What's Hot in Digital Media Law: The transition from digital to analogue

So we’ve arrived at the concluding chapter of the digital media story. Previously, we've taken a quick overview of "digital media" and the febrile state of the market and gone on to look at three out of my four focal areas of change - 'What and How to Regulate?', 'Who Carries the Can?' and ‘The Boundary between the Public and Private Domain.’

This brings us to the 4^th are of focal change: the transition from digital to analogue, perhaps the most significant area of all.

Rushing slowly to change

“We always overestimate the change that will occur in the next two years and underestimate the change that will occur in the next ten”. Bill Gates

Google’s revenues were $0 in 1997; Google's profits were $1.21bn (£608m) for the three months to the end of December 2006! That's change!

Change is indeed both slower and quicker than we expect. Over the next 10 years, perhaps the most important developments will be those hidden in the Web’s plumbing. They will build more intelligence into the Web so that – to borrow a phrase I heard Simon Juden, The PA’s Chief Executive use  the other day – “Websites become Web services.”

Technical standards: not glamorous, but vital to the digital future

What I’m talking about here is the unglamorous world of technical standards which make it possible for machines such as search engines to talk ‘intelligently’ to other machines such as websites and other devices, so that, for you and me as users, we can find the content or service we want, see and pay for the permissions we need and then download and enjoy that content.

This is the arena of what I call ‘de facto’ law. Although the law (e.g. copyright law) may provide the overall legal framework for what can and can't be done with copyright content, standards control what happens. In that sense, they are a kind of 'de facto' law.

In the digital world, technical standards play a major role in determining how digital goods and services are exchanged. The ACAP ('Automated Content Access Protocol') project is developing a standard for 'machine to machine' permissions readable by search engines giving website owners much more control over what search engines can and can't do.

Technical standards and the publishing industry

In the publishing industry, ONIX for Licensing Terms is a “family” of XML document schemas which are being used to express licences in a machine-readable form. For example, ONIX for Publications Licenses (ONIX-PL) is a means of expressing the licenses agreed between publishers, hosting services, libraries and consortia in machine readable form.

Some of these tools simply mean that, on the click of a mouse, a user in a library can see what he or she is allowed to do with the content. It’s just a clever way of attaching and displaying permissions on screen. It’s then up to the user to respect the permission (or not!). In that way, it like the Creative Commons licence that is often used to encourage the sharing of content for non-commercial purposes.

In other cases, it is ‘machine actionable’. That’s where one machine – such as a search engine – interacts with another machine – a web browser.

Taken together, these software tools, built on common standards, are the building blocks of a 21^st century rights management system. In discussing these standards and software tools, I

have deliberately avoided using the term “digital rights management” or “DRM” because they are generally used to describe technical protection measures ("TPMs") such as Apple’s ‘Fairplay’ system which technically controls the number of copies that can be made as well as the devices on which the content can be played.

Of course, TPMs have a role, especially with regard to enduring content such as films and music, although many services are now offered TPM free. But I want to use DRM – or other terms – to describe the bigger picture of tools that can be used to locate works and express permissions, whether or not TPMs are used.

That's it?

So is that it? Have we covered the full gamut of digital media law? You bet we haven’t!

Working out which laws apply and which Court’s have jurisdiction remains a challenge when we have territorially-based laws and jurisdictions applied to cross-border services. But there are international treaties and legal frameworks to work out the answers in practice. It just takes time to evolve.

A good example of the old coexisting with the new in the world of digital media law is how Linden Lab, the owners of Second Life, use good old contract law in the form of their Terms and Service to deny service to participants who don't play by the rules.

And there’s plenty more. But they are for another day! Along with a whole load of other stuff.

Some concluding thoughts for the future

More changes in copyright law are in the wind, just as television, film and other audio-visual download services start to take off. We've got to get the rights management system 'fit for digital purpose', so that everyone in the content chain gets their fair reward whilst citizens and consumers get the content they want - when, where and how.

Lastly, you can’t work as  lawyer in this fascinating area without having your ‘10’ key principles of digital media law. So here are mine:

• There’s always a solution
• Online rules = offline rules (mostly)
• Living with uncertainty, so manage your risk
• Value your IP
• Copyright: permissions first, restrictions last
• Think privacy
• Collaboration’s the name of the digital media game
• Make it simple(r)
• Do the deal but allow for the exit
• What are the things you don’t know you don’t know? (Thanks Donald)

Laurie Kaye

Have a good week.

Thanks for reading and watch out for new themes in upcoming posts.

What's Hot in Digital Media Law - 4

The story so far. We've taken a quick overview of "digital media" and the febrile state of the market and gone on to look at the first of my four focal areas of change - what and how to regulate.

Deep breath - the hottest and probably most difficult area is the 2nd: the issue of liability (or not) of service providers and other intermediaries for user contributed/created content. My apologies in advance for a very lengthy post but it's probably best to get it over in one go!

WHO CARRIES THE CAN?

The issue of how far – if at all – intermediaries such as ISPs and social network sites should have responsibility for illegal content transmitted by users over their networks or hosted on web servers or other hosting services, is not, in Internet-time, a new issue.

Indeed, it was at the heart of the E-Commerce and Copyright Directives when they were negotiated during the mid to late 1990’s.

So why is it such a hot topic now? There are two reasons. First, it’s been put firmly at the top the digital media law agenda because of pirated audio-visual goods and illegal downloads.

Second, the legal rules about intermediaries’ liabilities, certainly in Europe and the US, were developed in the mid to late 1990’s in a pre Web 2.0 world, before social network sites and search engines became ubiquitous. As a result, there is a lack of legal certainty about how these rules apply to the likes of Facebook and YouTube.

So as legal fights continue, such as the ongoing litigation in the US between Viacom and YouTube, the emerging theme, I believe, is that voluntary agreements reached by collaboration and negotiation between all stakeholders underpinned, where necessary, with legal sanctions, is the best way forward.

With that background in mind, I am going to look first at the position of ISPs and then at hosts.

Liability of ISPs

This is arguably hot topic numero uno. The issue is being driven by the music industry but there’s no doubt that it is of equal significance to providers of on-demand services of all types of digital content. 

The position of the two main protagonists is clear. The BPI says that “Studies show that more than six million ISP customers regularly use their broadband accounts to unlawfully download and distribute music online.” As a result, the BPI wants UK ISPs to help cut down unlawful downloads by operating a three step procedure which could ultimately result in them cutting off their offending subscribers.

In response, Charles Dunstone, of TalkTalk says: “We give access to the internet, we do not control it, nor do we control what are users do on it. I cannot foresee any circumstances in which we would disconnect a customer’s account on the basis of a third party alleging a wrongdoing. The music industry has failed to adapt and seeks to foist their problems on someone else”.

This is tough talk but he’s right to point out there is a vital link between the fight against illegal downloads and the available of legitimate, commercially available online services. This link is also one to which the Regulators’ pay a lot of attention. However, Mr Dunstone is likely to be proven wrong about the future role of ISP’s on this issue.

Following the Gowers Review on Intellectual Property, the Government has given a commitment to legislate by April 2009 if ISPs are unable to reach a voluntary agreement or code of practice with industry.

So here are the key questions:-

1.     Given the fact that ISPs enjoy a number of legal immunities, how can they be forced to play a role? (The short answer is they can, because they are immune from damages, but not absolved from all legal responsibilities).

2.     If they can be forced to play a role, how active a role will that be? In particular, will they have to use filtering technologies to detect infringing content? Can they be compelled to disclose personal information about their subscribers?

Let’s take a closer look at ISP immunities.

Under the E-Commerce Directive and the implementing UK Regulations, service providers have immunity from damages for all types of illegal content transmitted or ‘cached’ in their networks at the initiation of their customers. This immunity covers all types of illegal content, from copyright and defamation to obscenity and blasphemous material.

In the EU, this ‘across the board’  immunity for service providers is complemented by ‘mere conduit’ and ‘caching’ exemptions in the Copyright Directive (and now in UK copyright law) specifically for copyright materials carried or ‘cached’ on their networks.

In addition, the E-Commerce Directive reinforces these exemptions by providing that there is no obligation on service providers to monitor the information they transmit or store, nor a general obligation to actively seek facts or circumstances indicating illegal activity.

However, immunity from damages does not equate to exemption from all responsibilities. Both the E-Commerce and Copyright Directives contain provisions which allow member states to introduce legal rules to force ISPs to play a ‘middleman’ role in dealing with illegal content, although there is debate about their precise scope.

These provisions could lead to legislative measures in member states allowing the Courts to compel ISPs to terminate or prevent infringement or to require them to provide information to competent public authorities of alleged illegal activities by their customers “with whom they have storage arrangements.” This could information such as IP addresses.

But this is a tricky and complex area of the law. As I try to navigate you through this complexity, you may think like me that cross-industry voluntary codes have got to be the preferred route, with the legal rules as ‘backstop’ measures.

Let me give you an example of that complexity. In March this year, the European Court of Justice (ECJ) made a somewhat Delphic decision in Promusicae v. Telefonica. This arose out of an action which the Spanish music collecting society brought against Telefonica in the Spanish Courts for an order to force the ISP to disclose the names and physical addresses of its users who exchange illegal copies of copyright works using KaZaA' P2P software. 

The ECJ were asked to answer this question: does European law require member states to impose an obligation on ISPs to disclose personal information about their users in the course of civil proceedings Answer: "no".

But the ECJ's decision does leave the legislative door open for rights holders. The ECJ said that what it had to do was balance the provisions in Community law that protected intellectual property rights (IPRs) with those that protected personal privacy. So introducing legal measures that could, in carefully prescribed circumstances, force the disclosure of user information is not precluded.

We have also had a few interesting Court cases which show that the ISPs’ mantra of “hear no evil, see no evil’ is becoming increasingly unsustainable as the digital world evolves. The issue is therefore this: how far will an ISP have to go in dealing with infringing material on its services in order to preserve its immunities?

In a recent case in Belgium, (May 2007) SABAM, a collecting society in the music industry, sued the ISP Scarlet (formerly Tiscali) for handling peer to peer traffic containing musical files which breached copyright.

The Judge noted that there was no obligation on the ISP to monitor, the Court decided in favour of SABAM. Nevertheless, he decided that to be able to take advantage of the immunity, the ISP in this case had a duty to use filtering technology. He was influenced by one of the introductory paragraphs in the E Commerce Directive that said that the absence of a duty to monitor "should not preclude the development and effective operation of technical systems of protection and identification and of technical surveillance instruments made possible by digital technology.” But whether and to what extent the use of such technology should be mandated by law is a moot point.

Following that decision, four major record companies – EMI, Sony, Warner and Universal - are suing Ireland’s largest ISP, Eirecom, demanding that it takes action to prevent users from illegally downloading or sharing music.

As a result, it’s clear that the UK Government has a mandate to legislate if the ISP and music industries cannot reach a voluntary agreement. Whilst the issue has been driven by the music industry, it’s of equal concern to all sectors of the media industry as they build their online businesses. It seems to me that it’s far better to negotiate a cross-industry deal than risk the heavy hand of legislation.

Against this background, the BPI on behalf of the music industry is trying to negotiate a ’3 strikes and you’re out’ procedure with UK ISP’s, through the Internet Service Providers Association (ISPA).

The BPI routinely gathers evidence about illegal downloads by logging on to sites which offer files and downloads via peer to peer. Under the BPI’s proposals, instead of using the evidence to begin a process of legal action against the individual customer, the BPI would send the evidence to their ISP, who can identify that customer from the IP address and send them an advisory letter. That way, it would avoid the issue of disclosure of personal information by the ISP.

Here is how the BPI describes the procedure it would like to see:

·        If an ISP’s customer’s account is being used to file share music illegally, they would be informed about what is happening and advised as to how they can avoid it happening again.

·        If the advice is not followed, the customer does not act on the letter and the account continues to be used unlawfully, the account is suspended pending a signed undertaking from the customer to the ISP that the unlawful activity will cease.

·        If, after the suspension and undertaking, the customer‘s account is used unlawfully a third time, the contract is cancelled.

But ISPs are not happy with these proposals and these negotiations will be protracted and difficult. For example, ISPA wants an indemnity for ISPs in the event that it transpires that an innocent customer has his or her account wrongly terminated. 

But in my view, however difficult to achieve, a voluntary agreement is preferable to surrendering to the uncertainties of legislation.In Europe, there are already initiatives underway to create more collaborative arrangements with all the stakeholders in the digital media industries.

In France– home of author’s rights – there is already quite a far-reaching agreement in place. The Memorandum of Understanding, otherwise known as the 'Accord Olivennes', is an agreement sponsored by the French Government between the public authority, rights holders and service providers, including ISPs and hosts. Interestingly, it imposes obligations on all participants and makes a direct link between the development of legitimate business models for online delivery and the fight against piracy.

There are several other features of the agreement which are interesting:-

·        The procedure is more heavily Court-based than the proposed UKprocedure. The warning messages are sent out via the ISP in the name of the public authority, not the ISP’s. Court authority is needed to suspend or terminate the account.

·        ISPs and rightholders have agreed to work together to test filtering technologies and ISPs have agreed to use them where technically and financially realistic.

·        As regards hosting and content-sharing platforms, ISPs have agreed to cooperate in good faith with rightholders regarding the potential use of fingerprinting and watermarking technologies.

That’s a sensible approach in my view. As compared with technologies used to identify content, there are freedom of speech issues to be taken into account when deploying filtering technologies which, for example, could have the effect of barring legal forms of communication.

Interestingly, as their part of the deal, Audiovisual, film and music rights holders undertake a number of obligations. These cover technical issues and potentially far reaching changes to existing ‘windows of exploitation’ to accelerate the availability of films online.

What about the liability of social networks and other hosts?

Hosts, including social network sites, also have immunity under the E-Commerce Directive from damages claims for content posted by users to their platforms. Furthermore, there is no general duty to monitor content.

But there are several problem areas in how the law works here. The E-Commerce Directive shows its age when it refers almost quaintly to “information society service providers.” Article 14 says that “Where an information society service is provided that consists of the storage of information provided by a recipient of the service, Member states shall ensure that the service provider is not liable for the information stored at the request of the service”, provided certain conditions are met.

Does Facebook, MySpace, YouTube sound to you like an information storage service? Think about AOL’s recent $850m acquisition of Bebo to enable it to become, in the words of its CEO, “a social medium powerhouse”. You can immediately see why many rightsholders say “no” or, at the very least, “in some aspects “yes” and in others “no”.

Rightsholders point to sites like YouTube and argue, essentially, that they are not service providers as envisaged by the E-Commerce Directive or DMCA but are, in essence, content providers and therefore are either directly infringing copyright or inducing its users to infringe copyright.

But even if a service provider is covered by the exemption, their immunity disappears with knowledge of the infringing activity, such as the posting of copyright infringing material.

The immunity therefore only applies on condition that:

• The provider does not have actual knowledge of illegal activity nor aware of any facts or circumstances from it is apparent; or
  
• On obtaining knowledge or awareness “acts expeditiously to remove or disable access to the information”.

So in its legal action against YouTube in 2007, another argument raised by Viacom was that YouTube knew its users were posting copyright infringing material and did nothing to stop it.

The issues here are essentially practical ones. What constitutes “knowledge”, how quick does a service provider have to be to be “expeditious”? There is no prescribed form of notice.

So the solutions here need to be developed on a cross-industry collaborative basis rather than through the Courts.

Generally speaking, ‘notice and take down ‘procedures do seem to work. But there are uncertainties, especially as regards user contributed content. For example in 2007, a French Court, in Zadig Productions v Google, Inc had to decide whether a hosting site is liable for subsequent re-postings of the same infringing content, having been notified about it and taken it down once.

The Court looked at what Google needed to do in order to 'act expeditiously' to remove infringing content from Google Video, and so be able to rely on the exemption from liability for hosts. The problem here was that although Google removed the infringing content, it was re-posted. The Court rejected Google's argument that each post required another takedown notice. It took the view that, having received the first notice of the infringement, Google was responsible for implementing technical measures to block posting of the same content. This follows the same logic as the judge applied in the case of SABAM v Scarlett to which I referred earlier.

The law, being the law, will continue to evolve. Cases will continue to test the boundaries between ISP and social network immunities, filtering and information disclosure obligations and freedom of speech.

But this takes time and is imperfect. As a result, the relationship between technology, business and the law is never truly in sync. That is why self-regulation and voluntary codes, backed where necessary with legal sanction, will increasingly be the regulatory instrument of choice.

If you're still reading - well done and enjoy a well deserved weekend break.

Laurie Kaye

What's New in Digital Media Law (2)

Well, for those of you who spent the weekend waiting anxiously for the 2nd installment of 'What's New in Digital Media Law', here is. In it, I'm doing some further scene setting with an overview of "Digital Media" and the "Digital Media Market."

“DIGITAL MEDIA”

You can take your pick of definitions of the phrase “digital media”. But I’m using it to mean two things:

First, digital delivery channels – the Internet, mobile and digital television – to deliver content and to provide a platform to sell physical products online.

Examples include:

o        Online music services.

o        Books sold through publishers’ websites as well as distributors such as Amazon.

o        TV programmes delivered on-demand via ‘catch up’ services such as the BBC’s i-player and Channel 4’s 4OD.

o        The emerging market for Internet-distributed movies. For instance, Apple recently signed deals with all Hollywood Studios for itunes rental, although not for digital purchase.

Second, I am using “digital media” to cover new, ‘born digital’ content and services which would not have existed but for digital technology and the Web. For example:

o        ‘3D’ Movies. 

o        Social Network/community sites such as Youtube, Myspace and Facebook.

o        E-books and digital audio books which, with their searchability and other features in digital form, are really different to their paper and analogue audio counterparts.

o        New advertising-supported services such as interactive Internet TV services like ‘Babelgum’ which offers independent and new content, including professionally created user content with ‘Web 2.0’ features such as tag searches and collaborative filtering.

In fact, this distinction between new distribution channels and new digital services is artificial. Increasingly, new digital services act both as a channel to distribute what one might call traditional content such as films and as a platform to deliver new services. For example, MySpace is in talks with music labels for downloads; there are film clips available on YouTube and blogs like the ‘HuffingtonPost.com’ are morphing into online newspapers.

Over time, these distinctions will disappear and digital media will simply become “media”.

And let’s not forget that content moves just as easily from digital to analogue as the other way round.  Look at the current litigation in New York, in which JK Rowling is suing for copyright infringement arising from the unauthorised publication of a book, The Harry Potter Lexicon, which consists substantially of JK Rowling material first published on the Web.

STATE OF THE DIGITAL MEDIA MARKETS

How do the markets for digital media content look to our Regulator? They’re in a febrile state; “living with uncertainty and ambiguity” you might say if looked at from a psychological perspective. Markets characterised by change, experimentation and upheaval as well as the prospect of significant growth. An independent study on the interactive content market in the EU projects that revenues from online content will more than quadruple from €1.8b in 2005 to €8.3b by 2010.^[1]

The biggest challenge facing the media industries today is, I think, commercial rather than legal. It’s how to re-shape existing business models, and to develop new business and revenue models, in the face of 3 major trends:-

1.       Consumers’ reluctance to pay for Internet-distributed content. Currently, 99.9% of video consumption over the Internet is advertising supported.

2.       The shift in advertising revenues from traditional to digital media outlets;

3.       The impact of the Internet on “traditional” distribution models. For example, the market’s desire for on-demand movie services is putting the film industry’s traditional windows of exploitation – theatrical release, DVD, Pay TV and sell-through – under increasing strain.

What’s more, the content industries are faced with massive losses through counterfeit DVDs and large-scale piracy via P2P file sharing. Interestingly, as the TV industry moves to compete with online videos, television now ranks in the US as the fastest growing category of internet piracy.[2]

So what our Regulator sees are nascent markets where he or she must tread warily! With that in mind, in the next installment we'll start to tread the Regulator’s path and examine the four focal points of change in the world of digital media law.

Have a good week and enjoy the sunshine.

Laurie Kaye

---

[1] Study on Interactive Content and Convergence; Implications for the Information Society”, commissioned by InfoSoc and Media Directorate General, published 25 January 2007.

[2] According to ‘BigChampagne’ a consultancy that measures online file-sharing, as reported in the FT on April 7.

What's Hot in Digital Media Law

In case you missed it, April 30th was the Web's 15th birthday. April 30th 1993 was the day that CERN announced that the Web was free for use by anyone. So it turned out to be an auspicious day for the talk I gave that day 'on What's Hot in Digital Media Law'. I had a great turnout - around 100 people - and thought that you might enjoy reading it in bite sized chunks on my Blog. So I'll start the 1st installment with my Introduction, a bit of scene setting.

Introduction

Things used to be so simple. The law was securely locked up in expensive tomes sitting on the shelves of its custodians, we the lawyers, encased in archaic language.

And then along came Tim Berners-Lee, the inventor of the World Wide Web, in the early 1990’s and it all changed. His specifications for HTTP, HTML and URIs have democratised access to content and empowered digital citizens and consumers.  Ever since, the law has been chasing the long tail of digital content.

From the moment we set foot on the Information Superhighway and entered the world of multimedia – remember them? –the law, technology and business models have never been in sync. They’re each in the grip of different forces and processes, moving at their own speed of change, from warp to weary!

But the one constant in all of this is powerful, even systemic, change.

We see new actors – search engines, social network sites, online content providers and, of course, the citizen consumer as content creator.

We have new technological tools, technical standards, and software applications which enable digital content to be created, located, moved, and shared – legally or illegally - across broadband networks.

At the same time, analogue media, especially the printed word, continue to co-exist with digital media and are likely to do so for the foreseeable future.

So is the law fighting a losing battle in the midst of this upheaval? Is it losing its own case in Court over its right and ability to regulate the world of online media?

As we stride (or, perhaps, stumble!) into this new environment, we can, I think, see four focal points of change.

1.    “What and how do you regulate?” In the traditional world of broadcast television and spectrum scarcity, this was fairly clear. But what’s the right approach to regulating content when we move to new online services that deliver a mix of programme-based and on-demand services, mixing film and TV material along with blogs and literary content? And what are the right kinds of regulatory tools to be used, ranging from prescriptive laws to voluntary codes of conduct?

2.    “Who carries the can?” What legal responsibilities should ISPs, social network sites and users have for illegal and harmful content?

3.    “Where should the boundary between the public and private domains be drawn?” The private is the domain of intellectual property rights, especially copyright, data privacy and notions of permissions and consents. The public is the domain of access, use and re-use of all types of content and information. The fundamental challenge faced by regulators, and by all of us as digital citizens, is to decide where the digitally-blurred boundaries should be set. 

4.    “Making the transition from analogue to digital”. Here, the fundamental issue is how we move from a world of paper-based contracts, dusty files and rights holders we can’t locate to one in which, at the click of a mouse, users can locate works, instantly see permitted terms of use and obtain permissions.

In the next installment, I'll give a very brief overview of “digital media” and the digital media market.

Enjoy the long weekend!

Laurie Kaye

Tips and Hints for Website Operators

Although the festive season seems a distant memory now to most of us, there are some retail website operators who are still feeling the effects of a Yuletide clampdown by the Office of Fair Trading ("OFT"). This got me thinking about how many website operators are not making the most of their websites and so I put together a few tips and hints on how to ensure your website complies with all relevant laws and maximises its potential. You can find these below. But first, a bit about how the OFT highlighted this issue:

OFT Survey

Over the busy Christmas shopping period, the OFT carred out a "web sweep" of UK retail websites to ensure their compliance with online shopping laws with the aim of identifying websites ""who need help bringing their practices up to scratch".

The OFT chose to take this action in response to the results of its survey of internet shopping, published in June, which found (amongst other things) that:

• 28% of online traders surveyed had limited awareness or were completely unaware of internet shoppping laws;
• 66% of online traders surveyed had never sought advice on internet shopping laws;
• 16% did not inform online shoppers of their legal right to cancel; and
• 59% imposed conditions which impeded online shoppers' right to cancel.

This cross-section suggests that there is an alarming amount of UK retail websites which do not comply with online shopping laws.

We must remember that it is not only retail websites who must comply with online legislation - there is a raft of online laws which apply to various websites, from the most basic, information-only sites to the more complicated forums allowing UGC upload. If the retail websites are not bothering to ensure compliance, it is likely that there are a large number of non-retail websites that are similarly gung-ho.

As there is a variety of legislation to cover websites, so there is a variety of potential penalties for the non-compliant. These could range from users suing a retail website for breach of consumer protection laws to third parties suing a website forum operator for defamation or copyright infringement.

Tips and Hints

With all of the above in mind, here are some tips and hints I have thought up. They are by no means comprehensive and as always, they do not constitute legal advice. In fact, the best tip of all - well we would say that! - is to seek specialist legal advice:   

1. Ensure compliance with relevant laws and reduce the risk of being penalised by ensuring you have a comprehensive set of terms and conditions and privacy policy which are tailored to your particular website. These will help to shield you from liability for such matters as copyright infringement, defamation, and data protection.
      
2. Protect your business assets and increase the value of your website, again by ensuring you have a comprehensive set of terms and conditions and privacy policy written in plain English. They'll vary from site to site, depending on whether you're selling goods or services or just providing information only. If you're hosting user generated content, you need to think about liability issues and how that UGC can be used and re-used by other users and possibly by you as well as the site operator.For example, if your website allows users to contribute and upload UGC, you need a licence from users to display their content. You can either create a bespoke licence or you can use the Creative Commons Licence. CC licences work well for non-commercial use but care needs to be taken if content may move from non-commercial to commercial re-use. So take advice first.
      
3. Once you have the terms and conditions, display a link to them on every relevant page of the website. In particular, refer users to the privacy policy on every page in which they are invited to submit personal information.
      
4. If you change the terms and conditions, email notification of such change to users where possible. Simply posting changes to the site may not be enough.
      
5. Ensure you have the right to use the relevant intellectual property from anybody who has worked for the website. Under English copyright law, the copyright owner is the person who created the work in question (unless an employee creates the work in the course of his employment, in which case the work is owned by the employer). Even where a person is commissioned to create a work, it will not be owned by the commissioner until a valid written agreement is in place. For example, if you engage a web developer to create a website, he will be the owner of all design and software he creates unless a valid written agreement transfers ownership to you. And if a third party registered your domain name, have this transferred as well.
      
6. Ensure any advertising on your website complies with all applicable legislation and the CAP Code (which is the industry code applicable to online advertising). For example, do not display a banner advertisement for an online poker company if access to your website is not restricted to over 18s. The position regarding services such as those provided by Google's Adsense is complicated as you do not have the same level of control. You may want to seek specialist legal advice.
      
7. If you send a newsletter to users, include an "unsubscribe" link in the email (or an alternative method of unsubscribing if by post) and always offer users ways in which they can amend any personal details you may hold.
      
8. If your website allows users to upload UGC, include a function whereby users can report offensive or objectionable content to you and act promptly to remove any such content. However, do not actively or regularly monitor your website for such content because by doing so, you could deny yourself of certain exemptions from liability available to you for content which you merely host (but over which you exercise no editorial control.
      
9. If your website sells goods or services, there are more layers of legislation with which it is important you comply. Unless you want the OFT knocking at your door...or worse...legal action from a disgruntled consumer...or bad publicity. 

There is also new legislation scheduled to come into force in April this year implementing the Unfair Commercial Practices Directive which will make it illegal for businesses (and websites) to represent themselves falsely to consumers. This will cover the situation, for example, where a restaurant posts glowing but falsified reviews of itself on its website. More on this, however, in April.

Laurie Kaye/Yasmin Joomraty

 

The Government's warning to ISP's

The Government today published a strategies paper for the creative industry, 'Creative Britain: New Talents for the New Economy,' which signals a shift in the way the Government will approach the fostering and protecting of intellectual property - and in particular the role of ISPs in relation to copyright infringement. We've summarised some of its key provisions at the end of this post.

The paper as a whole is wide ranging and details the Government's proactive plans to foster creative talent with the aim of "enhancing the international competitive position of the UK's creative industries." The Government intends to achieve this with a two-pronged approach of:

1. fostering creative growth through proposed initiatives such as creative apprenticeships and 'find your talent' and talent pathways' schemes;
2. safeguarding the resulting creative content by stamping out online copyright infringement.

The Government has made it clear that it sees the current liability-free position of ISP's as a threat to this creative content. It is seeking to reposition ISP's as potential guardians of this creative content instead, and has issued the ultimatum that if the ISP's fail to self-regulate adequately, the Government will step in and legislate.   

Culture Secretary, Andy Burnham, has stated that "the Government has no burning desire to legislate" but that the paper signals a "change of tone from the Government." In other words, the Government is happy for ISP's to agree industry self-regulatory measures but this must be done sooner rather than later, and must be effective enough to obviate the need for legislation. If not, the Government is likely to include provisions for ISP's assuming greater responsibility in the anti-piracy legislation which is proposed for consultation in Spring 2008 and implementation in April 2009.

Commitment 15 of the paper clearly sets out the Government's stance:

"We will consult on legislation that would require internet service providers and rights holders to co-operate in taking action on illegal file sharing - with a view to implementing legislation by April 2009.The Government recognises the value of the current discussions between internet service providers (ISPs) and rights-holders; we would encourage the adoption of voluntary or commercial agreements between the ISPs and all relevant sectors. While a voluntary industry agreement remains our preferred option, we have made clear that we will not hesitate to legislate in this area if required. To that end, we will consult on the form and content of regulatory arrangements in 2008 with a view to implementing legislation by April 2009."

As we have noted in previous posts, the question of whether ISPs should assume greater responsibility for the content they provide raises complex issues concerning potentially conflicting legislation, such as data protection laws (see Promusicae v Telefonica), and technological measures, such as filtering technology (see SABAM v Scarlet). But the bottom line is that data protection law will not be an insuperable barrier to ISP's taking greater responsibility for carrying or hosting infringing content. 

It looks like, one way or another, the debate over ISP liability will be resolved by the end of next year.

Meanwhile, back to a summary of the key provisions of the Government's action plan for a more 'Creative Britain', which include:

• 5,000 apprenticeships to help people from all backgrounds make the most of their creative skills (the Government is looking to trial wage subsidies for small employers and financial incentives for larger employers)
• an annual event - the World Creative Business Conference - to bring together world leaders in the creative and financial sectors
• the development of 5 new 'Centres of Excellence' in creative skills
• exploring the creation of a 14-25 academic hub for the creative industries to bring schools, art colleges and universities together.

Laurie Kaye and Yasmin Joomraty

Notice, takedown and raising the bar for ISP immunity

I've talked before on the blog about the pressures for the bar to be raised for continued legal immunity for ISPs, hosts and other intermediaries from carrying or hosting illegal content.

The standard response is that ISPs and intermediaries are in the same position as the Post Office. "ISPs deal with many more packets of data each day than postal services and data protection legislation actually prevents ISPs from looking at the contents of the packets sent" (ISPA - Internet Service Providers Association) quoted in today's FT.

But will that position continue to be tenable? In my last post about the European Court of Justice decision in the case of Promusicae v Telefonica, I talked about the balance between IP rights on the one hand and privacy on the other. That balance means that, in a circumscribed way, the laws of Member States could require ISPs to disclose data about their users who are using networks for copyright piracy.

There is growing evidence that at least some Member States believe that ISPs and other intermediaries have to move from passive to active mode in order to continue to be immune from legal liability:

• In the UK, Recommendation 39 in the Gowers Review, published in November 2006, is to “Observe the industry agreement on protocols for sharing data between ISPs and rights holders to remove and disbar users engaged in 'piracy', If this has not proved operationally successful by the end of 2007, Government should consider whether to legislate”.

• In a decision of a French Court in Zadig Productions v Google, Inc late last year, the Court looked at what Google needed to do in order to 'act expeditiously' to remove infringing content from Google Video, and so be able to rely on the exemption from liability for hosts. The problem here was that although Google removed the infringing content, it was re-posted. The Court rejected Google's argument that each post required another takedown notice. It took the view that, having received the first notice of the infringement, Google was responsible for implementing technical measures to block posting of the same content.

• The Memorandum of Understanding, otherwise know as the 'Accord Olivennes' is an agreement sponsored by the French Government between rights holders, service providers and the public authority contains this undertaking on their part: This authority will also have, under the control of the judge, the ability to request technical providers (hosting services, access providers etc.) to take any measures necessary to prevent or put an end to injury caused by the content of an online communication service.

• The European Commission's Content Online Communication consultation, which is open until February 28th, clearly seeks a direct relationship between the development of legitimate online service offerings and a more effective enforcement regime against online piracy of copyright

The issues are complex and the answers aren't simple. But there's a clear message from the regulators - at least in Europe - that if all the stakeholders in the market for online content can't reach agreement on this issues, the law will step in.

So watch this space.

Laurie Kaye

"Tell us who your members are - we're going to sue!"

Following yesterday's post, I'm going to drill down to a more detailed level and take a closer look at how UK Courts deal with the issue of obtaining a court order to oblige an intermediary to reveal the identity of its users.

I'm going to look at the recent Sheffield Wednesday case. This case, heard on 2 October this year, concerns the chat forum for Sheffield Wednesday fans, Owlstalk, which is owned and operated by Neil Hargreaves (let's call him the "intermediary").

Sheffield Wednesday and its directors brought an action against the intermediary seeking a court order to force him to reveal the identities of certain members of his site. This type of order is called a "Norwich Pharmacal" order and this case has clarified the position regarding instances in which such orders will be awarded against online intermediaries.

The claimants sought the Norwich Pharmacal order in order to enable them to bring libel proceedings against certain members of Owlstalk. The judge considered the three conditions for granting such an order:

1. a wrong must have been arguably carried out;
2. the order must be necessary in order to enable the claimant to bring an action against the wrongdoer; and
3. the intermediary against whom the order is sought must (a) have facilitated the wrongdoing; and (b) be likely to be able to provide the necessary information about the wrongdoer.   

The judge found conditions 2 and 3 were easily answered in the claimants' favour. However, with regard to the first condition, he made the distinction between comments by members that were so trivial or implausible as to be "barely defamatory" (quaintly described as "no more than saloon-bar moanings") and those that were "more serious" and capable of being defamatory. As a result, the order was granted in respect of 5 members, but not for the other 6.

The judge referred to two additional factors he considered in reaching his decision:

1. "the court must be careful not to make an order which unjustifiably invades the right of an individual to respect for his private life"; and
2. the court must consider "whether the disclosure is warranted having regard to the rights and freedoms of the legitimate interests of the data subject" as detailed in the Data Protection Act 1998.

The judge also emphasised that the granting of such an order is at the judge's discretion in each case and the exercise of this discretion may take into account the strength of the claimant's case, the gravity of the allegations, and whether the intermediary has a confidentiality policy (Owlstalk did not).

Laurie Kaye

File sharing, intermediaries and the law

In my September 07 post, I highlighted 'liability for 3rd party content' as my top issue for digital media law. OK, no brilliant insight there, but the trick is seeing the underlying themes and connections and how these will play out in the law.

A couple of events this week made me think about this. Yesterday, bbc.co.uk carried a piece about anti file-sharing laws being considered. Lord Triesman, the parliamentary Under Secretary for Innovation, Universities and Skills, said intellectual property theft would not be tolerated. "If we can't get voluntary arrangements we will legislate," he said.

The other event was the publication of Principles of User Generated Content Services by a number of leading 'old' and 'new' media companies (and,yes, Microsoft) in support of using filtering technologies to counter the flow of illegal user generated content.

So what are these themes and connections?