With the on-going growth of the cloud-based technology, the amount of copyright-protected materials which are saved and edited with cloud computing services is exponentially increasing. In this scenario, the protection of intellectual property on the cloud and the liability of the cloud providers are becoming a major issue for legislators and courts to take into consideration.
Before addressing the issue of the liability of cloud providers in case of breaches of copyright a general overview on the services which are provided in the cloud is required, so as to understand which is the role of the service suppliers and how the fruition of copyrighted works has changed with the introduction of the cloud.
The major distinction is between cloud-based services and the so-called locker services. The first category includes those services that enables users to access to a “public cloud” and upload and store user-generated contents on the server controlled by the cloud provider, such as YouTube. Among such services, a sub-category is represented by the so-called cyber lockers, which primarily differs from other cloud-based services as the formers lack any restrictions on who can download files that have been uploaded, but, more important, they offer monetary incentives to users who upload contents that are frequently downloaded and premium accounts that remove restrictions on download speeds and waiting periods. Differently, locker services are all those services which do not offer just a service of backup, but enable each user to have his own portion of the public cloud controlled by the provider, the so-called “individual public cloud”, where user contents are no longer stored indiscriminately, but are stored and available just in that specific portion of public cloud. Examples of locker services are Dropbox or Google Music.
Now, the question is how to regulate the vast number of services included in the definition of cloud services. In general terms, the rules on the liability of Internet Service Providers seems to be feasible at least for cloud-based services providers. Thus, in principle, such intermediaries might be subject to Article 16 of the Legislative Decree no. 70/2003, implementing in Italy the Directive no. 31/2000, which grants to hosting providers a “safe harbor”, providing that they would be absolved from liability (also in case of copyright infringements) where (i) they do not have actual knowledge of unlawful activity or information, or awareness of facts or circumstances from which the illegal activity or information is apparent; and (ii) upon being made aware or acquiring actual knowledge, act expeditiously to remove or disable access to the information. No general monitoring obligation would apply to them. However, each service has its own specific features and the situation is even more complicated when it comes to locker services.
With regards to the enforcement, an instrument for the protection of copyright on Internet might be found in the Regulation on the protection of copyright on the Internet and media issued by the Italian Communications Authority (AGCOM), which among other things provide for a notice and take down procedure for potential copyright breaches. However, doubts still exist on the efficacy of this Regulation, as it appears from the “Eyemoon” operation which involved the website “Mega.co.nz”, the successor of the disappeared Megaupload.