Digital Millennium Copyright Act and its Safe Harbor

If you’ve ever scrolled through a website’s Terms of Use before clicking “I Agree” (its ok if you don’t, I don’t even think many lawyers do it) you may have seen something called the Digital Millennium Copyright Act or DMCA. In the Terms of Use there is usually an address to contact the site’s DMCA Agent.

Way back in 1996, the US entered into two treaties: the World International Property Organization (“WIPO”) Copyright Treaty and the WIPO Performances and Phonograms Treaty. The provisions of these treaties were implemented by DMCA when President Clinton signed it into law in 1998. (Long time ago I know, I’ve had a lot of questions regarding it lately and wanted to get an explanation out there).

The DMCA covers a lot of different areas, if you are feeling ambitious the full text is here. Good luck. Website owners routinely want to know if their site’s users post or transfer material to which a third party copyright is held will incur liability. The answer is that the DMCA “Safe Harbor”, if properly complied with, will limit any such liability.

The real heart of the DMCA relates to circumvention of access and copy control mechanisms. Section 1201 of the DMCA sets forth the requirement to provide adequate and effective protection against circumvention of technological measures used by copyright owners to protect their works. It divides technological measures into two areas: (1) measures that prevent unauthorized access to copyrighted works, and (2) measures that prevent copying of copyrighted works. These are usually called DMCA’s “anticircumvention” provisions, which make it illegal to circumvent a technological measure protecting access to or copying of a copyrighted work. What that means in English is that the DMCA prohibits people from distributing or accessing copyrighted materials (documents, audio files, etc.) which is otherwise protected by the copyright holder.

If you can’t access a document on a site except by using an id and password that is an access control.
If you can access a document but can’t download or copy it then that is a copy control. Many sites use both. Circumventing either type of control is what the DMCA prohibits. There are a number of exemptions in the DMCA.

Another part of the DMCA gives web hosts and Internet Service Providers a “safe harbor” from copyright infringement claims if they implement certain notice and takedown procedures. In 1998, Congress the On-Line Copyright Infringement Liability Limitation Act (OCILLA) (which was codified in Section 512 of the DMCA) specifically for the purpose of providing internet service providers protection from copyright infringement actions done by their users. If the ISPs meet the factors in the safe harbor it is exempted from any copyright infringement claim due to conduct of their customers. Only the infringing customer would be liable for monetary damages, the ISP’s site or network should not be liable assuming full compliance.

The safe harbor requires ISPs have and use notification and counter-notification procedures with respect to copyright infringement on their sites. The sites must accept and take action on DMCA notices and possibly terminate certain infringing user’s accounts or access to the site or network.

Initially to qualify for safe harbor protection the ISP must give notice to its users of its policies regarding copyright infringement and possible termination of accounts for repeated infringement. This is normally set forth in the site’s Terms of Use. The rules must be “reasonably implemented” so that subscribers, account holders and site users are informed of the terms.

If a third party sees an infringing use on a website, that party can contact the website’s DMCA agent, whose contact information should be in the site’s Terms of Use. The copyright owner must provide the DMCA agent with information about it and the material it has the copyright on. The site owner should register its DMCA agent with the US Copyright office by filing the form and paying the fee –

If the site’s DMCA agent gets a notice, or finds infringing material on the site on its own accord, it must
remove or disable access to it. The site must give notice to the user after the material has been removed or access to it disabled (not notice is required prior to removing/disabling). The user can then file a counter-notification to the DMCA agent to plead its case as to why the original DMCA notice was incorrect, for whatever reason there may be.

In addition to the notification policy and procedures above, for reference here are the factors that the ISPs or site owners must adhere to to make sure they are eligible for the safe harbor protections (from DMCA Section 512):
• The service provider is an entity offering the transmission, routing, or providing of connections for digital online communications;

• The service provider did not initiate the transmission of the material;

• The transmission, routing, provision of connections, or storage is carried out by an automatic technical process;

• The Internet user, not the service provider, must select the origination and destination points of the communication;

• The service provider must not modify the communication selected by the Internet user;

• The communication is transmitted through the system or network of the service provider;

• No copy of the communication is maintained on the system or network in a manner ordinarily accessible to anyone other than anticipated recipients; and

• No copy is maintained on the system or network in a manner ordinarily accessible to anticipated recipients for a longer period than is reasonably necessary for the transmission, routing, and provision of connections.