Internet Service Providers (ISPs) play a major role in our everyday lives.  As gatekeepers to the internet, they provide us with the means to collect and publish information, and the means to communicate with the world.  In this sense, ISPs offer a broad service that involves publishing, broadcasting and communications.

But what happens when the user of an ISP service acts illegally?  For instance, what if the user publishes defamatory material, incites criminal activity, or breaches someone else’s copyright?  In these circumstances, can the ISP be held responsible for the user’s actions? 

We can draw several analogies, such as comparing the ISP to a newspaper that has published the writer’s specific material, a broadcasting company that has allowed its subscriber to sell a specific product, or a telephone company that simply provides the physical means of communication.  Unfortunately, each of these analogies can result in a different answer.  So, how do we decide if or when the ISP is liable for its users’ actions?

“Safe harbour” provisions

Many countries have provided ISPs with “safe harbour” provisions in legislation.  For example, in the US and Europe, the Digital Millennium Copyright Act (DMCA) and the European E-Commerce Directive respectively strive for a balance between a growing digital economy and the protection of intellectual property rights.  The DMCA shields ISPs from copyright infringement liability, but only when the ISPs:

  • Do not have actual knowledge of the copyright infringement;
  • Have not financially benefited from the copyright infringement;
  • Comply with “takedown” standards for removing copyright material from its servers; and
  • Establish a system for dealing with copyright infringement complaints.

The provisions of the DMCA were always intended to apply to traditional “access” ISPs, being those who connect their clients to the internet.  However, with a rapidly changing technology landscape, the Courts have also been asked to apply the provisions to various newer kinds of online intermediaries, such as “hosting” ISPs (those offering data hosting servers) or “transit” ISPs (those selling bandwidth).

Most recently, on 14 March 2013, the US Ninth Circuit Court of Appeals held that Veoh, a file sharing website similar to YouTube, was not liable for the copyright infringement of its users.[1]  Users of the website can upload videos, which are hosted in a particular format on Veoh’s servers and made available on its website.  Unfortunately, many users uploaded copyright music videos belonging to Universal Music Group (UMG) and other record labels.  Veoh profits from its service by selling advertising.

The Court found that Veoh did not have a “substantial influence” over its users or a high level of control over its users’ activity; nor did it have a precise knowledge of the type of copyright infringement taking place.  When Veoh was provided with knowledge of copyright infringement (such as when it received takedown notices from copyright owners), it had complied with the DMCA requirements by removing copyright materials.  The decision follows a more stringent decision released in 2012 involving video giant YouTube.[2]

Similar questions will also be considered in the much-anticipated MegaUpload case, now due to be heard in New Zealand in August 2013. The issues for determination include allegations of of copyright infringement and conspiring to commit copyright infringement..

The New Zealand  Copyright Act was amended in 2011 to provide narrow safe harbour protections for access ISPs, termed “Internet Protocol Address Providers” (IPAPs).  IPAPs are shielded from vicarious copyright infringement liability if they comply with their obligations to assist copyright owners under a graduated response scheme.  We have discussed this regime, including the role of IPAPs, in greater detail in previous articles.[3]

However, what remains to be seen is what might happen to an IPAP that fails to comply with its obligations, or whether other ISPs that do not fall within the “IPAP” definition (for example, Kim Dotcom’s MegaUpload) may be found liable for their users’ actions.

Blocking orders

Rather than seeking large monetary awards from ISPs, the British Phonographic Industry (BPI) has taken a more reserved approach than UMG.  The BPI has led nine major record labels in two recent cases against UK ISPs, requesting that access to certain websites be permanently blocked.

In April 2012, the High Court of England and Wales ordered major UK ISPs to block access to The Pirate Bay, the most notorious of all torrent websites.  In reaching his decision, Justice Arnold stated that the owners of The Pirate Bay went beyond enabling copyright infringement: they blatantly encouraged it.  The downfall of the ISPs was in their knowing that so many users accessed The Pirate Bay each month.  The ISPs had been provided with specific visitor statistics and had received complaints from various copyright owners long before BPI filed proceedings.  The decision also followed the precedent of the ‘Newzbin’ case of October 2011, where ISPs were ordered to block access to all Newzbin2 services.

On 28 February 2013, the same High Court made a similar order for ISPs to block three more torrent websites: KickassTorrents, H33T, and Fenopy.  KickassTorrents was among the 50 most visited sites for UK internet users and has an estimated annual advertising revenue of between US$12million and US$22million.  While the effectiveness of website blocking has been questioned given the ease by which one can circumvent such blocks, the High Court orders must surely be having some impact on the file sharing landscape.

This line of UK decisions can be contrasted with the position in Australia, where the third biggest ISP, iiNet, successfully defended claims that it had authorised or enabled copyright infringement by allowing users to download copyrighted material.   There, it was held that the extent of an ISP’s power is “limited to an indirect power to determine its contractual relationship with its customers” and does not extend to taking positive steps to ensure that its customers are not infringing copyright.

Nonetheless, service providers worldwide should be wary, and at the very least, should comply with any local regulations requiring positive steps to monitor or restrain their users.  They should be particularly careful when they know or ought to know that their users are infringing copyright.  The courts of a number of jurisdictions have been disapproving of service providers that are satisfied in earning subscriptions fees without taking any responsibility for the significant public service they provide.