This month, the online service provider CloudFlare stood up for its website-owner customers, and for all users of those websites, by telling a court that CloudFlare shouldn’t be forced to block sites without proper legal procedure. Copyright law limits the kinds of orders that a court can impose on Internet intermediaries, and requires courts to consider the pros and cons thoroughly. In this case, as in other recent cases, copyright (and trademark) holders are trying to use extremely broad interpretations of some basic court rules to bypass these important protections. As special interests keep trying to make things disappear from the Internet quickly, cheaply, and without true court supervision, it’s more important than ever that Internet companies like CloudFlare are taking a stand.
The current dispute between CloudFlare and a group of record labels arose from the labels’ case against the music streaming site MP3Skull. The website’s owners never appeared in court to defend themselves against a lawsuit by the labels. The labels, who are all members of the Recording Industry Association of America, won a court judgment by default in March of this year. The judgment included a permanent injunction against the site and those in “active concert and participation” with it. On the last day of June, the labels’ lawyers sent the order to CloudFlare and demanded that they immediately stop providing services to various Internet addresses and domain names connected with MP3Skull.
CloudFlare provides content delivery network services, optimization, and security for websites. Its CEO previously said on the company’s blog that “if we were to receive a valid court order that compelled us to not provide service to a customer then we would comply with that court order,” but that “there will be things on our network that make us uncomfortable[, and] our proper role is not that of Internet censor.” Last year, with help from EFF, CloudFlare successfully fought back against a court order that would have required it to act as trademark police for the music labels by shutting down any customer who used domain names like “grooveshark.”
CloudFlare is keeping up that legal approach in the MP3Skull case. It wrote to the U.S. District Court for the Southern District of Florida to say that while it “does not oppose an appropriate injunction,” the RIAA members should be required to follow the procedure set out in Section 512(j) of the Digital Millennium Copyright Act (the DMCA). That law limits the kinds of injunctions that can be imposed on Internet intermediaries like CloudFlare. It also requires courts to consider the pros and cons of ordering an intermediary to help enforce a copyright. Specifically, a court has to consider whether an order would “significantly burden” the service provider or its operations, how much harm the copyright holder is likely to experience without an order, whether the order would be technically feasible and effective, whether it would tend to block non-infringing material, and whether less burdensome measures are available.
None of that happened in this case. The court simply entered a broad injunction against the MP3Skull defendants by default after they failed to show up in court, and the labels then attempted to bind CloudFlare with that order months later. The labels didn’t mention the DMCA at all in their request to the court. Instead, they pointed to Rule 65 of the Federal Rules of Civil Procedure, which says that a court can issue injunctions against a party to the case or anyone in “active concert and participation” with a party. It’s that phrase that rightsholders have used to try to bind Internet intermediaries like CloudFlare without following the procedure laid out in DMCA 512(j), and similar limitations that the courts have created for trademark law.1
The “active concert” clause of Rule 65 is actually quite narrow: it’s meant to keep parties to a case from evading a court order by acting indirectly through a friend or associate. It doesn’t sweep every company that provides services to a defendant under the court’s power, and it doesn’t bypass more specific rules like DMCA 512(j). Making Rule 65 into an injunction trump card would lead to bizarre results: the courts would have more power over a service provider like CloudFlare if it is not named as a defendant in a lawsuit, and less power if the service provider were actually sued, given their day in court, and found liable. It’s easy to see why the law shouldn’t work that way.
Although another court found that CloudFlare was in “active concert and participation” with a trademark-infringing customer last year, that court also narrowed its injunction against CloudFlare, as trademark law requires. Still, the court should reject the record labels' argument that one injunction obtained by default can bind "countless conduit online service providers, search engines, web hosts, content delivery networks, and other service providers" -- in other words, the entire Internet -- without considering the burdens, costs, and alternatives for each, as Congress required.
The limits on court orders against intermediaries are vital safeguards against censorship, especially where the censorship is done on behalf of a well-financed party. That’s why it’s important for courts to uphold those limits even in cases where copyright or trademark infringement seems obvious. Court precedents and technical tools built today to go after “notorious pirates” will be used tomorrow against popular blogs, political commentators, satirists, and innocent businesses. Insisting on a full and fair legal process before blocking users becomes more important the larger an online service provider gets. That's why it’s great to see a service like CloudFlare stepping up to protect all Internet users by doing just that.
- 1. Tiffany (NJ) Inc. v. eBay Inc., 600 F. 3d 93 (2d. Cir. 2010)
Share this: Join EFF