The majority of the provisions of Canada’s Copyright Modernization Act (the “CMA”) entered into force today, November 7. Let’s take a look at three issues related to “data governance”: Technological Protection Measures (TPMs), ISP liability, and private copying.
TPMs, or “digital locks”, are technologies, devices or components that provide protection or copyright materials through either access control or copy control. Three types of protection for TPMs are introduced under the CMA, prohibiting:
- circumvention of access-control TPMs;
- offering circumvention services to the public; and
- manufacturing, importing, distributing, selling, renting or providing devices, technologies or components whose primary purpose is circumvention.
“Digital locks” enable copyright holders to dictate how their material may be used. Under the CMA amendments, however, these locks may ultimately disallow activities that the Copyright Act deems to be non-infringing. This could occur, for example, where a person circumvents a TPM to access a work for a purpose that falls under “fair dealing”, or to change the format of a TPM-protected song purchased on a CD to an MP3 to be played on another device. Both of these examples (fair dealing, transfer of format) are non-infringing uses because specific exceptions apply to them. They would nonetheless be prohibited where the work is protected by an access-control TPM.
There are certain limited instances where circumventing an access-control TPM will not infringe copyright, including circumvention for the purposes of software interoperability, encryption research, network security, and for unlocking a wireless device (jailbreaking a cellphone). The government may enact regulations adding to the above list of exceptions.
Liability and Responsibility of Internet Service Providers (ISPs)
The Supreme Court of Canada has held that ISPs do not participate in the copyright infringement of their users (see SOCAN v. CAIP, 2004 SCC 45 ) . If they merely provide “passive connections” for content, and if acting solely as intermediaries for their users and subscribers, ISPs are generally not liable for infringing content.
The amendments effectively codify this approach to ISP liability. They grant exceptions for “providing services related to the operation of the Internet or another digital network”, for caching and other similar incidental acts, and for hosting. This will restrict liability, for example, in the area of cloud computing. Some exceptions are also provided for search engines or “information location tools”.
Notwithstanding the limits on liability of ISPs and online service providers, however, ISPs and others who knowingly enable copyright infringement can be held civilly or criminally liable for such acts.
Moreover, a “notice and notice” regime will apply: where a copyright holder provides notice to an ISP of potential infringement by an ISP’s subscriber, the ISP will be required to forward notice “without delay” to that user, and to maintain records of the user’s activity for six months (or one year if proceedings are commenced). This largely codifies current industry practice, however the government has delayed entry into force of the legislated”notice and notice” regime until it has conducted further consultations with stakeholders, and enacted related Regulations.
Private Copying – MicroSD cards
In a previous post, we noted the government’s announcement that it intended to enact Regulations to exclude microSD cards from the application of the “private copying” regime. The MicroSD Cards Exclusion Regulations (Copyright Act) have been enacted, and also enter into force today, November 7.