The case of BMG Music Publishing v. Cox Communications is the first to hold an internet service provider liable for copyright infringement by its customers, making it a case with serious consequences for ISPs and internet users. Yet the 4th U.S. Circuit Court of Appeals' decision, which rejected Cox's Digital Millennium Copyright Act defense and remanded the case for a second trial, didn't turn on the concrete results of Cox's copyright policies. It turned, as so many cases do, on a series of unfortunate emails.
BMG's suit, filed in 2014, seeks to hold Cox liable for its customers' illegal copying of music files. BMG alleged that Cox should have cut off customers' internet service when BMG's agent notified Cox about those customers' infringements. Failing to terminate customers, argued BMG, made Cox liable for those infringements. Cox argued that it was protected by Section 512 of the Digital Millennium Copyright Act, a safe harbor that limits copyright remedies against internet services, if they comply with its terms.
A major point of contention was whether Cox had complied with the DMCA's requirement to "adopt, and reasonably implement, ... a policy that provides for the termination in appropriate circumstances of subscribers and account holders ... who are repeat infringers." Cox had an internal policy of escalating warnings and temporary suspensions each time they received a notice of infringement, culminating in a customer termination at the 13th notice. But internal emails produced in discovery showed that Cox reactivated customers immediately after terminating them. Employees called this "an unwritten semi-policy." They painted a picture of giving lip service to a termination policy that was not really enforced. And the reason expressed in the emails? To continue receiving revenue from those subscribers.
Following a jury trial that held Cox liable, the 4th Circuit focused on those emails when it upheld the dismissal of Cox's DMCA defense. Because "Cox very clearly determined not to terminate subscribers who in fact repeatedly violated [Cox's] policy," the ISP had failed to comply with the DMCA.
Importantly, the court said nothing about the "appropriate circumstances" for cutting off a subscriber's internet service. The DMCA doesn't define that phrase, nor has any court. But the U.S. Supreme Court wrote last year in Packingham v. North Carolina that "cyberspace ... in general" and "social media in particular" are "the most important places (in a spatial sense) for the exchange of views." Cutting a person off from the internet, said the court, drastically impacts their access to "the world of ideas."
There are many other reasons why it's appropriate for an ISP to terminate subscribers extremely rarely, if ever. Many critical communications, and applications like home security, require a reliable connection to the internet. Losing one's home security monitoring or the ability to dial 911 is a draconian penalty for illegal music downloads. And losing home internet service puts a greater burden on people in traditionally disadvantaged communities, who are less likely to have internet access at work and elsewhere.
The 4th Circuit recognized "the need to afford ISPs flexibility in crafting repeat infringer policies, and of the difficulty of determining when it is 'appropriate' to terminate a person's access to the Internet." That implies that Cox could have preserved its DMCA defense by following an internal policy that considered the length and severity of the customer's infringement, the hardships that termination might cause, the avilability of other redress, and the proportionality and deterrent effect of termination -- even if that policy resulted in few or no terminations per month.
It's also appropriate for ISPs to stand up for their customers by not acting on unverified or dubious accusations of infringement. BMG contracts with a company called Rightscorp to send infringement notices to Cox and other ISPs. Rightscorp claims to identify illegal copying using proprietary technology. Rightscorp is a publicly traded company whose business is "monetizing billions of copyright violations worldwide." Thus, its incentives run to sending as many notices as possible. Cox chose to ignore Rightscorp's notices, and the 4th Circuit cited this as evidence that Cox wasn't following through on its own repeat infringer policy.
The court did not define a "repeat infringer." It only "reject[ed] Cox's argument that the term 'repeat infringers' ... is limited to adjudicated infringers." That leaves ISPs in the uncomfortable position of having to act as judge and jury on accusations of infringement, at the risk of bearing infringement liability themselves. But the court stopped short of requiring action based on mere accusations of infringement. That leaves ISPs free to protect their customers by requiring solid evidence of repeat infringements from companies like Rightscorp.
Cox's DMCA safe harbor was not the only issue at stake, because the safe harbor is independent of whether a business like Cox is liable for its customers' infringement in the first place. The 4th Circuit remanded the case for a new trial because of faulty jury instructions describing the substantive test for contributory liability.
What should ISPs and onternet users take away from the 4th Circuit's decision? It may raise ISPs' compliance burdens. They may need to review their copyright complaint handling and ensure that they're observing their own internal policies. But they need not -- and should not -- feel pressure to cut customers off from the internet in greater numbers, or based on mere accusations.