Protecting online copyrighted content is critical in our increasingly digital world. The Digital Millennium Copyright Act1 (DMCA) was passed in 1998 to combat circumvention of technological measures put in place to protect copyrighted works. How? Through the DMCA’s safe harbor provision.

The DMCA provides a “safe harbor” for service providers who, through no fault of their own, may infringe a copyrighted work, e.g., when a user uploads content, a server caches data, or a search engine includes your website.

The DMCA was created primarily as a solution for service providers, such as YouTube, that host content uploaded by third parties rather than create their own original content. How do you know if you’re a service provider and can benefit from the DMCA? This article answers these questions and discusses cases where the DMCA has been applied recently.


To qualify for protection under the DMCA, you must be a “service provider.” So are you? Quite possibly. Do you provide any sort of online or network services? Do you allow users to upload or post content? Do you provide a search engine, directory, or other information location tools? If you do any of these things, you may be a service provider. Service providers often need protection from liability in the event content uploaded to their site infringes another’s copyrights. As a service provider, you can take advantage of the DMCA’s safe harbor provisions if you take the necessary steps.

Websites that provide electronic storage, search engines, directories, and other information can benefit from safe harbor protections. However, service providers seeking to benefit from DMCA protections must comply with certain provisions. 


The “safe harbor” provision remains one of the most important aspects of the DMCA. The DMCA provides a safe harbor from copyright infringement liability for online service providers who follow certain procedures as explained below.


To qualify for safe harbor protection, service providers must designate an agent to receive notifications of claimed copyright infringement and include certain disclosures on their website.

To designate an agent, a service provider must do two things: (1) make certain contact information for the agent available to the public on its website; and (2) provide the same information to the Copyright Office, which maintains a centralized online directory of designated agent contact information for public use. The service provider must also ensure that this information is up to date, and renew the registration every three years.

Recently the Copyright Office introduced a new online registration system and service provider agent directory. The new system transitions from the paper-based system to an electronic directory. The online directory contains contact information for all designated agents, which is useful for determining the appropriate party to contact in the event of a copyright infringement. Under the new online directory, agent designations made prior to December 1, 2016, expired after December 31, 2017. Service providers must submit new electronic agent designations through the DMCA website2 to benefit from safe harbor protection. 


In addition to designating an agent, service providers must adopt, reasonably implement, and inform users of a policy that provides for the termination of users who are repeat copyright infringers in certain situations. Service providers are encouraged to establish notice and takedown procedures for removing infringing content. Companies allowing third parties to post content on their websites can especially benefit from implementing notice and takedown procedures.

Notice and takedown procedures are beneficial for ensuring that takedown notifications are timely and accurately addressed. Service providers may even escape monetary liability when infringing content is promptly blocked or removed from their sites. Under the notice and takedown procedure, once a service provider is made aware of infringing content, the DMCA requires the service provider to expeditiously remove the infringing content.

The DMCA also requires that providers immediately take down infringing content. If a service provider fails to remove infringing content after receiving multiple takedown notices, the copyright owner can bring a claim against the service provider for its failure to expeditiously remove the infringing content.

In addition to maintaining notice and takedown procedures, service providers are encouraged to put users on notice as to the ways the service providers handle copyright infringement. For example, companies should include information about their DMCA policies on their websites in the Privacy Policy or Terms of Use sections. 


Companies may receive a DMCA takedown notice in response to web content that is allegedly being used without permission of the copyright owner. By including copyright notices when displaying someone else’s copyrighted material, companies can help protect against DMCA complaints. When in doubt, contact copyright owners to request permission to use their work on your site.

For companies with interactive websites, such as those with message boards, blogs, and comment sections, regular monitoring of posts is crucial. Content uploaded by third parties, including text, photographs, and multimedia, should be reviewed regularly to check for copyright infringement. Failure to monitor and take action against infringing content can expose a company to liability.

Instead of directly posting third party content, service providers may link to the original source or reference the original location of the content. DMCA’s safe harbor provision Section 512(d) states that service providers will not be held liable for referring or linking users to a site containing infringing material. By providing a link to the original content instead of reposting that content, companies can avoid monetary damages.



Microsoft and 343 Industries, the developer of the popular Halo video game, recently filed DMCA takedown notices aimed against ElDewrito. ElDewrito is the online communitymade modification (mod) for Halo Online, a Russian PC game based on Halo 3. Microsoft filed DMCA takedown notices against the Halo Online mod, claiming it violated Microsoft’s intellectual property rights. Microsoft stated that the mod was built on Microsoft-owned assets without authorization. Instead of sending a cease and desist letter to ElDewrito, Microsoft chose to employ the DMCA to file takedown notices against sites, such as Twitch, that streamed Halo Online. It remains to be seen what the future holds for the Halo Online mod. In the meantime, the mod remains online but further developments are suspended.


The Ninth Circuit recently decided that Motherless, Inc., a website allowing users to upload pornographic content, was able to benefit from the DMCA’s safe harbor protections. Motherless is a website with more than 12 million photographs and videos, largely of pornographic nature, which are available to users. Users can view the content for free or choose to purchase a premium subscription that allows users to view content without advertisements. Motherless does not pay for the content and instead receives revenues largely from advertisements.

Motherless included notice and takedown procedures on its site and also warned users each time users posted new videos or photographs. The warning told users to avoid posting illegal or copyrighted content. Motherless claimed to remove material in response to receiving DMCA takedown notices and that it also used software to prevent users from reposting the infringing content. While Motherless did not have a written repeat infringer policy, Motherless stated that it terminated more than 30,000 repeat infringer accounts over three years.

Ventura alleged that 33 of its video clips were posted to Motherless without permission. Ventura did not file a takedown notice with Motherless and instead filed a complaint for copyright infringement. Motherless removed the 33 clips after the complaint was filed, but only after requesting links to the video clips twice from Ventura. The court found that because users, not Motherless, were uploading the content, Motherless was able to benefit from the DMCA’s safe harbor provision. In addition, despite its failure to have a formal written repeat infringer policy, the court found that Motherless’ approach to terminating repeat infringers was sufficient for the small size of the company, which only included two employees.

Ross A. Dannenberg contributed to this article.