clock menu more-arrow no yes

A music publisher says a Cox customer shared illegal files 54,489 times. Is Cox liable?

Mike Mozart

After 15 years of fighting, a new lawsuit could finally settle the question of how much responsibility ISPs have to police piracy on their networks. BMG Music, a major music publisher, has sued the cable company Cox for continuing to provide service to customers who — BMG claims — have been caught sharing pirated music files thousands of times. BMG says it has submitted automated complaints about one Cox user a whopping 54,489 times, and Cox still hasn't terminated the user's account.

If BMG wins, network owners nationwide could be forced to do more when copyright holders complain about infringement. If Cox wins, on the other hand, content companies could lose what little leverage they now have over ISPs.

ISPs may face copyright liability if they don't cut off "repeat infringers"

ISPs enjoy a safe harbor against copyright lawsuits, but only if they have a policy for dealing with repeat infringers. (Wendell)

The tug-of-war between ISPs and content companies goes back to the late 1990s, when Congress was updating copyright law for the internet age. Network operators worried that strict copyright liability would hamper online innovation. If online services were held responsible every time a user uploaded pirated content, investors would be reluctant to invest in new technologies.

Congress's solution: a "safe harbor" for online services, including ISPs and websites. Under the 1998 Digital Millennium Copyright Act, companies that follow certain guidelines are shielded for liability for their users' piracy. Supporters argue this rule is a foundation of the internet economy, because it allows sites like YouTube to host user-submitted videos without having to vet every video for copyright compliance.

The DMCA's safe harbor is broad, but it does have some limitations. One of the most important: online services only qualify if they establish a policy that provides for terminating the accounts of "repeat infringers." If ISPs fail to terminate repeat infringers, they could wind up responsible for their customers' illegal sharing.

No one knows what a "repeat infringer" is

(Mike Mozart)

So what does it mean to be a "repeat infringer?" Congress never defined the term, and so far there haven't been any court rulings to flesh out the term. This question will be central to BMG's lawsuit against Cox.

BMG's November 26 complaint says that some Cox customers have infringed copyright thousands of times, and Cox has done nothing about it. According to BMG, Cox received 54,489 notifications for copyright infringements by a single subscriber over a 64-day period. Another Cox customer allegedly infringed copyright 39,432 times over a 189-day period. A third supposedly engaged in piracy 20,182 times over 407 days.

You might think that tens of thousands of infringements would be clear evidence of "repeat infringement." But experts say this isn't a slam dunk. "The big question is how an internet service provider is supposed to treat a notice of infringement from a copyright owner," says Anne-Marie Bridy, a copyright expert at the University of Idaho.

In other words, BMG's accusations against Cox customers are just that — accusations. BMG could have made a mistake, and the company's claims haven't been tested in court. Moreover, because ISPs generally don't keep detailed records of users' online activities, Cox may not have any way to verify BMG's accusations.

Bridy says the law may only require ISPs to cut off users who have been repeatedly declared copyright infringers in the a court of law. Under that theory, Cox wouldn't need to cut off a subscriber's service no matter how many unproven accusations it receives from rightsholders.

James Grimmelmann, a legal scholar at the University of Maryland, agrees with Bridy that there aren't any clear precedents answering this question. There have been cases testing this language involving websites that host user-submitted content. But there was an important difference in those cases: website operators can always look at the allegedly infringing content, which is hosted on their own servers, and form an independent judgment about whether the copyright holders' accusations have merit.

In contrast, an ISP like Cox often can't do that, because by the time it receives a notification from rightsholders, the customer is likely to have stopped sharing the file in question.

If Cox loses, more users caught sharing pirated files could lose internet access

Not that kind of piracy. (Joriel Jimenez)

Back in 2011, the Obama administration brokered a deal between a group of major content companies and ISPs. Under the deal, ISPs agreed to participate in an anti-piracy program dubbed "Copyright Alert."

The Copyright Alert system allows content companies to submit piracy reports to ISPs, and ISPs respond by sending warnings to their customers against infringing copyright. If a customer racks up five warnings, then they can be subject to penalties imposed by the ISP, such as slower internet service or being required to participate in anti-piracy training before access can be restored. But participation in the scheme is voluntary, and Cox was one of the largest ISPs to opt out of it.

BMG "wants to force all ISPs into the copyright alert system," Grimmelmann says. A BMG victory could force Cox to join the system. It could also lead to harsher penalties under that system. Right now, there's no requirement that customers have their internet service cut off even after receiving several warnings.

"BMG wants to push to a system in which it tells ISPs 'here are some serious infringers, cut them off,' and they eventually get cut off," Grimmelmann adds.

Correction: I described BMG as a record label, but it's actually a music publisher — e.g. a company that owns the right to sheet music rather than recordings.

Sign up for the newsletter Sign up for The Weeds

Get our essential policy newsletter delivered Fridays.