Info Tech Law: DMCA provides pitfalls and remedies

By Alan S. Wernick
Wernick & Associates

The Digital Millennium Copyright Act (DMCA) contains many remedies, as well as some pitfalls, for copyright owners. However, it also provides protections for alleged infringers.

Among other things, if an Internet service provider (ISP) - which has been broadly construed by the courts to include most website owners/operators - has designated with the U.S. Copyright Office an agent to receive notifications of claimed infringement, then the DMCA provides a safe harbor provision shielding the ISP from liability for copyright infringement under certain circumstances.

If your company has not recorded a DMCA designated agent filing with the U.S. Copyright Office, and receives a valid DMCA notice, without any misrepresentations, it may be liable for the copyright damages available to the copyright owner. But, if your company complies with the DMCA, has done the requisite filing, and acts promptly and appropriately upon receipt of the notice, then it may avoid liability for damages for copyright infringement on your company’s website.

In addition, the DMCA provides a sword to the ISP in the form of a damages remedy available to the ISP, and the alleged infringer, for misrepresentations by a copyright owner in a takedown notice under the DMCA.

The DMCA defines a “service provider” broadly to mean “an entity offering the transmission, routing, or providing of connections for digital online communications, between or among points specified by a user, of material of the user’s choosing, without modification to the content of the material as sent or received.” 17 U.S.C. Sec. 512(k).

An ISP is generally a “service provider” under the DMCA, but many other website owners/operators have found refuge in the broad variety of Internet activities included under Sec. 512(k)(1)(B).

Recently, the U.S. District Court for the Southern District of New York considered the DMCA notices sent by a copyright owner to two ISPs and issued a preliminary injunction against the copyright owner, stopping the copyright owner from sending further takedown letters without court approval.

In Biosafe-One Inc., et al. v Hawks, et al., the plaintiffs alleged that the defendants copied the plaintiffs’ website, among other things. The plaintiffs, prior to the preliminary injunction hearing, submitted two DMCA notices to the defendants’ web hosting companies, resulting in the shutdown of the defendants’ website, and ultimately forcing them to host it overseas at a higher cost.

The defendants argued that filing these notices violated the DMCA’s prohibition against misrepresentation. Both parties moved for preliminary injunctions, including a request by the defendants for damages based on alleged misrepresentations in the plaintiffs’ DMCA notices.

The court held that the plaintiffs failed to demonstrate that they are likely to prevail on their infringement claim, and denied their motion for a preliminary injunction. The court then granted the defendants’ motion for a preliminary injunction and ordered the ISP to reinstate the defendants’ website.

The court then turned its attention to the defendants’ request for damages under DMCA 17 U.S.C. Sec. 512(f), which provides:

“Any person who knowingly materially misrepresents … that material or activity is infringing … shall be liable for any damages, including costs and attorneys’ fees, incurred by the alleged infringer, by any copyright owner or copyright owner’s authorized licensee, or by a service provider, who is injured by such misrepresentation, as the result of the service provider relying upon such misrepresentation in removing or disabling access to the material or activity claimed to be infringing, or in replacing the removed material or ceasing to disable access to it.”

The court, after reviewing the test of 17 U.S.C. Sec. 512(f), held that the defendants failed in their motion for a preliminary injunction to present sufficient evidence to prove a violation of Sec. 512(f): “While defendants have not demonstrated their likely success on the merits, they have demonstrated sufficiently serious questions going to the merits to make them fair grounds for litigation and a balance of hardships tipping in their favor. To succeed on their claim, defendants need only prove plaintiffs knew defendants were not infringing when they submitted the DMCA notices. Defendants have not yet had the opportunity to fully develop this theory.”

The court went on to say that portions of a plaintiff’s testimony lacked credibility, and a fair issue exists as to whether his statements that the defendants’ website infringed when the plaintiff sent the DMCA notices were intentionally and knowingly false.

This opens the door to the defendants’ potentially receiving a Sec. 512 damages award upon a full hearing on the merits. As in some other cases, the copyright owner in this case may find itself liable for damages for misrepresentations made in the copyright owner’s DMCA takedown notice.

The bottom line is that while the DMCA provides some powerful remedies to copyright owners, it also presents some potential pitfalls, and potential liabilities.

© 2008 Alan S. Wernick

Info Tech Law: Computer contracts — the four corners

By Alan S. Wernick
Wernick & Associates

Computer contracts are different from most other types of contracts. Often they include a mix of tangible and ­intangible property, technologies, concepts, and terms not found in many other contracts. A recent U.S. district court case points out some of the difficulties that can arise in a computer contract.

In Rockland Trust Co. v. Computer Associates International, Inc. (USDC, MA, 2007), the court had to interpret a software licensing agreement and addenda executed in late 1990 and early 1991 between a large bank (Rockland Trust Company, the plaintiff) and a large computer vendor (Computer Associates Inter­national, Inc., the defendant).

To put this in perspective, this computer contract dispute involved a business-critical software acquisition. The contracts were ­executed in 1991, with an addendum in 1993, and a complaint filed in July 1995, initiating a lawsuit that was finally resolved by the court in August 2007 - some 12 years later. A review of the court’s docket indicates a number of reasons for the delay, including numerous ­requests for extensions filed by both parties in the dispute, discovery issues, and multiple ­motions filed. In the Rockland case, the defendant, CAI, asserted $1,160,586.81 in attorney fees and costs - an amount slightly in excess of the unpaid invoices in CAI’s counterclaim!

The original computer contract provided, among other things, a limited warranty and an integration clause. One key focus of the dispute was the interpretation of this integration clause. The contract “integration clause” says in essence that what the parties intend is set forth within the “four corners” of the contract document and if not stated therein, it’s not part of the deal.

Several disputes arose, including one over the adequacy of the functional integration (not to be confused with the legal integration clause) of the various modules in the banking software delivered by CAI to Rockland. In ­reviewing the facts, the court noted that the agreement did not define the term “integration” (in the functional sense). The plaintiff, Rockland, argued that the brochures presented by CAI described the system’s functional ­integration, and were part of the contract. The court disagreed, pointing instead to the integration clause of the contract and noting that the brochures were not made a part of the contract. The court stated:

“In short, Rockland Trust received the Inte­grated Commercial Loans software it evaluated and purchased, and there is no evidence that Computer Associates failed to use its best ­efforts to correct problems, after having been informed that the product failed to meet the published specification. There is also no persuasive evidence that Computer Associates’ upgrade efforts were inadequate or below ­industry standards, even though they were ­ultimately unsuccessful.”

According to an SEC filing, Rockland paid CAI $1,089,113.73 plus prejudgment ­interest of $272,278.43, for a total of $1,361,392.16.

To date, the computer system acquisition contracts that I have personally negotiated and drafted have all gone to “system works” and none of them have resulted in any liti­gation. Thus, my involvement in computer system contract disputes has been when some­one else has drafted the computer contracts and a problem has arisen, or I am reviewing the computer contract in my role as an arbitrator or mediator.

In that role, I have encountered numerous other examples of issues relating to the integration clause, including performance failures due to data conversion problems (the contract failed to define the conversion process); inadequate response time (the contract failed to define response time); or scope of use problems (the contract failed to define how or where the software was to be used).

Given that the integration clause states that the terms of the agreement are completely contained within the four corners of the ­document, whenever the contract fails to properly address a particular issue, conflicting interpretations can arise that can lead to legal disputes.

Acquisition of any reasonably sophisticated computer system embodies unique aspects, and each should be examined through the lens of the contract’s integration clause. The Rockland court highlights this perspective when it states: “[Functional] Integration is not defined in the License Agreement, and is mentioned only in the title of the three software components. … I find [Rockland] has failed to meet its burden of demonstrating that the [CAI] software package lacked contractually mandated ‘integration,’ even if the term is construed broadly.”

The bottom line is that the contract’s integration clause is a very important provision in the agreement. Often when speaking with a client about the computer contract provided by the other party I will focus the client’s ­attention to the integration clause first, and then discuss the remainder of the contract. In discussions about a computer system ­acquisition - particularly a business-critical acquisition - when something is identified as important, then it should be properly ­included within the four corners of the ­agreement.

©2008 Alan S. Wernick
alan@wernick.com

HBR Case Study on Data Breach

An interesting data breach case study appears in the September 2007 online issue of the Harvard Business Review. The HBR case study is titled “Boss, I Think Someone Stole Our Customer Data” and is available at http://tinyurl.com/2q87md. Although profiling a fictitious company, this HBR case study presents interesting perspectives on some of the dynamics and pressures a company faces in a data breach. This HBR case study provides some insight into the legal implications of a data breach, although it is by no means a complete analysis. You need to consider many other issues in order to get a complete picture. One new factor to be aware of is that several states adopted or are considering, legislation that will make a retailer (such as one like the fictitious company in the case study) liable for remediation costs incurred by businesses (e.g., banks) when they are required to notify individuals of data breaches. For instance, these laws allow financial institutions to seek reimbursement from a third party (e.g., a retailer) responsible for the breach of all “reasonable and actual costs,” including the costs of cancelling and reissuing credit cards, closing and/or reopening accounts affected by the breach, stop payment actions, unauthorized transaction reimbursements, and the providing of a breach notice to affected individuals. Congress, in the House Financial Services Committee, may be considering similar legislation later this year. The thrust of this legislation is to hold accountable parties who have in some way been the cause of the data breach (for instance, for failure to comply with applicable industry standards such as PCI and others).

Alan S. Wernick writes the Info Tech Law column for the magazine.