Two Years Later, Judge Finally Realizes That A CDN Provider Is Not Liable For Copyright Infringement On Websites
from the this-is-why-procedural-outs-are-important dept
More than two years ago we wrote about a truly bizarre ruling in a truly bizarre copyright lawsuit against Cloudflare. As you (perhaps?) know, Cloudflare is a popular CDN provider, helping websites (including Techdirt) provide better access to users while helping to mitigate things like denial of service attacks. In this case, the plaintiffs, Mon Cheri Bridals -- a maker of bridal dresses -- sued Cloudflare because websites out there were selling counterfeit dresses. If you know anything about copyright (and counterfeiting) law, you should be scratching your head. Counterfeiting is not about copyright. It's about trademark. But the dress company (for reasons I still don't understand), made the stretchiest of stretchy arguments to say that (1) the counterfeit sellers were posting images of the dresses, and (2) those images were protected by a copyright held by the dress maker, and (3) because the counterfeiting sites posting the allegedly copyright infringing photos used Cloudflare for CDN (not hosting) services, that somehow makes them contributory liable for the copyright infringement.
Even worse, the complaint itself was extremely confused about the DMCA and how it works with regards to the DMCA 512 safe harbors. Different companies are treated differently under 512, and Section (b) companies for "system caching" (which is what CDNs do) are treated differently under the law than Section (c) hosting companies. However, the whole "notice and takedown" aspect of the law only applies to Section (c) type companies. But the lawsuit simply ignored that and assumed that Cloudflare should be a (c) company, rather than a (b).
And, astoundingly, as we wrote about two years ago, the judge refused to dismiss the case, but let it move forward past the motion to dismiss stage -- meaning that it went through some very expensive discovery and other efforts before finally getting to the summary judgment stage, and now more than two years later, the judge granted dismissal on summary judgment. And, kinda like his refusal to dismiss, the opinion is kinda short and doesn't get into much in the way of detail. But at least this time it gets it right.
The plaintiffs have not presented evidence from which a jury could conclude that Cloudflare’s performance-improvement services materially contribute to copyright infringement. The plaintiffs’ only evidence of the effects of these services is promotional material from Cloudflare’s website touting the benefits of its services. These general statements do not speak to the effects of Cloudflare on the direct infringement at issue here. For example, the plaintiffs have not offered any evidence that faster load times (assuming they were faster) would be likely to lead to significantly more infringement than would occur without Cloudflare. Without such evidence, no reasonable jury could find that Cloudflare “significantly magnif[ies]” the underlying infringement. Amazon.com, Inc., 508 F.3d at 1172. Nor are Cloudflare’s services an “essential step in the infringement process.” Louis Vuitton Malletier, 658 F.3d at 944. If Cloudflare were to remove the infringing material from its cache, the copyrighted image would still be visible to the user; removing material from a cache without removing it from the hosting server would not prevent the direct infringement from occurring.
Cloudflare’s security services also do not materially contribute to infringement. From the perspective of a user accessing the infringing websites, these services make no difference. Cloudflare’s security services do impact the ability of third parties to identify a website’s hosting provider and the IP address of the server on which it resides. If Cloudflare’s provision of these services made it more difficult for a third party to report incidents of infringement to the web host as part of an effort to get the underlying content taken down, perhaps it could be liable for contributory infringement. But here, the parties agree that Cloudflare informs complainants of the identity of the host in response to receiving a copyright complaint, in addition to forwarding the complaint along to the host provider.
This is the correct ruling, but it should have come two years ago at the motion to dismiss stage.
Indeed, despite not being a Section 230 case, this is yet another example of why Section 230's procedural benefits are so important. Perhaps one reason why people don't get this is that they don't understand just how much more expensive a lawsuit gets after a motion to dismiss, but it's a massive shift. A motion to dismiss may run in the 100s of thousands dollars range (depending on a variety of factors). But if you get past that and have to go to discovery, you're now talking in the millions before you get a ruling on summary judgment. It's a big difference and a massive cost for companies (especially smaller ones). A cost that can completely destroy smaller companies -- for a lawsuit that had no chance at all from the beginning.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cdn, copyright, counterfeiting, dmca, dmca 512, safe harbors, summary judgment
Companies: cloudflare, mon cheri bridals
Reader Comments
Subscribe: RSS
View by: Time | Thread
so who pays the legal fee,s in this case cloudflare or the fashion company, which should have simply sued the companys who actually sell the
dress,s which may be illegal copys of an original design.
[ link to this | view in chronology ]
Re:
Yup, but shoot the messenger is the easiest mechanism these lazy entities can use
[ link to this | view in chronology ]
Re:
In most cases dresses can't be copyrighted (or trademarked) in the US so the dresses likely weren't illegal copiees.
[ link to this | view in chronology ]
Re:
For the most part, the US does not allow for fee shifting, so it's likely that everyone pays their own. There are some provisions for free shifting for objectively unreasonable copyright claims, so perhaps Cloudflare will move to have its fees covered, but who knows if the judge will go for it.
[ link to this | view in chronology ]
Re: Re:
You missed one Mike and it's a doozy..
PROHIBITED ACTIVITIES
Section 23
"disparage, tarnish, or otherwise harm, in our opinion, us and/or the Site."
[ link to this | view in chronology ]
Re: Re: Re:
Section 23 of which site’s ToS, exactly?
If it’s Cloudflare, it wouldn’t be binding on the dress company because they are not a Cloudflare customer. If it’s the dress company, Cloudflare isn’t their customer either.
A contract only applies to those who sign it.
[ link to this | view in chronology ]
Re: Re: Re: Re:
Sorry, I got my tabs mixed up. I was referring to https://www.techdirt.com/articles/20211020/17513847788/trump-announces-his-own-social-network-truth- social-which-says-it-can-kick-off-users-any-reason-already-is.shtml
[ link to this | view in chronology ]
Re: Re: Re:
Think you took a left turn at the wrong story and posted an off topic comment...
[ link to this | view in chronology ]
If only there was something in the DMCA that allowed for a defendant to counter sue for a factually false allegations by a plaintiff to recover the costs they had to incur due to said lawsuit. Like a nice Anti-SLAPP for the DMCA abusers.
Oh, wait a minute... if only 512(f) was enforced and had fangs. They knowingly chose to ignore what one part said and intentionally interpreted another to mean it.
All of this has happened before, and all of it will happen again (btw, thats fair use, for you copyright ghould out there)
[ link to this | view in chronology ]
Cloudflare are the Boogie Woogie Bugle Boys
assumed that Cloudflare should be a (c) company, rather than a (b).
[ link to this | view in chronology ]
Re: Cloudflare are the Boogie Woogie Bugle Boys
The Andrews Sisters you are not, Bobvious.
... but I admit that I was thinking about that.
[ link to this | view in chronology ]
CDN?
I read the title, which includes "...A CDN Provider..." and immediately wonder what Canadian is providing what? Perhaps the editors could provide a page full of acronyms so new readers can follow the stories.
[ link to this | view in chronology ]
Re: CDN?
As you can now be an example of, the user solved it themself. It was sufficiently traumatic that the AI would determine no additional effort is required.
Welcome to Acronym Tech Hell.
[ link to this | view in chronology ]
Re: Re: CDN?
Paul Boutin (reputedly) when asked what he thought the biggest problem in computing in the 1990s would be, answered straight-faced "There are only 17,000 three-letter acronyms."[
[ link to this | view in chronology ]
Re: CDN?
"Perhaps the editors could provide a page full of acronyms so new readers can follow the stories."
I appreciate the issue, but it's called Google (or Wikipedia, or many others). It would have taken less time to google "Cloudflare CDN" than it would have done to write the above, and over time any glossary of acronyms is going to itself become ambiguous as the same acronym turns up on articles on different subjects.
In context to anyone aware of what Cloudflare is and what it does, which should include the vast majority of Techdirt readers, the acronym's use is clear in context.
[ link to this | view in chronology ]
TDM TLAs (Too "Darn" Many Three-Letter Acronyms)
It would be a courtesy to the reader to spell an acronym out, once, in the article, or otherwise briefly explain what it means in the context of that article. I wish Mike did that more often than he does, please.
For another example, I've recently googled (or duckduckgone, I forget which) "NFT" (on two different occasions, I think) to be able to make any sense of a couple of articles here. And then wished I had not needed to do that. I'm still not entirely sure what a Non-Fungible Token is, some blockchain thing maybe, but at least I think I now know that in these articles NFT does not stand for a Non-deterministic Finite-state Transducer. Or does it? There's so much to learn.
[ link to this | view in chronology ]
Re: TDM TLAs (Too "Darn" Many Three-Letter Acronyms)
"It would be a courtesy to the reader to spell an acronym out, once, in the article, or otherwise briefly explain what it means in the context of that article"
Personally, I prefer articles to deal with the subject of the article, not pointlessly repeat basic concepts over and over again.
It says in the article "Cloudflare is a popular CDN provider". If you don't know what CDN is in that context, it's trivial to google "cloudflare CDN" and you get the idiots' guide page directly from Cloudflare. It also mentions DMCA, which is similarly trivial to look for if you're unsure.
I understand the annoyance of acronyms, but there's no getting around them in discussions of technology and law, and there shouldn't be the same need to explain everything as if the reader has never heard of them before on a blog targeted toward people with a deeper knowledge of the subject, compared to if it were a mainstream news source targeted at the general public.
"I've recently googled (or duckduckgone, I forget which) "NFT" (on two different occasions, I think) to be able to make any sense of a couple of articles here. And then wished I had not needed to do that."
I prefer you have to do that, than have half of every article describing NFTs to people, in articles whose intended audience is at least aware that non-fungible tokens are one of the most hotly debated issues in cryptocurrency and digital copyright today. Similarly, if someone's writing an article on cryptocurrency overall, there shouldn't be a need for them to describe what ETH and BTC are, even if it's confusing to people who have never looked into crypto before - those people aren't the intended audience.
"I'm still not entirely sure what a Non-Fungible Token is, some blockchain thing maybe"
Honestly? If you've found the Wikipedia article and it still confuses you, then I'm guessing that whatever article you've come across discussing their implications and impact through the quickly changing landscape and contexts in which they're being used are not for you.
That's fine, there's no shame in not understanding what can be a tricky subject if you've not looked into crypto and its development over the last few years. But, the place to explain it is not within articles aimed at people who have.
[ link to this | view in chronology ]
Re: CDN?
CDN = Content Delivery Network.
i.e. any distributed network which will deliver content for hire. Cloudflare is a typical example though push comes to shove, so is the Bittorrent P2P Protocol.
I admit to some bias here; I firmly believe any use of an acronym needs to have the full wording spelled out the first time it's used in any given work, against a three strike principle of, at a third offense, taking a hammer to the authors fingers in a kindly and educational fashion.
[ link to this | view in chronology ]
Re: Re: CDN?
I'll maintain that the first consideration is the intended audience. If the audience can be expected to understand the acronyms (which, in this case, would include anyone interested in reading about Cloudflare), they can be omitted.
One example I used recently outside of tech discussions was to consider if I were to write an article about HMRC announcing changes to VAT. If the article was likely to be read mainly by a general international audience, I might feel the need to explain the role of Her Majesty's Revenue and Customs, what their role is related to the collection of Value Added Tax in the UK, and how that differs from sales tax used in the US, such as the fact that it's usually included in sticker prices whereas in the US it's applied afterwards at the point of sale.
But, if I'm writing an article with the intended audience of people working in the UK's accounting sector, providing that information in every article would not only be pointless, it would be downright condescending and even make me appear to be much less of a credible source than if I appear to be talking to people on my level.
Same here. If a term is related to a new concept or has only been coined recently, articles should perhaps explain it. Once it's in the same realm as DNS and RAM in terms of familiarity with a given audience, it's optional and the onus is then on the reader. Especially in cases like this where merely googling the name of the company the article is about will give you all the required information.
"Bittorrent P2P Protocol."
Ah, you didn't explain what P2P stands for, so apparently your comment isn't good enough for some people...
[ link to this | view in chronology ]
I don't think there's any copyright on fashion designs in America I think anyone can copy a design as long as they don't use the same company name or us trademark or company logo on the dress still this case sets a good precedent
To protect cdn networks or general network caching services from being sued in the future
[ link to this | view in chronology ]
Several reasons come to mind:
Techdirt has reported on enough occasions where screaming "copyright infringement" is enough to get anything done on behalf of plaintiffs, including the removal of negative critique of videogames. "Copyright law as an engine to get a finger in every pie" has become a hallmark strategy.
[ link to this | view in chronology ]
Re:
The way Copyright is written and executed now is far from the constitutional intent, making it downright unconstitutional. It's just a giant government-backed gag order on the public. Freedom of speech be damned.
[ link to this | view in chronology ]
Re: Re:
"The way Copyright is written and executed now is far from the constitutional intent, making it downright unconstitutional."
Something of which at least Jeffersson was aware is that Copyright can not be properly added to a constitution valuing freedoms without causing conflict.
Copyright in itself means a third party gets to tell you what you can and can not do with physical property in your possession based on whether the shape of that property can be interpreted to carry information someone else came up with.
Or in another way of putting it, copyright is what we normally call information control, just that the censorship is in the hands of private rather than governmental entities. A prohibition on anyone to pass on the interesting stories they've heard.
I don't think it's possible at all to add copyright into any national charter which also values freedom of speech and I think the founding fathers all knew this which is why the constitution specifies that congress may protect intellectual property. It's the only optional clause i remember from that document.
And we've already seen plenty of examples where copyright has lent itself amicably to abuse.
Erdogan of Turkey doesn't want his bloopers to go the rounds on Facebook and his supreme court won't let him use heavy-handed censorship? Copyright was the answer and no western nation could so much as squeak when he used a US DMCA law to pull the plug on social media.
A West German government agency doesn't want to comply with an information request from a civil rights NGO? Copyright was the answer which let them ignore every demand on government transparency.
Copyright is a fucking abomination which does not fulfill any of the proposed advantages promised back in the 17th century but which does set us back centuries when it comes to the transparency and accountability we expect from the body politic. In addition to wasting massive public resources on wrecking the functionality of every mass communications medium and information storage invention.
[ link to this | view in chronology ]
Perfect 10 started selling wedding dresses when?
Perhaps lifetime appointments for positions is a bad idea...
I mean if they remember how bad things were in the Depression first hand, maybe just maybe they aren't prepared to understand how the interwebs works.
[ link to this | view in chronology ]