Slashdot Mirror
Copyright Legitimacy vs. Defending Clients?
trmj asks: "I run a hosting company, and today I received an e-mail, claiming to be from an animation firm, about one of my clients hosting pirated information. As usual, before entertaining a claim of this sort, I researched the claim (there was a bit of legitimacy in it) and what the laws are governing this issue. After that, I replied in the appropriate manner, however, found that the original e-mail address was not valid, leading to the discovery that neither was the e-mail. As a hosting provider, how far should I go to protect the rights of my clients while upholding the law, and still verify every claim that comes in?"
. . . you score points with me for not just whacking the user, no questions asked, like the major ISPs seem to be doing.
One CPU cycle wasted on digital restrictions management is ONE TOO MANY.
First I would notify your client that (s)he is violating copyright (this takes care of your first problem), state what section of your use policy (you have one right?) (s)he is violating. State what your actions will be, removal, reporting, etc. Before the email you had the coverage of plausible deniability, now you don't (anon tip). In the end save your notice and forget it, if anything comes of it, you can state that you had informed him(her) and they removed it, then replaced it at a later date.
But, IANAL
NarraterDan
"If you're not confused by quantum mechanics, you really don't understand it." - Niels Bohr
Ethical Opinions -
See no evil, hear no evil, your client is accountable for himself.
You are honor bound to protect your defenseless client to the best of your abilities.
Keep him informed of the situation and let him deal with it. That's the extent of your duties.
Harshly warn your client for jeopardizing your business and your credibility. Kick him out if doesn't comply. Protect your livelihood.
Insert coins and ask again.
Legal Opinion -
Ask elsewhere. A LAWYER would be good.
Sorry if this is curt. I just think that if an entire thread can be covered in one post then it should be.
Operator, give me the number for 911!
>As a hosting provider, how far should I go to protect the rights of my clients while upholding the law, and still verify every claim that comes in?"
Pretty simple. Ain't your problem.
There are books in the library that have been, at one time, by one group or another, banned - censored - forbidden.
Tom Sawyer/ Adventures of Huck Finn.
The Bible.
The koran.
Dear Xavier.
People say illegal things on cell phones, but the guys at SprintPCS don't lose much sleep over it.
There exist means of legal recourse for a copyright holder to 'punish' those that exceed fair use of their material. Cooperate with the legal proceedings once they are brought to you, but until the courts issue a decree saying that you in particular must do something in particular, blow it off.
Glonoinha the MebiByte Slayer
As a hosting provider, how far should I go to protect the rights of my clients while upholding the law, and still verify every claim that comes in?"
You know, if you're looking for crucial legal advice, I really don't think you should be relying on Slashdot. "But, *your Honor*, 'autopr0n' on Slashdot *said* that it would be okay!"
We already know that most Slashdotters would *like* you to do nothing, for example, so your chance of getting a legally useful opinion is about zip.
May we never see th
Can you trace the e-mail back to its originating server? It'd be really sad if it came from some chinese spam-flinger, especially considering their treatment of international copyright laws.
Any idea what the heck the email writer had in mind? Enemy of your client perhaps? Anyway, perhaps in the future you could save your time with a form reply request "clarification." That would help with authenticity -- if this kind of game is common.
As you know, you are potentially liable for the copyright offenses of your customers, limited by the safe harbor exception I can't recall the details of. Once you've been notified, it may be foolhardy to ignore the wanring, as you could go down with the client. If you're like me, you may personally be kind of offended at people using your wares for criminal enterprises -- e.g., selling pirated songs. It appears the possibly malicious email writer has in fact brought a problem to your attention, and so you can't look the other way. (If they weren't malicious but wanted anonymity, maybe they could have just said so.)
I would strongly suggest you talk to a lawyer on this for legal advice to can rely on, and that you establish a written policy on how inquiries like this email are handled. You will want a paper trail to show your diligence later, and for your own conscience to make sure nothing falls through the cracks. I don't know whether you'll want to discuss the email when you talk to your client, or just use the generic "it has come to our attention that..."
Let us know what you do, OK?
Since the email address the complaint was sent from is invalid, the headers are forged, which makes it look like spam to me.
I suffer from attention surplus disorder.
If they are, then I tar up their files as proof of the content, send them a nice email saying "You're account has been terminated for breaking the following provisions of the Terms of Service you agreed to", delete their account, and BCC in the owner of the copyrighted material. This is the best way I've seen to handle it yet, and it accomplishes a number of things that are important to do IMO: Keep a copy of the data in question before deleting it, let the 'client' know they've broken your TOS and are losing the service as a result, lets the owner of the copyright know that you've dealt with the situation effectivley and you take matters like that serious(which as a hosting provider, you have to)
If the client isn't hosting copyrighted material, an email should get sent back to the person asking for clarification, as you did. As for the question of how far you should go to protecting rights while upholding the law, I don't think they're mutally exclusive and you(and all hosting providers) should do as much as they can to use good judgement..
As a hosting provider, how far should I go to protect the rights of my clients
As far as they are paying you to protect their rights. If you go any further, you are bound to lose money. If you don't go as far as your user policies then you'll lose customers. End of equation.
while upholding the law
As far as the law requires you to uphold it. In DMCA land you are required to take some action against copyright infringment. If you thought their website was infringing, I would have expected you to take it down according to the law and your AUP. If your AUP doesn't have a rule against copyright infringement, then you are in for some trouble with your clients when you must comply with even the 'bad' laws.
and still verify every claim that comes in?
Again, you should only go as far as your customer agreement says, and the law requires.
If you go any further then you can get in trouble in all sorts of ways. The email you received may be seen in court as a valid, DMCA compliant request, even if the email subsequently didn't work or was sent through abnormal channels. Perhaps the copyright owner is using another business to send out a lot of these. It doesn't necessarily make them any less DMCA compliant. Therefore, by checking the 'validity' and 'claim' of the email, you are in effect acting as some sort of judge in the matter. You don't want to interpose yourself in that situation, trust me.
If you go the other way, and do too little (ie, your AUP tells your customers you'll notify them and provide them with copies of such emails at or just after the time of disabling their site) then you'll be in essentially the same position, except with the customer.
-Adam
If you are asking them for more information before you can assess the situation accurately, then ignore it until they contact you again.
If their email is fucked up, then they can't claim they notified you - who's to know you aren't running something like tmda?
If, on the other hand, it's a clear violation, tell your client to remove the offending files.
If I received an email complaint, I would respond with a form message advising the sender that no action will be taken until the complaint is submitted by fax or hardcopy.
"Eve of Destruction", it's not just for old hippies anymore...
This was my real reply to
anti-piracy@sonymusic.com. They didn't reply back, and nothing happened.
A friend suggested me I could also have replied with a "Sory, me not understaind english". But I thought this reply would be more amusing for them.
Well, I've had to go through this a couple times, just ask them to send their complaint on PAPER with LETTERHEAD (i.e., fax or mail it to you).
Just reply promptly and state that due to previous forgeries, we only accept this stuff by fax or mail with the letterhead of the company or the legal firm. Be sure to include your name, business phone, fax, email, address, anything so you can appear to be fully cooperating, in case the Kopyright Kops come after you about it.
They will usually send you the letter fast. One time I had this guy who claimed he was a lawyer but didn't have his full name or the name of his firm in his message! He actually was a lawyer for a musician but must've been some hippy weirdo who didn't write like most other lawyers do. He was still a lawyer though with a valid complaint under the DMCA.
Once you have verified the infringement, act fast. Then shake your head and cry that you live in a country where this kind of thing is encouraged (acting without any court order, just because somebody sent you a note).
PS: I fully expect "fake DMCA takedown notices" to become a real problem in the future. I'm surprised that folks aren't forging them and sending them to eBay, etc.....
My AUP and TOS clearly states that the material on the server is not mine, and is rather the property of the account holder. Claims of illegal copyrighted material will be dealt with me verifying that the claim is valid, and forwarding the claim to my user. Under court order I'll reveal the name and contact info of the customer - anything other than that will be met by a lengthy court battle. (Yes, it is *that* important to me.)
Darwin, I believe, said something to the effect of "oh though I may not agree with what you are saying, I will fight to the death for your right to say it."
-neil
I suspect the E-mail you got was related to this, but there are a few problems - or, at least, new twists to the game:
-
In its most obvious form, they make the most money by telling the copyright owner before the infringer. So I'm confused as to why they'd tell you first.
-
Of course, they also faked their E-mail address. Can they use this no-return-address warning to run up the penalties in a legal case? Can they use it to run up how much they charge the copyright owner?
In brief, I'm confused and worried by what you've witnessed. Can anybody enlighten me as to the motive? Goodness of heart, warning you with no monetary gain, is probably out of the question. I suspect it's probably more along the lines of the BSA where they want to charge you for an audit of your website.This post is public domain.
Anyone may quote from it, use it as their own, claim authorship of it, or whatever. See if I care. It's not mine. It's public domain.
Okay, I'm just being pedantic. It's a good point.
You act on information delivered through an insecure, unidentifiable, practically anonymous medium?
Yeah, if you do that, expect some of the information sent through it to be untruthful.
DMCA safe harbor provsion FAQ
The rules are fairly specific about what information is required for a takedown, but also puts some obligation on the ISP to police its own network.
It sounds like they failed to comply sufficiently to obligate you to provide all the information about the subscriber, but does require that you loook into it, and at least clarify that the user has, or thinks he has permission to use the material. IANAL, so this is guessing.
According to the DMCA you are not liable for the things hosted on your web sites by clients - they are.
Relevant section here
Now, they can get a court ordered injunction to get you to block access to the offending material, or from the offending user, according to this section. So, tell them to talk to the judge, and short of an injunction, you fail to see how you bear any liability for things hosted by your ISP service.
I'd recommend reading the DMCA section in question - one of the purposes of the DMCA was protecting ISPs from claims against their users. You really don't even need to research the claim.
The question posed is a legal question, like all legal questions the answer is murky and varies from state to state, and you are a chump for bringing your legal woes to slashdot instead of calling your lawyer.
(end redundant part)
More to the point, if you are in the hosting business you should have a regular source for legal advice that ain't Slashdot. Find a local lawyer and offer him free hosting if he will handle the occasional bogus DMCA letter.
I would like to thank you all for your advice on this issue, from these posts I have seen both extremes and have decided what path I will take in the future (well ok I cheated a bit and got some legal advice too).
Work sucked, until it became unemployment, when it became slightly more tolerable. -Tet
I'm not so sure that you have the right to copy that data friend, especially since you know it will be used to screw your customer. There's a fine line between protecting your ass, and being a whore to the RIAA/whoever. You crossed that line as far as I'm concerned, when you did more than take down the offending content and/or boot the user (still harsh), and notify the content holder that you did so. Are you expecting a bounty?
If the copyright infringement "warning" e-mail doesn't have a lawyer's name (or firm name) and doesn't have a legit phone number, delete the e-mail 'cause it is not real.
Ok, here's the breakdown:
1) E-mailed a real address at the animation company, requesting a written takedown claim. Result: No reply.
2) E-mailed the client, informing him that he needs to take down any copyrighted content. Result: Client returns e-mail saying he has a disclaimer. Yeah. Well If I get the written complaint, his site gets taken down.
This client is a rich kid in Texas going rampant with his mom's credit card. If I get the takedown notice, it wouldn't be uncharacteristic of him to buy a license to the tv shows he is offering for download.
As for the intent of the original e-mail writer, I think it was a person who didn't like that tv show and was trying to start an online flame war (yes, it's an anime tv show).
Work sucked, until it became unemployment, when it became slightly more tolerable. -Tet