Home / Blogs

The Limits of Notice and Takedown

In The Limits of Filtering, Evan Engstrom and Nick Feamster argue eloquently that the costs of a “takedown-staydown” system to defend against copyright infringement would be prohibitive for online service providers (OSPs) and therefore deprive OSPs of otherwise interested investors. I agree that Engstrom and Feamster raise some valid points, particularly including that content recognition technologies are not perfect (he cites a 1-2% error rate on the specific technology he had tested) and may have costs to the OSP. However, we must also remember that the current DMCA regime imposes significant costs on content creators, particularly on small or individual artists who cannot afford the time or resources to engage in the endless whack-a-mole of notice and takedown. Moreover, the law fails to strike a reasonable balance between the legitimate needs of platforms to innovate and the needs of content creators to protect their works.

The Current Notice-and-Takedown Regime

As Engstrom and Feamster note, the DMCA today grants an OSP a safe harbor with regard to the storage or indexing of or linking to copyright-infringing material if they have no actual or constructive knowledge that the material is infringing, and if, once advised of the fact of infringement, they act expeditiously to remove or disable access to the infringing material. In other words, “takedown” is a remedy under law available to OSPs who wish to allow their users to share material with others online.

This provision has been problematic for rights holders because identical, or substantially identical, material can simply be uploaded again after each “takedown”. This creates an asymmetric, burdensome cat-and-mouse game between a holder of copyright and hundreds or thousands of deliberate infringers of that copyright, since content, once “taken” down, does not “stay” down. Most troublingly, this creates a massive imbalance between the interests of online service providers and the interests of small or individual artists.

The difference between “takedown” and “staydown” turns on the definition of “actual or constructive knowledge” in that, a service provider is presumed by courts to be unaware of the infringement status of materials until after they receive a complaint from a rights holder. This presumption is rendered invalid by today’s availability of commercially reasonable technology and tools which are capable of accurately comparing and matching many types of digitized artworks—for example, older material which a service provider has taken down as a result of a complaint by a rights holder, and newer, substantially identical material which is in the process of being uploaded.

Such content recognition technologies are not perfect (as noted, the Echoprint technology tested by Prof. Feamster at Princeton found an error rate of 1-2%), but the question is whether they are effective. To my mind, an effectiveness rate of 98-99% (the converse of Prof. Feamster’s error rate) is clearly effective and certainly a vast improvement over today’s flailing notice and takedown regime. Simple procedures can be readily adopted to address the relatively small number of false positives—such as a system by which uploaders can dispute the validity of a particular block (much as the DMCA currently provides for counter-notices). Engstrom and Feamster also point out that most piracy websites are overseas and therefore asserts that amending the DMCA to implement takedown-staydown would be pointless. I believe that the United States of America should set an example for rights protection that we want the rest of the world to follow. Also, while the site’s operator may be overseas, the content itself may often be found hosted on U.S servers.

There’s no question that running a content sharing OSP is more expensive if the cost of intellectual property protection is not externalized onto rights holders via the flawed “notice and takedown” provisions of current copyright law. However, a potential investor who had concerns in this area would be more likely to step away from the deal because of the uncertain liability and business conditions stemming from current copyright law, than because of required spending on intellectual property defense. A takedown-staydown rule with reasonably clear guidelines can provide the legal certainty and safe harbor that start-ups and investors desire while respecting the legitimate needs of content creators. Any business which cannot afford its own reasonable costs in defending its own supply chain—which includes the rights of the creators of content the site wishes to traffic in—should, in fact, be seen as less valuable.

A Solution

The current DMCA provides that an OSP must have a policy for terminating repeat infringers in order to be eligible for legal safe harbor. In today’s vibrant social networking culture, no proof of age or identity is required when creating a new account, and as a result, there is no practical way to detect or defend against repeat infringers as contemplated by the law. Online access is free, and any copyright infringer can create an unlimited supply of online identities. Since the intent of this provision of the law was and is to protect rights holders, we must consider the matter of repeat infringements and not just repeat infringers.

My proposal is for 17 U.S. Code § 512 to be revised to apply to repeat infringements and not just to repeat infringers, in which event an OSP would not be eligible for safe harbor unless they took reasonable precautions to prevent such repeat infringement. Congress could add a new § 512 (i) (1) (B) to provide for the OSP to adopt and reasonably implement: “a policy that automatically detects and either rejects or withholds from publication any uploaded work or referral to any online work which is substantially identical to an uploaded or online work that the online service provider has previously removed due to rights holder complaint, where such substantially identical nature can be determined using commercially reasonable technical measures.”

Under this provision, a rights holder need only complain once or twice to each OSP about any given infringing work. After that, the law’s safe harbor provision would not protect the OSP against further infringement involving that copyrighted work, regardless of the apparent identities of the various infringers or the relationships of these infringers to the provider. This can be achieved without creating a surveillance state and without requiring a central registry of infringements or infringers. In fact, it can be achieved without any data sharing at all between OSPs.

While this revision to 17 U.S. Code § 512 would still require rights holders to monitor many different OSP’s and to send complaints to any or all of them whenever infringing material was discovered, this would be a heavy but finite and therefore reasonable burden. By contrast, in today’s world, and under current copyright law as practiced, that burden is effectively infinite and therefore not reasonable.

Conclusion

Rights protection costs for artists have become, thanks to the current interpretations of the DMCA, a significant burden. As a practical matter, smaller artists are overwhelmed by massive levels of online copyright infringement that threaten the businesses of even the largest rights owners. An interpretation of, or amendment to, 17 U.S.C. § 512 as described would align the interests of rights holders with the interests of online service providers by requiring staydown, not just takedown, of infringing works.

See also: Vixie, Paul - First Round Comments - 2016 Section 512 Study

By Paul Vixie, VP and Distinguished Engineer, AWS Security

Dr. Paul Vixie is the CEO of Farsight Security. He previously served as President, Chairman and Founder of Internet Systems Consortium (ISC), as President of MAPS, PAIX and MIBH, as CTO of Abovenet/MFN, and on the board of several for-profit and non-profit companies. He served on the ARIN Board of Trustees from 2005 to 2013, and as Chairman in 2008 and 2009. Vixie is a founding member of ICANN Root Server System Advisory Committee (RSSAC) and ICANN Security and Stability Advisory Committee (SSAC).

Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Cybersecurity

Sponsored byVerisign

DNS

Sponsored byDNIB.com

Domain Names

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

Brand Protection

Sponsored byCSC

New TLDs

Sponsored byRadix

Threat Intelligence

Sponsored byWhoisXML API