Court Says RIAA Can Just Tell Cloudflare Any Site Is A Grooveshark Clone... And Cloudflare Has 48 Hours To Dump Them
from the due-process? dept
Earlier this year, we were fairly concerned when a court ruled in favor of the RIAA in saying that Cloudflare had to automagically block any site that mentioned "Grooveshark" in the URL. Thankfully the court walked that back a bit, saying that the RIAA still had to inform Cloudflare of specific sites, but it still seemed problematic. The issue involved a few "fake" Grooveshark clones (sites pretending to be Grooveshark clones, but which actually were not). The RIAA can go after those sites directly, but the court's willingness to drag in a third party like Cloudflare was immediately problematic. That was a key part of SOPA -- the law that did not pass, yet judges keep pretending it did anyway.Not surprisingly, whoever operated these sites ignored the lawsuit, leading to a default judgment in the RIAA's favor. That's to be expected when the defendants don't show up. But what's troubling is that the court keeps the injunction for Cloudflare in effect, basically letting the RIAA just designate any particular site as a Grooveshark clone, which Cloudflare then needs to dump within 48 hours. Even worse, if CloudFlare simply comes across a possible violation of the order by a customer, it has to proactively kick the site off its service. From the order:
IT IS FURTHER ORDERED that, in accordance with the terms of the Court's June 3, 2015 Order and its July 9, 2015 Order modifying same, CloudFlare is bound by this Order. Upon receipt notice from Plaintiffs or if CloudFlare otherwise has knowledge of an infringement or other violation of the Permanent Injunction on the part of one of its customers, CloudFlare shall cease providing its services to that customer as soon as possible, but no later than 48 hours after receiving such notice or obtaining such knowledge. CloudFlare may expeditiously notify its customers of any impending termination of their accounts as a result of this and related Court Orders.This raises some fairly serious due process concerns. First off, Cloudflare certainly shouldn't be put in the position of determining what is and what is not infringing or violating this Court Order (in a case where it's not even a party). That puts tremendous burden on an unrelated party and it's a burden that almost certainly will pressure CloudFlare to kick sites off its service with nothing even close to resembling due process. Similarly it provides tremendous power to the RIAA to seriously damage website it doesn't like if they happen to use CloudFlare -- again with little to no due process.
That's not how the law is supposed to work. If there is infringing content, the DMCA allows the RIAA to file takedown notices, which have a clear process for notification and takedown of the infringing works. But what this order allows for is a vague standard, based on no clear law, to completely cut off services for a website, with no due process, no standard notification system and no clear appeals process.
As a default ruling in a district court this has basically no precedential value, but is quite worrisome nonetheless. Even if you believe that sites setting themselves up as Grooveshark clones deserve to be taken down, you should at least support basic due process before they can be killed off, right?
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: copyright, dmca, injunctions, sopa, takedowns
Companies: cloudflare, grooveshark, riaa
Reader Comments
Subscribe: RSS
View by: Time | Thread
"Oh would you look at that, I've just been struck blind..."
If CloudFlare is smart, they'll turn completely blind, ignoring anything and everything that might lead to them acquiring knowledge that would cause this part of the ruling to kick in for as long as they can maintain plausible deniability, because the second they start acting pro-actively, not only are they kicking their own customers off of their service based on nothing but accusation, they'd placing themselves in the position where if they miss anything they'll take heat for it.
'You went after X but didn't go after Y? Clearly you were negligent, and need to be punished.'
And hey, so long as we're forcing unrelated third parties to act as unpaid, private enforcers for others, why stop here?
Let's force gas stations to refuse service should any of their customers be accused of using their cars to commit crimes.
Force stores to bar customers from making purchases there if they're accused of using their purchases for illegal actions.
So long as the courts are going to go nuts with the whole 'let's force one company/industry to do the work of another company/industry', might as well go all the way, right?
[ link to this | view in thread ]
The RIAA can go after those sites directly, but the court's willingness to drag in a third party like Cloudflare was immediately problematic. That was a key part of SOPA -- the law that did not pass, yet judges keep pretending it did anyway.
The judge isn't pretending that SOPA is the law. What a ridiculous claim. Why don't you look at the actual law the judge based her authority on, like FRCP 65, 17 USC 502, 15 USC 1116, 15 USC 1125, 28 USC 1651, and the court's inherent power?
Why are YOU pretending that these laws aren't the ones the judge invoked? Why are YOU pretending that this has anything to do with SOPA?
Utter nonsense, Mike. Sad, utter nonsense.
[ link to this | view in thread ]
Four counts of 'willful cybersquatting: $400,000
Eighty-nine counts of 'willful copyright infringement': $13,350,000.
Total fine amount: $15,750,000.
I'm pretty sure someone could rob blind every store and house in a modest sized town and still get a fine smaller than the one in this case, and all for actions where if the actual damages suffered amounted to so much as 5% of the fine amount I'd be greatly surprised.
Statutory damages, for when you're too lazy to, or incapable of, demonstrating actual damages, and/or too greedy to want anything less than a few million for your time.
[ link to this | view in thread ]
Re:
The Judge might be able to support her decision in all sorts of ways, but giving the RIAA the power to demand a 3rd party do whatever they are demanded to without any judicial review or downside for screwing what very well could be an innocent 3rd party isn't what the law is for.
The RIAA has gotten these sorts of super powers before, and they fucked it up. They shuttered sites who did nothing wrong but the parties involved kept them down waiting for the RIAA to back up their claims which had no fscking merit.
This is overreach, but sadly until they pick the wrong target who can afford a long protracted legal fight they will abuse this power at their whim.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
Imagine if I had a problem with stalkers peeping through my apartment window, and I got an injunction telling my landlord that he had to personally eject anyone I specified from the premises. Yeah, there was illegal activity going on, and that injunction might help solve my stalker problem, but doesn't that give me a bit too much power, and violate the rights of my landlord?
[ link to this | view in thread ]
[ link to this | view in thread ]
.io .pw .vc .li ccTLDs
• .io ccTLD • .pw ccTLD • .vc ccTLD • .li ccTLD
[ link to this | view in thread ]
pro-active policing
A Dutch court ordered usenet service provider News-Service.com to pro-actively find and remove all infringing content uploaded by millions of anonymous users (news-service voluntarily shut down rather than attempt to comply) and the appeals court was supposed to issue its ruling this past week, but this has been delayed another month. If the original judgement against News-Service is not overturned, that could spell the death of Usenet (at least in the Netherlands)
[ link to this | view in thread ]
[ link to this | view in thread ]
Judge is writing new case specific law
This would be the same as requiring a landlord to within 48 hours evict any tenant that is accused of violating copyright by the RIAA, because the RIAA won a case against a single different tenant 20 years ago.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Cloudflare is blocking Tor exit nodes
theregister.co.uk just "went dark" this past weekend.
I wonder how many readers this will cost them.
[ link to this | view in thread ]
Re: "Oh would you look at that, I've just been struck blind..."
While I haven't heard of this concept from a legal standpoint there has been civil liability penalizing business' that didn't refuse sale. If your neighborhood 'mom & pop' tobacco shop sells certain items that can also be used for illegal drug activities you may see a sign posted that anybody even hinting at illegal uses will be refused and asked to leave. Bars have been sued (and some have lost) over serving too many drinks to a customer who then drove and caused an accident, even if they were not legally intoxicated.
Any business can refuse to do business with anybody for any reason. Problems arise when a third party tells a business to refuse business. If the third party is the government there is - supposedly - due process before hand. Example: business' may not sell alcoholic beverages to anybody under 21 years of age (US law). When the third party is NOT the government what due process is there?
[ link to this | view in thread ]
Re: "Oh would you look at that, I've just been struck blind..."
That's what's know in legal circles as "willful blindness", and courts generally don't accept it as a defense.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
Talk about ridiculous claims. The judges actions in this case go far beyond those laws.
Utter nonsense, Mike. Sad, utter nonsense.
The utter nonsense here seems to be your own.
[ link to this | view in thread ]
Re: Cloudflare is blocking Tor exit nodes
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re: "Oh would you look at that, I've just been struck blind..."
[ link to this | view in thread ]
Maybe this will slap some sense into that completely irresponsible company making the net worst one dollar at a time.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re:
I disagree. The defendant (Grooveshark) was found to be directly liable, and willfully so. Grooveshark was enjoined. An injunction binds the party and anyone aiding and abetting them. The court held that CloudFlare was aiding and abetting Grooveshark, and thus it was bound by the injunction as well. Both Grooveshark and CloudFlare have had ample access to the courts. Lots of due process. All that's due under the Due Process Clause. This is exactly how the law is supposed to work. It's how it in fact has worked for centuries.
The Judge might be able to support her decision in all sorts of ways, but giving the RIAA the power to demand a 3rd party do whatever they are demanded to without any judicial review or downside for screwing what very well could be an innocent 3rd party isn't what the law is for.
Grooveshark and CloudFlare have had tons of due process. If it circumstances dictate, either one can go back to court and make their case that something should be changed.
The RIAA has gotten these sorts of super powers before, and they fucked it up. They shuttered sites who did nothing wrong but the parties involved kept them down waiting for the RIAA to back up their claims which had no fscking merit.
You haven't provided a single example, so it's hard to know what you're referring to.
This is overreach, but sadly until they pick the wrong target who can afford a long protracted legal fight they will abuse this power at their whim.
Nonsense. Grooveshark and CloudFlare have had ample legal representation.
[ link to this | view in thread ]
Re: Re:
Yes, it's a good thing to prevent others from aiding and abetting enjoined defendants to violate their injunctions. Or are you arguing that CloudFlare should be allowed to aid and abet others? I'm sure Mike agrees.
[ link to this | view in thread ]
Re: Re:
I'm happy to discuss each one on the merits. You know, the opposite of Mike. You game?
[ link to this | view in thread ]
Re: "Oh would you look at that, I've just been struck blind..."
CloudFlare are probably already doing this. Any form of investigation or checking may be seen as the Safe Harbour no longer applying; that is, CloudFlare knew what was going on.
It's far safer for all service providers to ignore everything unless someone complains.
[ link to this | view in thread ]
Re: Re:
It's more complicated than that. Sadly, you won't get any nuance from Mike, but that's simply because he doesn't know what he's talking about. He's just here to stir the pot, not to have a reasonable discussion on the merits. That's why he runs away rather than defend his nonsense.
SOPA applied to the U.S. Attorney General and to private rightholders. There was nothing in SOPA about private rightholders being able to go after domain name services, like CloudFlare. So it's simply not true, as Mike childishly claims, that SOPA would have given rightholders the ability to go after CloudFlare.
To answer your question: The ability to go after third parties, like CloudFlare, has been a part of the law for centuries. It's now codified in FRCP 65. Anyone aiding and abetting an enjoined defendant is bound by that injunction. That's the court's actual source of authority for binding CloudFlare. It's got nothing to do with SOPA, no matter how many times Mike lies and says otherwise.
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
First Cox, now Cloudflare
[ link to this | view in thread ]
h t t p s : / /www.google.com/webhp?q=groveshark
[ link to this | view in thread ]
Re: Re: "Oh would you look at that, I've just been struck blind..."
The judge I'm sure would love to force CloudFlare to spend time and money hunting through their customers, acting as unpaid copyright cops in perpetuity for the RIAA, but as noted above, if CloudFlare is smart they'll take action for the sites that they are notified of, and nothing else.
[ link to this | view in thread ]
Re: Re: Re:
CloudFlare did not create the sites, they had nothing to do with the content on them, their sole role was, as far as I can tell, security and hosting the sites via CDN's.
Being charged with Aiding and Abetting for simply hosting a site is beyond absurd, almost as absurd as ordering a company to be forced to pro-actively work for another company/industry, doing their job for them.
Were that accepted as the norm, then sites with user submitted works wouldn't exist, as they would be far too risky legally, and there would be drastically less sites in general, as the hosting companies would have to vet each one before allowing it, and would give the boot to any site that even might be illegal or hosting illegal content.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re: Re:
I know his credentials. What are yours?
"The ability to go after third parties, like CloudFlare, has been a part of the law for centuries"
Funny, I didn't think it was typically done toward service providers who provide a service with no involvement in the criminal action. I wonder why you never went after the post office, phone providers, public transport providers, etc. in the same way, but now it's all fair game because someone's providing a server instead of a parcel service. I don't recall any of those services being held liable for the actions of their customers, yet here we are.
I'm sure once you're provided the reasons we should take your anonymous word but not believe Mike, you'll regale us all with the reasons why there's been such a sudden sea change after "centuries" of this being possible.
[ link to this | view in thread ]
Re: Cloudflare is blocking Tor exit nodes
http://www.theregister.co.uk/
have you even checked the websites before commenting?
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re: Re: Cloudflare is blocking Tor exit nodes
[ link to this | view in thread ]
Re: Cloudflare is blocking Tor exit nodes
[ link to this | view in thread ]
Re: Re: Re:
Cloudfire was dragged into this by a Judge who ordered them originally to yank any site with the word grooveshark proactively before any legal finding of wrongdoing. If you shared a name with a well know serial killer it would be fair that we impose all of the restrictions on felons on you without any trial? What if someone wanted to run a Whygroovesharksucks.com site using Cloudfire? Doesn't look infringing merely for a single word in the title, no investigation, no trial, no verdict, yet they had to deny the site service based on a word rather than actions.
Why does a service provider have to bear the costs of keeping the RIAA on the straight and narrow? Why does a court imbue the RIAA with this magical power to kill websites for the use of a word? Why do those with the most gold get the benefit of the doubt from the courts with no evidence of wrongdoing?
I didn't think I needed to provide examples to regular readers of Techdirt, perhaps you might avail yourself of the search feature and look at what they did to DaJaz1. Destroyed the site, pushed charges, and oh hey they had no evidence of what they claimed to get the case going and then sat moot as the owners of the LEGAL SITE were denied justice by a system that weighted the lies the RIAA told them over truth. Only after they figured out the RIAA wasn't going to offer any evidence did they start to slowly walk back destroying a business that did nothing wrong. There are other cases, you should look into them.
You really should work on what you think ample legal representation is, how does one legally fight a case they are dragged into by a 3rd party over the actions of others who committed the "crime" of using a word the RIAA dislikes? You seem stuck in the idea that this case has anything to do with the original now shuttered site Grooveshark beyond the RIAA flipping out because someone used that name of that thing they killed dead.
[ link to this | view in thread ]
Re: Re: Re:
Do the homework, how many car makers have paid out or faced court injunctions because their cars were used as get away vehicles after crimes? I mean killing people is a serious crime, why not sue the car makers for their roles in these most heinous crimes?
When parents try to sue gun makers for the death of a loved one because they made the device used to kill them, those cases get laughed out of court because you can't hold a 3rd party responsible for the actions of others.
[ link to this | view in thread ]
Perhaps not grasping the technology and relying only on 1 side leads to bad decisions.
[ link to this | view in thread ]
Re: Re: Re:
"Grooveshark and CloudFlare have had tons of due process."
Perhaps, although that's debatable. But - and here's the big but - nobody that Cloudflare blocks has a single moment of due process before their sites are removed. Given that Cloudflare are in an impossible position (they cannot possibly know the copyright status of every piece content moving through its servers, but they're legally liable if they fail to block some of it), overreach and blocking of innocent sites is inevitable. All without due process to the site having its content removed by court order.
Is that easy enough for you?
"You haven't provided a single example, so it's hard to know what you're referring to."
You should read this site more, there's many years of examples. The RIAA have an insanely poor record of accurately applying the tools provided to them, as do their cronies in the MPAA. I'd start with the case of Veoh (found innocent of wrongdoing in court, but was bankrupted by legal fees defending themselves) and the numerous sites which have had their domain names removed without due process on RIAA's claims, but there's hundreds of other examples.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re: Re: Re:
Beyond that, what if someone wanted to run a Whygroovesharksucks.SU domain?
• .su ccTLD
It doesn't matter whether the insane lunatic who ordered this injunction believes in the extraterritorial reach of trademark and copyright. Nor does it matter whether Judge Nathan believes or disbelieves that the Lanham Act applies to non-commercial nominative fair use. Nor does it matter whether Judge Nathan believes or disbelieves that the Copyright Act covers words, short phrases and titles.
What if?
Maybe in New York City, Judge Nathan has enough power to march herself into the United Nations and take some diplomats hostage until they knuckle under to her. The rest of the world can ignore that crazy woman's edicts.
[ link to this | view in thread ]
Re: Re: Re: Re: Re:
"Beyond that, what if someone wanted to run a Whygroovesharksucks.SU domain?"
What if they did? If Cloudflare are forced to remove access because they have the word "Grooveshark" in the URL, the TLD is irrelevant. The US has jurisdiction over Cloudflare no matter where their customers bought their domains.
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Re: Re: "Oh would you look at that, I've just been struck blind..."
You don't have to prove that they "knew" anything. For an example involving the RIAA in particular, see In re Aimster Copyright Litigation of the 7th U.S. Circuit Court of Appeals. In particular, it was found that Madster's support of encrypted file sharing was "willful blindness" and was not a valid defense with regard to copyright infringement.
[ link to this | view in thread ]
Re: Re: Re:
[ link to this | view in thread ]
Re: Re: Re: Re: "Oh would you look at that, I've just been struck blind..."
In that case it looks like it was because it was willful blindness, as even Madster admitted to general and specific knowledge of infringement via their service and seemed to advertise the encryption angle specifically for that.
From Wikipedia:
Earlier on in September, the court stated that Aimster had knowledge of copyright infringements, including a Web-based "Aimster Guardian" tutorial that showed copyrighted materials and the tracking of popular songs on the service via "Club Aimster"; the latter also indicated contribution to infringing activity and the monthly fees for the service indicated a financial interest for the Aimster operators in conjunction with infringing usage.
When you go out of your way to say 'See all the infringing music on the service?' kinda hard to then turn around and say 'We have no idea whether or not people are using the service for copyright infringement.
I'm not really seeing how that would apply to CloudFlare, which is just a CDN/security company, and advertises itself as such. If they went around advertising that people could use their service for 'certain uses, which may or may not be legal', then yeah, they might be in trouble on the willful ignorance aspect, but as it is demonstrating willful ignorance on their part would require someone to show that they knew about something that violated the court order, pretended they didn't, and didn't take action as a result.
[ link to this | view in thread ]