1. Draft Text of ACTA Made Public

Since late 2007, the United States and a number of other countries, including Australia, Canada, the European Union, Japan, Mexico, and South Korea, have been negotiating an “Anti-Counterfeiting Trade Agreement” (ACTA). A variety of speculation, rumors, and leaks regarding what ACTA might contain have prompted concern in the blogosphere and the tech industry. Until recently, however, the only official documents that had been publicly released were high-level outlines and statements offering little guidance on ACTA’s specific provisions and language.

In April, the negotiating countries ushered in a new and more transparent phase in the ACTA debate by making the current draft text public. The draft is still very much a work-in-progress; many of its provisions feature multiple proposed options or bracketed language reflecting a lack of current consensus. Nonetheless, the release of the draft text allows interested parties to stop lobbying for transparency, as CDT and many others have been doing since 2008, and instead turn their attention to the agreement’s substance. It also allows the discussion to get specific; interested parties can analyze and comment on the details of concrete proposals. (To its credit, USTR had at one point allowed CDT and a number of advocates to review and comment on a portion of draft text, but only subject to a non-disclosure agreement that prevented public debate.)

ACTA’s stated goal is to establish a new set of high standards for enforcement efforts to combat “counterfeiting and piracy.” The idea is that a core group of countries would agree to meet certain benchmarks for strong intellectual property enforcement, and then likely press other countries to meet those benchmarks as well.

CDT has focused principally on ACTA’s impact for copyright policy. CDT supports vigorous enforcement of existing copyright laws, particularly with respect to “bad actors” who flout the law and commit infringement on large scale. But we have been concerned that ACTA could include provisions that affect a much broader range of parties. For consumers, overly aggressive copyright policies can raise privacy, free expression, and due process issues. For online innovators and businesses, there can be serious issues of liability exposure and barriers to innovation.

The draft text makes it possible to have a more concrete discussion about these risks. CDT’s specific concerns, based on the language and options currently on the table, are set forth in the following sections. The biggest problem is that ACTA could skew foreign legal regimes by selectively promoting a stringent, one-sided model of U.S. copyright law. In addition, several provisions could encourage problematic interpretations of or changes to U.S. copyright law.

ACTA text

CDT 2008 Policy Post regarding ACTA transparency

2009 joint letter requesting transparency

2. ACTA’s Selective Export of U.S. Copyright Law May Foster Highly Skewed Legal Regimes in Other Countries

Many ACTA copyright provisions appear to be modeled on U.S. law, particularly the Digital Millennium Copyright Act (DMCA). But to the extent that the agreement aims to export U.S. law, it does so in a highly selective fashion. The draft text repeatedly mandates those elements of U.S. law creating strong enforcement tools, while making entirely optional and discretionary those elements of U.S. law establishing limits on copyright. In short, the draft unmoors the law’s tough, expansive copyright provisions from its safeguards and limitations. It therefore invites foreign countries to adopt copyright legal regimes that would be far harsher and far less balanced than that of the United States.

Nowhere is this more true than in the area of third party liability (also known as secondary liability) – the doctrine under which device or service providers can be held liable for infringements committed by their users.

Article 2.18.3 of the proposed text requires each signatory to ensure that its legal system includes third party liability. Footnote 47 describes the circumstances in which third party liability should apply. But limitations, exceptions, and defenses to third party liability, while expressly permitted, are left entirely to the discretion of each country. There is not even a mention of the core principle, established by the Supreme Court in the 1984 Sony case and reaffirmed unanimously in the 2005 Grokster decision, that the act of making or distributing a product with “substantial noninfringing uses” cannot be a basis for liability. Fair use, another crucial factor in U.S. third party liability cases, is referenced in ACTA footnote 47, but is entirely optional. Indeed, footnote 47 includes language designed to ensure that countries may not adopt overbroad exceptions and limitations to third party liability – but ACTA takes no similar care to ensure that countries will not adopt an overbroad approach to third party liability itself.

These are not minor omissions. The Supreme Court in Grokster explained clearly that overbroad application of third party liability risks “trenching on regular commerce or discouraging the development of technologies.” It described the third party liability debate as an effort to develop a “point of balance between protection and commerce.” And it explained that “[t]he more artistic protection is favored, the more technological innovation may be discouraged; the administration of copyright law is an exercise in managing the trade-off.” It is remarkable that ACTA, which as a trade agreement would be expected to carefully reflect the needs of commerce, shows little sensitivity to the potential commercial impact of the third party liability regimes it requires. It demands third party liability and demands that it not be too weak, but takes a pass on all the Supreme Court law aimed at preventing it from being too strong.

Article 2.X.2 reinforces the concern that ACTA may expose third parties such as Internet service providers to legal risks far greater than they face under U.S. law. The article says that rights holders may “apply for an injunction against [infringing] intermediaries whose services are used by a third party to infringe an intellectual property right.” Under U.S. law, the availability of injunctions against intermediaries is limited by the Sony safe harbor, discussed above, for products and services with “substantial noninfringing uses.” In addition, an intermediary qualifying for the DMCA section 512 safe harbor would be entitled to the protections of section 512(j), which directs a court to consider the burden an injunction would impose on the intermediary. The ACTA proposal on injunctions makes no reference to such limits. It thus could prompt other countries to embrace intermediary injunctions in a fashion far more burdensome and sweeping than in the United States.

ACTA’s asymmetrical version of U.S. law is evident in other provisions as well. The “Option 1” text of Article 2.18.3 is presumably modeled on the DMCA’s section 512 safe harbor. But it fails to require countries to adopt anything close to a true safe harbor. Instead of providing a complete shield against monetary damages, as U.S. law does, ACTA merely says that countries must provide unspecified “limitations on the scope of civil remedies.” Such “limitations” could fall well short of holding intermediaries harmless.

Meanwhile, subsection (b)(i) of Option 1 could easily be interpreted as endorsing policies that place far more onus on Internet service providers than does the DMCA. The subsection calls for measures “to address the unauthorized storage or transmission of materials protected by copyright.” As a preliminary matter, “unauthorized” is broader than “infringing,” since some activity – such as fair use – can be unauthorized but not infringing. In addition, countries implementing this section could well conclude that a policy of terminating the accounts of proven repeat infringers – the safe harbor prerequisite contained in the DMCA – does not sufficiently “address” the problem of unauthorized transmissions. Countries might therefore adopt more aggressive prerequisites for whatever safe harbor protection they choose to offer. Bracketed language suggests that affirmative monitoring requirements might be off limits, but anything else would be fair game.

The “Option 2” text of Article 2.18.3 likewise fails to guarantee a real safe harbor. In addition, it fails to include any protection for information location tools, in contrast to section 512(d) of the DMCA.

Article 2.18.4 is based on section 1201 of the DMCA, requiring countries to prohibit both the circumvention of technical protection measures and the distribution of circumvention devices. But once again, ACTA reflects U.S. law in a selective and asymmetrical way. DMCA section 1201 includes seven important exceptions to the anticircumvention prohibition, including for interoperability, encryption research, and security testing. ACTA, in the two options listed under Article 2.18.5, merely says that countries “may” include exceptions. The prohibition is mandatory, but the crucial balancing exceptions are merely permissive.

Finally, Article 2.14.1 calls for criminal penalties for infringement “on a commercial scale.” It then goes on to describe “commercial scale” infringement as including any infringement that is willful and “significant.” The meaning of “significant” would be up to individual countries, but this formulation seems to invite them to set a very low bar for treating infringement as a criminal rather than a civil violation.

In each of these areas, the United States likely would not need to change its domestic law to comply with ACTA. But there would be a major risk that foreign countries implementing the agreement would create regimes that are far more skewed and one-sided than U.S. law. The recent criminal conviction of Google executives in Italy based on an illegal video posted by a user – even though the company took down the video when notified about it – shows that some countries display an appalling lack of sensitivity to the costs of broad third party liability. The end result of ACTA, therefore, could be foreign legal regimes that cater strongly to rights holders at the cost of discouraging a wide range of legitimate commerce and technology innovation – including the international business activities of U.S. information technology companies. That would be a strange result for a trade agreement being pushed by the United States.

Leslie Harris article on threat posed by Italy’s conviction of Google execs

3. A Number of Proposed Provisions Could Encourage or Require Changes to U.S. Domestic Copyright Law

U.S. officials have indicated that they intend to “color within the lines” of U.S. domestic law, such that ACTA will not require changes to the U.S. legal regime. But several proposals currently on the table could have an impact on the U.S. legal framework or could encourage future changes to it.

Footnote 47 to Article 2.18.3 attempts to briefly summarize third party liability doctrine as it has emerged from caselaw in the United States. In doing so, however, it appears to take sides on an important unsettled legal question. The Grokster case was ambiguous about whether “inducement” of copyright infringement represents a new, independent theory of third party liability, or simply a revised test for applying contributory liability. There is a strong argument that it is just a restatement of the contributory liability test: The Court said that “one infringes contributorily by intentionally inducing or encouraging direct infringement.” The doctrinal question is not merely semantic; it has significant implications for the mental state (intent versus knowledge) required for contributory liability. But ACTA appears to take the position that that inducement liability and contributory liability are two separate, alternative bases for third party liability. By weighing in on that question, ACTA could affect U.S. law in this area.

The “Option 1(b)” text of Article 2.18.3, in setting forth criteria for qualifying for safe harbor protection, says that an online service provider must adopt a policy to “address the unauthorized storage or transmission of material protected by copyright.” The DMCA safe harbor, by contrast, requires service providers to (i) have a policy for terminating repeat infringers and (ii) accommodate standard technical measures. Given the broader nature of the ACTA language, it could well be used in the future to justify proposals for imposing additional requirements on online service providers seeking to qualify for the safe harbor. One can envision an argument that the DMCA requirements do not really “address” the problem as ACTA demands. The ACTA provision’s phrasing, in other words, lends itself to advocacy for going beyond current U.S. law.

Proposed Article 2.18.3 ter is flatly inconsistent with U.S. law. The proposed language would require each country to enable rights holders to “expeditiously obtain” from Internet service providers the identity of any subscriber that the rights holders claim are engaging in infringement. This conflicts with settled decision of two federal appeals courts, which have held that the DMCA does not require ISPs in their capacity as conduits to turn over subscriber information based on allegations of infringement. (See in re Charter Communications (8th Cir. 2005) and RIAA v. Verizon (D.C. Cir. 2003).)

Finally, proposed Article 2.18.3 quater would call on governments and ISPs to take on new roles not envisioned by U.S. law. The proposal would require each party to “promote the development of mutually supportive relationships between online service providers and rights holders to deal effectively” with Internet-based infringement, including “guidelines for the actions which should be taken.” In contrast, current U.S. law reflects a deliberate policy choice not to saddle ISPs with the affirmative responsibility to police and prevent infringing activity by users. 47 USC 230 and section 512 of the DMCA reflect this policy choice.

4. Other Concerns

While CDT supports efforts to enforce current copyright law, we have concerns that efforts labeled as “enforcement” initiatives may be used as vehicles to obtain significant substantive modifications to the existing legal regime. CDT recently told the new federal Intellectual Property Enforcement Coordinator that the forthcoming I.P. enforcement plan should not try to reshape substantive copyright law by, for example, calling for modifications to the scope of third party liability or new obligations for ISPs. In the ACTA context, CDT and a number of allies similarly urged USTR in 2008 to avoid delving into matters of substantive law.

In CDT’s view, it is difficult to argue that provisions addressing how and when third parties may be liable for infringements committed by others is merely a question of “enforcement.” Third party liability is not just about how to pursue those who violate the law; it is about how far copyright law reaches and which parties can be considered violators in the first place. To the extent that ACTA gets into matters of substantive copyright law, there are legitimate questions about whether it is appropriate to address such matters in an executive agreement that can be concluded without any role for Congress.

In addition, some have raised questions about ACTA’s call for an Oversight or Steering Committee that would function as a brand new international I.P. institution separate from the World Intellectual Property Organization (WIPO) and World Trade Organization (WTO). The impact on existing I.P. institutions and the potential for “forum shopping” are worth considering.

In sum, while the draft ACTA text provides an opportunity to begin detailed debate on the pros and cons of specific provisions and language, it raises a number of serious concerns. CDT hopes that the improved level of transparency will translate into better understanding of the potential pitfalls and a reexamination of those aspects of ACTA that pose significant risk to online intermediaries.

Links:

CDT comments to I.P. Enforcement Coordinator

2008 joint comments to USTR on ACTA

Goldsmith/Lessig article raising constitutional concerns about ACTA

Geist blog post on ACTA’s institutional provisions