Internet Access Liability for Third Party Actions
- Good Samaritan Defense
- 3rd Party Content
- Internet Access Liability
- Foreign Judgments
- Consumer Review Fairness Act
- 1st Amend
- Child Porn
- Child Porn, Reporting
- Protect Act
- - Notification
- V Chip
- Good Samaritan Defense
© Cybertelecom ::
Can you be liable for having an Internet access account where third parties use (and perhaps misuse) that Internet access? If a plaintiff has an IP address, do they know who the culpable party is? Do you have a duty to lock down your Internet Access (like your WiFi access point).
See also IP Address as Personal Identifier
Copyright owners have attempted to argue that having an open WiFi access point is negligent. The argument is that if some third party walks up to an open access point and downloads a whole bunch of pirated copyrighted material, it is the fault of the access point owner who allowed this.
The elements of a negligence cause of action are: (1) Duty, (2) Breach, (3) Causation, and (4) Harm. In the case of an open WiFi access point, the argument of the copyright owner is that the WiFi Access Point owner failed to act - the access point owner failed to take steps necessary to secure the access point. In a case where a defendant has "failed to act," this is nonfeasance; in cases of nonfeasance, for a failure to act to give rise to a cause of action, there must be a special relationship between the plaintiff and the defendant. To say it a different way, there is not legal (tort) obligation to be a good samaritan to just anybody; for there to be an obligation to act, there must be something special about that relationship between the two parties that would so require it.
In AF HOLDINGS, LLC v. Doe, NDCA 2012, a California court found that no special relationship exists between the owner of a WiFi access point and copyright owners. In other words, it isnt the job of a WiFi access point owner to protect the assets of a copyright owner - and no cause of action lies in negligence. According to the Court,
Plaintiff has not articulated any basis for imposing on Defendant a legal duty to prevent the infringement of Plaintiff's copyrighted works, and the court is aware of none. Defendant is not alleged to have any special relationship with Plaintiff that would give rise to a duty to protect Plaintiff's copyrights, and is also not alleged to have engaged in any misfeasance by which he created a risk of peril.
The allegations in the complaint are general assertions that in failing to take action to "secure" access to his Internet connection, Defendant failed to protect Plaintiffs from harm. Thus, the complaint plainly alleges that Defendant's supposed liability is based on his failure to take particular actions, and not on the taking of any affirmative actions. This allegation of non-feasance cannot support a claim of negligence in the absence of facts showing the existence of a special relationship.
- BREAKING GLASS PICTURES, LLC v. DOES 118-162, Dist. Court, D. Arizona 2013 ("there is no duty to secure your Internet connection")
- New Sensations, Inc. v. Does 1-426, 2012 WL 4675281 at *6 (N.D. Cal. Oct. 1, 2012) (rejecting negligence claim based on failure to secure Internet connection by stating "common sense dictates most people in the United States would be astounded to learn that they had such a legal duty")
According to the courts, attempting to impose liability on a WiFi access point owner based on the theft of copyrighted material over that access point is an attempt to rebrand a copyright cause of action. Such attempts to rebrand a copyright cause of action in order to reach further than the copyright law permits is specifically preempted by the copyright law. 17 U.S.C. § 301(a).
Plaintiff is seeking to protect its "exclusive rights" from "copying and sharing." Simply recharacterizing the claim as one of "negligence" does not add a legally cognizable additional element. See, e.g., Dielsi v. Falk, 916 F.Supp. 985, 992-93 (C.D. Cal. 1996). Thus, because Plaintiff alleges that Defendant's action or inaction constituted interference with its "exclusive rights in the copyrighted work," the negligence claim is preempted by § 301 of the Copyright Act.
AF HOLDINGS, LLC v. Doe, NDCA 2012. The court concludes that either the defendant is liable under copyright law, or not - but the cause of action cannot be recloaked as negligence. LIBERTY MEDIA HOLDINGS, LLC v. Tabora, Dist. Court, SD New York 2012.
- Breaking Glass, DAZ 2013 ("Plaintiff's negligence claim likely would be preempted by the Copyright Act or barred by the Communications Decency Act")
Communications Decency Act, Good Samaritan Provision, 47 USC s 230
An open of an open WiFi access point is arguably a provider of an interactive computer service to third parties using that access point, and would be immune from liability under the Good Samaritan provisions of the Communications Decency Act, 47 USC 230.
- Breaking Glass, DAZ 2013 ("Plaintiff's negligence claim likely would be preempted by the Copyright Act or barred by the Communications Decency Act")
- AF HOLDINGS, LLC v. Doe, NDCA 2012.
See also 47 USC 230's impact on copyright prior to 1972.
IP Addresses and Personal Culpability
The court in Breaking Glass points out another problem. If you are able to identify the IP address that allegedly engaged in misconduct, that IP address could be converted into the account holder's name of the Internet access subscription - but NOT the person who was actually online and doing the activity in question. IP addresses do not equal personal culpability. IP addresses equal the name of the person who set up the contract with the ISP and pays the bills. Refusing to allow plaintiff to just keep suing people until plaintiff finally got to the right person, the court in Breaking Glass stated
But the complication that Plaintiff fails to discuss is that it is not enough to simply identify the subscribers behind particular IP addresses to state a plausible claim for copyright infringement against those individuals. Instead, a plausible claim must be supported by factual allegations establishing that the particular person identified as a defendant was, in fact, the individual who engaged in wrongful conduct. In other words, discovery to identify the ISP subscribers is only the starting point. Plaintiff will also need to conduct discovery to determine who was using the Internet connection at the time the alleged infringement occurred. Plaintiff will then have to amend its complaint to allege the facts supporting its claim against each individual. The fact that Plaintiff needs discovery to unearth the factual basis for its claims is precisely the conundrum referenced in the Court's prior order regarding recent Supreme Court authority.
According to the Supreme Court, "a complaint must contain sufficient factual matter, accepted as true, to state a claim to relief that is plausible on its face." Ashcroft v. Iqbal, 556 U.S. 662, 679 (2009) (quotations omitted). It is not enough for a complaint to plead facts "that are merely consistent with a defendant's liability." Id. at 678 (quotation omitted). Instead, the complaint must go further and "nudge [the] claims . . . across the line from conceivable to plausible." Id. at 680 (quotation omitted). And "where the well-pleaded facts do not permit the court to infer more than the mere possibility of misconduct, the complaint has alleged — but it has not shown — that the pleader is entitled to relief." Id. at 679.
Plaintiff's current complaint alleges the subscribers, identified as John and Jane Does, engaged in direct copyright infringement. (Doc. 1 at 14). But the complaint contains no factual allegations setting forth that the subscribers were, in fact, the individuals using the Internet connections at the relevant time. Thus, it is conceivable that the subscribers were using the connection but it is equally plausible that someone other than the subscribers were using the connection. In fact, the motion for reconsideration concedes this point. (Doc. 10 at 7). Thus, the complaint does nothing more than make vague allegations that are consistent with the subscribers' liability for copyright infringement. Because those allegations are also consistent with the subscribers not being liable, Plaintiff has not stated plausible claims against the subscribers.
According to the court: you cant just guess, and you cant just sue till you get it right. IP addresses do not identify culpable parties. BREAKING GLASS PICTURES, LLC v. DOES 118-162, Dist. Court, D. Arizona 2013 (emphasis added)
BitTorrent Adult Film Copyright Infringement Cases
IN RE: BITTORRENT ADULT FILM COPYRIGHT INFRINGEMENT CASES. United States District Court, E.D. New York. May 1, 2012.
Facts: Plaintiffs are owners of pornographic films. Plaintiffs allege "copyright infringement by individuals utilizing a computer protocol known as BitTorrent. The putative defendants are indentified only by Internet Protocol ("IP") addresses. These four civil actions involve more than 80 John Doe defendants; these same plaintiffs have filed another nineteen cases in the district involving more than thrice that number of defendants. One media outlet reports that more than 220,000 individuals have been sued since mid-2010 in mass BitTorrent lawsuits, many of them based upon alleged downloading of pornographic works."
Plaintiffs moved to file Rule 45 Subpoenas on non-parties in order to uncover the names and indentities of the subscribers associated with the IP addresses. Several John Does moved to quash plaintiffs motion. Concluding that an IP address is not evidence of culpability on the part of a subscriber, the court granted the motions to quash.
The complaints assert that the defendants — identified only by IP address — were the individuals who downloaded the subject "work" and participated in the BitTorrent swarm. However, the assumption that the person who pays for Internet access at a given location is the same individual who allegedly downloaded a single sexually explicit film is tenuous, and one that has grown more so over time. An IP address provides only the location at which one of any number of computer devices may be deployed, much like a telephone number can be used for any number of telephones. As one introductory guide states:
If you only connect one computer to the Internet, that computer can use the address from your ISP. Many homes today, though, use routers to share a single Internet connection between multiple computers. Wireless routers have become especially popular in recent years, avoiding the need to run network cables between rooms. If you use a router to share an Internet connection, the router gets the IP address issued directly from the ISP. Then, it creates and manages a subnet for all the computers connected to that router.4
Thus, it is no more likely that the subscriber to an IP address carried out a particular computer function — here the purported illegal downloading of a single pornographic film — than to say an individual who pays the telephone bill made a specific telephone call.
Indeed, due to the increasingly popularity of wireless routers, it much less likely. While a decade ago, home wireless networks were nearly non-existent, 61% of US homes now have wireless access.5 Several of the ISPs at issue in this case provide a complimentary wireless router as part of Internet service. As a result, a single IP address usually supports multiple computer devices — which unlike traditional telephones can be operated simultaneously by different individuals. See U.S. v. Latham, 2007 WL 4563459, at *4 (D.Nev. Dec. 18, 2007). Different family members, or even visitors, could have performed the alleged downloads. Unless the wireless router has been appropriately secured (and in some cases, even if it has been secured), neighbors or passersby could access the Internet using the IP address assigned to a particular subscriber and download the plaintiff's film. As one court noted:
In order to allow multiple computers to access the internet under the same IP address, the cable modem may be connected to a router, or may itself function as a router, which serves as a gateway through which multiple computers could access the internet at the same time under the same IP address. The router could be a wireless device in which case, computers located within 300 feet of the wireless router signal could access the internet through the router and modem under the same IP address. The wireless router signal strength could be increased beyond 600 feet if additional devices are added. The only way to prevent sharing of the wireless router is to encrypt the signal and even then an individual can bypass this security using publicly available software.
Id. at *4. Some of these IP addresses could belong to businesses or entities which provide access to its employees, customers and sometimes (such as is common in libraries or coffee shops) members of the public.
These developments cast doubt on plaintiffs' assertions that "[t]he ISP to which each Defendant subscribes can correlate the Defendant's IP address to the Defendant's true identity." see, e.g., Malibu 26, Compl. at ¶ 9, or that the subscribers to the IP addresses listed were actually the individuals who carried out the complained of acts. As one judge observed:
The Court is concerned about the possibility that many of the names and addresses produced in response to Plaintiff's discovery request will not in fact be those of the individuals who downloaded My Little Panties # 2. The risk is not purely speculative; Plaintiff's counsel estimated that 30% of the names turned over by ISPs are not those of individuals who actually downloaded or shared copyrighted material. Counsel stated that the true offender is often the teenaged son . . . or the boyfriend if it's a lady. Alternatively, the perpetrator might turn out to be a neighbor in an apartment building that uses shared IP addresses or a dormitory that uses shared wireless networks. This risk of false positives gives rise to the potential for coercing unjust settlements from innocent defendants such as individuals who want to avoid the embarrassment of having their names publicly associated with allegations of illegally downloading My Little Panties # 2.
Digital Sin, Inc. v. Does 1-176, ___ F.R.D. ___, 2012 WL 263491, at *3 (S.D.N.Y. Jan. 30, 2012) (citations omitted and emphasis added). Another court noted:
the ISP subscriber to whom a certain IP address was assigned may not be the same person who used the Internet connection for illicit purposes . . . By defining Doe Defendants as ISP subscribers who were assigned certain IP addresses, instead of the actual Internet users who allegedly engaged in infringing activity, Plaintiff's sought-after discovery has the potential to draw numerous innocent internet users into the litigation, placing a burden upon them that weighs against allowing the discovery as designed.
SBO Pictures, Inc. v. Does 1-3036, 2011 WL 6002620, at *3 (N.D.Cal. Nov. 30, 2011) (citations omitted).
In sum, although the complaints state that IP addresses are assigned to "devices" and thus by discovering the individual associated with that IP address will reveal "defendants' true identity," this is unlikely to be the case. Most, if not all, of the IP addresses will actually reflect a wireless router or other networking device, meaning that while the ISPs will provide the name of its subscriber, the alleged infringer could be the subscriber, a member of his or her family, an employee, invitee, neighbor or interloper.
- Malibu Media, LLC v. Doe, CASE NO. 14-60677-CIV-ROSENBAUM (S.D. Fla. Apr. 2, 2014): "These courts explain that "the assumption that the person who pays for Internet access at a given location is the same individual who allegedly downloaded a single sexually explicit film is tenuous" because many electronic devices—and many users—can be associated with a single IP address. Malibu Media, LLC v. Does 1-11 (In re BitTorrent Adult Film Copyright Infringement Cases), No. 11-3995, 2012 WL 1570765, at *3-5 (E.D.N.Y. July 24, 2012), report and recommendation adopted sub nom. Patrick Collins, Inc. v. Doe 1, 288 F.R.D. 233 (E.D.N.Y. 2012). Thus, the "risk of false positives gives rise to 'the potential for coercing unjust settlements from innocent defendants' such as individuals who want to avoid the embarrassment of having their names publicly associated with allegations of illegally downloading [adult material]." Digital Sin, Inc. v. Does 1-176, 279 F.R.D. 239, 242 (S.D.N.Y. 2012) (quoting SBO Pictures, Inc. v. Does 1-3036, No. 11-4220, 2011 WL 6002620, at *4 (N.D. Cal. Nov. 30, 2011))."
- Grant Gross, Judge Throws Out Mass John Doe Porn Copyright Lawsuits, PCWorld (May 4, 2014) (Judge "arguing that IP addresses aren't enough evidence to pinpoint who actually downloaded a file from BitTorrent.")
- Mike Masnick, Moiton to Quash Against Copyright Troll Explains How IP Address Does Not ID User, Techdirt Aug. 10, 2011
- P2P Litigations
- Child Pornography
- ISP Liability for Sound Recordings under state copyright law prior to 1972 (47 USC s 230)
- Aaron Mackey, Seth Schoen, Cindy Cohn, Unreliable Informant: IP Addresses, Digital Tips, and Police Raids, at 11 EFF Sept 2016 ("With companies and individuals operating open wireless networks out of their homes, cafés, public libraries, and businesses, they often have very little control or knowledge of the Internet activities of the people using their connections.")]
- Capital Records, Inc., v Foster, Civ No 04-1569-W (WDOk Jul 13 2006)
- Ken Fisher, The RIAA, IP Addresses, and evidence, ARS Technica (Aug. 3, 2006) (reporting on woman with open WAP, who was not a significant computer user, but who argued that multiple other people had access to the network and could have engaged in the alleged illegal downloading)
- Movie Company Files Federal Piracy Suit Against Tri-State Man, WLWT Cincinnati (Dec. 12, 2005) (reporting that Paramount had brought a federal law suit against a man for uploading a movie to a P2P network, but the man claimed he had nothing to do with it and that it must have been down over his open WAP).
- Jamie Stockwell, WiFi Turns Internet Into Hideout for Criminals, Washington Post, p. C01 (Feb. 11, 2007) (recounting story of police attempting to raid an apartment in Arlington, Va in order to arrest a suspected pedophile, only to find an elderly woman with an open wifi access point).
- BREAKING GLASS PICTURES, LLC v. DOES 118-162, Dist. Court, D. Arizona 2013 ("Plaintiff's negligence claim likely would be preempted by the Copyright Act or barred by the Communications Decency Act. ")
- Copyright Trolls' Bogus "Negligence" Theory Thrown Out Of Court Again, EFF Sept 6, 2012
- Yet Another Court Says You're Not 'Negligent' If Someone Uses Your Open WiFi To Infringe, Techdirt Sept. 13, 2012
- Victory for Open WiFi: Judge Rejects Copyright Troll's Bogus "Negligence" Theory, EFF July 11, 2012
- RIAA Attacks Open Wi-Fi Hotspots - Wants ISP account holder liable for all activity via Wi-Fi, Broadband Reports 2/23/2007
- Court Finds Constitutional Significance in Defendant's Failure to Password-Protect Home Wireless Network, Techlaw 2/4/2010
- Police blotter: Open Wi-Fi blamed in child porn case, CNET 4/18/2007
- Feds “Apologize” For Mistaking Buffalo Man For Kiddie Porn Suspect, WGRZ (Mar. 18, 2011)