The general legal advice to website operators who allowed User Generated Content (UGC) in the form of comments, videos or pictures used to be relatively easy. The Digital Millennium Copyright Act protected you from copyright and Section 230 of the Communication Decency Act protected you from defamation and other liability. Recent developments are bringing a little more grey into what was previously a black and white world. Good news for lawyers; bad news for business.
The DMCA provides web hosts and internet service providers a “safe harbor” from copyright infringement claims resulting from content provided from others if certain procedures are followed. If the safe harbor qualifications are met, only the customer or user can be liable and not the actual website operator.
To qualify for the safe harbor protection, the site must: (1) notify the customers of its policy; (2) follow proper notice and take down procedures; (3) designate a copyright agent with the U.S. Copyright Office; (4) not have knowledge that the material or activity is infringing or of the fact that the infringing material exists on its network.
For a new web-based start-up that is going to have UGC, taking advantage of the DMCA is a no brainer.
Was that Sly and the Family Stone in the Background?
A recent decision against music-sharing website Grooveshark suggests that sound recordings prior to 1972 may not be covered by DMCA safe harbor protections. Universal Music Group sued Grooveshark in New York state court for copyright infringement. The trigger legal response is that the DMCA means Grooveshark is immune.
Easy, case dismissed. Then, the New York appellate court reversed the dismissal late last month. The legal issue hinges on whether the DMCA provides for a “safe harbor” for sound recordings before 1972 because these recordings are governed by state law and not U.S. copyright law or the DMCA.
If you want the legal details which focus on the definition of copyright, you can read this post from Professor Goldman’s Technology and Marketing Law Blog. The simple answer is the DMCA needs to be fixed by Congress. This recent decision directly conflicts with another prior decision so it is likely there will be further appeals that may take several years to resolve absent Congressional action.
What you need to know if you have a website with UGC sound recordings is that you may have a problem. Is it feasible for you to determine whether the uploaded sound recording is Isaac Hayes’ Theme from Shaft (1971) . . .
Marvin Gayes’ Let’s Get it On (1973) . . .
or Don McLean’s American Pie which was recorded in 1971, but became a hit in 1972?
If you start pre-screening for pre-1972 sound recordings do you now have knowledge that the material or activity is infringing or of the fact that the infringing material exists on your network taking you outside of the DMCA safe harbor?
The good news is this case appears to be the outlier. As long as you know and are willing to accept the risks, you probably do not need to make any wholesale changes. You have the recent pro-DMCA case in Viacom vs. YouTube, a federal New York decision and a Ninth Circuit Court of Appeals decision that reaches the exact opposite result.
At least I don’t have to worry about defamatory UGC because of Section 230, right?
Section 230 of the Communications Decency Act provides immunity to websites for defamation and related claims based UGC. It states:
no provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.
This is the law that prevents Facebook from being sued relentlessly for alleged defamatory posts and also allows sites like RipOff Report and The Dirty to survive. Based on Section 230, we generally advise sites not to worry about liability for anonymous commenters – at least for now.
The United Kingdom recently passed the Defamation Act 2013 which sets up a notice and take down process for website operators to protect themselves from UGC defamation claims in the UK. Basically, a plaintiff cannot sue unless the plaintiff sends notice to the website and the website refuses to take it down.
Although ripe for abuse, it does not sound too bad until you get to the part of the law that says websites can only take advantage of this protection if the plaintiff can identify the person who actually posted the offending content forcing websites to authenticate its members. There goes anonymity. You can read more details on the law here.
It does restrict “libel tourism” so the local pizza shop in Sugar Land can’t take advantage of this against Yelp for the review by the interloper in New Territory. But, if the offended person can convince a court in the UK the case should be there, you could be subject to a UK judgment.
So, should you require authentication of all users? Can you set up your site so that all users from the UK have to authenticate their identities?
The answers are no longer so easy. For example, what do you do if a UK citizen slanders Roberta Flack on your American-based website while uploading a copy of The First Time Ever I Saw Your Face which was originally a 1957 folk song but recorded by Flack originally in 1969, but re-released in 1972 when it became a number one hit?
It could make your head spin, but that’s why lawyers make the big bucks, right?