by Joseph L. Ebersole
INTRODUCTION
In his paper, Dr. Linn finds problems with two of the network characteristics set out in Section 102(c) of the High Performance Computing Act of 1991. Specifically,
The network shall — …. (5) be designed and operated so as to ensure the continued application of laws that provide network and information resources security measures, including those that protect copyright and other intellectual property rights, and those that control access to data bases and protect national security; (6) have accounting mechanisms which allow users or groups of users to be charged for their usage of copyrighted materials available over the Network and, where appropriate and technically feasible, for their usage of the network;
These requirements should be read in the context of the total Section 102. Subsection (g) of Section 102 requires the Director of OSTP to submit a report to Congress within one year after the date of enactment on —
(3) how commercial information service providers could be charged for access to the Network, and how Network users could be charged for such commercial information services; …. (5) how to protect the copyrights of material distributed over the Network; and (6) appropriate policies to ensure the security of resources available on the Network and to protect the privacy of users of networks.
This indicates that the framers of the legislation did not expect the Network to have any methodologies for protecting copyright or ensuring security, or accounting mechanisms, for an unspecified time. They expected it to take at least one year to even identify how these might be accomplished. I believe parts (5) and (6) of 102(c) should be interpreted as establishing infrastructure features. More importantly, I believe the term “network” was being used in the broader sense to mean the physical network and the services connected to it. Even today, references continue to be made to putting databases on Internet. Such allusions are not to the transmission lines and routers, but to the overall Internet infrastructure. Accordingly, although I would agree with Dr. Linn’s concerns as he interprets the statute, I read it more broadly and thus do not share those concerns. Nevertheless, the concerns he raises about network operator responsibilities and liabilities are important issues in the network world.
RESPONSIBILITIES AND LIABILITIES
As Dr. Linn points out, common carriers are immune from liability for the contents of what others publish and distribute using their facilities. They are public pipelines without authority over the content they distribute. They do not have responsibility for, nor are they liable for, the content that flows through their facilities.
A distributor is one step up the liability ladder. Distributors include bookstores, newsstands, bulletin board operators, libraries, and others who disseminate publications without exercising any control over the content. At common law, distributors were not held liable unless they knew of, or had reason to know of, the nature of the content. However, cases involving the liability of property owners (such as an operator of a paper bulletin board) for materials posted by others, indicate liability attaches if they have knowledge of the injurious nature of the information and fail to remove it.[1] By not removing it within a reasonable time, they are deemed to have ratified it.[2]
A publisher gathers, composes, and edits content, as well as disseminating it. This process offers the opportunity to review, alter or delete material prior to publication. Accordingly, newspapers, books, magazines, journals, and newsletters, as well as their owners, editors, and reporters, are held to a high standard of liability for publication of injurious information.
So, how should one decide liability risk? First, the greater the capability to know and control content prior to dissemination, the greater the likelihood an entity will be considered a publisher and be legally liable. Second, the CompuServe case (see note 2) will not be the last word on this. It did not take into account the functionally distinct services that may be provided by a network operator. Although the prime function may be transport, other services may be offered. There may be public message areas, there is certainly private mail flowing through or being stored, there may be files that are stored permanently or temporarily. Given a network operator’s capability to “observe” what is flowing through its facilities, there may be occasions, or there may be some types of services, for which the role shifts from that of common carrier to include some attributes of a distributor, or even a publisher. I do not know precisely what services a typical network operator provides, but I suspect that within the Internet, such an operator is not a pure carrier, operating only at certain levels within a layered protocol structure, but is part common carrier, part distributor, and part publisher, in functionally distinct areas. Thus, the real world environment does not seem inconsistent with the legislative provisions.
MORE THAN COPYRIGHT IS INVOLVED
Historically, Internet has operated with public information freely distributed among individuals who were — initially — primarily based in university or government research organizations. What I understand to be the Internet culture is — to me — characterized by functions such as Telnet and FTP. One is actually able to enter someone else’s property and use it. Developments such as Gopher and WAIS further emphasize the open nature of the culture. However, as commercial use increases absolutely, and, more importantly, as a percentage of overall use, greater recognition may have to be paid to the world outside the historical Internet. This world consists of a lot of property (servers, nodes, domains) that is private or commercial, and for which access or use is acceptable only with permission of the owner.
In the world outside Internet (and on a few occasions within it) a major body of statutory and case law has been built over the last twenty years. These laws recognize the existence of, and facilitate, so-called “protected electronic environments.” This is significant because the responsibilities Dr. Linn discusses in his paper extend beyond copyright and include a number of other protections. It also complicates the problem, because it suggests that the scope of paragraphs (5) and (6) of Section 102(c) may be even broader than suggested by the language of the Act. This “protected electronic environment” has several aspects: criminal law, the Electronic Communications Privacy Act, Trade Secret, Contract, and Copyright. Let’s look at several of these and see what types of behavior are subject to the criminal sanction.
Criminal
Federal and state legislation regarding computer crime includes the following types of acts;
- Unauthorized access to a computer;
- Unauthorized use of computer-processing services;
- Unauthorized tampering with, destruction, or modification of data in a computer;
- Unauthorized taking (copying or reading) of information from a computer or communications system; and
- Unauthorized acts that preclude access to a computer by other parties.[3]
Further, willful infringement of copyright for purposes of commercial advantage or private financial gain is defined as Criminal Infringement by the Copyright Act.[4] The offense is a felony if it consists of “the reproduction or distribution, during any 180-day period, or at least 10 copies…, of 1 or more copyrighted works, with a retail value of more than $2,500.”[5] This could be one copy each of ten copyrighted articles, books, or software, etc., or 10 copies of a single work. The penalty is up to five years in prison and $250,000 in fines.[6] Thus, someone who sends a copyrighted work to multiple recipients over a network for the purpose of commercial advantage or private financial gain could easily cross the threshold of felony responsibility.
TRADE SECRET
A trade secret can be considered as scientific or technical information, a design, a process, a formula, a computer program, or information stored in a computer, which is a secret and is not generally available to the public. Its importance lies in the fact that it gives the owner an advantage over competitors who do not know of or use the trade secret. Trade secret is one type of intellectual property, and is used in conjunction with copyright to protect commercially published software. (Since only the object code is “published,” the source code remains a trade secret and is protected under that body of law.) On the criminal law side, four types of misappropriation or theft of trade secrets are defined as criminal acts: taking, copying, disclosing, and memorizing!
FAIR USE
In his proposed amendment of the two sections at issue, Dr. Linn includes mention of fair use, as if protecting copyright might be inconsistent with fair use, unless it is emphasized in the statute. There seems to be a misunderstanding about the fair use provisions of the Copyright Act among many Internet users. Thus, it may be helpful to emphasize the major features of fair use.
The determination as to whether a particular use is “fair” can be very complex and relates to a number of factors. The fair use privilege is personal to the person making a copy and does not give one a privilege (except in a classroom situation) to make multiple copies. Further, the fair use privilege does not include the privilege of transmitting even one copy to someone else.
Making multiple copies, except in an educational classroom situation, will rarely qualify as fair use. Even there, under the Classroom Photocopy Guidelines formulated in connection with the fair use provisions of the 1976 Act, multiple copies are permissible only if the need was spontaneous in nature and at the instance of the individual teacher. For example, if a teacher reads an article one evening that is directly applicable to a classroom topic, multiple copies for students may be made the next day for the class. However, if the teacher finds or selects the article in July or August while developing lesson plans, then permission for copying has to be obtained.
University and non-profit users often assume fair use applies to them because they are part of, or work for, an educational or nonprofit entity. However, it is the character of the use, not the character of the user or user entity, that determines whether fair use applies.
Commercial uses are presumptively unfair, but nonprofit uses are not presumptively fair. Instead, as noted, it depends on the character of the use. For example, a college student conducting a literature search for which he or she is receiving payment may not be able to depend on the fair use exemption.
CONCLUSIONS
I think Dr. Linn’s paper is outstanding, especially the proposed technical approach to copyright protection and management.
Although I disagree with his restricted definition of the term network, I am in complete agreement with the technical mechanisms he proposes. I have long proposed (orally) a similar set of solutions. He has done the best job I have yet seen of comprehensively and in detail defining the mechanisms. I am sure more will be needed, but those needs will become apparent only as the technology advances and as the experience of copyright-based industries grows. My agreement extends to the importance he places on Object Oriented Programming and the use of objects to implement the mechanisms we need.
If we accept the technical solutions proposed by Dr. Linn, there are still two relevant observations:
- Scanning of copyrighted works by an individual and distribution of these works throughout the network.The only perfect solution I am aware of at this time is to eliminate paper. If the copyrighted work in object form never leaves the electronic environment (via a printout, for example) piracy becomes much more difficult. However, once printed out and rescanned, all protection is lost.
- Expansion of the definition of “information provider” and “information services” to include any person or entity who introduces information into the network.Dr. Linn proposes this solution, and I am in agreement. I should note, however, that this means the infrastructure should have the needed capabilities.
I see Dr. Linn’s paper as an important contribution to the goal of making Internet and NREN and their progeny a safe environment for copyrighted works.
NOTES
1. “Injurious information” is a broad term that includes pornography, fraud, defamation, invasion of privacy, or copyright infringement. Thus it involves information that, when published and distributed, causes an economic, emotional, reputational, or other harm which is legally cognizable as a violation of criminal or civil law. Although liability is usually based on the content of the information, it can arise out of the lack of authorization to publish, disseminate, or use the information.
2. In the first (and apparently only) federal court ruling for an electronic distributor, Compuserve was held not liable because it was a “mere distributor” of the injurious content, “had little or no editorial control over the contents,” and “neither knew or had reason to know of the allegedly defamatory statements.” The court observed that “A computerized database is the functional equivalent of a more traditional news vendor, …” Cubby, Inc. v. CompuServe, Inc., 776 F. Supp. 135 (SDNY 1991).
3. Raymond T. Nimmer, The Law of Computer Technology, Rev. Ed., 1992 (Warren Gorham Lamont, Boston, MA).
BIOGRAPHY
Joe Ebersole practices computer law and government relations in the District of Columbia. He was a graduate student in psychology before going to law school. His experience includes senior research engineer in aerospace electronics; electronics quality control director; software system design management; educational, legal, healthcare and market research database development; telecommunications consulting; Deputy Director of the Federal Judicial Center; and vice president for product development of a database company.
Joseph L. Ebersole Attorney at Law 2101 Connecticut Avenue, Suite 63 Washington, D.C. 20008 Tel: 202-265-9447