:Information Law and Policy Spring 10

By Michael Chung, Marco Cozzi, Tanushree Jindal, Thejo Kote

In this class we study how the design of technology can introduce liability in the areas of copyright and privacy. We have tried to analyze the legal issues as they relate to contemporary topics.

Technology design liability as it relates to copyright

“From its beginning, the law of copyright has developed in response to significant changes in technology. Indeed, it was the invention of a new form of copying equipment — the printing press — that gave rise to the original need for copyright protection.” (Sony Corp. of America v. Universal City Studios, Inc., 464 U.S. 417 (1984))

This week’s cases examine the ongoing tussle between the contrasting values of supporting creativity through copyright protection and promoting technological innovation by limiting infringement liability. We attempt to look at the technological adaptations that have evolved in response to indirect liability suits, to allow infringement, and survey the current alternatives devised by copyright holders.

The Betamax case set a precedent by a decision that the manufacturers of home video recording devices are not liable for copyright infringement, so long as the technology is capable of substantial non-infringing uses. It also established a test for determining whether a manufacturer (or developer) of a device (or an application) with recording and copying capabilities was responsible for contributory or vicarious infringement.

Napster, a pioneering and extremely popular music file-sharing application, was shut down by court order for copyright violations in 2001 after operating for two years. Their solution was technically advanced – they also maintained an efficient, centralized search index to help facilitate a user to find a specific MP3 audio file and then enable downloading it from an another user or peer. The centralized index was key in Napster’s case as it proved that the company had “actual knowledge” of direct infringing activity by its users, was thereby in a position to act on it, and hence declared liable for contributory infringement.

In an attempt to woo Napster’s large user base, Grokster and StreamCast created file sharing applications that maintained a decentralized search index and ensured, through different techniques, that all “knowledge” of infringing activity was removed, and could be disclaimed. They too ran afoul of copyright infringement as it was proved that they distributed their applications with the clear intent of promoting its use to infringe copyright. The decision, however was not a straightforward one as it came before the Supreme Court after Grokster won in two lower courts. Apart from noting the intent to profit from copyright infringement, the Supreme court also failed to find substantial non-infringing uses of Grokster and StreamCast.

Over time, it has been challenging for the courts to determine if a technology is capable of substantial non-infringing uses, primarily because with every precedent that is set, technology evolves to work around what has been established to be an infringement. This evolution of the design of file sharing technology has manifested itself in the disaggregation of the discovery of content and the actual transport of bits between computers. After the Grokster ruling, the most popular mechanism of sharing files has been through the use of BitTorrent technology, which does not provide an easy opportunity for copyright holders to target individual providers with secondary liability suits.

BitTorrent is just a protocol for data transfer, which depends on torrent files for a download to be initiated, and tracking servers which act as pointers to where the actual data resides. Anybody can start a service which indexes torrent files and provides the tracking servers needed by BitTorrent, and many people have done so. Grokster worked around the centralized nature of Napster, but it was still a large entity which could be sued and held liable for indirect infringement. In the case of BitTorrent, that is much harder to do, since there are so many alternatives available to people. Of course, the copyright holders have tried to target tracker sites too – with the MPAA suing isoHunt, TorrentSpy and other services in 2006. But, technology has evolved yet again, with the use of decentralized trackers now becoming popular.

With each stage of evolution, the courts have found it more difficult to make the case that a technology is not capable of non-infringing uses. In Grokster’s case Justice Breyer argued for the potential non-infringing uses of technology and that limited legitimate use at any point in time may increase to something more if given an opportunity. As the disaggregation of services and their potential non-infringing uses increase, the courts may not be willing to take a hard stance against new technologies, even if they can be used for copyright infringement.

In light of the evolution of technology, copyright holders have also been adapting. There seems to have been a change in their understanding of the new reality. Services like Hulu, the iTunes Store and Netflix are major examples of this trend, which provide end users an option of obtaining the desired content easily, affordably and legally while at the same time meeting the goals of the copyright holders in realizing value from their content. The challenge for copyright holders may be in accepting the fact that technological innovation limits their ability to realize that value in the same magnitude as before. The tension between the rights of copyright holders and the need to support technological innovation is ongoing, with each adapting to challenges from the other.

Technology design liability as it relates to privacy

In designing technological tools, the cases we’ve read this week have outlined a number of criteria by which infringement of privacy could be argued. Here we will apply some of the privacy concepts to Chatroulette (http://www.chatroulette.com) and Chatroulette Map (http://www.chatroulettemap.com/), a recent service that compiles and displays Chatroulette users’ geographical location and images. Chatroulette is operated by Andrey Ternovskiy, a 17-year-old Russian highschool student (http://nyti.ms/9uLJYw) and hosted outside the United States. Chatroulette Map is operated by another party (besides Ternovskiy) and is hosted by Dreamhost in California. Taking into consideration, the technical designs of Chatroulette and Chatroulette Map, Chatroulette Map may be exposing itself to potential liability for infringement of privacy.

Chatroulette and Chatroulette Map Background
While users initiate a Chatroulette session from the Chatroulette website, the video session between the two users is a direct peer-to-peer connection between the two participants. This could be argued as a private (albeit randomly generated) communication between the two parties, akin to a telephone conversation or video chat. Chatroulette Map captures photos of participants and their IP addresses without their knowledge or consent, using the IP address information to approximately locate users on a worldwide map.

Privacy Infringement?
According to 18 § USC 2511, anyone who “intentionally intercepts, endeavors to intercept or procures any other person to intercept or endeavor to intercept, any wire, oral, or electronic communication…shall be fined under this title or imprisoned not more than five years.” Under this code, the operators of Chatroulette Map are intentionally intercepting video feeds of each individual, capturing a screenshot and their IP address, and then making these publicly available on their site. This is a brand new tool, and we are still not clear how they are capturing the images & IP address. However, given that the video stream is a direct peer-to-peer connection between the Chatroulette users it is possible that Chatroulette Map operators stand in violation of 18 § USC 2511.

Additionally, Chatroulette Map itself might qualify as an electronic device (18 § USC 2512) in which the operators “know that the design of such device renders it primarily useful for the purpose of the surreptitious interception of wire, oral, or electronic communications…”. While the classic definition of ‘device’ would lend itself to a physical device, it potentially applies to web-based tools as well. Devices don’t necessarily need to be limited to a piece of hardware, but software is capable of the same prohibitive functions identified in section 18 § USC 2512. In United States v. Spy Factory (1997), the court identified authority as crucial to the concept of surreptitious. Since Chatroulette users are not prompted, notified or otherwise aware of Chatroulettemap.com’s ability to capture their IP address and [a snapshot of] videostream. (18 § USC 2512)

According to the FTC Act, a trade practice is unfair if it “causes or is likely to cause substantial injury to consumers…”, based on this it’s not clear whether Chatroulette Map is actually violating this principle and causing substantial harm to the user. At most, the person’s photograph (screen capture) is tagged to their approximate location (based on an IP address reverse lookup), not currently revealing any other personal information about them. At first glance, it appears that that the user’s privacy is violated because they are using the Chatroulette program under the belief that their actions are anonymous. At no time during the use of the program is the user presented with a message asking them permission to disclose their location information.

The exposure of Chatroulette users’ approximate location might not qualify under the FTC’s definition of substantial harm (EPIC complaint to the FTC, 2008). There is no monetary harm involved to the user, nor are their any obvious harmful “unwarranted health and safety risks”. IP Address geolocation is approximate and typically does not reveal the exact location of the user. However, even though wiretapping may be conducted with no intent to purposely harm, the act of intercepting the communication surreptitiously itself might violate federal principles. (18 § USC 2512)

Chatroulette Map service borders on possible privacy infringement, though the question of substantial harm seems difficult to justify when considering United States v. Spy Factory and FTC v. Cyberspy Software. These cases made clear case for substantial harm. If Chatroulette Map were litigated against, the Courts would need to balance the surreptitious nature of the service against any substantial harm the service might cause.

———————————————
BONUS
Jon Stewart did a classic Daily Show sketch about Chatroulette:
http://www.mediaite.com/tv/daily-show-chatroulette-jon-stewart/

3 Comments