If you’re an online publisher or other internet service provider (“ISP”) that relies on moderators to police or curate user-generated comments or other content, your risk of liability for copyright infringement just increased. In a recent opinion, the influential Ninth Circuit Court of Appeals sent shockwaves through the ISP community by ruling that LiveJournal.com, a social media platform, may not be immunized from copyright liability under the Digital Millennium Copyright Act (“DMCA”). The court held that LiveJournal may be liable for infringing content submitted by users of the site because the company relied on paid and volunteer moderators to curate and police the content for substance and possible infringement. The opinion calls into question many widely held assumptions about the scope of DMCA immunity and raises serious concerns for websites that rely on user-generated content, curated by moderators, as part of their business model. The decision represents a sea change in the interpretation of the DMCA for internet media outlets. Here’s what you need to know.
DMCA Safe Harbor: A Quick Review
The DMCA, passed in 1998, created four separate safe harbors for ISPs, including one which exempts ISPs for material posted on its networks or websites “at the direction of users.” To be eligible for the safe harbor, ISPs must develop a notice and takedown procedure, through which rights holders can file a notice with the ISP and have allegedly infringing content taken down from the website in question. These DMCA take-down notification systems have formed the basis of day-to-day copyright enforcement on the Internet for nearly twenty years, allowing ISPs like Google, YouTube, Facebook and others to exist and thrive without the constant risk of infringement claims for user-generated content.
Background — Mavrix Photographs v. LiveJournal
The case was brought by Mavrix Photographers, a photo agency specializing in “candid celebrity photography,” which it sells to celebrity gossip magazines. The defendant, LiveJournal.com, operates a platform that provides users with the ability to create online communities dedicated to a wide range of subjects. The lawsuit centered on LiveJournal’s most popular community, a celebrity news and gossip journal called “Oh No They Didn’t!” (“ONTD”).
ONTD consists entirely of user-submitted content, which moderators review and approve to be posted onto the site based on certain technical and editorial standards. The moderator-screening process was designed to ensure that the celebrity gossip was new and relevant, and that the submissions did not contain pornography or constitute harassment. Moderators also had the authority to delete existing posts and remove users from the community. Notably, although the majority of the moderators were community volunteers, ONTD’s success prompted LiveJournal to hire one of those volunteers as a full-time, paid community manager. This moderator supervised existing volunteers, and had the ability set coverage schedules, issue guidelines for moderator’s work, and remove volunteers for performance issues.
In its complaint against LiveJournal, Mavrix alleged infringement of at least twenty photographs that were posted to ONTD without authorization, including several that retained a “Mavrixonline.com” watermark. LiveJournal asserted a DMCA safe harbor defense, arguing that the allegedly infringing posts had been uploaded to ONTD “at the direction of users” and that Mavrix had failed to issue a take-down notice for the content. The trial court agreed with LiveJournal, finding that the posts were created “at the direction of users” because all of the posts had been submitted to the site by its users.
Appeals Court Decision
Mavrix appealed, arguing that the lower court had erroneously focused on the submission of materials to LiveJournal’s moderator team, rather than on how content was posted onto the ONTD site. Posts only appear on ONTD, Mavrix argued, if LiveJournal’s agents, the moderators, approve the content, which meant that the safe harbor did not apply.
The appeals court agreed and reversed the lower court. The appeals court framed the central issue as whether the moderators’ conduct, in screening and approving submissions to be posted on ONTD, could be attributed to LiveJournal under common law agency principles, which the court held were applicable in the DMCA safe harbor context. The appeals court noted several factors suggesting that the moderators acted as agents, including that:
- the moderators “performed a vital function in LiveJournal’s business model;”
- LiveJournal exercised control over the moderators by issuing guidelines for their work, and reserved the authority to remove moderators for unsatisfactory performance; and
- Users believed that moderators were acting on LiveJournal’s behalf, and relied on their approval as a statement of compliance with copyright law.
The Mavrix opinion articulated a narrow interpretation of the critical DMCA “at the direction of users” safe harbor, holding that “[p]osts are at the direction of the user if the service provider played no role in posting them on its site or if the service provider carried out activities that were ‘narrowly directed’ towards enhancing the accessibility of the posts.” These “accessibility-enhancing” activities include reformatting or re-sizing content so it fits on the website, and possibly screening for pornography or other harmful material. The appeals court decision made clear its view that LiveJournal’s moderators went beyond accessibility-enhancing activities, repeatedly citing the statistic that only one-third of all posts submitted to ONTD were approved by moderators and posted to the site.
Ultimately, the appeals court remanded the case to the trial court to determine whether the moderators acted as agents of LiveJournal and whether the content was posted at the direction of the users in light of the role of the moderators.
In the event that the moderators are found to be LiveJournal’s agents, the appeals court also issued “guidance” for the trial court to use in analyzing the remaining factors under the safe harbor, set forth in 17 U.S.C. § 512(c)(1). Specifically, the appellate court instructed the district court to consider whether:
- LiveJournal had actual knowledge that the photos were infringing, holding that Mavrix’s failure to submit a take-down notice, by itself, did not establish that LiveJournal lacked such knowledge; or, alternatively
- LiveJournal had so-called “red flag knowledge,” which it defined as “facts that would have made the specific infringement objectively obvious to a reasonable person,” such as an obvious watermark.
While the full impact of the case will not come to light until the trial court revisits the issues on remand, Mavrix has already called into question the long-standing interpretation of the DMCA safe harbor among ISPs.
The appeals court decision suggests that a key DMCA liability shield may turn on the ISP’s oversight and control of user-generated content. The opinion suggests a spectrum based on that activity. On one end of the spectrum there are websites “where users may independently post content,” and the ISP does nothing beyond keeping the site online and operational: i.e., a moderator-free “Wild West Web,” where anyone can post anything at any time. Also on this end of the spectrum would be websites where ISPs take a slightly more active role, but limit themselves to ministerial “accessibility-enhancing actives,” such as reformatting user-posted content so that it can be viewed on mobile devices. Under the principles laid out in Mavrix, websites at this end of the spectrum are much more likely to qualify for safe harbor protection under the DMCA.
At the other end of the spectrum, however, are websites where ISPs engage in “extensive, manual and substantive activities,” and function as editorial gatekeepers for user-submitted content. Although the Ninth Circuit did not go so far as to hold that LiveJournal was per se outside the DMCA safe harbor, that certainly is the implication.
The takeaway from Mavrix is clear — an ISP can no longer take its DMCA safe harbor status for granted if it engages with user-submitted content beyond merely performing “accessibility-enhancing activities.” If an ISP’s business model depends in part on managing an active user community, or if it relies on user-submitted content, it should consider a legal review of its policies and procedures in light of Mavrix. Potential red flags for loss of safe harbor status include:
- Top-down editorial review of user-submitted content before material goes live on the website;
- Use of paid moderating teams, or volunteer moderators coordinated through a paid community manager;
- ISP-issued editorial guidelines for user content; or
- Terminating moderators for performance or failure to comply with ISP directives.
Although Mavrix suggests that the surest way to qualify for DMCA safe harbor status is to refrain from moderating, many ISPs cannot risk leaving their brands exposed in a moderator-free Wild West bonanza. Structuring a moderator program and content submission policy means taking on the risk of policing content for infringement; ISPs should think carefully about weighing these competing risks and designing their program accordingly.
If you have questions about online service provider liability for copyright or other infringement, contact Jeremy Goldman at (310) 579-9611 or firstname.lastname@example.org, Andrew Ungberg at (212) 705-4868 or email@example.com, or any other member of our Litigation or Privacy and Data Security Groups.