Insanity (AKA Copyright Statutory Damages) Rules: Cox Hit With $1 Billion (With A B) Jury Verdict For Failing To Magically Stop Piracy

from the oh-come-on dept

We've highlighted the many problems with the various lawsuits against Cox Communications arguing that the company should be held liable for failing to wave a magic wand and stop all piracy from occurring on its service. The internet access provider was originally sued by music publisher BMG, and they got a judge who made it clear that he was not a fan of the internet, and didn't see why it should be a problem for anyone to be kicked off the internet at all. Cox lost the case mostly because the company didn't really follow its own internal repeat infringer policy. That ruling was upheld on appeal, leading the company to settle the case for $25 million.

Sensing an opportunity to cash in, all of the RIAA major record labels jumped in to sue Cox as well -- and got the same exact judge, Liam O'Grady. After a trial earlier this month, a jury has now awarded an absolutely astounding $1 billion damages verdict. The verdict is so preposterous and so disconnected from reality, that the math is wrong. The jury verdict document said that each infringed work should lead to statutory damages to the tune of $99,830.29. And there were 10,017 works infringed. And thus, the total was $1 billion on the dot:

Except that if you multiply those two numbers, the total would actually be $1,000,000,014.93. The jury's bad math saved Cox just about $15. Small favors.

Anyway, Cox has already made it clear that it will appeal, and I'd be stunned of such an amount held up. Everything about this is (1) crazy and (2) demonstrative of just how messed up and broken the "statutory damages" set up is for copyright. We've long wondered why statutory damages are even a thing in copyright, because they really don't make any sense. But the fact that statutory damages can go as high as $150k per work infringed -- even if there were literally no actual damages, raises significant 5th Amendment issues about due process (specifically, the wholly arbitrary nature of the jury award) and whether or not the award is "obviously unreasonable."

In a Supreme Court ruling almost exactly 100 years ago (St. Louis v. Williams), the Supreme Court ruled about obviously unreasonable awards, noting that there's a problem when "the penalty is 'arbitrary and unreasonable, and not proportionate to the actual damages sustained.'" That certainly seems to be the case here. After all, a basic recounting of the facts seems important here. Yes, Cox did not adequately follow its own repeat infringer policy, which may have lost it its DMCA safe harbors, but a jury verdict of over $30,000 per work infringed requires the jury to say that each and every infringement was willful by Cox. And that's crazy. Fucking up your own policies doesn't mean that you willfully infringed on every single work that someone shared via your network. Indeed, Cox was actually one of the more aggressive internet access providers in kicking people off for infringing.

Just to put this in perspective, the entire RIAA made just under $10 billion in 2018 in the US. IFPI reported that the total globally was $19.1 billion. And they want to now say that piracy of 10,000 songs on one ISP should grant them $1 billion? Honestly, the award is so insane, and so out of touch with reality, I actually wonder if the RIAA might come to regret it, as it makes the strongest case I've seen yet for the sheer unconstitutional nature of statutory damages, without any evidence of actual damages, for copyright infringement.

Filed Under: contributory liability, copyright, internet access provider, jury verdict, statutory damages, vicarious liability, willful infringement
Companies: cox, cox communications, riaa, sony music, universal music, warner music

$25 Million Jury Verdict In Rightscorp Case Raises Serious Questions About Copyright Law

from the but-of-course dept

This wasn't a huge surprise after Judge Liam O'Grady's questionable reading of the DMCA a few weeks back (along with his general disdain for the internet), but a jury yesterday awarded BMG $25 million from Cox Communications, claiming that Cox was guilty of willful "contributory infringement" in not kicking accused file sharers off the internet. The jury found Cox not guilty of "vicarious liability," which is at least marginally surprising, as many people who don't spend their lives wrapped up in copyright law have difficulty distinguishing the difference between "contributory infringement" and "vicarious" (if you're confused too, Wikipedia's overview is a decent place to start). And based on that, the jury hit Cox with the $25 million award for BMG.

This will undoubtedly go to appeal, and it would seem that Cox has some pretty strong arguments. First up, the original decision that Cox is not subject to the DMCA's safe harbors is a highly questionable ruling, and would go against a number of previous rulings. As noted previously, some of Cox's actions did seem somewhat egregious, but this still involves a previously untested argument that the policy of requiring service providers to have a plan to terminate users applies to network service providers, rather than those who host content. That's a pretty big open question -- and how that issue is resolved will have a major impact on how the internet functions going forward. If Judge O'Grady's ruling stands, then the RIAA and MPAA just got a huge golden gift: it would effectively say that the US has a "three strikes"-like law where people can be kicked off the internet entirely, based solely on accusations of copyright infringement. That's a pretty scary result.

Even separate from that, the idea that Cox, an internet service provider, is guilty of "contributory liability" for infringement seems difficult to believe as well. The standard for contributory copyright infringement is basically one who "knowingly induces, causes or materially contributes" to copyright infringement done by someone else where that party "had knowledge, or reason to know, of infringement." So, in this case, the argument is that based on the notifications, Cox had the necessary knowledge of the infringement, and then "materially contributed" to that infringement by continuing to provide service. But, again, that's a huge stretch, and goes way beyond historical examples of contributory infringement, where you had things like Grokster, that actively advertised its software as being useful for infringement. In this case, all Cox did was not terminate users, and somehow that counts as "materially contributing" to infringement?

Again, if that stands, it has tremendously troubling implications for how the internet functions, and the ability of people to use copyright law to wreak havoc on the lives of others. We're talking about opening up the possibility of going way beyond the standard DMCA takedowns of content, to it becoming a weapon for killing internet access within households.

The $25 million verdict comes out to about $18,000 per each of the 1,397 copyrights listed in the case -- which is certainly less than the statutory maximum possibility of $150,000 per infringement. But, still... Either way, it's almost certain that Cox will appeal, and that's when the case will start to get a lot more interesting.

Filed Under: contributory infringement, copyright, copyright trolling, copyright trolls, dmca, safe harbors, secondary liability, vicarious liability
Companies: bmg, cox, cox communications, rightscorp

The Details Of Why Judge O'Grady Rejected Cox's DMCA Defense: Bad Decisions By Cox May Lead To Bad Law

from the ugh dept

As we noted a couple of weeks ago, Judge Liam O'Grady rejected Cox Communication's attempt to protect itself under the DMCA's safe harbor concerning a "repeat infringer policy." At the time, he only said he would explain his reasons later, and late yesterday he released his full opinion. It, unfortunately, brings to mind the phrase "hard cases make bad law."

As we explained when BMG and Round Hill Music (with the help of Rightscorp) first sued Cox Communications, the company seemed like a slightly odd choice. While it was the largest of the internet access providers not to sign onto the so-called "voluntary" six-strikes "Copyright Alert System" hammered out between the RIAA/MPAA and big ISPs, it already had a reputation for actually disconnecting those accused of repeat infringements. None of the other major ISPs do that. In fact, a key prong of the whole six strikes thing was that no one would be getting kicked off the internet.

However, the RIAA has long insisted that the DMCA's 512(i) required ISPs to kick people off the internet -- even as that theory had never really been tested until now. Many others had assumed 512(i)'s "repeat infringer" policy only really referred to service providers who actually had direct control over content -- i.e., a YouTube or SoundCloud style site. Kicking people entirely off the internet because one person who uses their account to infringe is quite draconian.

The issue here, however, gets muddied, because Cox made such a mess of its "repeat infringer policy." Yes, it alone among the major ISPs will kick people off. But (and this is the important bit), its internal policy was apparently to kick people off... and then allow them to sign right back up for new service, at which point the count on "infringements" would be reset to 0. For obvious reasons, that feels pretty sketchy, and it's the key point that Judge O'Grady focuses on. Doing something that feels sketchy will often obscure the more important legal arguments. Judge O'Grady basically tosses aside all the other issues because of this "bad behavior" by Cox, as immortalized in some internal emails.

The record conclusively establishes that before the fall of 2012 Cox did not implement its repeat infringer policy. Instead, Cox publicly purported to comply with its policy, while privately disparaging and intentionally circumventing the DMCA’s requirements. Cox employees followed an unwritten policy put in place by senior members of Cox’s abuse group by which accounts used to repeatedly infringe copyrights would be nominally terminated, only to be reactivated upon request. Once these accounts were reactivated, customers were given clean slates, meaning the next notice of infringement Cox received linked to those accounts would be considered the first in Cox’s graduate response procedure.

Numerous emails in the record, portions of which are reproduced below, support these conclusions. Even viewed in the light most favorable to Cox, the Court finds the contents of the emails cannot be explained away. Cox’s attempts to recast the emails are unavailing. Nor can they be pinned on low level employees whose views had no real significance. The name that appears again and again on these emails is Jason Zabek, Cox’s Manager of Customer Abuse Operations.

In 2009, Zabek sent an email titled, “DMCA Terminations,” to the abuse group that said:

As we move forward in this challenging time we want to hold on to every subscriber we can. With this in mind if a customer is terminated for DMCA, you are able to reactivate them after you give them a stern warning about violating our AUP and the DMCA. We must still terminate in order for us to be in compliance with safe harbor but once termination is complete, we have fulfilled our obligation. After you reactivate them the DMCA ‘counter’ restarts; The procedure restarts with the sending of warning letters, just like a first offense. This is to be an unwritten semi-policy . . . We do not talk about it or give the subscriber any indication that reactivating them is normal. Use your best judgment and remember to do what is right for our company and subscribers. . . . This only pertains to DMCA violations. It does not pertain to spammers, hackers, etc.

And, based on that, the court decides that Cox does not have a "reasonably implemented" termination policy for repeat infringers. There are a bunch of other similar emails, indicating that this absolutely was Cox's policy. Of course, all of that obscures the question of whether or not 5129(i) is meant to apply to access providers, rather than online service providers.

Separately, the judge buys BMG's claim that in late 2012, Cox actually stopped terminating accounts almost entirely (leaving aside, again, that no other major access provider terminates anyone). Again, some questionable internal behavior by Cox comes back to bite them. The judge highlights a case where Cox internally kept discussing a user who was frequently accused of infringing, and who they threatened to cut off... but didn't -- even admitting it's at least partly because of the large amount of money the customer pays.

In June, a senior engineer in the abuse group said this about a customer who had been given a final suspension and advised to remove all P2P file-sharing programs: “This customer will likely fail again, but let’s give him one more change [sic]. [H]e pays 317.63 a month.”

The judge uses this and other examples to note that Cox knew of "repeat infringers" but didn't terminate them. Of course, the vague language of 512(i) doesn't say that you have to terminate someone as soon as you know they're repeat infringers -- just that you have a "reasonably implemented policy." However, Judge O'Grady uses these examples to suggest the policy implementation is not reasonable.

Cox's defense to that is it can't know for sure if people are infringing based solely on accusations. This is correct, but Judge O'Grady doesn't care.

Although Cox was under no duty to monitor for infringement, Cox did not have leeway to wait until an account holder was adjudicated as an infringer to find that circumstances were appropriate for termination. As explained above, the Court disagrees that a repeat infringer policy applies only to those who have been held liable in a copyright suit. Rather, an account holder must be considered an infringer, at minimum, when the service provider has actual knowledge that the account holder is using its services for infringing purposes. Nor do service providers have complete discretion to define “appropriate circumstances.” Appropriate circumstances arise when an account holder is repeatedly or flagrantly infringing copyrights. Thus, when Cox had actual knowledge of particular account holders who blatantly or repeatedly infringed, the responsibility shifted to Cox to terminate their accounts.

That, alone is quite troubling. Kicking people off the internet based merely on accusations of infringement is really dangerous, especially given the number of false infringement allegations that we see.

The one good thing is that the court rejects BMG's troubling definition of "making available." This has been a fight that's been going on for ages. Copyright law says that one of the exclusive rights given to a copyright holder is the "distribution" right. What is not settled law at all is whether or not "making available" violates this distribution right, or if copyright holders have to show actual distribution. The courts are somewhat split on this, with O'Grady recognizing that merely making available is not distribution.

At the threshold, the Court questions the evidence relied on by those courts that purportedly establishes that distribution is interchangeable with publication. Those courts build upon comments in legislative history as well as an excerpt from the Supreme Court’s decision in Harper & Row Publishers, Inc. v. Nation Enterprises.... Legislative history cannot override the plain meaning of “distribution” under § 106(3), however, and Harper & Row involved a narrow discussion of first publication and not the meaning of distribution and publication generally....

Nor does the definition of “publication” support a broader reading of the distribution right. The Act defines “publication” as

the distribution of copies or phonorecords of a work to the public by sale or other transfer of ownership, or by rental, lease, or lending. The offering to distribute copies or phonorecords to a group of persons for purposes of further distribution, public performance, or public display, constitutes publication.

...The first sentence of the definition tracks the language in § 106(3), making it clear that all distributions are publications. It does not follow from that proposition that the inverse—all publications are distributions—is also true.... In short, § 101 provides no support for BMG’s “making available” theory.

There's some more in the ruling, but it seems pretty clear that Cox's own internal emails and policies really sunk the company here, and out of that could come some potentially dangerous law. Some have been making a big deal over the fact that Cox's insurance company, Beazly, has filed for declaratory judgment that it's not responsible for any judgment in this case -- but again, that seems to focus on Cox's own actions, which may not apply more broadly to other providers.

Also, important is the fact that the trial still is about to go forward. Losing the safe harbor protections does not, necessarily, mean that Cox will lose the overall case, but it's an ominous start. Judge O'Grady's rulings and statements so far certainly do not bode well for the company. It's also a little bit ridiculous that O'Grady focuses so much on Cox's bad behavior, but leaves out Rightscorp's much worse behavior -- but I can see where he's coming from.

In the end, this is unfortunate and it's certain that this case will be appealed, no matter how it turns out. But the bad behavior by Cox poisons the well a bit in terms of focusing on the rather important question of what 512(i) actually means, and whether it really applies to internet access providers. As it stands right now, however, a potentially dangerous precedent could be set, whereby people could be forced to completely lose internet access based on mere accusations of copyright infringement. It's hard to believe that Congress intended such a result, but that's how Judge O'Grady is now reading the law.

Filed Under: 512i, copyright, dmca, liam o'grady, repeat infringer, safe harbors, termination policy, three strikes
Companies: bmg, cox, cox communications, rightscorp

Judge Mocks Public Interest Concerns About Kicking People Off Internet, Tells Cox It's Not Protected By The DMCA

from the that's-a-problem dept

Judge Liam O'Grady -- the same guy who helped the US government take all of Kim Dotcom's stuff, is the judge handling the wacky Rightscorp-by-proxy lawsuit against Cox Communications. The key issue: Rightscorp, on behalf of BMG and Round Hill Music flooded Cox Communications with infringement notices, trying to shake loose IP addresses as part of its shake down. Cox wasn't very happy about cooperating, and in response BMG and Round Hill sued Cox, claiming that 512(i) of the DMCA requires ISPs to kick people off the internet if they're found to be "repeat infringers." Historically, it has long been believed that 512(i) does not apply to internet access/broadband providers like Cox, but rather to online service providers who are providing a direct service on the internet (like YouTube or Medium or whatever). However, the RIAA and its friends have hinted for a while that they'd like a court to interpret 512(i) to apply to internet access providers, creating a defacto "three strikes and you lose all internet access" policy. Rightscorp (with help from BMG and Round Hill Music) have decided to put that to the test.

This is a big, big deal. If the case goes against Cox, then it would create a massive problem for the public on the internet. Accusations of infringement could potentially lead to you totally losing access to the internet, which could really destroy people's lives, given how important the internet is for work and life these days. The details of the case look like they should favor Cox pretty easily. After all, Cox pointed out that Rightscorp only had licenses from the publishes, meaning they had no copyright in the sound recording -- yet they admitted to downloading the sound recording, suggesting that, if anything, Rightscorp was a mass infringer. On top of that there was pretty strong evidence that Rightscorp does not act in good faith in how it runs its shakedown practice, telling people that they have to take their computers to the police to prove their innocence (really).

Unfortunately, as Eriq Gardner reports, Judge O'Grady has ruled against Cox on a very key point: does its current policy grant it safe harbor under the DMCA. The judge said no, though we're still waiting for the full ruling as to why.

The bigger story is O'Grady's determination that there is "no genuine issue of material fact as to whether defendants reasonably implemented a repeat-infringer policy as is required by §512(i) of the DMCA," granting a motion that Cox is not entitled to a safe harbor defense.

Now, just because you're not protected by the safe harbor it does not mean that you are automatically guilty of infringement. There are cases where sites have not qualified for the safe harbor and still prevailed. But it does make things more difficult and complicated and, much more importantly, opens the door to lots and lots of mischief by the RIAAs and MPAAs of the world to use this to kick people off the internet entirely based on accusations of copyright infringement. That's immensely worrisome.

O'Grady doesn't seem to think that kicking people off the internet is really a big deal. Earlier in the case, we've discovered, in the process of flat out rejecting an attempt by Public Knowledge and EFF to file an amicus brief, Judge O'Grady made his views clear:

I read the brief. It adds absolutely nothing helpful at all. It is a combination of describing the horrors that one endures from losing the Internet for any length of time. Frankly, it sounded like my son complaining when I took his electronics away when he watched YouTube videos instead of doing homework. And it's completely hysterical.

That's his response to two well known public interest groups explaining to him the "real world harmful effects" of Rightscorp's copyright shake-down trolling business. But he didn't want to hear any of it. Because protecting the ability of Americans to not be the subjects of extortion schemes and to enable them to communicate and work is "hysterical" and no different from kids not doing their homework because of too much YouTube.

The details here matter, but I would imagine that Cox is likely to appeal. One hopes that the appeals court is more open to listening to the concerns over copyright trolling and kicking people off the internet.

Filed Under: 512i, copyright, dmca, liam o'grady, safe harbors, three strikes
Companies: bmg, cox communications, rightscorp, round hill music

Rightscorp's Copyright Trolling Phone Script Tells Innocent People They Need To Give Their Computers To Police

from the uh,-that's-not-how-this-works dept

We already wrote about the various filings in the Rightscorp-by-proxy lawsuit against Cox Communications. However, mixed in with all the filings are some interesting tidbits and exhibits. One that caught my eye was an exhibit revealing the "script" that Rightscorp gives its agents to use when people call in after receiving a notice. Cox Communications filed this in showing that the actual plaintiffs (BMG and Round Hill Music) "turned a blind eye" to Rightscorp's misconduct. The script is quite something, with a few ridiculous statements. The most ridiculous, however, is the following. If the caller says that they're innocent, here's how Rightscorp has its agents respond:

In order to cancel this matter without payment, you will need to go and get a police report and fax or email it to us. The police may take your devices and hold it for ~5 days to investigate the matter. You must be sure that it was not you, anyone in your household, including friends and neighbors or you will be breaking a different law with the police department.

Every part of that statement is bullshit -- and it's clearly designed to do one thing only: to frighten the caller into just paying up. To tell totally innocent people that they need to hand over their computers to the police for five days and that if anyone else used their computer to infringe that they'll be violating some sort of criminal law is downright disgusting. It just highlights that Rightscorp is in the extortion/shakedown business, rather than actually trying to stop copyright infringement.

There is plenty of evidence that Rightscorp's targeting efforts were not that accurate, and plenty of innocent people were swept up by its systems. And to then target these -- often unsophisticated -- users and tell them they have to go to the police and could be breaking the law if someone else happened to use their computer is both sleazy and dishonest.

There's a similar script for users who claim they were "hacked" which still involves having to go to the police:

Our clients appreciate that you believe you were hacked but the fact remains that we have evidence that a computer at IP address ____ has been distributing our client's product on the BitTorrent network from __ date to as recently as ___. Your ISP confirmed that this is your account. There have been __ infringements over a period of time..... In order to cancel this matter without payment you will need to go and get a police report and fax or email it to us. The police may take your devices and hold them for 3-5 days to investigate the matter. You must be sure that it was not you, anyone in your household, friends or neighbors, as you may be breaking another law with the police department. With this many infringements, the only way we can cancel the matter without payment is if you get a police report and fax it to us. If you fax us a police report, we will close the matter.

The script also includes the "usual" misleading claims, such as saying that people downloading songs have received penalties as high as $150,000. Yes, that's the maximum for statutory damages, but only for willful infringement, and such numbers have never been awarded for some random person just downloading some songs. To suggest otherwise is clearly misleading. Similarly, the script has the agents implying that Rightscorp's technology is never wrong in identifying users, and furthermore, falsely claiming that even if someone else used your WiFi network, that you are still responsible. This is in direct contrast to the actual law on the matter.

Distributing these composition on the BitTorrent network violates US Federal law 17 USC 106 which states that the copyright owner has the sole right to determine who may distribute their copyrights to the public. More than 200,000 people have been sued for doing exactly this since 2010 with penalties as high as $150,000 per infringement. We send mails to ISPs like yours (state their ISP if available) each time we see a computer illegally distributing our client's copyrighted works. The ISP looks up which subscriber was using the IP address at the time the infringement occurred and sends our notice to that subscriber. If you are receiving our notices, it is because your ISP has identified you as the network that was used to illegally distribute our client's copyrighted material. According the the Acceptable Use Policy that most ISP's have, the account holder is solely responsible for what occurs on their network regardless of who actually committed the infringement. We are authorized by the copyright holders to extend offers of settlement in exchange for a release of liability from the infringement. We are only contacting you while the settlement offer is still available. At S20 per infringement, we believe this is a much more financial friendly alternative. Would you like to settle these infringements now?

And, of course, there are all sorts of inaccuracies on little tidbits of copyright law. A copyright holder does not have the "sole right" because there are exceptions, and it's not about the distribution "of the copyrights" but rather the distribution of the work, which may be covered by copyright. Oh, and the actual statutory damages are $150,000 per work infringed rather than per infringement, which may sound like the same thing, but isn't. But those are just little inaccuracies compared to the bigger lies above.

The script also makes it clear that Rightscorp will hound you until you pay, and they threaten that your internet access may get cut off:

(Sir or Ma'am) I do need to let you know we will be continuing to contact you with all methods possible, which will include email, regular mail and phone calls until this is paid or our client decides to no longer offer the settlement. This is a pre-litigation communication. Once our client has removed the settlement, we can no longer aid you in obtaining the release of liability. This could potentially result in the suspension or termination of your internet, escalation up to and including litigation.

It's like the classic shakedown scheme, except made to look legal thanks to US copyright law.

Filed Under: copyright, copyright trolling, phone script, police
Companies: bmg, cox communications, rightscorp, round hill music