Sign In

Communications of the ACM

Legally speaking

Copyright's Online Service Providers Safe Harbors Under Siege

copyright symbol in swirling waters, illustration

Credit: Andrij Borys Associates, Shutterstock

For the last 20 years, the laws of the U.S., E.U., and most of the rest of the world, have provided Online Service Providers (OSPs) that host user-uploaded content with "safe harbors" insulating them from claims of copyright infringement so long as they did not know about or participate in infringing acts of their users. Yet, once a copyright owner has notified an OSP about the presence of infringing materials at a particular place on its site, the OSP has generally had a responsibility to investigate and remove or disable access to infringing materials. This notice-and-takedown safe harbor became part of U.S. law as a result of passage of the Digital Millennium Copyright Act (DMCA) of 1998.

This safe harbor, now codified in § 512 of U.S. copyright law, has never been popular with major copyright industries. Those industries acquiesced to these rules in 1998 as part of a grand compromise with other industries and organizations to get support for enactment of rules that outlaw tools for circumventing technical protection measures that major copyright industries planned to use when distributing digital copies of their works.

Copyright industry dissatisfaction with this safe harbor has grown increasingly strident because of the widespread prevalence of online infringements. As my November 2019 column reported, the E.U. responded to copyright industry complaints by adopting new strict liability rules for certain online content sharing services, which EU member states must implement by June 2021.

To aid possible Congressional reconsideration of the DMCA safe harbors, the U.S. Copyright Office released in May 2020 its long-awaited Section 512 Study.2 It sided with major copyright industry complaints on virtually every contentious safe harbor issue. This column reviews the most significant of the Study's recommended changes: tightened eligibility rules, revamped "red flag" knowledge of infringement requirements, curtailment of fair use claims, and stricter repeat infringer policies.

Although the Study claims these changes would merely "fine-tune" § 512, this is a mischaracterization. Were Congress to follow the Study's recommendations, OSPs would have much greater responsibilities to detect and thwart user infringements and more liability if they did not succeed in preventing copyright infringements. These changes would negatively impact the availability of user-generated content and other legitimate user activities. Stricter repeat infringer policies would likely mean that many more users' accounts would be terminated, including those of innocent users.

Back to Top

Eligibility for Safe Harbors

One very substantial change the 512 Study recommends would limit the availability of the hosting safe harbor to only those OSPs that passively store user contents. The Study criticized the Viacom v. YouTube decision for concluding that YouTube qualified for the § 512(c)'s safe harbor when proactively transcoding user-uploaded videos, enabling the videos to be viewed by others, and promoting user-uploaded videos through automated recommendations. The court regarded these activities as "related" to hosting user contents, and hence, within the safe harbor.

The CEO of the Internet Association, who testified before the Senate IP Subcommittee in June 2020, objected to the Study's narrow interpretation of this safe harbor. Restricting its application would, he said, "all but exclude every modern OSP from the scope of section 512(c), giving liability protections only to the bulletin board services from the 1990s."3 Under this conception of § 512(c), YouTube, Facebook, Ravelry, Reddit, Hacker News, and every other social media service would lose the § 512(c) safe harbor completely.

He noted that "the DMCA was intended to incentivize innovation and the growth of the internet" and that "algorithmic recommendations—which benefit users by connecting them to their communities and information they are likely to be interested in—do not negate the principle that the underlying content is stored at the direction of the user."3

Yet, the Study would strip OSPs of this shield from infringement claims, even when they neither knew about nor had encouraged infringing activities. OSPs would now be at risk of very large money damage awards instead of being subject only to the prospect of injunctive relief.

Back to Top

"Red Flag" Knowledge and Willful Blindness

A second significant change recommended in the 512 Study concerns standards for judging when OSP hosting services should be deemed to "know" about user infringements. The Study claims that courts have misinterpreted what should constitute "red flag" knowledge and willful blindness to infringement.

Under the so-called "red flag" knowledge provision of § 512(c), OSPs lose the safe harbor when they are "aware of facts or circumstances from which infringing activity is apparent." Once they have such awareness, they must act "expeditiously" to remove or disable access to infringing content. The Viacom decision said this rule applied only when OSPs became aware of specific and identifiable acts of infringement. (This ruling makes sense because OSPs cannot remove or disable access to infringing materials if they do not know what and where they are.)

These changes would negatively impact the availability of user-generated content and other legitimate user activities.

The Study asserts that general knowledge of infringement somewhere on an OSP's site should suffice as "red flag" knowledge. Even though § 512(m) provides that OSPs do not have a duty to monitor their sites to detect infringement, the Study regards this rule as protecting only user privacy interests. It argues that OSPs should be more proactive in monitoring their sites for infringements, even though § 512(m) says no such duty exists. Failure to monitor and investigate user-uploaded content if some OSP staff have some general awareness of infringement should result, the Study suggests, in OSPs being found to be willfully blind to infringement.

Back to Top

What About Fair Use?

The 512 Study evinces a cavalier and largely dismissive attitude toward fair uses. It fails to recognize that widely posted user-generated content, such as remixes, mashups, and fan fiction stories, is generally viewed as making fair and non-infringing uses of copyrighted works when creatively reusing parts of popular music, videos, and the like.

Also generally fair are incidental uses, such as the short video that Stephanie Lenz uploaded to YouTube of her baby dancing with some Prince music playing in the background. Universal sent a takedown notice to YouTube about it, which Lenz counter-noticed on fairness grounds. An appellate court in Lenz v. Universal Music Corp. held that Universal must consider fair use in order to have a good faith belief that an online use of its work was infringement before sending a takedown notice. The 512 Study criticized Lenz as wrongly decided.

The Study also chided OSPs for deciding not to take down allegedly infringing content when persuaded that a challenged use was fair: "OSPs do not appear to be fully honoring the requirement in § 512(c)(1)(C) that upon receiving a takedown notice that is compliant with § 512(c)(3), they 'respond[] expeditiously to remove or disable access to' the material." Under the Office's interpretation of § 512, OSPs must remove or block access to content about which a takedown notice has been received regardless of whether that use is fair.

Back to Top

Repeat Infringer Policies

Under § 512(i), OSPs are eligible for § 512 safe harbors only if they have adopted and reasonably implemented a repeat infringer policy. The Study recognizes the need for some flexibility in the formulation of such policies and their implementations, in part because of the astonishing diversity of OSPs these days. One size does not fit all.

Yet, the Study undercuts its endorsement of flexibility by arguing that all OSPs should have public formal written policies. It expressed disapproval of an appellate court ruling allowing a small provider to qualify because it reasonably honored takedown notices and terminated the accounts of users who repeatedly upload infringing files.

Another of the Study's troublesome conclusions is that accusations of infringement should suffice to deem users as repeat infringers. The Study dismissed as unrepresentative considerable evidence OSPs presented of DMCA takedown abuse. It mentioned, but did not heed, empirical evidence showing that nearly one-third of takedown notices are flawed because they were incomplete or fraudulent, the uploaded material was fair use, or the notice provider was not the owner of a copyright alleged to be infringed.

Copyright law is supposed to promote the public good, not just maximize revenues for copyright industries.

The Study contends that termination policies must apply to Internet access providers, as well as OSP hosting services. Multiple accusations of infringement could result in their users (and their whole households) being cut off from the Internet entirely.

Other countries have experimented with "three strikes" or "graduated response" systems like this, but ultimately abandoned them. Such measures unfairly deprive users of a basic necessity while failing to deter infringement.

Back to Top

Any Good News?

U.S.-based OSPs may be relieved that the 512 Study did not recommend that Congress adopt the notice-and-staydown mandate that major copyright industry groups wanted and that the E.U.'s new strict liability rules now require for OSPs that host "large" amounts of user-uploaded content. Small and medium-sized OSPs, as well as nonprofit services, would find it difficult or impossible to take on the increased burdens and legal risks of notice-and-staydown regimes which require deployment of automated content recognition technologies.

Nor did the Study endorse empowering U.S. courts to issue no-fault site-blocking injunctions. Such injunctions would require Internet access providers to ensure their users cannot access offshore sites that host "pirated" works, such as movies and sound recordings. No-fault injunctions raise serious due process and free speech concerns and could be abused because foreign sites that host non-infringing content cannot easily defend themselves in US courts.

Back to Top

Striking Omissions

One striking omission is the Study's abject failure to recognize the interests of millions of individual user-creators who post their works on YouTube, Instagram, Twitter, Etsy, and myriad other platforms. They are authors too and their creations are entitled to copyright protection. These creators depend on hosting sites to share and/or commercialize their creations. The views of these creators about OSP liability rules should be given due recognition and weight. It is as if the Copyright Office considers conventional copyright industries as the only rights holders whose views about the safe harbors count.

Another striking omission is the Study's failure to consider that Internet-based companies are major contributors to the U.S. economy. An Internet Association-commissioned study reported this sector contributed more than $2 trillion to the U.S. gross domestic product (GDP) in 2018, representing about 10% of GDP, and directly created six million jobs and indirectly supported an additional 13 million jobs. Most OSPs, moreover, experience few infringement claims, so major changes to the safe harbors will impose substantial costs on "good" actors without appreciably reducing infringements.

A third striking omission was the Study's failure to acknowledge that major copyright industries are thriving in the digital age. One 2019 report on the state of the entertainment industry concluded that "the Internet, as currently structured, has been a creative force. It has helped many more people become creators and to make money from their creations, and the many industry sectors around 'copyright' are all seeing the fruits of that now."1

Perhaps most striking, though, was the Study's failure to give any weight to the interests of hundreds of millions of American Internet users who rely on this medium for a wide range of purposes: to get news, find information, share photos on social media, communicate with friends, family, and co-workers, seek entertainment, order consumer goods or food to be delivered, and in this pandemic age, to work safely from home and to educate our children when schools and libraries are closed. Copyright law is supposed to promote the public good, not just maximize revenues for copyright industries.

Back to Top


The U.S. Congress is unlikely to make any changes to the DMCA safe harbors in the near term, especially given the coronavirus pandemic and the presidential election. The Copyright Office's 512 Study signals, however, the beginning of the next round of a prolonged battle in the halls of Congress over which, if any, of the many lopsided changes recommended in that report will ultimately be enacted into law. In the meantime, copyright industries will surely find the Study's analysis and conclusions useful to buttress their legal arguments in litigations against OSPs and to send more questionable takedown notices.

Back to Top


1. Masnick, M. and Beadon, L. The Sky Is Rising: A Detailed Look at the State of the Entertainment Industry 41-42 (2019 ed.);

2. U.S. Copyright Office, Section 512 of Title 17: A Report of the Register of Copyrights (May 2020),

3. Written Testimony of Jonathan Berroya, President and CEO, Internet Association, Hearing of the Senate Judiciary Committee, Subcommittee on Intellectual Property, Is the DMCA's Notice-and-Takedown System Working in the 21st Century? (June 2, 2020);

Back to Top


Pamela Samuelson ( is the Richard M. Sherman Distinguished Professor of Law and Information at the University of California, Berkeley, CA, USA.

Copyright held by author.
Request permission to (re)publish from the owner/author

The Digital Library is published by the Association for Computing Machinery. Copyright © 2020 ACM, Inc.


No entries found