ISP LIABILITY: WHAT YOU KNOW MAY HURT YOU
By: Shelley M. Liberto, Esq.

From the November '97 issue of WWWiz Magazine
Copyright © 1997 Shelley M. Liberto.
All rights reserved.

Internet Service Providers ("ISPs") are positioned as the primary custodians of the receipt and delivery of communications for the 21st century. While the linchpin role of ISPs may be good news for the industry and its investors, it also bears with it new found responsibility and potential legal liability. Should ISPs be held responsible for the illegal activities conducted through their own services? After all, the crimes and civil wrongs that are hatched on the Information Super Highway cannot be conducted without enlisting the services of an ISP.

The courts have had little opportunity so far to address Internet-related issues. One of the more prolific issues, however, is the extent to which an ISP should be held liable for copyright infringement resulting from a customer's illegal copying and transmission of someone else's data, be it software, photos or sound files. The On-Line Copyright Liability Limitation Act, H.R. 2180, is Congress' answer to at least part of the question of ISP liability. If the On-Line Liability Act is any indication of a legislative trend, ISPs may henceforth be held liable to third parties for the illegal acts of their customers merely for knowing what's going on-line.

 

Present State of the Law

Issues of ISP liability to third parties have typically arisen when a customer transmits copyrighted data through the ISP without the permission of the owner. Under U.S. copyright law, as interpreted by the courts, copyright infringement is broken down into three categories: (1) Direct infringement; (2) contributory infringement; and (3) vicarious infringement. Direct infringement liability is, as the name indicates, derived from a defendant's direct copying and distribution of copyrighted material without the authority of the owner. In the case of Religious Technology Center v. Netcom On-Line Communications, ("Netcom II"), the court addressed whether Netcom was liable to a subsidiary of the Church of Scientology for the posting of copyrighted works of L. Ron Hubbard on its bulletin board. The question was not whether a copyright violation occurred, but whether Netcom as the ISP was liable. The court held that Netcom was not liable for direct infringement, even though it failed to respond to the Church's cease-and-desist demand. Netcom had been unaware of the infringing activity or that the posted material was unauthorized. The court reasoned that "finding such a service liable would involve an unreasonably broad construction of public distribution and display rights." Courts have followed this reasoning of non-liability for direct infringement in similar cases involving the transmission and posting of photographs, computer games, and MIDI files. Contributory and vicarious infringement, however, are easier to prove because the defendant need not have directly participated in the infringing activity.

Contributory infringement is grounded in the principle that an ISP may be held liable if it substantially contributes to an infringement without direct participation. In the case of SEGA Enterprises v. MAPHIA, MAPHIA not only knowingly permitted the posting of SEGA's games on its bulletin board, but also affirmatively encouraged their copying and distribution. MAPHIA also went on to provide on-line services and sales to its customers of game hardware to permit the use of the illegally copied and transmitted game software. Although the MAPHIA example does not apply to the standard role of an innocent ISP, it serves an index for "line drawing" by the courts for contributory infringement. Under the standard of vicarious infringement, however, ISP liability meets up with a "hair trigger."

Under present standards of vicarious infringement, an ISP would be liable to a third party if the ISP "has the right and ability to control the infringers' acts, and receives direct financial benefit from the infringement." At first blush, this standard would seem to apply to all ISPs who even unwittingly host the transmission of copyrighted data. After all, the ISP certainly has the "right and ability" to control the acts of its customers inasmuch as the ISP may terminate services at any time. As well, it can be argued that the ISP derives at least some direct financial benefit from the infringing activity inasmuch as the infringing customer pays the ISP a fee. On the other hand, the strict application of a vicarious liability standard to ISPs would be inconsistent with the reasoning of the court in Netcom II. For this reason, Congress has undertaken to clarify ISP liability for copyright infringement with a standard that may very well evolve as the standard for all forms of on-line liability to third parties.

 

Features of the On-Line Liability Limitation Act, H.R. 2180

The 105th congress is presently entertaining H.R. 2180, the On-Line Copyright Limitation Act, which was introduced in the House of Representatives in July of 1997 by Congressman Coble. The Bill proposes to amend U.S. Copyright Law by way of a limitation to direct, contributory and vicarious liability of ISPs for the illegal transmissions of their customers. The bill states that an ISP is not liable if it:

(a) does not initially place the material on-line;

(b) does not generate, select, or alter the content of the material;

(c) does not determine the recipients of the material;

(d) does not receive a financial benefit directly attributable to a particular act of infringement;

(e) does not sponsor, endorse, or advertise the material; and

(f) (i) does know, and is not aware by notice or other information that the material is infringing, or (ii) is prohibited by law from accessing the material;

But the most interesting aspect of the Bill is not the exemptions from liability, but the relationship between the ISP and its customer as contemplated by Congress. The Bill goes on to absolve the ISP of all liability to its own customers for termination of ISP services upon receipt of information that the customer's activities are illegal. While this would seem an appropriate motivation for an ISP to stop illegal activity in its channels, it also raises the issue of what an ISP is to do if frivolous claims are lodged by a third party. The Bill purports to deal with this problem by stating that:

(d) MISREPRESENTATIONS - any person who knowingly materially misrepresents that material on-line is infringing shall be liable for any damages, including costs and attorneys' fees incurred by any person who relies on any misrepresentation in removing, disabling, or blocking access to the material claimed to be infringing.

Accordingly, the On-Line Liability Limitation Act would seem to create a template for conduct among ISPs, their customers and injured third parties when illegal activities of customers are detected or alleged.

 

What's an ISP to Do?

The On-Line Liability Act purports to address only cases of copyright infringement conducted through an ISP's services. It is fairly safe to assume, however, that the standard suggested by Congress is likely to apply to most forms of illegal activity at least in the civil arena. The Bill clearly holds ISPs to liability based on knowledge or participation in the illegal enterprise. A safe path would be for an ISP to terminate services upon receipt of information or allegations of illegal transmissions by a particular customer. Such conduct is consistent with standards set out by courts in case law as well as the Bill. In the event the alleged wrongdoing customer raises claims against the ISP, the ISP would be able to hold accountable the person or entity that is the source of the allegations and information giving rise to termination. In any event, an ISP should not simply turn the other cheek and ignore what is going on in its own operation. To do so would be to avoid the responsibilities inherent in the new and all-important role of ISPs in commerce, and to invite legal liability accordingly. The full text of the On-Line Liability Limitation Act may be found online.