9th Circuit Appeals Court Recognizes That DMCA Repeat Infringer Policies Must Be Flexible

We were concerned, last month, by the appeals court ruling in the Cox v. BMG case regarding the DMCA's repeat infringer policy rules, though the more I've reread that ruling, I've become less bothered by it. While I'm still concerned about how bad decisions by Cox created potentially bad law, there are enough specifics in the ruling that hopefully will limit the impact to specific circumstances. In particular, whereas Cox was found to not have implemented a "reasonable" termination policy for repeat infringers, the court does acknowledge that the law means that the platforms have wide leeway in determining what their termination policy should be. The real problem for Cox was that it appeared not to actually follow its own policy, and thus did not reasonably implement it.

That was over in the 4th Circuit. Last week, the 9th Circuit ruled on a case where there were also questions about a repeat infringer policy, and the ruling is a clean ruling in defense of platforms determining their own rules for terminating repeat infringers. The case, Ventura Content v. Motherless, involves a porn producer suing a site that allowed user uploads of porn. From the description in the case, Motherless qualifies for the DMCA's safe harbors as a site where the content is submitted by users, and the ruling goes into great detail about the steps that Motherless's sole employee, Joshua Lange, goes through to review content uploaded to the site to make sure it doesn't violate the site's terms (which mostly seem aimed at blocking child porn). Motherless also appears to follow a pretty standard DMCA takedown process. Actually, the site appears to go beyond what is legally required in accepting notices that don't even meet the DMCA notice standard, and removing much of the notified content.

While the site did not have a written out "repeat infringer policy," Lange did have some mental metrics he used in reviewing accounts, and did shut off ones that were receiving lots of copyright takedown notices.

Motherless does not have a written policy instructing itsemployees on when to expel repeat infringers; there are noemployees to instruct. Lange personally terminates repeatinfringers; the independent contractor does not terminaterepeat infringers. Termination is a matter of Lange'sjudgment. He considers the following factors in decidingwhether to terminate a repeat infringer: (1) the volume ofcomplaints; (2) the amount of linked content in thecomplaints; (3) the timespan between notices; (4) the lengthof time the alleged infringer's account had been active;(5) the amount of total content the account has; (6) whetherthe user is maliciously and intentionally uploading infringingcontent or uploading content without knowing the source; and(7) whether the takedown notices were DMCA-compliant.Between 2008 and 2011, Lange terminated over 33,000 useraccounts for violating the website's Terms of Use. Langeestimated that he terminated about 4% to 6% of these usersfor possible copyright infringement, which would be between1,320 and 1,980 users.

Ventura argued that, since there's no written policy, Motherless no longer qualifies for the DMCA's safe harbors, which require such a policy. The court, however, points out that Lange's "policy" is good enough.

Doubt that Motherless really does have a "policy" ofterminating repeat infringers that is "reasonablyimplemented" is unavoidable in light of unsystematic andcasual implementation. But doubt is not evidence. Venturahas presented no evidence to establish a genuine issue of factas to whether Motherless failed to reasonably implement itspolicy. Motherless, however, has met its burden. Theabsence of any significant number of repeat infringers whoescaped termination compels the conclusion that a trier of factcould not conclude, on the record before us, that Motherlessfailed to meet the repeat infringer eligibility requirement forsafe harbor. Motherless and Lange are therefore entitled toclaim the protection of the safe harbor.

There are some other good points in there as well, including pointing out that a repeat infringer policy need not be perfect:

Safe harbor eligibility does notrequire perfection, just "reasonable" implementation of thepolicy "in appropriate circumstances." Eligibility for the safeharbor is not lost just because some repeat infringers mayhave slipped through the provider's net for screening themout and terminating their access. The evidence in the recordshows that Motherless terminated between 1,320 and 1,980users for alleged copyright infringement and that only ninealleged repeat infringers had slipped through. Of those nine,only six were before Ventura filed its lawsuit, and only fourof the six had been the subject of more than one DMCAnotice. That suggests that less than one repeat infringer in100,000 active users was missed. If that is the extent offailure, there could be no genuine issue of material fact as towhether Motherless "reasonably implemented" itstermination policy. Congress used the word "reasonable" tomodify "implemented," so the phrase cannot be construed torequire perfect implementation.

And even though the "policy" was all in Lange's head, the court says that's good enough.

The details of the termination policy are not written down.However, the statute does not say that the policy details mustbe written, just that the site must inform subscribers of "apolicy" of terminating repeat infringers in appropriatecircumstances. Motherless consists only of Lange and a fewindependent contractors, and Lange alone determines whento terminate repeat infringers. A company might need awritten policy to tell its employees or independent contractorswhat to do if there were a significant number of them, butMotherless is not such a firm. Small operations in manyindustries often do not have written policies because theowners who would formulate the policies are also the oneswho execute it. There might not have been a need foranything in writing. So the lack of a detailed written policyis not by itself fatal to safe harbor eligibility. Neither is thefact that Motherless did not publicize its internal criteria.

There's a lot more in the ruling, but most of it is pretty standard DMCA stuff, including Ventura ignoring lots of other cases about what constitutes "red flag knowledge." One other thing of note: Ventura, incredibly, tried to argue that Motherless should lose its DMCA safe harbor provisions because the site does some screening. Thankfully the court points out how silly an argument that is:

Ventura cites no authority for the unlikelyproposition that screening out illegal material eliminates thesafe harbor shield. Indeed, section 512(m) says that the lawshould not be construed to eliminate the safe harbor becausea service provider monitors for infringement or disablesaccess to material where the conduct depicted is prohibited bylaw.11 Motherless screens out child pornography because itis prohibited by law. It screens out bestiality because a fewEuropean countries prohibit bestiality pornography by law,and some of Lange's European advertisers voiced concernsabout this content. We find it counterintuitive, to put itmildly, to imagine that Congress intended to deprive awebsite of the safe harbor because it screened out childpornography and bestiality rather than displaying it. Instead,we read section 512(m) to say that Congress expresslyprovided that such screening does not deprive a website ofsafe harbor protection.

I imagine the statements concerning repeat infringer policies may come up in other cases, now that some in the legacy entertainment industry have been choosing to attack that part of the DMCA's safe harbors. Having a nice, clean precedent like this hopefully will help block some of the more ridiculous claims concerning repeat infringer policies.