Legal Issues Facing Online Communities Dominic Bray, Sarah Stone and Paul MasseyPaul Massey 12 July...
-
Upload
clare-eustacia-cox -
Category
Documents
-
view
218 -
download
0
Transcript of Legal Issues Facing Online Communities Dominic Bray, Sarah Stone and Paul MasseyPaul Massey 12 July...
Legal Issues Facing Online Communities
Dominic Bray, Sarah Stone and Paul Massey
12 July 2007
www.klgates.com
Overview of Presentation
Potential Legal Liabilities for service providers
Exemptions to liability for service providers
Moderation
Terms and Conditions – notice and takedown procedure
Ownership of IP
Data Protection
Potential legal liabilities for Online Communities
Defamation The publication of a statement which tends to lower the
claimant in the estimation of right thinking members of society.
Is the intermediary a publisher at common law? If not a publisher: no liability If it is a publisher, consider:
Innocent dissemination under Defamation Act Exemptions under E-Commerce Regulations –
mere conduit, caching and hosting
Bunt V. Tilley, Hancox, Stevens, AOL, Tiscali and BT [2006] EWHC 407 (QB)
AOL not a publisher. Passive involvement does not incur liability as a publisher. There must be knowing involvement in publication of words.
ISPs argued exemption under the E-Commerce Regulations and under the defence of innocent dissemination in the Defamation Act.
Statutory Offences
Obscenity Obscene Publications Act 1959 Obscene Publications Act 1964
Contempt of court Contempt of Court Act 1981
Harassment Protection from Harassment Act 1996 Sex discrimination Act 1975 Race Relations Act 1976
Other offences
Primary acts of copyright infringement
Copying Issuing copies to the public Perform, show or play the work in public Communicate the work to the public
(i) broadcasting the work; and (ii) making available to the public by electronic transmission in
such a way that members of the public may access it from a place and at a time individually chosen by them
Make an adaptation of the work or do any of the above in relation to an adaptation
Authorisation
Authorisation of Copyright Infringement
A developing area of law and not yet tested in the UK in relation to online copyright infringement.
CBS v Amstrad (1988)
A high water mark: no contributory infringement where a device is “capable of substantial non-infringing use”
US Cases
Napster – contributory and vicarious infringement Grokster- introduced doctrine of inducement of copyright infringement
Australian case law - Kazaa
Guidance on what constitutes authorisation:
1. the extent of the person's power to prevent infringement;2. the nature of the person authorising and the person performing the
infringing act; and3. whether the person alleged to be authorising took reasonable steps to
prevent infringement
Warnings to users and an End User Licence Agreement were ineffective in preventing infringement.
Technical measures could have been adopted to reduce infringement but were not.
Kazaa actively encouraged users to increase levels of sharing activities.
Viacom v YouTube
Remedies Sought Declaration of Infringement:
direct copyright infringement and authorisation secondary infringement: inducement, contributory and vicarious
infringement. Permanent injunction requiring YouTube to employ
reasonable methodologies to prevent or limit infringement of Viacom’s copyright.
Maximum damages for past and present infringement plus YouTube’s profits (estimated at least $1bn).
Viacom v YouTube
Viacom’s Arguments
Viacom claim YouTube provide more than hosting facilities: Copies content to servers. Creates thumbnails. File sharing and embedding technology increases potential for infringement. Control its site and could remove material infringing copyright. Terms and
conditions reserve the right to remove material. For example, YouTube remove pornographic material.
YouTube encourage infringement: Tags and search features enable easy identification of copyright material. No steps taken to remove infringing material until take-down notice received. Only the specific urls identified will be blocked. Many copies not removed. Friends feature allows private areas where copyright infringement may take
place undetected.
EXEMPTIONS ANDDEFENCES
StatutoryDefences
eCommerce Regulations
Defamation(Innocent
Dissemination)
Caching
No knowledge orreason to believe
Reasonablecare
Contempt ofCourt Act
Obscene Publications
Act
Reasonablecare?
Publisher underThe Act?
Publisher at common law?
No reason to believe causing or contributing
Mere conduit
Hosting
QualifyingService?
Take-down on notice
Host? InformationSociety Service?
No control
No knowledge
Conditions
Exemptions & defences for service providers
USA - ‘Safe Harbour’ under Digital Millennium Copyright Act
UK exemptions under E-Commerce Regulations 2002
Innocent dissemination under Defamation Act 1996 Statutory Defences re obscene publications,
contempt of court, etc
E-Commerce Regulations
Three categories of protected activity/service:
Mere Conduit (Regulation 17) Caching (Regulation 18) Hosting (Regulation 19)
If exempt – no liability for service provider for third party activity on its service.
Hosting Exemption Reg 19 E-Commerce Regs
Where an information society service is provided which consists of the storage of information provided by a recipient of the service, the service provider … shall not be liable for damages … as a result of that storage where …
(a)The service provider:(i) does not have actual knowledge of unlawful activity or
information …
(ii) upon obtaining such knowledge … acts expeditiously to remove or disable access to the information, and
(b)The recipient of the service was not acting under the authority or control of the service provider.
Hosting exemption
Two areas to consider: Is the community a qualifying service?
Is it an “Information Society Service”? Is it an host?
Does the community satisfy the conditions? No actual knowledge of infringement or reason to
believe. Take down on notice. User not under control of service provider.
Is the service a qualifying service? (1)
Is the community an “Information Society Service”?
“Any service normally provided for remuneration, at a distance, by means of electronic equipment, for the processing … and storage of data and at the individual request of a recipient of a service.”
Provided for remuneration?
Is the service a qualifying service? (2)
Is the community service provider an “host”? A service “which consists of the storage of information
provided by a recipient of the service.” Compare ISP web-hosting v online communities What if the service does more than simply store
information? ‘Lafesse’ (Societe Lambert Anonyme) v MySpace,
France Viacom v YouTube and FAPL v YouTube – challenge
to YouTube’s assertion that it is a ‘host’ under DMCA.
Hosting – knowledge of unlawful activity
The service provider shall not be liable … where the service provider: Does not have actual knowledge … or is not aware of
facts or circumstances from which it would have been apparent … that the activity or information was unlawful; or
Upon obtaining such knowledge or awareness, acts expeditiously to remove or to disable access to the information
(Regulation 19(a))
Hosting – knowledge of unlawful activity (2)
Knowledge of what? Knowledge of the actual infringement/unlawful
activity; or Is general knowledge of circumstances enough
(Viacom v YouTube)? Has service provider received adequate notice of
unlawful activity?
Hosting – Notice and Takedown
Requirement to act “expeditiously to remove or disable access to the information” on obtaining knowledge (Regulation 19(a)(ii)).
Knowledge requirement + obligation to remove are legal basis of notice and takedown procedure.
Similar to innocent dissemination defence to defamation.
E-Commerce Regulations – summary
Is the service an information society service? Probably.
Is the service a hosting service? Maybe.
Does the service provider have knowledge? Notice? Moderation?
Does the service provider comply with notice and takedown? Put in place a clear policy and follow it.
Specific Defences
Defamation – innocent dissemination Obscene Publications – knowledge and belief Contempt of Court – knowledge and belief
Defamation – innocent dissemination (1)
Is community a publisher at common law (Bunt v Tilley & Ors)? If not, no liability If publisher, then consider Section 1 Defamation Act
Defamation – innocent dissemination (2)
Defence if the community: Is not the author editor or publisher (as defined) Took reasonable care in relation to the publication Didn’t know and had no reason to believe that it
caused or contributed to the defamatory statement
Innocent dissemination (3)
Is the service provider a “publisher” under the Act? Publisher” means commercial publisher: “a person
whose business is issuing material to the public...” (Section 1(2)).
Not a publisher if only the “operator or provider of access to a communication system through which the statement is transmitted or made available” (Section 1(3)(e)).
Innocent dissemination (4)
Did the provider take reasonable care? Includes looking at whether provider complied with
notice. Godfrey v Demon – Demon failed to take down
following notice. Bunt v Tilley – ISPs did take reasonable care – the
notice was inadequate.
Innocent Dissemination (5)
Did the community know or have reason to believe that it caused or contributed to the publication of a defamatory statement? notice? moderation? other circumstances?
Moderation
Common theme of defences and exemptions: Take reasonable care but: Do not do more than ‘hosting’ Do not be a publisher or editor Do not have actual knowledge
So what do you do? Damned if you moderate, damned if you don’t?
Moderation – minimising risk
Liability control and quality control Brand protection, user experience, user safety
Consider: What type of community is it? Who will access the service? What content would you expect? What resources do you have? What risk are you willing to accept What are your priorities?
Moderation
Options: No moderation Pre-vet all material Moderate after posting? Alert moderation 24/7 or periodic? Third party providers
Terms of Service / Terms of Use
Key risk management terms
right to remove / block access to content
notification procedure for alleged unlawful content
sanctions - warning, suspension, account termination
financial protection - indemnity (value against user? enforceable?)
IP ownership / rights to use
Data protection / privacy
Notice & take-down procedure
Best practice: What should the notice contain? clear description of disputed content and why complainant
believes it is unlawful details of URL or other location information complainant's contact details – verify identity statement by complainant
info provided is accurate complainant has right to complain good faith belief that disputed content is not authorised / lawful OR
it is untrue and harmful to their reputation (defamation)
Easy to find and use
IP ownership / rights to use
Service provider ownership MMOGs eg., World of Warcraft, City of Heroes
User ownership with service provider right to use Second Life: participants own content they create in-world, to
the extent they have such rights under applicable law Licence scope - in-service (MySpace) / beyond (MTV Flux)
Open-source - 'community' rights to copy, modify, distribute open source software communities eg., Linux Channel 4 Fourdocs – Creative Commons licence
Data protection – collection methods
user registration - provide personal information
business model - open exchange of personal information eg., LinkedIn, FaceBook
use of 'hidden' technologies to gather information about user activity (eg., cookies, web beacons)
User profiling - targeted advertising as a means of monetising online communities
Data protection - compliance
Register as a data controller - failure to notify is a criminal offence (www.ico.gov.uk)
Privacy policy inform users of the purposes for which their personal information
will be processed ('fair and lawful processing’) Use of cookies, web beacons; how to disable (PEC Regulations) data sharing with third parties – who, why
Other issues no data export outside EEA unless consent / other derogations targeted advertising on-site vs email marketing sent to individual
– compliance with PEC Regulations
Data protection - risk of getting it wrong
UK - general approach, weak enforcement powers Fines (up to £5,000), compensation, rectification or destruction
of data
Compared to
US - sectoral approach, large penalties Xanga.com - social networking site fined US$1m by FTC for
breaching Children's Online Privacy Protection Act (COPPA) by allowing children under 13 to sign up for the service without getting their parent's consent
[email protected]@[email protected]
www.klgates.com110 Cannon Street
LondonEC4N 6AR
+44(0)207 648 9000