January 02, 2012
UGC Website Hit With Spoliation Sanctions--Io v. GLBT
By Eric Goldman
[This is one of those blog posts that got stuck in queue. It's still pretty interesting, so I'm sharing at this relatively late date. Happy new year!]
Io Group Inc. v. GLBT Ltd., 2011 WL 4974337 (N.D. Cal. Oct. 19, 2011)
This case involves Io, the pornography company that lost Io v. Veoh, the main 17 USC 512 case I teach in my Internet law course. The defendants in this case are British. They run a series of UGC porn websites where users can get some porn for free and then must pay for additional access either with cash or by uploading their own content. The plaintiffs seek to hold the defendants liable for copyright and trademark infringement because users are allegedly committing copyright infringement by uploading the plaintiffs' porn. The defendants are defending on 17 USC 512 and other grounds.
Being in Britain, the defendants are governed by the Data Protection Act. They interpreted that act to require them to flush lots of data very quickly. Perhaps they have been overly zealous about implementing the DPA such that their interpretation isn't so credible. For example, they automatically deleted all incoming and outgoing email after 3-4 days, and they didn't change this for more than a year into the lawsuit. They also completely deleted all files that were subject to a takedown notice, so it wasn't possible for plaintiffs to see which files had been removed. Their answers to the judge's pointed questions apparently weren't very satisfying, and eventually the defendants went AWOL. So it's a little hard to tease out any legitimate DPA-based objections the defendants might have had from their other questionable choices.
FWIW, I'm not a DPA expert, but the DPA requires that the service provider keep data only so long as reasonably necessary. I would think legal obligations/discovery rules satisfy that standard.
The court's opinion gives some insights into the evidence that would be useful for the 512 safe harbor. The defendants completely wiped away any UGC files they disabled. The court says:
With respect to the deleted audiovisual files, Plaintiffs are prejudiced by not being able to examine the files and related metadata for any "red flags" indicating that infringement was likely. Such red flags could render Defendants ineligible for safe harbor protections of the Copyright Act.
This is consistent with language in the Ninth Circuit's subsequent ruling in UMG v. Shelter Capital. The court continues:
The loss of takedown notices and corresponding removal notification emails also prejudices Plaintiffs. First, the trier of fact may consider the extent of copyright infringement on Defendants' websites when analyzing a claim of inducement to infringe....Although the number of takedown notices does not alone determine the amount of actual infringement on the site, a large number of notices could indicate that a large portion of the material on the site is infringing. In addition, in order to be eligible for safe harbor protection, Defendants must show that they have policy in place providing for the termination of repeat infringers. 17 U.S.C. § 512(i)(1)(A). Defendants claim that they have such a policy in place, but without the ability to examine the takedown notices and corresponding emails, Plaintiffs have no way of challenging the implementation and enforcement of the policy because they cannot examine whether Defendants actually terminated individual users who repeatedly posted infringing material.
I'm not clear about the relevance of the percentage of infringing activity, but for more on the evidentiary issues associated with inducement, see the Grokster ruling. Finally, the court says:
the destruction of Defendants' internal emails renders it impossible for Plaintiffs to explore Defendants' motivation and state of mind in operating their websites; this is key to Plaintiffs' claim of secondary infringement based on inducement
For the evidence spoliation, the court hits the defendants with adverse inference sanctions:
Plaintiffs are entitled to adverse inference instructions in the form of rebuttable presumptions. Given the specific evidence destroyed by Defendants, the court orders the following rebuttable factual presumptions: 1) third parties posted material on Defendants' websites that infringed Plaintiffs' copyrights; 2) Plaintiffs submitted takedown notices to Defendants regarding the infringing material; and 3) Defendants did not take steps to remove Plaintiffs' infringing material from their websites.
Unless the defendants magically find some exculpatory evidence, it sounds like those inferences will nail them on the substantive rulings. The court also awarded $15,000 in attorneys' fees.
This case raises a number of interesting issues.
First, exactly what evidence is plaintiffs entitled to when trying to overcome a service provider's 512 defense? As far as I can tell, there are few limits because just about anything might support an inducement finding. The otherwise defense-favorable ruling in UMG v. Shelter Capital provides some other ideas about information that plaintiffs can seek. Summing all this up, as a practical matter, 512's safe harbor is nifty, but it's an increasingly expensive proposition for both parties. Contrast this with 47 USC 230, where many immunized lawsuits are tossed on a motion to dismiss without any discovery at all. Not only does that allow judges to issue clean and quick rulings, but it saves both plaintiffs and defendants a lot of coin. Note to statutory drafters: it's so important to consider the evidentiary implications of your legislative drafting. The way the statute implicitly allocates discovery costs has a huge substantive effect--especially if the goal is to create a safe harbor or immunity. On this point, even if 512 usually gets to the right result, the safe harbor is miscalibrated from an evidentiary standpoint.
Second, service providers hoping for a 512 safe harbor are often uncertain about what data they should or must retain. After Grokster, UGC sites became nervous about potential inducement liability. As a result, I believe it's become common to recommend that UGC sites flush as much material as quickly as possible (and before litigation becomes "reasonably anticipatable") to reduce the risk that the material will be cited as evidence of inducement or otherwise disqualify the 512 safe harbor. However, UGC sites don't want to look like they are trying to evade the truth or, worse, disrespecting the court (as the defendants in this case might be perceived as doing) or engaged in evidence spoliation, so how should UGC sites strike an appropriate balance? I'd welcome your thoughts about that.
Third, irrespective of how we feel about these particular defendants, their underlying point about the intersection between 17 USC 512 and user privacy is worth considering. 17 USC 512(m) is entitled "Protection of Privacy," so the drafters of 512 recognized the push-pull issue here. Assume for a moment that the defendants in this case honestly wanted to provide their users with private browsing/uploading/downloading, something that might be desirable in the context of these defendants' service. It seems logical that the service provider seeking a privacy-enhanced UGC service would flush its logs, email and disabled files promptly and make those representations to its users. Here, it appears the court would undo those promises, forcing the service provider to retain data it didn't want to keep for the benefit of copyright plaintiffs. I understand that may be our current state of play, but I see the potential for mischief too.
TrackBack URL for this entry: