From the Nolo eCommerce Center

In the United States, two federal laws provide a powerful shield for ISPs that follow the rules. Here’s how they work.

Everyone who hops on the Internet or posts a website has to affiliate with an Internet Service Provider (ISP), a company that acts as a gatekeeper for access to the Web. An ISP can range in size from America Online, with millions of users, to a small Mom & Pop business with a server in the garage. In effect, an ISP is a combination telephone company and worldwide public-access television station allowing a subscriber to say or sell anything.

But what happens when a subscriber to an ISP behaves badly and causes an injury to an unsuspecting third party – say, by copying someone’s music without authorization or making a libelous statement? Is the ISP responsible for the behavior or actions of its subscribers? Can the victim of an online injury argue that even though the ISP is not the direct cause, it can still be sued because it knew of the activity, encouraged it, profited from it or had control over it? Obviously, there’s often a strong motivation to make such an argument because adding an ISP to a lawsuit provides a defendant whose pockets – if not always deep – at least jingle.

Those who want ISPs to be financially responsible argue that ISPs are publishers like newspapers or magazines and must take responsibility for the material on their servers. On the other side, the ISPs argue that they are like telephone companies – simply carriers that provide a means of sending information. So far, Congress and courts have favored the ISP’s position and provided guidelines that permit responsible ISPs to avoid liability for the millions of bits of digital information passing their portals.

Start by understanding that lawsuits against websites and the ISPs that host them tend to fall into two categories: copyright infringement and defamation. A lesser number of lawsuits have also been brought for claims such as distribution of obscenity and negligence. In short, we are worried about a fairly small number of legal claims.

Copyright Infringement

Online copyright infringement occurs when a copyrighted work – such as a song, movie, artwork or text – is copied, modified, displayed or performed without authorization of the copyright owner. In the early days of the Internet (1995-1998), angry copyright owners tried using two theories against ISPs:

  • the ISP contributed to the infringement (“contributory infringement”), or
  • the ISP supervised and profited from the infringement (“vicarious infringement”).

ISPs who claimed they couldn’t possibly monitor everything said on hosted websites lobbied Congress for protection and in 1998, President Clinton signed into effect the Digital Millennium Copyright Act (DMCA). Under Title II of the DMCA (17 U.S.C. 511 et seq.), an ISP can avoid financial liability if one of its subscribers offers an infringing copy online by following the “notice and takedown” provisions; these basically state that once an ISP receives notice of the infringement, it must take down the unauthorized material.

The requirements for avoiding liability are as follows:

  • the ISP must not obtain financial benefit from the infringement
  • the ISP must not have actual knowledge or awareness of facts indicating infringing transmissions, and
  • upon learning of an infringing transmission, the ISP must act quickly to remove or disable access to the infringing transmission.

In addition to these and other requirements, the ISP must designate an agent to receive notices from unhappy copyright owners. Since the agent is the ISP’s key to avoiding financial liability, it’s essential that the provider promptly notify the Copyright Office of the name and address for its agent. Assistance in designating an agent is provided by the Copyright Office website athttp://www.loc.gov/copyright/onlinesp/. There is a fee of $20 for registering an agent.

The ISP must also implement a policy of terminating the accounts of subscribers who are repeat infringers. In general, a responsible ISP can easily avoid financial damages for copyright infringement under the DMCA rules.

EXAMPLE

Megapuss Records learns that infringing copies of one of its recordings have been posted at a website run by Tom. Tom’s website is hosted by MaxiNet. Megapuss notifies MaxiNet’s designated agent of the infringing copies. MaxiNet must then either physically remove the infringing copies from its servers or disable access to Tom’s site. If MaxiNet takes down or blocks access to the infringing material promptly, it is shielded from financial liability from either Megapuss or from Tom.

The DMCA protections for ISPs extend not only to content that is stored on the ISP servers and storage devices but also to an ISP’s “information location tools” which are devices that help a user find or access sites, such as directories, pointers and hypertext links.

If an ISP does not obey the DMCA provisions – for example, by failing to designate an agent or by neglecting to immediately remove a work once notified – a copyright owner has the right to seek financial damages against the ISP as contributory or vicarious copyright infringer.

Defamation and Other Claims

Defamation, also known as libel, is the publication of an untrue statement that causes an injury to the reputation of a person or business. For example, Matt Drudge, publisher of the gossip column, the Drudge Report, stated that Sidney Blumenthal, a confidant of President Clinton, had a history of spousal abuse. The comments were posted at Drudge’s website and at America Online, who paid Drudge $3,000 per month for the right to post the column. After receiving a letter from Blumenthal, Drudge and America Online both retracted the statements and issued corrections. Blumenthal and his wife sued Drudge and America Online for defamation. Blumenthal v. Drudge, 992 F. Supp. 44 (D.D.C. 1998).

Had America Online been a print newspaper or magazine, it might have owed damages for the injuries caused by this false statement. Instead, a court dismissed AOL from the lawsuit under the provisions of Section 230 of the Communications Decency Act (CDA) which states that no ISP “shall be treated as the publisher or speaker of any information provided by another information content provider.” In other words, the CDA shields ISPs from liability for statements or content from its users. This is true even where – as in the Drudge case – the ISP paid the writer for use of the statements.

The CDA has proven to be an all-purpose shield for ISP liability. AOL has used it several times to deflect lawsuits. In one case, an individual posted an advertisement on America Online shortly after the bombing of the federal building in Oklahoma City. The ad offered t-shirts and merchandise with offensive slogans that glorified the bombing and affixed the name and phone number of a California man, Kenneth Zeran, who knew nothing about the offer. Shortly after the ad was posted, Mr. Zeran received numerous angry phone calls from persons who saw the ad. Zeran complained to AOL who removed the ad. However, an individual using a different screen name quickly reposted it. Zeran sued America Online for negligence. claiming the service provider had a duty to prevent the repostings of the bogus messages. A court ruled that under the CDA, AOL was exempt from the lawsuit. Zeran v. America Online, 958 F.Supp. 1124 (1997).

In a case involving obscenity, an AOL user described and solicited the sale of child pornography videotapes in an online chat room. Another user, offended by the child pornography solicitations, sued AOL, claiming that the ISP had a duty to make sure that the service did not facilitate the distribution of child pornography. A court ruled that AOL was exempt from the claim under the CDA. Jane Doe v. America Online, Inc., 718 So.2d 385 (1998).

International Liability

Other nations do not share the U.S. approach of absolving ISPs from liability for the acts of their subscribers. In Britain, an ISP was found liable for defamatory statements posted by a subscriber. Britain’s High Court ruled in 1999 that an ISP could not claim it was an innocent disseminator of the defamatory statements. Instead, the court viewed the ISP as being similar to a print publisher. ISPs are expected to appeal to British lawmakers for legislation limiting liability for statements by users. In Germany, a court ruled in April 2000 that America Online was liable for a posting of unauthorized music by a user.

Conclusion

Thanks to two federal laws, the CDA and the DMCA, American ISPs have a Teflon coating. Responsible ISPs who meet the provisions of these two laws can repel lawsuits based upon claims of copyright infringement, defamation or related claims.

More Information About ISP Liability

To view any of the cases or laws discussed in this article, click on its link below:

Click here for related information and products from Nolo

© 2002 Nolo