribers, daily limit on DMCA notices, notices limited to a six month period, and others). I’ll attempt to address some of these other issues in another blog post.

********************

[1] BMG Rights Management (US) LLC v. Cox Communications, Inc., 149 F.Supp.3d 634 (E.D. Va. 2015) (summary judgment opinion stripping Cox of DMCA safe harbor protection) (Summary Judgment Order); BMG Rights Management (US) LLC v. Cox Communications, Inc., 199 F.Supp.3d 958 (E.D. Va. 2016) (memorandum opinion denying all post-trial motions).

[2] The original lawsuit was brought by BMG and Round Hill Music LP.  However, in the Summary Judgment Order, the court found that Round Hill “does not co-own the copyrights or have an exclusive license for any use of the copyrights” it alleges were infringed, and declared that Round Hill “cannot proceed in this action and its claims for infringement against Cox are dismissed.”  Summary Judgment Order at p. 26.

[3] Among other things, the DMCA was enacted in 1998 to implement the World Intellectual Property Organization Copyright Treaty and to update domestic copyright law for the digital age.  Title II of the DMCA – the Online Copyright Infringement Liability Limitation Act – was designed to clarify the scope of liability faced by service providers who transmit potentially infringing material over their networks.  To that end, it establishes four safe harbors that allow qualifying service providers to limit their liability for claims of copyright infringement based on (1) transitory digital network communications, (2) system caching, (3) information residing on systems or networks at the direction of users, and (4) information location tools. See 17 U.S.C. § 512(a)-(d). ISPs fall under the first safe harbor – transitory digital network communictions.

[4] 17 U.S.C. § 512(i)(1)(A).  In addition, a qualifying ISP must accommodate “standard technical measures” that are “used by copyright owners to identify or protect copyrighted works.”  17 U.S.C. § 512(i)(1)(B), (i)(2). While the ISP safe harbor statute does not expressly require designation of a DMCA agent, properly designating a DMCA agent will help determine whether an ISP has reasonably implemented a repeat infringer policy. See Ellison v. Robertson, 357 F.3d 1072, 1080 (9th Cir. 2004).

[5] BMG Rights Management (US) LLC and Round Hill Music v. Cox Enterprises, Inc., Cox Communications, Inc. and CoxCom, Inc.,d/b/a Cox Communications of Northern Virginia, Complaint for Copyright Infringement, Case 1:14-cv-01611-LO-JFA, U.S. District Court, Eastern District of Virginia (Nov. 26, 2014) (BMG Complaint).

[6] BMG Complaint at ¶2.

[7]Summary Judgment Order at p. 27.

[8] Summary Judgment Order at p. 27 and 28 (citing Perfect 10, Inc. v. CCBill LLC, 488 F.3d 1102, 1109 (9th Cir. 2010)).

[9] Summary Judgment Order at p. 28.

[10] Summary Judgment Order at p. 31.

[11] Summary Judgment Order at p. 41 (citing UMG Recordings, Inc. v. Shelter Capital Partners LLC, 718 F.3d 1006, 1020 (9th Cir. 2013)).

[12] Summary Judgment Order at p. 42.

[13] See Summary Judgment Order at 42.  See also Capitol Records, LLC v. Vimeo, LLC, 972 F. Supp. 2d 500, 514 (S.D.N.Y. 2013) (quoting CCBill, 488 F.3d at 1109).