Cyberspace Copyright Liability – Liability of Internet Service Providers ISPs

Cyberspace Copyright Liability:
Who should carry the burden?
2002 Dr Maria Chetcuti Cauchi. All Rights Reserved.

The importance of service providers and their role in the promotion of the internet is undeniable. It follows that undue hampering of these internet builders could jeopardise the development of the online infrastructure. Nonetheless, service providers are still often unduly involved in intellectual property disputes, hence the importance of certainty in the field of online copyright liability.

Admittedly, there are comparatively a limited number of decisions on internet liability.  In this sense, the net is aptly described as a terra incognita, a dark area, where the judicial application of conventional copyright principles is difficult and uncertain. The difficulty lies in pinpointing the real copyright infringer and in establishing the guilt or otherwise of Internet Service Providers (ISPs) in a Court of law.

In the face of such a problem, the last decade has witnessed a major upheaval in copyright regulation. Several countries have addressed the problem of online copyright infringement in their domestic laws while measures have also been taken at multilateral and regional levels.


In Geneva, in December 1996, the World Intellectual Property Organisation (WIPO) adopted two intellectual property treaties: the WIPO Copyright Treaty (WCT) and the WIPO Performances and Phonograms Treaty (WPPT). These treaties provide responses to the challenges of new digital technologies, hence their denomination internet treaties. The WCT entered into force in March 2002. It updates and supplements the Berne Convention, the major international copyright treaty in the world today. Signatories to the treaties are required to provide a basic framework of rights, allowing copyright holders to control the diverse ways in which their works are used and enjoyed by others. The WCT  provides that the traditional right of reproduction continues to be valid in cyberspace and confirms the right-holders right to manage the availability of their creations to individual members of the public. The treaty also clarifies that signatory states have the power to establish exceptions or limitations to intellectual property rights in the digital environment, either to extend existing exceptions and limitations or adopt new ones.


The European Unions approach to solving the problem of online copyright infringement was in the form of two Community Directives: the Directive on the harmonisation of certain aspects of copyright and related rights in the Information Society (Directive 2001/29/EC) and the Directive on certain legal aspects of electronic commerce in the Internal Market (Directive 2000/31/EC).

The Copyright Directive

The Copyright Directive is intended to ensure a similar implementation by EU Member States of the provisions of the above two WIPO Treaties. The Commissions aim was to update and harmonise European copyright law to protect right-holders in the digital age while striking a balance of interests between right-holders, users and information carriers. The Copyright Directive aims to protect innocent carriers of information by clarifying that the mere provision of physical facilities for the enabling or making of a communication, does not in itself amount to an act of communication to the public, which is an exclusive right of the copyright owner.

Initially, the Copyright Directive directs that any digital copy of protected material, even a temporary one, is an infringement of the exclusive right of the right-holder.  In order to balance this wide exclusive right of reproduction and permit the reproduction of material with the sole intention of transmission, the Directive provides an obligatory exception for temporary acts of reproduction carried out by carriers of information. Thus, transient and incidental acts, which are an integral and essential part of a technological process, whose sole purpose is to enable use to be made of a work, are exempted from the general exclusive right.

The E-Commerce Directive

The primary focus of the E-commerce Directive is on the general development and strengthening of e-commerce in Europe.  The Directive addresses the civil and criminal liabilities of ISPs acting as intermediaries. It ensures that ISPs will not be held liable under any field of law applicable to their services, where the application of strict liability standards would damage the expansion of e-commerce within the EU.

The Directives safe harbours extend beyond copyright to provide service providers broad-based protection against liability for third-party content (including, for example, with respect to defamation). The safe harbours apply to Information Society services, i.e., any service normally provided for remuneration, at a distance, by means of electronic equipment for the processing (including digital compression) and storage of data, and at the individual request of a recipient of a service.

The Directive also provides that Member States shall not impose a general obligation on providers to monitor the information that they transmit or store, nor a general obligation to actively seek facts or circumstances indicating illegal activity.

Under the Directive, a service provider who does not initiate the relevant transmission, who does not select recipients and who does not alter the content, i.e. a service provider acting as a mere conduit, is provided a safe harbour from liability.

With regards to caching, to qualify for the safe harbour, a service provider must (a) not modify the cached information; (b) comply with conditions on access to the information; (c) comply with industry-standard rules regarding the updating of information; (d) not interfere with industry-standard technology to obtain data on the use of information; and (e) expeditiously remove or disable access to the information upon receiving actual knowledge that the source information has been removed, or that a court has ordered removal.

With regards to hosting or storing information, the service provider does not qualify for a safe harbour if he knows that the informations presence constitutes illegal activity or if he is aware of facts and circumstances from which the illegal activity is apparent. The service provider will not lose the exemption, however, if he acts expeditiously to remove or disable access to the information.


The US is a major player in the intellectual property protection arena. In October 1998, Congress enacted the Digital Millennium Copyright Act (DMCA) which, inter alia, limits copyright infringement liability for ISPs.

The DMCA limits liability for ISPs for actions of copyright infringement committed by their own clients. The liability limitations relate to transitory communications; system caching; storage of information on systems or networks at the direction of clients; and information location tools.  If an ISP falls within any of these limitations, then any action against him, in terms of monetary damages is barred. To be eligible, the ISP must adopt and reasonably implement a policy of terminating the accounts of clients who are recurrently infringe copyright law and it must accommodate and not hinder standard technical measures employed in copyright identification and protection.

Service Providers Liability

While legislation is being enacted on a regular basis on both the domestic and the international plane, Courts have frequently interpreted such legislation scantily.  The internet has provoked a multitude of copyright cases and the problem remains that of determining who should be held liable for online copyright infringements. Should ISPs be held responsible for acts of internet users? Can these key players be implicated as joint defendants when a user copies copyrighted work? Should we give priority to the economic welfare of copyright owners or should we uphold the social good of the community as the ultimate goal in the functioning of the world wide web?

Web Site Operators

In the US case Playboy Enterprises, Inc. v. Webbworld (1997), the defendant amended, reproduced, and uploaded adult-oriented material from Usenet newsgroups to its server for viewing by paying subscribers. The defendant argued that it served merely as a conduit between subscribers and newsgroups, as an ISP would. The court pointed out that the defendants customers specifically paid for the photographs, rather than paying for access to the internet. The Court found that the defendant served as an online store which repackaged and sold pictures and held that such web site operator was directly liable for infringing the plaintiffs exclusive rights.

Bulletin Board Service Providers

Electronic bulletin boards are places where users can exchange communications. Users have occasionally displayed or transferred copyrighted works via such services. The issue here is whether the copyright holder can hold the service provider liable even though the infringing material was posted by subscribers.

Courts have generally found Bulletin Board Service (BBS) providers responsible for contributory rather than direct liability. However, in Playboy Enterprises, Inc. v. Frena (1993), the Court failed to distinguish between the requirement of a direct act by the alleged infringer and lack of awareness of the infringing material. Frena, a BBS, was unaware of the infringing material and the act of copying had been carried out by the users of the BBS. Thus, one of the vital ingredients in establishing direct liability was lacking, i.e., a direct act of copying by the defendant. However, the Court failed to recognise this and held that having access to the BBS implied that Frena had copied the material. The Court held Frena liable for direct infringement when strictly speaking, he should have been held liable for either contributory or vicarious infringement, if at all.

In Playboy Enterprises, Inc. v. Russ Hardenburgh, Inc. (1997), a BBS encouraged subscribers to upload files by means of an incentive program. These files held infringing material and the BBS operator screened such uploaded files before making them available to its subscribers. Rightly, the court granted summary judgment for direct infringement as it held that the defendants had become active participants in the infringement.

It is a fact that presently many courts refuse to hold BBS operators directly liable for infringing material uploaded by BBS users, even though the above cases are not clear-cut. It seems that in Frena and Hardenburgh, the operators were deemed implicitly or otherwise to be actively and knowingly involved in the infringing activity, and hence directly liable, yet the reasoning of the courts was still obscured by uncertainty. It is hoped that the position of BBS operators has now been clarified by the recent legislative interventions.

Internet Service Providers

Lack of predictability in the area of online copyright infringement has caused real concerns for the ISP industry. Having regard to the unique role played by the ISP industry in cyberspace, ISPs have pressed for a narrow interpretation of copyright infringement liability. ISPs emphasise that they are nothing but passive carriers of information and should be granted protection from liability. On the other hand, the content industry, especially authors and record companies, has claimed that liability should be placed on those who are in a position to police the system, and therefore ISPs.

This tension is reflected in Religious Technology Centre v. Netcom (1995). Netcom provided internet access for a BBS on which a former member posted copyrighted material without authority from the church of Scientology. Since Netcom had not taken any affirmative step to initiate the making of the copies, the Court held that it could not be held liable for direct infringement, merely for providing a system that automatically forwards messages and temporarily stores copies. The Court applied the ability-to-control and direct-financial-benefit tests and held that there was no contributory or vicarious liability because knowledge of the infringing act by the ISP had not been substantially proven.


Limitations to service providers liability can also be found in the imminent Maltese E-Commerce Act, under Part VI, which deals with intermediary service providers. As under EU and US norms, the Maltese E-Commerce Act exempts a provider from liability for copyright infringement committed by its own clients if the provider is acting as mere conduit of information, in case of system caching and hosting. However, such provider must not have initiated the transmission, selected the receiver of the transmission or selected or modified the information contained in the transmission itself. The provider is also legally bound to promptly inform public authorities of any alleged illegal activity and grant such authority any information it may deem necessary in its investigation.

These limitations of liability give the ISP the assurance that it will not be enjoined as a third-party defendant simply on the basis of the internet services it offers. In the case of hosting, the law provides that the ISP must not have actual knowledge of the infringement and must not be aware of the facts and circumstances of the infringement.  Alternatively, the ISP, upon receiving  notice of the infringing activity, must remove or disable excess to the information expeditiously. These provisions have been welcomed by the service provider industry in that they have clarified the position of ISPs by specific legislation.

The adoption and entry into force of the WIPO Copyright Treaty and other specific national legislation was a breath of fresh air for both copyright owners and access providers in many jurisdictions. Unfortunately, the Maltese Electronic Commerce Act has not yet entered into force. Malta has also not signed the WIPO Copyright Treaty. In the light of the considerable number of cases involving service providers liability worldwide and steady increase in internet activity in Malta, the entry into force of the Maltese E-Commerce Act is more important now than ever before.

2002 Dr Maria Chetcuti Cauchi. All Rights Reserved.