iiNet: What of the safe harbours?

Justice Cowdroy’s decision in Roadshow v iiNet held that a person who provides facilities that are used for infringement but does not play a more active part — for example by intentionally designing the system to profit, or providing facilities in circumstances where there are only limited non-infringing uses, or explicitly inviting or promoting the use of the system for infringement — will not be held to ‘authorise’ those infringements, because it does not provide the ‘means’ for infringement.

This construction minimises the role of the Category A safe harbour, which is designed to insulate ISPs who “facilities or services for transmitting, routing or providing connections” (s 116AC) for copyright material from monetary damages for copyright infringement. What is the extent of the overlap between this safe harbour and Cowdroy J’s intrepreation of authorisation for ISPs?

The crucial question is whether an ISP will ever be in a position to have authorised infringement but be able to rely on the protection of the safe harbours. It seems that a purely passive general purpose ISP could not, as it would never infringe. Accordingly, the hypothetical ISP must be engaged in some sort of other activities – it must be found to be inviting or promoting copyright infringement, designing its systems to profit from infringement, or perhaps engaged in the provision of a filtered feed where it exercises some form of control over what its users may access. These extra circumstances would give rise to an inference that the ISP is providing the ‘means’ of infringement and would, prima facie, be liable for the infringing acts of its users.

In these cases, the next question becomes whether such an ISP would be entitled to rely on the safe harbours? The safe harbours provide protection where the primary infringement occurs “in the course of carrying out”(s 116AG) activities – relevantly, “providing facilities or services for transmitting, routing or providing connections for copyright material”.(s 116AC) In the paradigmatic case, an ISP who only provides the facilities for infringement will not be liable for authorising any infringements; so this question is really whether the extra circumstances that are required for liability to accrue will necessarily not be “in the course of carrying out” the provision of facilities or services and accordingly remove an ISP from the protection of the safe harbours.

It seems likely that many of the acts that would cause liability to accrue for authorisation would not fall within the definition of being “in the course of carrying out” the provision of facilities or services. In our only authority, we can take the example of the ISP in Cooper. This ISP negotiated an agreement not to charge Cooper for the hosting of his website in return for advertising revenue from the high levels of traffic his website attracted. While this relates to Category C activity, we can imagine a scenario where an ISP negotiates a similar monetary incentive for infringement, or otherwise encourages its users to infringe. Some of the examples come out of the judgment – if iiNet drew a direct financial benefit from infringement and set up its service in order to benefit from infringement, it would probably have been held to have authorised that infringement. Would this still be done ‘in the course of’ providing facilities or services for communications? While there would be some circumstances where an ISP would be liable for authorisation that do not strictly relate to its provision of access, I think that we would have to conclude that an ISP that is promoting or benefiting from infringement is still acting ‘in the course of’ providing access. Prima facie, then, the safe harbours will operate where the ISP is playing some active role in the infringements of its users.

Whether the safe harbours will protect such an ISP then depends on the conditions for compliance set out in s 116AH, which require that an ISP must “adopt and reasonably implement a policy that provides for termination, in appropriate circumstances, of the accounts of repeat infringers”, and must not initiate or modify transmissions of copyright material. The second two requirements are relatively straightforward and easy to comply with. The ‘reasonable’ implementation of a ‘repeat infringer’ policy, however, may be a different matter.

I think that in many cases where an ISP designs its service to encourage or directly profit from its users infringements, or provides a service that has limited non-infringing uses, it will probably fail the repeat infringer test. The requirement is not only to have a policy, but to ‘reasonably implement’ it. We see in particular authority from the US in Aimster that a provider that wilfully blinds itself to infringement or structures its activities in such a way that it cannot identify repeat infringers will not be held to ‘reasonably implement’ such a policy. The safe harbours, in this construction, would only have operation in a sliver of circumstances where the ISP acts in sufficient bad faith to ‘authorise’ infringement but in sufficient good faith to ‘reasonably implement’ a policy for termination of repeat infringers. In practice, this sliver would appear vanishingly small.

Does such an interpretation mean that the transmission safe harbour has no practical effect? I think that it will have little effect in the case of ‘bad faith’ ISPs, but there may still be circumstances where ‘good faith’ ISPs are held to ‘authorise’ the infringement of their users. Part of the reason that iiNet did not authorise was that it had no control over BitTorrent; so the analysis would change where ISP had more control, or with a different protocol over which ISPs have more control in general. The particular scenario that comes to mind is similar to the cases in the US in the 90s, where ISPs who wanted to provide a ‘cleaner’ experience for their users found themselves potentially liable for their increased control. So, for example, an ISP who offers some sort of filtered service may, if their filters are good enough, exercise sufficient control over what its users can access that it would have the ability to prevent infringements when it is provided with actual or constructive knowledge that it could be held to ‘authorise’ any infringements. In these circumstances, the safe harbours will be useful: as long as the ISP ‘reasonably implements’ some termination policy, it will be insulated from monetary damages.

This is one hypothetical, but it seems clear that the Category A (transmission) safe harbour does still have some (limited) application in Australian law. This doesn’t really come up in US jurisprudence, because the US safe harbours extend beyond ISPs to service providers more generally. Nevertheless, it seems as though the Australian transmission safe harbour still has a role to play in providing certainty for good faith ISPs who wish to do something more than ‘merely’ providing the facilities for infringement.

Who will shed a tear for ss 39B and 112E?

The limited role of the transmission safe harbour remains much broader than that of ss 39B and 112E, which provide that

A person (including a carrier or carriage service provider) who provides facilities for making, or facilitating the making of, a communication is not taken to have authorised any infringement of copyright in a work merely because another person uses the facilities so provided to do something the right to do which is included in the copyright.

On the analysis of Cowdroy J, it is apparent that there are no circumstances where an ISP would be held to have ‘authorised’ an infringement but done no more than provide the “facilities for making, or facilitating the making of, a communication”. Justice Cowdroy rejects this construction, but accepts that it would “highly unlikely” that either of the hypotheticals he poses where s 112E would be useful would result in a finding of authorisation liability.([572]-[573]) This is based off the Full Federal Court authority in Cooper that states that s 112E “‘…presupposes that a person who merely provides facilities for making a communication might, absent the section, be taken to have authorised an infringement of copyright in an audio-visual item effected by the use of the facility’.”([573], quoting Cooper [2006] FCAFC 187, [32]). Justice Cowdroy found himself bound to accept the Full Federal Court authority, although it left “little room for s 112E to have meaningful operation.”([574])

There certainly seems to be some inconsistency in this view, as either s 112E has no practical effect, or Cowdroy J’s rationale for authorisation liability must be incorrect to the extent that a person who does no more than provide facilities will not provide the ‘means’ of infringement and therefore be liable for authorisation. While there is some room to argue that because authorisation is a question of fact that it is technically possible (but practically inconceivable) that someone may authorise for ‘merely’ providing the facilities, this seems, with respect, quite strained. The better view – which Cowdroy J may not have been entitled to reach – would seem to be either that ss 39B and 112E operate to limit liability in some circumstances where the provider does something more than ‘merely’ provide the facilities for infringement, or that ss 39B and 112E have no practical effect. I think that the best construction is that of Wen Wu, who argues that

Ultimately, if recourse must be had to [s 101(1A)] and other authorisation factors, sections 39/112E are superfluous and were probably introduced out of an abundance of caution. (unpublished)