Digital Millennium Copyright Act (DMCA)

The DMCA's Rules on Circumvention and Safe Harbor

In addition to the copyright cases outlined earlier, technorhetoricians and other Kairos readers should care about the 1998 Digital Millennium Copyright Act (DMCA) because the DMCA speaks to issues of access to information as well as liability for providing information to others in digital environments. Now that teaching digital writing has increasingly become the norm, even first-year composition teachers need to have a basic understanding of laws that could potentially impact student web writing such as webpage publishing, blogging, wiki writing, and writing in spaces like Facebook, Myspace, and Friendster. I'm not arguing that every move we do as web composers must be literally, strictly "legal" -- this is an unlikely possibility since what is legal and what is not can be subject to interpretation -- what I am arguing is that teachers of digital writing need an increased awareness of what the laws are so that they can impart maximum information to their students. In the end, students (and the readers of Kairos) will make composing choices that reflect their own (ethical, spiritual, political) levels of comfort.

Still, readers of Kairos should care about the DMCA because it is said to be the "single greatest addendum to the Copyright Act since its passage in 1976. The Act added six new sections and two new chapters to the Copyright Act" (Barker, 2005). The Copyright Act in turn is important to Kairos and its readers because this act governs the legality of reproduction and distribution of writing, creation of derivative works (i.e., composing practices), and performance/display of writing and should continue to maintain a high level of importance to technorhetoricians and teachers of digital writing.

So, as a technorhetorician and teacher of digital writing, can you answer these questions which I have seen arise in the digital writing classroom:

1. Is it legal to crack a website's password protection in order to grab copyrighted images or text that you are going to use for purely educational "Fair Use" purposes?

2. Is it legal to grab a copyrighted image off the web if the image is locked and when you right click on it, a pop-up message appears that says something like "copyright protected"? Is it legal in this case to do a screen capture and crop the image for purely educational "Fair Use" purposes?

DMCA's Anti-circumvention

I will answer these questions with certainty because they can be answered pursuant to the DMCA, an act which "criminalizes production and dissemination of technology that can circumvent measures taken to protect copyright" (Digital Millennium, 2006). The DMCA is known for its anti-circumvention rule and its safe harbor. Question #1 above gets to the issue of the DMCA's anti-circumvention rule. Section 1201 of the DMCA divides circumventable technological measures into two categories: 

1. measures that prevent unauthorized access to a copyrighted work 

2. measures that prevent copying 

Under the DMCA, making or selling devices that circumvent technological measures (measures intended to protect copyrights) and that are "primarily" designed/produced to do so, have only limited commercially significant purpose other than the purpose of circumvention, and which are marketed for circumvention, are always prohibited (neither question #1 or question #2 above gets to this issue).

On the other hand, in contrast to making or selling devices that circumvent technological measures, under the DMCA, the act itself of circumvention is only prohibited for category 1 above: measures that prevent unauthorized access to a copyrighted work. In other words, a person violates the DMCA if he takes actions that circumvent technological measures intended to prevent access (not prevent copying) -- that is, if he gains access that he was not intended to have. Therefore, the answer to question #1 above is no, it is not legal under the DMCA to crack into a website to take content even if the reason you are cracking is to use for pure educational "Fair Use." 

On the other hand, with respect to question #2, under the DMCA the act of circumventing measures intended to prevent copying is not prohibited. The reason given in the legislative summary is to "assure that the public will have the continued ability to make fair use of copyrighted works. Since copying of a work may be a fair use under appropriate circumstances, section 1201 does not prohibit the act of circumventing a technological measure that prevents copying. By contrast, since the fair use doctrine is not a defense to the act of gaining unauthorized access to a work, the act of circumventing a technological measure in order to gain access is prohibited." 

So, for those of us who sometimes use screen capturing software to grab images off the web because those images do not allow right-click copying, as long as it is done under Fair Use, it is highly unlikely the user would be found in violation of the DMCA. 

On the other hand, the potential liability of the maker and seller of screen capturing software is uncertain under the act. But, as long as that maker/seller has created and marketed the product for uses that are not "primarily" intended to infringe, that have substantial commercial value other than the purpose of circumvention, and the product is not marketed for circumvention, that maker/seller is probably legally in the clear under the DMCA. (I highly recommend such maker/seller obtain a legal opinion on this issue tailored to its own context.) However, if someone uses code that breaks into a technologically protected area in order to grab images, he is not operating under any provisions of the Fair Use statute, and he would likely be found in violation of the DMCA if anyone were to challenge his actions.

DMCA's Safe Harbor

In addition to its anti-circumvention provisions, the DMCA is also noted for its supposed "safe harbor." Section 512 of the DMCA contains the governing language. (Note that the DMCA is very hard to read in one place, because it contains multiple revised sections -- specifically of Title 17, USC -- and so in order to read it, one has to skip around in Title 17; see the head notes in First of all, the DMCA safe harbor, a metaphorical space that potentially promises freedom from legal repercussions for simple acts of webwriting and publishing, is a space with fuzzy borders. "While the constitutionality of the DMCA's anti-circumvention provisions is well established, the parameters of its safe harbor provisions are not as clearly defined" (Barker, 2005). The safe harbor, grossly oversimplified, gives Internet Service Providers (ISPs) a short period of time after receiving notice of a copyright infringement to take down the infringing material (the ISP must "act expeditiously"). If the ISP takes down the infringing material pursuant to a Take Down Notice, then the ISP is promised freedom from legal liability for the infringing behavior of an individual author. Various safe harbor protections with differing conditions are listed in Section 512 (Limitations, 2005). For example, protection is offered for transmissions, linking, caching, and storing. 

Since only ISPs are permitted to enjoy the safe harbor, the interesting question under the DMCA is: What is an ISP? This issue has not been fully determined by the courts. The reason it is relevant to Kairos readers and the journal itself is because we have to wonder whether we as individuals might be allowed to enjoy the safe harbor -- and then, would an open-source online journal like Kairos be considered an ISP for purposes of the DMCA's safe harbor? How exactly might the rules of safe harbor play out with respect to us as teachers, students, program directors, publishers of online journals, and so on? Whether publishers using others' servers are "ISPs" under the DMCA has not been determined, nor has it been determined whether individual users could ever be considered ISPs. Section 512(k)(1) defines "service provider" as "an entity offering the transmission, routing, or providing of connections for digital online communications, between or among points specified by a user, of material of the user’s choosing, without modification to the content of the material as sent or received" and as "a provider of online services or network access, or the operator of facilities," so-called ISPs which have control over, or the ability to modify user's online material are unlikely to be ISPs permitted to exercise the DMCA's safe harbor protection -- that is, the more control an "ISP" exercises over the content on its server (peer review might be interpreted as an example of control), the less likely it is to be able to enjoy the safe harbor. 

This matters to Kairos and other open access publications because organizations and publications running their own servers and also controlling the content in spaces on those servers are unlikely to find protection under the DMCA's safe harbor. However, other normal copyright defenses can always be asserted. 

Another barrier to protection under the DMCA are its basic threshold requirements. Several conditions that must generally be met (these depend on which safe harbor is called into play) before an ISP can qualify for safe harbor, as noted by Chilling Effects Clearing House include:

1. The ISP must have no knowledge of, or financial benefit from, the infringing activity

2. The ISP must provide proper notification of its policies to its subscribers

3. The ISP must set up an agent to deal with copyright complaints

Two cases have considered the safe harbor provisions. In the case of Hendrickson v. (2003), the court held that a take down notice sent by a copyright holder did not remain in effect for an unlimited period of time. The notice was only effective for the item described in the letter. The information requirements which must be set forth in any letter or take down notice are very specific, and if certain information is left out, an ISP can argue that the letter did not give actual knowledge of the infringement. In the Amazon case, Hendrickson brought suit because he owned the copyright in a DVD movie, not yet released, which was for sale on Amazon's website. In this case, the court ended up finding in favor of Amazon because Hendrickson's notice was insufficient. Of special importance to the court was that Amazon had no control over third party sellers (Barker, 2005). 

In another DMCA case, the threshold requirements an ISP must meet in order to have the safe harbor applicable (like the three items listed above) were considered. Ellison v. Robertson (2004) involved the plaintiff Harlan Ellison who owned copyrights to various novels and short stories. He sued America Online (AOL) under the doctrine of secondary liability because an AOL user posted digital copies of Ellison's work. The district court found in favor of AOL, but on appeal, the Ninth Circuit reversed and found in favor of Ellison because AOL had, during the relevant time, changed its email contact information for copyright complaints and not properly informed the copyright office for a period of several months. The old email address was not capable of forwarding copyright complaints, and so because of AOL's poor notification procedures, the Ninth Circuit found that AOL's actions called into question its ability to use the DMCA's safe harbor (Barker, 2005). While these cases have clarified the safe harbor provisions of the DMCA, uncertainly continues about how these provisions might work in other fact patterns.