ISP Liability for the Acts of Its Customers

With the explosion of the Internet, new questions have arisen about how information and material can be shared and distributed without violating existing laws. For example, although it may be legal for you to physically give your friend your favorite music CD, is it still legal if you give your friend a digital copy through your Internet Service Provider (ISP)? Deciding when and whether ISPs are liable for the actions of their users is one of the trickiest issues to decide when the Internet meets the law. Follow along as FindLaw takes you through an overview of ISP liability for the acts of its customers.

A Brief History of ISP Liability

In the real world, there's a physical cost and time investment that must be spent in copying something like a CD, and that cost is borne for each CD created. Digital content on the other hand has an almost zero "copying" cost since once the initial copy is created, millions of copies can be created without any additional cost - often with just the click of a button.

Ultimately, Congress stepped in and passed a series of laws including the Digital Millennium Copyright Act (DMCA), which took the side of the ISPs, but also put in place safeguards to appease content providers.

How ISPs Can Be Held Liable for Copyright Infringement

ISP's can be held liable for the copyright infringement of its users, but only in very limited circumstances. In general, there are three ways that an ISP could be liable for copyright infringement, they are:

1. Direct infringement: Direct infringement would be if the ISP were to knowingly host copyrighted material and received a direct financial benefit from it.
2. Vicarious liability: An ISP could be liable vicariously if the ISP had the right and ability to control its users and received a direct financial benefit from the copyright infringement.
3. Contributory infringement: An ISP can be liable under a "contribution" theory of liability if the ISP has knowledge of the infringing activity and makes a material contribution (though assisting) to the copyright infringement.

Almost all cases rely on the contributory infringement theory. Direct infringement almost never occurs and vicarious liability is difficult to prove since it would be necessary to prove that the ISP had the right and ability to control its customers. Although it may be difficult to find evidence that this was the case, ISPs must still be careful because their terms of service agreement may establish that they had the right and ability to control their customers.

ISP Liability for Copyright Infringement and the DMCA

The DMCA generally shields ISPs from copyright infringement liability under a "safe harbor" provision. To qualify for the safe harbor's protection, an ISP must:

• Lack actual knowledge of the copyright infringement;
• Not be financially benefiting from the infringement;
• Comply with any "notice" or "takedown" provisions for removing copyright material; and
• Establish an agent for dealing with copyright infringement complaints.

For example, suppose a record company named UberStars finds out that a CD by one of its recording artists has been posted on a website hosted by an ISP named MegaNet. To avoid liability, MegaNet must be unaware of the infringing material and have established an agent that UberStars can contact with a takedown notice.

Once UberStars sends the takedown notice, MegaNet must physically remove the infringing material or disable the infringing user's account and access. If MegaNet fails to either appoint an agent to contact or take the necessary steps upon receiving the takedown notice, then UberStars can sue MegaNet, and MegaNet can't use the DMCA to escape liability.

ISP Liability for Defamation and Obscenity under the Communications Decency Act

ISPs are not like newspapers and magazines and are protected under Section 230 of the Communications Decent Act (CDA) for liability based on their user's online statements, including defamation and obscenity.

In one of the first major online defamation cases, the Drudge Report, an online site that offers political news and gossip, stated that an aide of President Clinton had a history of spousal abuse. The aide then filed suit for defamation against the Drudge Report as well as the ISP that hosted it, AOL. The court found that, because AOL was an ISP, it was protected by the CDA. The CDA explicitly states that no ISP "shall be treated as the publisher or speaker of any information provided by another information content provider."

ISP Liability Abroad

The same conduct that an ISP is shielded from in the U.S. has been prosecuted in countries such as England and Germany. Each country has its own laws, and these laws vary widely from country to country. Accordingly, because the Internet is international in its reach, it's extremely important to know exactly what is and isn't protected in countries where you expect people to view your content.

Find a Business and Commercial Law Attorney

If ISP liability is particularly of interest to your company, or if you believe a lawsuit is inevitable, you may want to consult an experienced attorney. An intellectual property attorney can explain your potential liability and will assist in defending your actions if necessary.