Home page logo

nanog logo nanog mailing list archives

Re: Copyright infringement notice
From: "Anne P. Mitchell, Esq." <amitchell () isipp com>
Date: Wed, 22 Aug 2012 12:17:02 -0600

On Thu, Aug 16, 2012 at 6:16 AM, groupstudytac groupstudytac
<groupstudytac () gmail com> wrote:
I get copyright notices from companies like Irdeto , saying that one of my
customers IP is downloading unauthorized material using bittorent. I also
have processes in place to handle such notices .

Can anyone share how he handles such notices in his ISP environment , i am
ready to adapt some valid steps to improve the existing process.

Or should i just ignore such messages ?

If you're in the U.S., the process for handling these notices is
prescribed by law, specifically the Digital Millennium Copyright Act
(search: DMCA takedown notice). It details what the infringement
notice must include in order to be actionable and what steps the ISP
must take on receipt of an actionable notice. It also prescribes
procedures for the alleged infringer to object and for the ISP to
restore the material following an objection.

Follow the procedures described in the law to retain your immunity as
an ISP. Consult a local lawyer if you don't find them sufficiently

The thing that muddies this is that, as I understand it, the notice was not for takedown (i.e. there is not an 
allegation that they are *hosting* infringing material) - it is a notice that one of their users *downloaded* 
copyrighted material (IP, do I have that right?)

This is part of the RIAA's "graduated response" program, to which several major ISPs, including AT&T, Verizon, and 
Comcast,  have agreed.

Basically, the accuser contacts the ISP, and the ISP sends a warning (a "copyright alert") to their user (without 
giving up the user to the accuser).

If the same user is accused subsequently, they get another, sterner warning.  In total there is a series of six 
warnings, with "mitigation measures" accompanying the fifth and sixth warning.

If I were counseling an ISP  - whether one that was part of the agreement, or not - I would say that the first order is 
to *put your policy around copyright alerts in writing* - asap - and make it as specific as possible - and then *ALWAYS 

It almost (I say almost) doesn't matter what the policy is so long as it's reasonable, but it matters that it be 
followed to the letter every time, no exceptions.

And, if you are an ISP that isn't part of the agreement with the RIAA, it's still not a bad idea to structure your 
policy to follow the six "copyright alert" structure, because there is some precedent there, and then you come off 
looking like you are trying to do the right thing, which will make you a less easy target.

These two articles give a pretty good explanation of the deal:




Anne P. Mitchell, Esq
Institute for Social Internet Public Policy
Member, Cal. Bar Cyberspace Law Committee
ISIPP Email Accreditation:  http://www.SuretyMail.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]