Home | Search | Site Map | Related Links | Login
CILP Home

Digital Copyright Reform in Canada
 > The Centre for Innovation Law and Policy > Archive > Projects > Digital Copyright Reform in Canada > Copyright Reform > The Digital Millennium Copyright Act

The Digital Millennium Copyright Act


Introduction
Anti-Circumvention Provisions
ISP Safe Harbours
Further Reading
Comparisons - Bill C-61 and the DMCA

Introduction

The Digital Millennium Copyright Act (DMCA) was enacted by US Congress in 1998, ostensibly to implement various international treaties signed by the United States. The DMCA was created in response to technological advances that facilitated large-scale reproduction and distribution of infringing content, and to implement the WIPO Internet Treaties. Content distributors came to see encryption and digital rights management (DRM) as a critical element in the development of the online marketplace for content. They recognized that such technologies would be vulnerable to hacking and sought to expand copyright protection beyond its traditional infringement prohibitions to include limits on the decryption or circumventing of technological protection systems and the trafficking in such decryption tools. They argued without such protection, they would be unwilling to release content onto the Internet, which in turn would hamper the adoption of other technologies.

The resulting legislation largely responded to the core concerns of copyright holders by enacting anti-circumvention and anti-trafficking bans, while assuaging the concerns of the most powerful opposing interest groups (telecom companies and online service providers) by creating a series of safe harbours insulating internet service providers (ISPs) from liability. Although the Act did not directly address consumer concerns regarding ‘regulatory chill’ (i.e. the concern that overly restrictive laws would unduly restrict the spread of ideas and knowledge, thus causing more harm than good), it did create a regulatory mechanism for exceptions to the provisions to be created and reviewed on an ongoing basis.

Return to Top

Anti-Circumvention Provisions

The DMCA goes beyond traditional copyright approaches in order to address threats of unauthorized reproduction and distribution of copyrighted works in the digital age. Instead of mandating specific control technologies by manufacturers and users, the DMCA focuses on the protection of digital rights management (DRM) systems put in place by copyright owners. The Act gives legal sanction to measures that control access to the work (e.g. being able to read an eBook) and those facilitating the ability of the owner to regulate the use of a work where access is granted (e.g. preventing scenes from being altered in an encrypted movie). The Act created civil remedies including statutory damages, and criminal penalties for those who violate the anti-circumvention provisions wilfully and for commercial gain, with penalties ranging from $500,000 t $1,000,000 fines or five to ten years imprisonment.

Section 1201 of the DMCA states that:
No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that

(a) is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title;

(b) has only limited commercially significant purpose or use other than to circumvent a technological measure that effectively controls access to a work protected under this title;

(c) is marketed by that person for use in circumventing a technological measure.

Notably, this means that even if the creator of a particular product can circumvent ‘technological protection measures’ does not themselves infringe copyright, they can be held liable under the DMCA. This creates direct liability without having to meet the contributory liability standards as discussed in the US Copyright Overview.

This section of the DMCA is very complex and was the result of intense negotiations between various interest groups and Congress. This compromise resulted in a detailed set of exceptions allowing certain circumvention activities that would otherwise be prohibited under the rule above. These exceptions include, among others:
  • The ability for nonprofit library, archive, and educational institutions to circumvent for the purpose of making a good faith determination of whether they wish to obtain access to a work (section 1201(d))
  • Good faith encryption research (section 1201(g))
  • Circumvention for purposes of protecting personal privacy, where the technological measures collects or disseminates personally identifying information (section 1201(i))
  • Reverse engineering of computer programs (section 1201(f))
  • Law enforcement and other governmental activities (section 1201(e))
  • Security testing (Section 1201(j))
One of the more controversial aspects of the DMCA is the absence of a specific ‘fair use’ exemption that maps on to the 'fair use' activities permitted elsewhere in the Copyright Act. So far, the courts have refused to read in the general fair use provisions in the Copyright Act to apply to the DMCA (see Universal City Studios v. Corley, 273 F.3d 429 (2nd Cir. 2001)). Apart from the specific exceptions outlined above or one of the regulatory exceptions discussed directly below, violators cannot point to the broad fair use doctrine to exempt themselves from liability.

Procedure for Creation of Exceptions to Anti-Circumvention Measures

In addition to the exceptions that the statute explicitly provides (statutory exceptions are very detailed and deal with specific technologies), the DMCA (s. 1201(a)(1)) requires that the Librarian of Congress issue exemptions from the prohibition against circumvention of access-control technology. Exemptions are granted when it is shown that access-control technology has had a substantial adverse effect on the ability of people to make non-infringing uses of copyrighted works.

The exemption rules are revised every three years. Exemption proposals are submitted by the public to the Registrar of Copyrights, and after a process of hearings and public comments, the final rule is recommended by the Registrar and issued by the Librarian. Exemptions expire after three years and must be resubmitted for the next rulemaking cycle. Consequently, the exemptions issued in the prior rulemakings are no longer valid.

These rules tend to be very specific. The current administratively-created exemptions, issued in November 2006, include:
  • Audiovisual works included in the educational library of a college or university’s film or media studies department, when circumvention is accomplished for the purpose of making compilations of portions of those works for educational use in the classroom by media studies or film professors.
  • Computer programs in the form of firmware that enable wireless telephone handsets to connect to a wireless telephone communication network, when circumvention is accomplished for the sole purpose of lawfully connecting to a wireless telephone communication network. (A new exemption in 2006)
  • Sound recordings, and audiovisual works associated with those sound recordings, distributed in compact disc format and protected by technological protection measures that control access to lawfully purchased works and create or exploit security flaws or vulnerabilities that compromise the security of personal computers, when circumvention is accomplished solely for the purpose of good faith testing, investigating, or correcting such security flaws or vulnerabilities.
The Copyright Office approved two exemptions in 2000; four in 2003; and six in 2006.

Return to Top

ISP Safe Harbours

At the urging of telecom companies and other ISPs, Congress established a series of safe harbours, insulating these companies from liability for acts of transmitting, storing, or linking to unauthorized content. To qualify for these exemptions, ISPs must meet a series of conditions, including the following:
  • The ISP has no actual knowledge that the material or an activity using the material on the system or network is infringing
  • There is no awareness of facts or circumstances from which infringing activity is apparent
  • Upon obtaining such knowledge or awareness, the ISP acts expeditiously to remove or disable access to the material
  • No financial benefit is received that is directly attributable to the infringing activity, in a case in which the service provider has the right and ability to control such activity
  • A Designated Agent registered with the US Copyright Office to receive "takedown" notices is in place. If the designated agent receives a notification which substantially complies with the notification requirements, the ISP now has actual knowledge and must expeditiously disable access to the work. The ISP must make available to the public the name, address, phone number and electronic mail address of the agent
  • The ISP adopts, reasonably implements, and informs subscribers and account holders of a policy that provides for the termination in appropriate circumstances of subscribers and account holders of the service provider's system or network who are repeat infringers
  • The ISP accommodates and does not interfere with standard technical measures used to identify and protect copyrighted works.
These requirements are set out, generally in s. 512 of the Copyright Act (s. 512(c)(1), 512(i)(1) in particular).

"Notice and Takedown" Provisions
Perhaps the most controversial aspect of the ISP liability provisions are the “notice and takedown” provisions. In order to qualify for Safe Harbour, ISPs must, upon notification by the copyright owner, remove access to the copyrighted work before infringement has even been shown.

The DMCA has been criticized as making it too easy for copyright owners to encourage website owners to take down infringing content and links when the content may not in fact be infringing. When website owners receive a takedown notice, it is not in their interest to challenge it, even if it is not clear if infringement is taking place. Potential liability and corresponding litigation costs are such a strong deterrent that it does not make economic sense for ISPs to object to any notices they receive.

DMCA takedown notices are being given not only to ISPs that host infringing material, but also to those that merely post links to infringing material. Although the law is not entirely clear on this point, providing a mere link to other infringing sites may be enough to be found liable for infringement under the doctrine of contributory liability (see, for example, Intellectual Reserve, Inc. v. Utah Lighthouse Ministry, Inc., 75 F.Supp 2d 1290 (D.Utah 1999); Universal City Studios, Inc. v. Reimerdes, 111 F. Supp. 2d 294 (S.D.N.Y. 2000), aff'd, 273 F.3d 429 (2d Cir. 2001); Comcast of Illinois X, LLC. v. Hightech Electronics, Inc, F.Supp.2d, 2004 WL 1718522 (N.D.Ill.) (Unreported). Because of this, many ISPs that only have links to potential infringing content are responding to DMCA takedown notices out of fear of potential liability.

Return to Top
Further Reading:

Full Text of the DMCA
US Copyright Office - Summary of the DMCA
The Anti-DMCA Website
Chilling Effects Clearinghouse - DMCA FAQs
Electronic Frontier Foundation (EFF) Reform project
Stanford Copyright & Fair Use on the DMCA
Home | Search | Site Map | Related Links | Login
About CILP | Resources | Publications | Curriculum | Projects | Events | News
All contents copyright © 2005 University of Toronto. All rights reserved. Powered by CMS