IMPORTANT NOTICE: 2017 DMCA Agent Designation – Previous Designated Agents Must Re-Register Online Before December 31, 2017

do-it-now-1432945_1920If you operate, manage, or host a website, mobile app, blog or other digital service  that allows users (aka third parties) to post comments or upload media, such as pictures, videos or audio files, then you need to be taking advantage of the Digital Millennium Copyright Act (“DMCA”)  Safe Harbor to protect yourself from copyright infringement liability for infringing materials posted on your site by users of your service.

The U.S. Copyright Office recently introduced a new online DMCA Agent Directory and registration process to replace the prior paper-based system and directory for DMCA Designated Agents, which became effective on December 1, 2016.  Designating a DMCA Agent with the Copyright Office is part of the process to protect you from copyright infringement liability for third party posts (aka user-posted content) on your app/blog/website and corresponds to the DMCA Takedown Notice Procedures that should be included in the Terms of Use on your website/blog/app.  If you do not register (or re-register) a DMCA designated agent, you risk losing the safe harbor protections of Section 512 of the DMCA, leaving you potentially vulnerable to certain types of claims of copyright infringement.

 register-1627729_1280NOTE: Even if you previously designated an agent with the Copyright Office prior to December 1, 2016 (via a paper form), you will need to submit a new designation electronically using the online registration system by December 31, 2017, or your prior designation will expire and become invalid.

In order to register, you will need to create an account.  You will need to include a primary contact (with the option to include a secondary contact) when you register, and then an email will be sent to the primary contact with instructions on how to active the account.  Once the account is activated, you will be able to complete the DMCA designed agent registration process.

You will need to register the following information:

  • Full Legal Name of Service Provider (legal entity name) and related contact information
  • Alternative Name(s) of Service Provider (including all names under which the service provider is doing business, such as domain name(s), blog or mobile app name(s), assumed/trade name(s), etc.)
    • NOTE: Separate legal entities are not considered alternate names. Related or affiliated service providers that are separate legal entities (e.g., corporate parents and subsidiaries) are considered separate service providers, and each must have its own separate designation.
  • Name of Agent Designated to Receive Notification of Claimed Infringement (which can be the name of an individual or a specific position or title [e.g., Copyright Manager, VP Legal Affairs, or General Counsel] or a specific department [e.g., Copyright Compliance Department] or third-party entity [e.g., ACME Takedown Service] rather than an individually named person as the agent…which may be preferable to avoid having to update the form if the named individual should ever leave the company) and related contact information
  • Pay the Fee (the current registration fee to designate an agent, or amend or resubmit a designation is $6.00 per service provider, with no additional fee for any alternate names)

In addition to registering a designated agent, you will also need to post copyright infringement notice provisions on your site and comply with the DMCA takedown and notice procedures. Click on the following links for more information about the DMCA Safe Harbors and what you need to do to benefit from them, as well as DMCA Designated Agent FAQs.

Renewal Requirements. In an attempt to ensure that the DMCA Agent Directory contains accurate and up-to-date information, your agent designation will expire and become invalid three years after it is registered (or last amended) with the U.S. Copyright Office, unless you renew it prior to the expiration for another three-year period. The online system will send renewal reminders to the primary and secondary contacts, service provider, and designated agent listed in your account 90 days, 60 days, 30 days, and 7 days prior to your renewal deadline.

The Digital Millennium Copyright Act (DMCA) Safe Harbor

email-826333_1280The Digital Millennium Copyright Act (“DMCA”) is an amendment to the U.S. Copyright Act (i.e., the federal copyright law) signed into effect in October 1998 that, among other things, provides certain limitations on the liability of online service providers (“Provider(s)”) for acts of copyright infringement by third parties.

The DMCA actually contains two types of liability limitations:

The first (Section 512(d)) protects a Provider that unknowingly provides a link to infringing copyrighted material located on another site.

The second (Section 512(c)) , which we discuss in more detail here, limits the liability of Providers that store copyrighted materials on a system or network they control or operate if (among other things), (i) such storage was directed by a third-party user, (ii) the service provider has designated an agent (also referred to as a “take-down agent”) to receive notifications of claimed infringement, and (iii) the service provider has both registered the agent’s contact information with the U.S. Copyright Office and publicly provided such information on its website.

It is important to note that, because the DMCA protects against claims of copyright infringement and not other types of wrongdoing, it will not help against claims of infringement concerning trademarks or service marks, stolen trade secrets, or other types of intellectual property.  The DMCA is also not relevant to claims of defamation, although a Provider may have protection for defamatory statements made by third parties under Section 230 of the Communications Decency Act.

The DMCA Safe Harbor

The DMCA is a “safe-harbor” is an exception to the general rule that a Provider is liable for acts of infringement committed by its users. Because the DMCA is intended to protect Providers from inadvertent infringement by third parties, it will not help in a situation where the Provider itself is accused of infringement (i.e., where the Provider posts infringing copyrighted content), or where the Provider knows content it hosts infringes a copyright.

Because the DMCA can be an absolute defense to liability for copyright infringement by a third party, registering a take-down agent may even prevent someone from suing the Provider for infringement in the first place.

Online Service Providers

In essence, you qualify as a Provider and are eligible for protection under the DMCA if you operate, manage or host a website, blog, mobile app, social media platform, portal, game, or other digital service that allows users (aka third parties) to upload or post content. That can include the following activities:

  • Allowing users to post comments or review, or respond to discussion threads
  • Allowing users to upload media, such as pictures, .gifs, videos or audio files

The above is true because the definition of “infringe” or “infringement” is very broad and captures many activities. For example, if your site allows users to submit a thumbnail sized avatar in connection with the user’s comment and the user chooses an image that infringes a third-party’s copyright, you can be liable. Knowledge or intent are not relevant for purposes of liability for infringement under the copyright law; so, you can be held responsible for copyright infringement even if you have no idea these activities are going on (and, if you have not registered a DMCA agent, even if you take down the offending material immediately after being notified!).

How to Benefit from the DMCA Safe Harbor Provisions

In order to enjoy the benefits of the safe-harbor provisions, a Provider must comply with a few administrative requirements:

  1. Designate a copyright take-down agent to receive DMCA takedown notices.

In order to designate an agent, a Provider must create an account, provide some basic information (the Provider’s legal name, alternatives names for the Provider, the name or title of the Provider’s agent designated to receive infringement claim notices, and related contact information) and pay a filing fee (currently $6 to designate an agent, or amend or resubmit a designation, for an unlimited number of alternative names, websites, etc. for the Provider). The U.S. Copyright Office maintains an official list of designated agents, which allows a person who believes his or her work is being infringed to quickly send a takedown notice.

  1. Adopt a copyright infringement policy and notify site users.

The Provider must publish a statement on its website to provide notice to the site users of its copyright infringement policies, the consequences of repeated infringing activity, and advising users of the takedown agent’s contact information. Many people include a DMCA policy in their terms of service, but it may also be placed in a separate document.

  1. Watch for and properly comply with any notice of claimed infringement received.

A person claiming infringement must provide the Provider a written notice that substantially meets the following requirements:

  • A detailed description of the copyrighted work(s) allegedly being infringed;
  • A description (such as the subdomain link) of the location on the site where the   allegedly infringing content appears reasonably sufficient to permit the Provider to locate the material;
  • The claimant’s contact information, including name, address, telephone number, and, if available, email address;
  • A statement that the claimant has a good faith belief that the allegedly infringing use is not authorized by the claimant as the copyright owner, by the claimant’s agent, or by law;
  • A statement affirming that, under penalty of perjury, the information in the notice is accurate and that the claimant is, or is authorized to act on behalf of, the copyright owner; and
  • A physical or electronic signature of the copyright owner or someone authorized on the owner’s behalf to assert infringement of copyright and to submit the statement.

Remember that the DMCA protects only against copyright infringement, not against other types of accused wrongdoing. Therefore, a Provider must be careful to make sure any notice it receives alleges a copyright infringement and not some other type of wrong doing.

Also note that not all cease and desist letters or takedown notices will be proper, and a Provider is not under a legal obligation to comply with notices that do not substantially meet the above requirements.

If a takedown notice does not meet the requirements, a Provider should respond to the party who submitted the takedown notice, state that the notice does not comply with the DMCA requirements, and inform the complainant that he may resubmit a takedown notice that substantially complies with the DMCA requirements.

If a takedown notice does meet the requirements, a Provider should promptly:

  1. remove or disable access to the material that is claimed to be infringing;
  2. notify the complainant that the material has been removed; and
  3. notify the allegedly infringing party that the material has been removed so that he may file a counter-notice.

Often, a potentially offending user will not file a counter-notice, but if he or she does, a proper counter-notice must contain substantially the following information:

  • The alleged infringer’s name, address, phone number
  • Identification of the material and its location before removal
  • A statement under penalty of perjury that the material was removed by mistake or misidentification
  • The alleged infringer’s consent to local federal court jurisdiction, or if overseas, to an appropriate judicial body
  • A physical or electronic signature of the alleged infringer

If the counter-notice meets these specifications, the Provider should forward the counter-notice to the person who claimed infringement. That person must then file a lawsuit within 10 business days of the Provider’s notice to the complainant of the counter-notice; otherwise, the Provider should reinstate the disputed material within 10-14 business days after sending the counter-notice to the complainant.

While there is no requirement under the DMCA for a Provider to remove any material(s), the receipt of a valid takedown notice acts to give the Provider notice of the allegedly infringing activity, and therefore ineligible for limited liability. The Provider may then face liability for continuing to host the material.

Consult a qualified attorney if you are unsure of what the notice or demand letter is alleging or if you have questions about whether you must comply with a takedown notice or how you should comply with the takedown notice.

I didn’t register a DMCA takedown agent and now someone has filed a copyright infringement lawsuit against me. Am I out of luck?

In order to benefit from the safe harbor protections, a Provider must register a DMCA agent prior to an allegation of infringement which it wishes to defeat with the registration.

Even if a Provider has not registered a DMCA agent, it may still be able to defend against a claim on the merits of the alleged infringement. For example, if the amount of supposedly infringing material is small or is posted in a way meant to be educational and includes a citation for the material, you may have a defense under the fair use doctrine (although a fair use defense may not apply depending on the facts of each particular situation). Some cases also indicate that a defense may exist by asserting that infringing third-party posts are simply not the responsibility of the Provider. However, if a Provider has not registered under the DMCA, it will not be able to claim that it was unaware of the infringing activity or that it quickly removed the offending material.

Social Media Terms of Use – Is Your Brand Following the Rules?

Advertisements and promotions on social media channels are a daily occurrence.  In addition to complying with traditional advertising rules and regulations, brands need to comply with each social media channel’s Terms of Use and advertising-specific rules.

NBC recently ran afoul of Facebook’s rules when it posted a three-minute clip from the latest episode of Saturday Night Live that began with a five-second ad for Subway.  The rules state that “Third-party advertisements on Pages are prohibited, without our prior permission.”  In other words, video clips with ads not sold by Facebook are not allowed…unless a brand enters into an agreement similar to typographic-poster-design-i-have-read-and-accept-the-terms-and-conditions_GJfTZN_dFacebook’s deal with the NFL that allows brands to run ads after clips are shown and gives Facebook takes a piece of the ad revenue.  Earlier this year, Facebook launched Anthology, which connects brands and digital media publishers (like Funny or Die, The Onion and Oh My Disney) to create branded content to be targeted and optimized through Facebook.

The Terms of Use and related policies for each social media channel (Twitter, Instagram, Facebook, etc.) can differ greatly and tend to change frequently. The Terms of Use often contain guidelines or rules for advertising and hosting contests, sweepstakes and other promotions through the social media channel, ownership and (restrictions on) use of content, rules (and prohibitions) for using native functionality (e.g., “share on your Timeline to enter”), and other important information. Some social media channels, such as YouTube, require you to obtain written permission from them before you can post ads or product placements.

Before your brand posts content on a social media channel, be sure to check the rules on each channel to make sure you’re in compliance.

 

Endorsements and Testimonials: Are You Following the Rules?

Does your company use endorsements or testimonials to promote its products or services on its website or in its advertising or marketing materials?  Do you allow customers to post on your social media pages or website?  Are you a blogger who reviews products or services?

When most people hear the words endorsement or testimonial, they likely imagine a celebrity or expert getting paid big bucks to talk about an “amazing” product or service.  And, they would be right.

However, if you answered “yes” to any of the questions above, then you likely need to comply with the Endorsement and Testimonial Guides issued by the Federal Trade Commission (“FTC”).

Examples of messages that constitute endorsements include a film critic’s review of a movie used in Excellent result on survey on blackboardan advertisement for the film, a well-known athlete using a certain brand of sporting equipment in an ad for that brand, and a positive product review posted by a consumer on her personal blog where the consumer received the product free as part of a network marketing program.

The Guides reflect three basic truth-in-advertising principles:

  1. Endorsements must be truthful and not misleading;
  2. If the advertiser doesn’t have proof that the endorser’s experience represents what consumers will achieve by using the product, the ad must clearly and conspicuously disclose the generally expected results in the depicted circumstances; and
  3. If there’s a connection between the endorser and the marketer of the product that would affect how people evaluate the endorsement, it should be disclosed.

In other words, endorsements:

  1. Must reflect the honest experience or opinion of the endorser (there are different rules for consumer, celebrity and expert endorsements, as well as for endorsements by organizations);
  2. May not contain representations or claims that would be deceptive, or could not be substantiated, if the advertiser made them directly; and
  3. Must disclose any material connection between the person endorsing a product or service and the company selling the product or service that might materially affect the weight or credibility of the endorsement (employee, relative, paid, etc. – even small incentives, such as free product for bloggers to sample, must be disclosed).

Although the Guides don’t mandate the specific wording of disclosures, the Guides states that disclosures “must be clear and conspicuous on all devices and platforms that consumers may use to view the ad”…even if there are only 140 characters available for the entire message.  For example, paid spokespeople must disclose that they are sponsored (#sponsored or #ad) or explicitly mention that they are working with the brand/company (e.g., I’m teaming up with [brand/company] to do X) on social media platforms, such as Twitter.

If you are a brand owner, use caution before you follow, friend, like, or engage with a celebrity, third-party trademark or brand. Do not imply that there is an affiliation between the brand/company and the user/celebrity/trademark/etc….especially when such a relationship doesn’t exist. (Most consumers will assume there is a relationship between the brand/company and the user/celebrity/trademark.)

For more information, see the FTC’s FAQs about endorsements and testimonials.

 

Controlling Your Domain (Name) to Avoid a Domain Name Fumble

Next week’s NFL Draft brings to mind a cautionary tale…

It could happen to any of us, and it almost happened to the Dallas Cowboys at a crucial time.  In the middle of the 2010 NFL season, buzz surrounding whether Cowboys’ head coach Wade Phillips was going to be fired (which was ultimately the case) was at an all-time high.  No doubt, fans, rivals and press were all scouring the internet for updates on the situation, and the Cowboys’ website was probably the prime online destination of the day. Unfortunately, the team forgot to renew the dallascowboys.com domain, and many would-be site visitors got error screens instead of highlights and instant replays. Talk about a game-changing fumble! See related article here.Blue Url Words Shows Org Biz Com Edu

It’s worth noting that the dallascowboys.com domain name was originally purchased in 1995 and probably was reserved for the longest possible time allowed.  Although most domain name registrars timely send email renewal reminders to domain name owners, it’s likely that whomever was initially responsible for the domain name was long gone and the renewal information didn’t get forwarded to the proper person (and, although auto-renew is available, the credit card info on file with the domain name registrar was probably no longer valid as well). It’s lucky that the ‘Boys became aware of the problem (which you might call an incomplete pass) and quickly renewed the domain before someone else (perhaps a disgruntled, recently fired coach) grabbed it and tried to hold it hostage.

At least Dallas Cowboys Football Club, Ltd. was listed as the domain name owner.  Many times, the person who originally registers the domain name (whether an employee of the organization or someone with the company hired to design the website) is listed as the owner of the domain name and the domain name is never officially transferred to the organization and/or the information doesn’t get updated…which can cause a host of problems for the organization utilizing the domain name (especially if the employee is terminated or if the development company relationship dissolves).

Although the Cowboys had a close call and almost wound up on the disabled list, this is a great example of how easy it can be for an organization to neglect (and almost lose) one of its most important intellectual property assets. We all know how valuable your website is to your business, so here’s what you should do to prepare your domain name offensive strategy…

If you have a website: 

(1)   Determine who is listed as the owner of your domain name.

To find out who owns your domain name and when the registration expires, type in the domain name (e.g., dallascowboys.com) in a WHOIS search database, such as InterNIC, Network Solutions, or GoDaddy.

(2)   Check to ensure that this information is correct. 

If the Administrative and/or Technical Contact information is not in your company’s name, you’ll want to update this information as quickly as possible.

You may need a Domain Name Transfer Agreement to perfect the chain of title for the domain name ownership.  (While you’re at it, you may also want to make sure you have a Website Development Agreement in place with any third-party web developer for the website associated with the domain name so you own/have rights to your web content and design.)

If the domain name is registered to one of your company’s employees or officers, add this to your employee exit checklist to ensure that this information is updated should the employee/officer leave the company.

A disgruntled/terminated employee or website developer with sole control of a company domain name can easily redirect internet, e-mail and intranet traffic within a matter of moments and bring business to a standstill.

(3)   Calendar a reminder for the domain name renewal date.  

The expiration date for the domain name registration is listed in the WHOIS information (see #1 above).