Knew It But Didn’t Stop It: Supreme Court Clarifies Limits on Secondary Copyright Liability in Cox v. Sony

An ISP Is contributorily liable for copyright infringement committed by its users only if it intended its services to be used for infringement, according to the Supreme Court’s recent landmark decision Cox Communications, Inc. et al v. Sony Music Entertainment et al.

The Court repudiated the Fourth Circuit’s holding that Cox Communications was contributorily liable for infringement because it knew of infringing activity and did not take sufficient action to stop it. The Court also declined to expand secondary liability beyond its established precedents (Sony and Grokster) that addressed the scope of contributory liability. Contributory copyright infringement liability now turns on a service provider’s direct actions, such as its active encouragement or design of its services, rather than on the adequacy of compliance programs.

Contributory Liability before Cox

The U.S. Copyright Act does not expressly create liability for “secondary” copyright infringement (liability for infringements committed by another). However, after passage of the Copyright Act, the Supreme Court recognized, and various lower courts further developed, the common law theories of “contributory” and “vicarious” secondary copyright infringement liability.

In Sony, the Supreme Court found that an early form of video recording technology was not tailored to infringement (and therefore its creator could not be contributorily liable for the sale of that technology to users who used it to infringe) because the technology was capable of being used for significant purposes other than creating bootleg recordings.

In Grokster, the Supreme Court held that a peer-to-peer file sharing network could be contributorily liable for the infringing activity of its users because it actively encouraged infringement through specific acts, such as expressly advertising that its software could be used to download copyrighted works, and because the services were “not capable of ‘substantial’ or ‘commercially significant’ noninfringing uses” (i.e., the peer-to-peer services were tailored to infringement.)

Contributory Liability in the Digital Age

Some copyright owners who claim that their works (such as music and motion pictures) are subject to widespread internet piracy have sought to quell online unauthorized sharing of those works by suing not just individual infringers, but also ISPs and other online service providers, on the theory that the providers are contributorily liable for their users’ infringement.

The Fourth Circuit expanded the scope of contributory copyright infringement liability past mere inducement or tailoring to find that Cox Communications, an ISP, was contributorily liable because Cox knew of infringing activity but took insufficient action to stop it.

The Supreme Court’s Narrowed Rule in Cox

In Cox, the Supreme Court flatly rejected the plaintiff Sony’s argument that an ISP can be contributorily liable for the copyright infringement of its users simply because the ISP is aware of the infringement and fails to take sufficient actions to stop it.

In fact, the Court rejected any expansion of the rules set out in Sony and Grokster, holding instead that these cases mark the full boundaries of contributory liability for copyright infringement.

The new, simplified rule of contributory copyright liability is:

A service provider is contributorily liable for its user’s infringement only if the service provider intended for the service to be used for infringement, which can be proved only by showing that the service provider either (1) affirmatively induced the infringement or (2) tailored its service to the infringement.

Because Cox did not “induce or encourage” infringement (in fact, it sent warnings and suspensions to its end users that discouraged it) and because Cox’s broadband plainly supports countless lawful activities and was therefore not “tailored to infringement,” the Court found that Cox was not contributorily liable.

What Are ‘Inducement’ and ‘Tailoring’?

The Court elaborated on the meaning of the terms “inducement” and “tailored” as follows:

“Inducement” is active encouragement of infringement through specific acts. Inducement is not passively hosting infringement, even if the ISP is aware of the infringement but does not stop it. Instead, inducement is:

• Promoting, advertising, or marketing a software or service as a tool that can be used to, or is intended to, infringe copyrights
• Encouraging or incentivizing infringement through benefits to users
• Instructing users on how to use the services to infringe copyrights

A service is “tailored” to infringement if it is not capable of substantial or commercially significant noninfringing uses. Most broadly purposed ISPs and platforms are likely not “tailored” to infringement under Cox. For example:

• General purpose broadband internet can be used for substantial noninfringing purposes, such as research, shopping, news, social media, and other forms of online communication.
• A social media network or online discussion forum that is not principally devoted to discussions of infringing activity would not be tailored to infringement even if its users occasionally share infringing third-party materials on it.
• Conversely, the provider of a technology with no purpose other than obtaining newly released commercial movies without permission might be found to have “tailored” the technology to infringement.

Litigation Implications

Cox narrows secondary liability standards:

• Pleading and Summary Judgment: Plaintiffs cannot rely solely on notice volume or lax enforcement to prove contributory infringement. Instead, they must allege and prove inducement or tailoring for infringement.
• Standard Access Services Likely More Protected: ISPs that offer general services and that don’t otherwise take inducing actions will be insulated from liability.

The Court made clear that mere knowledge that a service will be used to infringe is insufficient to establish the required intent to infringe. Plaintiffs will therefore need to focus discovery on communications, marketing, and other indicia suggesting active encouragement or tailoring of the service for infringing use.

DMCA Safe Harbors and Liability

The Court clarified that the DMCA § 512 safe harbors, including the repeat infringer policy requirement, remain as shields against liability if the service provider complies with the safe harbor requirements, but that the DMCA does not itself impose liability on service providers who serve known infringers.

• Section 512(i) requires that ISPs maintain a policy for terminating “repeat infringers” to qualify for the DMCA’s safe harbor but does not itself impose liability.
• Section 512(l) provides that an ISP’s failure to comply with a safe harbor does not prejudice a defense that the ISP may have against infringement liability.

Repeat-Infringer Policies After Cox

After Cox, the failure to qualify for DMCA safe harbors, including failing to reasonably implement a repeat-infringer termination policy, cannot create contributory infringement liability. But we rightsholders may seek to examine a service provider’s notice handling and escalation under the DMCA as potentially relevant evidence of intent. And service providers may still seek to rely on the safe harbors to show that, as in Cox, they provided warnings to allegedly infringing users.

Practical Takeaways for ISPs

The following practices may reduce secondary copyright infringement liability exposure under Cox:

1. Highlight the significant lawful uses of the services. Consider publicly and contractually prohibiting copyright infringement and highlighting significant noninfringing and commercially significant uses of services.
2. Comply with the DMCA to benefit from its safe harbor provisions as risk insulation. While understanding that safe harbor loss only removes a shield and does not create an independent basis for contributory infringement liability absent inducement or tailoring, consider implementing a notice and takedown regime under the DMCA in order to further insulate services from liability. Keep detailed logs of enforcement actions to show active discouragement of infringement.
3. Avoid inducement. Avoid statements, marketing, promotional materials, or customer interactions that could be interpreted as encouraging or promoting infringement.
4. Review product design. Ensure no product or service features could plausibly be described as “tailored to infringement,” especially if such feature is one of the most, or the most, significant feature of the applicable product or service.