Control Your Cloud So It Will Not Rain on You

The Digital Millennium Copyright Act (DMCA) creates a “safe harbor” provision exempting an internet service provider’s (“ISP”) contributory liability for the copyright infringement of the work that ISP user uploaded to the ISP’s hosting environment.[1] However, the protection is available to the ISP only when it “does not receive a financial benefit directly attributable to the infringing activity, in a case in which the service provider has the right and ability to control such activity.”[2] The question arose from this requirement is whether “the provider must know of the particular case before he [sic] can control it.”[3]

In Viacom Int’l, Inc. v. YouTube, Inc., the Federal Court of Appeal of Second Circuit ruled that the safe harbor provision of the Digital Millennium Copyright Act (DMCA) does not require an ISP have specific knowledge of the infringement activity in order to control the content the ISP user uploaded to the ISP’s cloud storage and cloud service.[4] In its ruling, the Second Circuit explicitly rejected the Ninth Circuit’s holding that “’until [the service provider] becomes aware of specific unauthorized material, it cannot exercise its ‘power or authority’ over the specific infringing item.’”[5] Therefore, the Second Court’s ruling created circuit splits and an uncertainty of whether an ISP can quality for DMCA’s safe harbor protection where it does nothing to control the infringement activities occurring in its cloud services because its unawareness of specific infringements.

Furthermore, the Second Circuit applauded one case in which the ISP “institute a monitoring program . . . [and] forbade certain types of content . . . .”[6] This case exemplifies that “the service provider exert[ ] substantial influence on the activities of users, without necessarily—or even frequently—acquiring knowledge of specific infringing activity.”[7] The dictum seems to suggest that, for establishing the ability to control, an ISP shall implement some proactive monitoring measurements over the contents uploaded to its cloud service or cloud storage. And, it may create two issues. First, what level of monitoring and actions will be sufficient to control. Second, whether the monitoring program will adversely infringe the ISP user’s right of privacy.



[1] 17 U.S.C. § 512(c)(1) reads as follows “[a] service provider shall not be liable for monetary relief . . . for infringement of copyright by reason of the storage at the direction of a user of material that resides on a system or network controlled or operated by or for the service provider.”

[2] 17 U.S.C. § 512(c)(1)(B).

[3] Viacom Int’l, Inc. v. YouTube, Inc., 676 F.3d 19, 36 (2d Cir. 2012).

[4] Id. at 38 (holding that “§ 512(c)(1)(B) does not include a specific knowledge requirement . . . .”).

[5] Id. at 38 (citing MG Recordings, Inc. v. Shelter Capital Partners LLC, 667 F.3d 1022, 1041 (9th Cir. 2011)).

[6] Id. at 38 (citing Perfect 10, Inc. v. Cybernet Ventures, Inc., 213 F.Supp.2d 1146, 1173 (C.D. Cal.2002)).

[7] Id. at 38.

Author: Changi Wu

Changi received a Bachelor of Science degree in Civil Engineering and a Master of Science degree in Environmental Engineering. He has been working in the field of environmental engineering and the telecommunication industries. Changi is also a registered patent practitioner in the United States Patent and Trademark Office. He is interested in environmental law, patent law, and bankruptcy law.

Leave a Reply

Your email address will not be published.