A common risk of user-submitted content is that it may infringe on the copyright or trademark of another. Even with a disclaimer of liability and indemnification from users (discussed below), web site operators may be left vulnerable to claims for Contributory Infringement.
To be held liable for contributory infringement for the acts of users, web site operators must be shown to have (1) intentionally induced a user to infringe a copyright or trademark; or (2) continued to supply the product or service to a user that the operator knew or had a reason to know was engaging in copyright or trademark infringement. Liability requires actual knowledge. This is more than mere general knowledge or a reason to know that the service or product could be used to infringe on someone else’s copyright or trademark.
Every time people purchase a DVD on eBay, they may receive a nearly perfect pirated copy. Think about all the sites that have user-submitted content and the steps they must take to avoid inadvertently participating in the marketing of counterfeit products or supporting the use of infringing trademarks.
EBay, for example, has defended itself against lawsuits for contributory infringement by citing substantial evidence of the anti-fraud and anti-counterfeiting measures it undertakes to combat the sale of such merchandise. A more recent lawsuit involved The Ohio State University.
OSU sued a popular online DIY shirt design and print store called Teespring, alleging it contributed to the infringement of its common law and registered trademarks. The shirts featured generic fans forming the letters O-H-I-O, a common sight at Ohio State athletic events. OSU trademarked the image in 2012. Teespring, like eBay, cited its undisputed efforts to combat copyright and trademark infringement through its automatic algorithms and manual investigations. OSU claims that this is not enough, that the eBay approach is insufficient, and is seeking more than $1 million in damages.
Preventing Contributory Infringement
If you host user-submitted content, you need take three steps to protect your business from liability in connection with contributory infringement:
- Make your users agree not to infringe,
- Make your users agree that if they do infringe, they will pay for it, and
- Make sincere efforts to prevent your users from infringing.
User Agreement Not to Infringe
Every website should have a basic Terms of Service Agreement, but any website that displays user content must have an even more robust TOS that specifically warns and instructs users not to submit any content that may infringe upon the trademarks or copyrights of others.
If you happen to be in a position that is more vulnerable to such uploads, consider going beyond just a hidden clause in the TOS to add a one line “I Agree” checkbox that requires an affirmative statement on the part of the user that the content does not infringe on any other protected material.
Check out Vimeo's upload submission page warning on the very top:
Indemnification can be one of the most useful tools in any agreement. It is the risk manager's magic wand to suddenly shift the burden of liability onto someone else.
The purpose of indemnification is to assign risk to the party who is in the best position to prevent it. In this case, the user is the one submitting the content, and he or she is in the best position to know whether the content would infringe upon the rights of another.
There are over two million registered trademarks in the U.S. and probably many more unregistered common law trademarks. How would any web site operator know if user content infringes upon another party's trademark? There is also a nearly infinite amount of copyrighted material. Even with a copyright infringement search tool, there is no practical way to perfectly prevent users from abusing sites in this manner.
Accordingly, you should not be responsible for any damage that you suffer in connection with the content that the user submits. Your users should indemnify you as the web site operator and the party least able to prevent the risk.
It is a simple add-in to a document that most users, even attorneys, do not read.
Keep in mind, however, that if you are to be sued, suing your users in return is unlikely to be a viable solution if the publicity may hurt your business's reputation or if the user does not have any money to even go after.
Take Down Infringing Content
One of the best ways to protect yourself from contributory infringement is to prevent the content from being up in the first place. As discussed, this is nearly impossible to do. However, it is possible to employ many mechanisms and filters whether manually or automatically through sophisticated technical applications to prevent at least some of the more obvious infringements from ever hitting anyone's computer.
Even if the content somehow gets through, complying with the requests of true owners of copyrights and trademarks is an absolute must. Such requests may come in either of two forms, a trademark infringement demand (aka cease and desist letter), or a copyright infringement demand in the form of a DMCA request.
DMCA Safe Harbor
The Digital Millennium Copyright Act ("DMCA") is your friend in creating a shield against claims of copyright infringement in connection with your user submitted content. It specifically provides under 17 U.S.C. Section 512(c) that "[a] service provider shall not be liable…for infringement of copyright by reason of the storage at the direction of a user of material…as long as the service provider satisf[ies] certain other conditions."
Those conditions are that the provider (1) did not have "actual knowledge" of the specific infringing activity; and (2) was unaware of the facts or circumstances from which the infringing activity is apparent. Additionally, if the provider has the "right and ability to control" the activity, then the provider must not receive financial benefit directly from that activity. Maybe this safe harbor is not as easy as you may think.
Register Your DMCA Agent
A fairly recent case in the Northern District of California (Oppenheimer v. Allvoices, Inc.) has clarified that this DMCA safe harbor may be used only if the website operator has registered a DMCA agent with the Copyright Office. In fact, the court said unequivocally that the designation of an agent is a "predicate, express condition" to be protected by DMCA's safe harbor provisions under Section 512(c).
How to Register Your DMCA Agent
Registering your DMCA agent is a fairly straightforward process and can be completed on your own by filing an Interim Designation and mailing it to the U.S. Copyright Office with the appropriate fee. There is more information available at the U.S. Copyright Website. This does require you to keep the address and contact information updated so consider hiring a third party agent to be responsible for receiving notices similar to an third party agent for services of process.
Section 230 of the Communications Decency Act
Contrary to popular belief, Section 230 is not an immunity statute. Rather it specifies the roles and responsibilities of a website operator, i.e. "no provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider."
This 1996 law passed in the early days of the internet to allow ISPs and other service providers to expand without the fear of being held liable for the actions of their users. These protections do not apply to criminal liability or liability of copyright and trademark infringement as discussed previously.
There essentially five areas of legal liability under the CDA:
- misleading advertising/fraud,
- child pornography,
- discrimination under the Fair Housing Act, and
- threats (related torts).
In each of these situations, if the site operator were to be considered the publisher of defamatory statements, misleading or fraudulent statements, child pornography, discriminatory classifieds, or threatening statement, that site operator could be held civilly liable for damages. Without the CDA, site owners would be considered publishers. The law thus provides important protections for service providers.
This does not mean that a site owner may not become a publisher by participating in the co-creation of the unlawful content. The CDA protects owners when they are acting as intermediaries between users and the public, but not from liability for their own content.
This may seem obvious now, but imagine without this law how sites like MySpace or Facebook could have ever developed if they were liable for the scandalous content of their users.
The problem comes when websites publish content that is published by their users in part but also by their operators. At what point does the operator lose its protection? A now often-referenced case in the Ninth Circuit Court of Appeals speaks to this issue.
Roommates.com, the roommate matching service, was sued under the federal Fair Housing Act and California discrimination laws. In its published forms, the site asked for information that would be considered discriminatory under the laws. This included dropdown boxes specifying gender, presence of children, and sexual orientation. Since the site essentially controlled the means to publish violative content, Roomates.com was found not to have been protected by the CDA.
In most cases, user-generated content is given wide berth. Guidelines, if any, are given to help web site owners comply with the law, not to force the content off the site. However, web site operators who host user-generated content may remain vulnerable if their guidelines are not in compliance with the law.