Or, How to Keep Your Customers’ Bad Acts from Getting on You
Eighth Annual eCommerce Best Practices Conference, Part 2
Stanford University, June 24, 2011
The first panel was probably my favorite, in part because the topic was so timely. Secondary liability in intellectual-property law occurs when you yourself don’t infringe a patent, copyright or trademark, but you knowingly cause or induce to do so, or contribute materially to the infringement.
It’s a very big deal in eCommerce because typically the primary infringers are a multitude of individual consumers, who are hard to track down and identify, don’t have a lot of money, and can’t be sued very efficiently (not that some folks haven’t tried….). It would be preferable if you could just sue the alleged source of the problem: perhaps the owner of the website that is hosting the infringing content, or the maker of the software the enables the mass infringement, etc. File-sharing is the classic example of this.
The law, naturally, is reluctant to cast so wide a net. If we held the manufacturer of a useful device liable for its infringing misuse, we would all be the poorer. If we destroyed every website that hosted potentially infringing content, we’d all be the poorer. A line must be drawn, based on the intent of the secondary party. The trick, of course, is knowing where to draw it. There is little social consensus on this issue. How much knowledge of the underlying rights is too much? Do you have to know that infringement will actually result, or just suspect it? Can you just turn a blind eye to the content owners’ rights?
It turns out drawing this line well is important for another reason. As Prof. Menell of Boult School of Law rather provocatively put it, in eCommerce, you have two general strategies to profitability: you can develop a closed system (“symbiotic” he termed it), working closely with the content providers; or you can operate as close to the line as you can, pushing the envelope on secondary liability (and making your site more “pirate-able,” as he put it). To take extremes, Apple is firmly on one side, and Limewire is on another, and YouTube is somewhere in between.
But let’s say you want to be a good e-commerce provider. You understand the risks of secondary liability, and you genuinely respect intellectual property rights. So the smart thing to do is to go out and get all the necessary licenses, erring on the side of getting a license when you’re unsure.
As some of the panel members pointed out, if you tried that, you’d be dead before you got all the licenses. The process of getting licenses is so cumbersome, you’ll run out of money before you go live (and this assumes you even know who all the rights-holders are: in copyright, this can be a nightmare).
So, the predominant business model has become: push the envelope, then try like heck to get right with the rights holders before they put you out with litigation. In short: it’s easier to ask for forgiveness than permission. And we have a licensing system that pretty much encourages that.
Secondary liability is best established in patent law, where it has been statutorily enshrined for many years. Even so, a recent Supreme Court decision, Global-Tech Appliances, Inc. v. SEB S.A. (May 31, 2011), has recently clarified (some would say, significantly changed) where the secondary-liability line is to be drawn in patent matters. The Court held that to be secondarily liable, you must be at least willfully blind to the risk of patent infringement. This breaks down into two prongs: you must subjectively be aware of the patent’s existence and of the risk of infringement, and you must take deliberate actions to avoid confirming the risk. The Court said that this standard is higher even than recklessness and deliberate indifference.
The panel suggested that patent opinion letters could scotch much of the risk of secondary patent liability because the first prong is subjective (provided, of course, the opinion letter is at all reasonable–that’s a jury question).
Some other practice pointers that I picked up at the panel:
- Fred von Lohmann, formerly of the EFF but now with Google, expressed a great deal of incredulity at how many e-commerce providers and other websites don’t register an DMCA agent with the U.S. Copyright Office. That’s an essential step to receiving DMCA safe-harbor protection, and it’s pretty easy to do. (The DMCA absolves ISPs and websites of secondary liability for hosting content provided by third parties that infringes copyright, so long as the ISP or website takes certain steps, the first of which is registering an agent with the Copyright Office. I’ll do a “how-to” blog post on this subject.)
- On the same subject, from Mr. von Lohmann: have robust, documented policy for dealing with repeat copyright infringers. (This is another–more difficult–requirement for DMCA safe-harbor protection.)
- Final thought from Mr. von Lohmann: Train your customer service employees not to make promises that contradict your policies for dealing with alleged infringement or other objectionable content. This applies, I think, not just to copyright but to any content that others might find objectionable. (This is in reference, I think, to a case in which a customer service agent for a website allegedly told an aggrieved woman that they’d take down the offending content, but the website failed to do so, consistent with its internal policies.)
- It’s generally believed that there is no such thing as a safe-harbor for secondary trademark liability, but there sort of is. A host of paid electronic advertising that infringes trademark is not liable for money damages, and perhaps not even for an injunction. It’s not really a safe-harbor (i.e., completely immunity)–it’s really a limitation of remedy–but functionally it’s almost the same.
- Finally, try not to let third-party content look like your own content. Legally, it shouldn’t make a difference, but you’ll avoid lawsuits if it’s obvious that the offending content isn’t yours.
Next in this series: virtual goods (and the “first-sale doctrine”).