Page 1 30 April 2008

WHAT’S HOT IN DIGITAL MEDIA LAW1 INTRODUCTION Things used to be so simple. The law was securely locked up in expensive tomes sitting on the shelves of its custodians, we the lawyers, encased in archaic language. And then along came Tim Berners-Lee, the inventor of the World Wide Web, in the early 1990’s and it all changed. His specifications for HTTP, HTML and URIs have democratised access to content and empowered digital citizens and consumers. Ever since, the law has been chasing the long tail of digital content. From the moment we set foot on the Information Superhighway and entered the world of multimedia – remember them? –the law, technology and business models have never been in sync. They’re each in the grip of different forces and processes, moving at their own speed of change, from warp to weary! But the one constant in all of this is powerful, even systemic, change. We see new actors – search engines, social network sites, online content providers and, of course, the citizen consumer as content creator. We have new technological tools, technical standards, and software applications which enable digital content to be created, located, moved, and shared – legally or illegally - across broadband networks. At the same time, analogue media, especially the printed word, continue to co-exist with digital media and are likely to do so for the foreseeable future. So is the law fighting a losing battle in the midst of this upheaval? Is it losing its own case in Court over its right and ability to regulate the world of online media? As we stride (or, perhaps, stumble!) into this new environment, we can, I think, see four focal points of change. 1. “What and how do you regulate?” In the traditional world of broadcast television and spectrum scarcity, this was fairly clear. But what’s the right approach to regulating content when we move to new online services that deliver a mix of programme-based and ondemand services, mixing film and TV material along with blogs and literary content? And what are the right kinds of regulatory tools to be used, ranging from prescriptive laws to voluntary codes of conduct? 2. “Who carries the can?” What legal responsibilities should ISPs, social network sites and users have for illegal and harmful content? 3. “Where should the boundary between the public and private domains be drawn?” The private is the domain of intellectual property rights, especially copyright, data privacy and notions of permissions and consents. The public is the domain of access, use and re-use of all types of content and information. The challenge faced by regulators, and by all of us as digital citizens, is to decide where the digitally-blurred boundaries should be set.

1

This is a transcript of a talk given by Laurence Kaye on 30 April 2008 at the Reform Club, London.

1

Page 2 30 April 2008 4. “Making the transition from analogue to digital”. Here, the fundamental issue is how we move from a world of paper-based contracts, dusty files and rights holders we can’t locate to one in which, at the click of a mouse, users can locate works, instantly see permitted terms of use and obtain permissions. I am going to describe what’s hot in each of these areas. But first, I want to provide a context by giving a very brief overview of “digital media” and the digital media market. “DIGITAL MEDIA” You can take your pick of definitions of the phrase “digital media”. But I’m using it to mean two things: First, digital delivery channels – the Internet, mobile and digital television – to deliver content and to provide a platform to sell physical products online. Examples include: o o o o Online music services. Books sold through publishers’ websites as well as distributors such as Amazon. TV programmes delivered on-demand via ‘catch up’ services such as the BBC’s i-player and Channel 4’s 4OD. The emerging market for Internet-distributed movies. For instance, Apple recently signed deals with all Hollywood Studios for itunes rental, although not for digital purchase.

Second, I am using “digital media” to cover new, ‘born digital’ content and services which would not have existed but for digital technology and the Web. For example: o o o o ‘3D’ Movies. Social Network/community sites such as Youtube, Myspace and Facebook. E-books and digital audio books which, with their searchability and other features in digital form, are really different to their paper and analogue audio counterparts. New advertising-supported services such as interactive Internet TV services like ‘Babelgum’ which offers independent and new content, including professionally created user content with ‘Web 2.0’ features such as tag searches and collaborative filtering.

In fact, this distinction between new distribution channels and new digital services is artificial. Increasingly, new digital services act both as a channel to distribute what one might call traditional content such as films and as a platform to deliver new services. For example, MySpace is in talks with music labels for downloads; there are film clips available on YouTube and blogs like the ‘HuffingtonPost.com’ are morphing into online newspapers. Over time, these distinctions will disappear and digital media will simply become “media”. And let’s not forget that content moves just as easily from digital to analogue as the other way round. Look at the current litigation in New York, in which JK Rowling is suing for copyright infringement arising from the unauthorised publication of a book, The Harry Potter Lexicon, which consists substantially of JK Rowling material first published on the Web. STATE OF THE DIGITAL MEDIA MARKETS How do the markets for digital media content look to our Regulator? They’re in a febrile state; “living with uncertainty and ambiguity” you might say if looked at from a psychological perspective. Markets characterised by change, experimentation and upheaval as well as the prospect of significant growth. An independent study on the interactive content market in the EU projects that revenues from online content will more than quadruple from €1.8b in 2005 to €8.3b by 2010.2

2

Study on Interactive Content and Convergence; Implications for the Information Society”, commissioned by InfoSoc and Media Directorate General, published 25 January 2007. 2

Page 3 30 April 2008 The biggest challenge facing the media industries today is, I think, commercial rather than legal. It’s how to re-shape existing business models, and to develop new business and revenue models, in the face of 3 major trends:1. Consumers’ reluctance to pay for Internet-distributed content. Currently, 99.9% of video consumption over the Internet is advertising supported. 2. The shift in advertising revenues from traditional to digital media outlets. 3. The impact of the Internet on “traditional” distribution models. For example, the market’s desire for on-demand movie services is putting the film industry’s traditional windows of exploitation – theatrical release, DVD, Pay TV and sell-through – under increasing strain. What’s more, the content industries are faced with massive losses through counterfeit DVDs and large-scale piracy via P2P file sharing. Interestingly, as the TV industry moves to compete with online videos, television now ranks in the US as the fastest growing category of internet piracy.3 So what our Regulator sees are nascent markets where he or she must tread warily! With that in mind, let’s start to tread the Regulator’s path and examine the four focal points of change in the world of digital media law. In doing so, I am concentrating and European and UK law: 1. WHAT AND HOW DO YOU REGULATE? Ignoring complexity and detail, we can distil digital media law into the ‘laws of the content’ and the ‘laws of the networks’ which deliver that content. The laws of the networks are the domain of ICANN and Internet Governance; of the EU’s Telecoms Package governing the provision of electronic communications services; of ‘Net neutrality’ – the principle that providers cannot discriminate against competing applications or content so that we have a ‘two speed’ Internet; and in the UK OFCOM’s rules governing the sale of radio spectrum and other infrastructure issues. I am going to focus on content regulation. In the analogue world, the regulatory picture for content is pretty clear. But in the world of digital media, it’s become a bit blurred as ‘television style’ regulation will start to apply to some kinds of on-demand services. Let me explain. In the analogue world, there are general laws, such as copyright and defamation, which apply ‘horizontally’ or ‘across the board’ to all media sectors and to all types of content, including films, books, newspapers, television programmes, magazines and so on. In addition, the world of analogue broadcasting has always had its own specific ‘vertical’ rules governing the content of its services (for example, relating to production quotas; sponsorship and advertising). These vertical rules reflect the traditional role of broadcasting as a primary medium for the dissemination of culture and information. At a European level, the main source of those rules is the 1985 ‘Television Without Frontiers’ Directive. In the UK, we find them the Communications Act and its predecessors which introduced provisions such as quotas requiring 25% of BBC and ITV shows to be made by independent production companies and, in 2003, gave independents rights to their shows. In the digital world, we still have the same ‘horizontal’ laws applying to all forms of content. They are not industry-specific, applying equally to an e-book, a video clip on YouTube, an on-demand music service and a message on Facebook just as they do to analogue content. But the Audiovisual Media Services Directive (“AVMS”), which is due to be implemented by member states by December 2009, has blurred the distinction which exists in the analogue world between vertical, sector specific content regulation for broadcasting and horizontal rules for all forms of media content, by creating two kinds of ‘audiovisual media service’: • The first is “television broadcasting” which covers programmes based on a programme schedule which are broadcast simultaneously to viewers; this covers all forms of ‘one to many’

3

According to ‘BigChampagne’ a consultancy that measures online file-sharing, as reported in the FT on April 7. 3

Page 4 30 April 2008 television broadcasting, including ‘catch up’ broadcasts via services like BBC i-player and C4 On-Demand. • The second is kind is an “on-demand audiovisual media service” where there is a catalogue of programmes from which the viewer can choose to view whenever he or she chooses. A web-based video on demand service would fall into this category, such as the recently announced joint online video on-demand service for the BBC, ITV, and Channel 4 – code named “Project Kangaroo” – which the broadcasters hope will be “a Freeview for the Internet”.

So the result is that, albeit in a limited way, ‘television style’ regulation is finding its way into the on-demand world. According to the AVMS, the intention is to bring ‘light touch’ regulation to ondemand audiovisual services with rules governing the content of advertising, ‘windows of release’ for films and to prevent the availability of illegal content. It’s important to stress that the AVMS only applies to ‘television-like’ services. That is, services that compete for the same audiences as television broadcasts. There has to be a programme schedule or guide which is under the editorial control of the service provider. So, online games, newspaper sites with podcasts, gambling sites, e-book services are all excluded. But with the increasing variety of on-demand services, and particularly the increasing sophistication of EPGs (electronic programming guides), it seems reasonable to assume that ‘regulatory creep’ will occur. The notion of ‘regulation free’ cyberspace, if it was ever true (which it wasn’t) is certainly dead and buried. 2. WHO CARRIES THE CAN? The issue of how far – if at all – intermediaries such as ISPs and social network sites should have responsibility for illegal content transmitted by users over their networks or hosted on web servers or other hosting services, is not, in Internet-time, a new issue. Indeed, it was at the heart of the E-Commerce and Copyright Directives when they were negotiated during the mid to late 1990’s. So why is it such a hot topic now? There are two reasons. First, it’s been put firmly at the top the digital media law agenda because of pirated audio-visual goods and illegal downloads. Second, the legal rules about intermediaries’ liabilities, certainly in Europe and the US, were developed in the mid to late 1990’s in a pre Web 2.0 world, before social network sites and search engines became ubiquitous. As a result, there is a lack of legal certainty about how these rules apply to the likes of Facebook and YouTube. So as legal fights continue, such as the ongoing litigation in the US between Viacom and YouTube, the emerging theme, I believe, is that voluntary agreements reached by collaboration and negotiation between all stakeholders underpinned, where necessary, with legal sanctions, is the best way forward. With that background in mind, I am going to look first at the position of ISPs and then at hosts. Liability of ISPs This is arguably hot topic numero uno. The issue is being driven by the music industry but there’s no doubt that it is of equal significance to providers of on-demand services of all types of digital content. The position of the two main protagonists is clear. The BPI says that “Studies show that more than six million ISP customers regularly use their broadband accounts to unlawfully download and distribute music online.” As a result, the BPI wants UK ISPs to help cut down unlawful downloads by operating a three step procedure which could ultimately result in them cutting off their offending subscribers. In response, Charles Dunstone, of TalkTalk says: “We give access to the internet, we do not control it, nor do we control what are users do on it. I cannot foresee any circumstances in which we would disconnect a customer’s account on the basis of a third party alleging a wrongdoing. The music industry has failed to adapt and seeks to foist their problems on someone else”.

4

Page 5 30 April 2008 This is tough talk but he’s right to point out there is a vital link between the fight against illegal downloads and the available of legitimate, commercially available online services. This link is also one to which the Regulators’ pay a lot of attention. However, Mr Dunstone is likely to be proven wrong about the future role of ISP’s on this issue. Following the Gowers Review on Intellectual Property, the Government has given a commitment to legislate by April 2009 if ISPs are unable to reach a voluntary agreement or code of practice with industry. So here are the key questions:1. Given the fact that ISPs enjoy a number of legal immunities, how can they be forced to play a role? (The short answer is they can, because they are immune from damages, but not absolved from all legal responsibilities). 2. If they can be forced to play a role, how active a role will that be? In particular, will they have to use filtering technologies to detect infringing content? Can they be compelled to disclose personal information about their subscribers? Let’s take a closer look at ISP immunities. Under the E-Commerce Directive and the implementing UK Regulations, service providers have immunity from damages for all types of illegal content transmitted or ‘cached’ in their networks at the initiation of their customers. This immunity covers all types of illegal content, from copyright and defamation to obscenity and blasphemous material. In the EU, this ‘across the board’ immunity for service providers is complemented by ‘mere conduit’ and ‘caching’ exemptions in the Copyright Directive (and now in UK copyright law) specifically for copyright materials carried or ‘cached’ on their networks. In addition, the E-Commerce Directive reinforces these exemptions by providing that there is no obligation on service providers to monitor the information they transmit or store, nor a general obligation to actively seek facts or circumstances indicating illegal activity. However, immunity from damages does not equate to exemption from all responsibilities. Both the E-Commerce and Copyright Directives contain provisions which allow member states to introduce legal rules to force ISPs to play a ‘middleman’ role in dealing with illegal content, although there is debate about their precise scope. These provisions could lead to legislative measures in member states allowing the Courts to compel ISPs to terminate or prevent infringement or to require them to provide information to competent public authorities of alleged illegal activities by their customers “with whom they have storage arrangements.” This could include information such as IP addresses. But this is a tricky and complex area of the law. As I try to navigate you through this complexity, you may think like me that cross-industry voluntary codes have got to be the preferred route, with the legal rules as ‘backstop’ measures. Let me give you an example of that complexity. In March this year, the European Court of Justice (ECJ) made a somewhat Delphic decision in Promusicae v. Telefonica. This arose out of an action which the Spanish music collecting society brought against Telefonica in the Spanish Courts for an order to force the ISP to disclose the names and physical addresses of its users who exchange illegal copies of copyright works using KaZaA' P2P software. The ECJ were asked to answer this question: does European law require member states to impose an obligation on ISPs to disclose personal information about their users in the course of civil proceedings Answer: "no". But the ECJ's decision does leave the legislative door open for rights holders. The ECJ said that what it had to do was balance the provisions in Community law that protected intellectual property rights (IPRs) with those that protected personal privacy. So introducing legal measures that could, in carefully prescribed circumstances, force the disclosure of user information is not precluded. We have also had a few interesting Court cases which show that the ISPs’ mantra of “hear no evil, see no evil’ is becoming increasingly unsustainable as the digital world evolves. The issue is therefore this: how far will an ISP have to go in dealing with infringing material on its services in order to preserve its immunities?

5

Page 6 30 April 2008 In a recent case in Belgium, (May 2007) SABAM, a collecting society in the music industry, sued the ISP Scarlet (formerly Tiscali) for handling peer to peer traffic containing musical files which breached copyright. The Judge noted that there was no obligation on the ISP to monitor, the Court decided in favour of SABAM. Nevertheless, he decided that to be able to take advantage of the immunity, the ISP in this case had a duty to use filtering technology. He was influenced by one of the introductory paragraphs in the E Commerce Directive that said that the absence of a duty to monitor "should not preclude the development and effective operation of technical systems of protection and identification and of technical surveillance instruments made possible by digital technology.” But whether and to what extent the use of such technology should be mandated by law is a moot point. Following that decision, four major record companies – EMI, Sony, Warner and Universal - are suing Ireland’s largest ISP, Eirecom, demanding that it takes action to prevent users from illegally downloading or sharing music. As a result, it’s clear that the UK Government has a mandate to legislate if the ISP and music industries cannot reach a voluntary agreement. Whilst the issue has been driven by the music industry, it’s of equal concern to all sectors of the media industry as they build their online businesses. It seems to me that it’s far better to negotiate a cross-industry deal than risk the heavy hand of legislation. Against this background, the BPI on behalf of the music industry is trying to negotiate a ’3 strikes and you’re out’ procedure with UK ISP’s, through the Internet Service Providers Association (ISPA). The BPI routinely gathers evidence about illegal downloads by logging on to sites which offer files and downloads via peer to peer. Under the BPI’s proposals, instead of using the evidence to begin a process of legal action against the individual customer, the BPI would send the evidence to their ISP, who can identify that customer from the IP address and send them an advisory letter. That way, it would avoid the issue of disclosure of personal information by the ISP. Here is how the BPI describes the procedure it would like to see: • • If an ISP’s customer’s account is being used to file share music illegally, they would be informed about what is happening and advised as to how they can avoid it happening again. If the advice is not followed, the customer does not act on the letter and the account continues to be used unlawfully, the account is suspended pending a signed undertaking from the customer to the ISP that the unlawful activity will cease. If, after the suspension and undertaking, the customer‘s account is used unlawfully a third time, the contract is cancelled.

But ISPs are not happy with these proposals and these negotiations will be protracted and difficult. For example, ISPA wants an indemnity for ISPs in the event that it transpires that an innocent customer has his or her account wrongly terminated. But in my view, however difficult to achieve, a voluntary agreement is preferable to surrendering to the uncertainties of legislation. In Europe, there are already initiatives underway to create more collaborative arrangements with all the stakeholders in the digital media industries. In France – home of author’s rights – there is already quite a far-reaching agreement in place. The Memorandum of Understanding, otherwise known as the 'Accord Olivennes', is an agreement sponsored by the French Government between the public authority, rights holders and service providers, including ISPs and hosts. Interestingly, it imposes obligations on all participants and makes a direct link between the development of legitimate business models for online delivery and the fight against piracy. There are several other features of the agreement which are interesting:• The procedure is more heavily Court-based than the proposed UK procedure. The warning messages are sent out via the ISP in the name of the public authority, not the ISP’s. Court authority is needed to suspend or terminate the account.

6

Page 7 30 April 2008 • • ISPs and rightholders have agreed to work together to test filtering technologies and ISPs have agreed to use them where technically and financially realistic. As regards hosting and content-sharing platforms, ISPs have agreed to cooperate in good faith with rightholders regarding the potential use of fingerprinting and watermarking technologies.

That’s a sensible approach in my view. As compared with technologies used to identify content, there are freedom of speech issues to be taken into account when deploying filtering technologies which, for example, could have the effect of barring legal forms of communication. Interestingly, as their part of the deal, Audiovisual, film and music rights holders undertake a number of obligations. These cover technical issues and potentially far reaching changes to existing ‘windows of exploitation’ to accelerate the availability of films online. What about the liability of social networks and other hosts? Hosts, including social network sites, also have immunity under the E-Commerce Directive from damages claims for content posted by users to their platforms. Furthermore, there is no general duty to monitor content. But there are several problem areas in how the law works here. The E-Commerce Directive shows its age when it refers almost quaintly to “information society service providers.” Article 14 says that “Where an information society service is provided that consists of the storage of information provided by a recipient of the service, Member states shall ensure that the service provider is not liable for the information stored at the request of the service”, provided certain conditions are met. Does Facebook, MySpace, YouTube sound to you like an information storage service? Think about AOL’s recent $850m acquisition of Bebo to enable it to become, in the words of its CEO, “a social medium powerhouse”. You can immediately see why many rightsholders say “no” or, at the very least, “in some aspects “yes” and in others “no”. Rightsholders point to sites like YouTube and argue, essentially, that they are not service providers as envisaged by the E-Commerce Directive or DMCA but are, in essence, content providers and therefore are either directly infringing copyright or inducing its users to infringe copyright. But even if a service provider is covered by the exemption, their immunity disappears with knowledge of the infringing activity, such as the posting of copyright infringing material. The immunity therefore only applies on condition that: • • The provider does not have actual knowledge of illegal activity nor aware of any facts or circumstances from it is apparent; or On obtaining knowledge or awareness “acts expeditiously to remove or disable access to the information”.

So in its legal action against YouTube in 2007, another argument raised by Viacom was that YouTube knew its users were posting copyright infringing material and did nothing to stop it. The issues here are essentially practical ones. What constitutes “knowledge”, how quick does a service provider have to be to be “expeditious”? There is no prescribed form of notice. So the solutions here need to be developed on a cross-industry collaborative basis rather than through the Courts. Generally speaking, ‘notice and take down ‘procedures do seem to work. But there are uncertainties, especially as regards user contributed content. For example in 2007, a French Court, in Zadig Productions v Google, Inc had to decide whether a hosting site is liable for subsequent repostings of the same infringing content, having been notified about it and taken it down once. The Court looked at what Google needed to do in order to 'act expeditiously' to remove infringing content from Google Video, and so be able to rely on the exemption from liability for hosts. The problem here was that although Google removed the infringing content, it was re-posted. The Court rejected Google's argument that each post required another takedown notice. It took the view that, having received the first notice of the infringement, Google was responsible for implementing technical measures to block posting of the same content. This follows the same logic as the judge applied in the case of SABAM v Scarlett to which I referred earlier.

7

Page 8 30 April 2008 The law, being the law, will continue to evolve. Cases will continue to test the boundaries between ISP and social network immunities, filtering and information disclosure obligations and freedom of speech. But this takes time and is imperfect. As a result, the relationship between technology, business and the law is never truly in sync. That is why self-regulation and voluntary codes, backed where necessary with legal sanction, will increasingly be the regulatory instrument of choice. 3. WHERE SHOULD THE BOUNDARY BETWEEN THE PUBLIC DOMAIN AND THE PRIVATE DOMAIN BE DRAWN? I’m going to start with copyright. The debate about copyright in the digital age, which started in ‘cyberspace’ in the early 1990’s, still rages. Many advocates of the Web’s culture of collaboration, mixing and mashing argue that we’re in a world of limitless and perfect digital copies produced at zero cost where copyright is overly restrictive. One leading economist argues that the declining costs of production of original and subsequent digital copies of works means that the optimal term of copyright protection is 15 years (Professor Rufus Pollock at Cambridge University). At the same time, public bodies such as libraries argue for wider and broader copyright exceptions for the digital age. Ask them - “is digital different?” - and they will say “no” and so argue that all the existing exceptions to copyright law should apply in the digital age. You can understand their position given their ambitions in the digital age. On the other hand, the creative industries – from individual photographers, authors and artists to media corporations – argue that the raison d’être of their businesses is to produce and make all kinds of content available for consumers but, without copyright, there is no incentive to invest in the creation of works nor to protect that investment online when it’s ripped off. Content may be free at the point of consumption, but, at least in the commercial sphere, it is never free. So if you ask right holders if “digital is different”, they’ll say “yes, it is different”, pointing to the fact that digital technology and broadband networks enable the distribution of limitless, perfect copyright infringing digital copies of films, sound recordings, TV programmes and books. The central challenge is to balance the public good with legitimate commercial interests. Let me nail my colours to the mast right away. Of course, I declare an interest. I get paid by rights holders. But rights holders are a diverse bunch from authors and agents to publishers, producers, distributors, online service providers and ‘Web 2.0’ businesses. But I firmly believe – not least of all for the benefit of UK plc – that copyright is and remains absolutely central to our economic and cultural well being. At the same time, the creative industries need to work even harder to deliver licensing solutions. The answer to copyright’s critics lies in the marriage of technology and licensing solutions to enable users to find what they want, get what they want, where and when they want it in return for a fair reward. But as we transition the digital world, the struggle over what you might call the ’balancing mechanisms’ of copyright, which weigh exclusive rights against public access, goes on. Those balancing mechanisms are (1) the length of the term of protection of copyright term, (2) the scope of the exclusive rights it gives; (3) how those rights are managed and (4) exceptions which enable works to be copied and used without permission. At the moment, regulatory attention is on exceptions and rights management. Following the Gowers Review of Intellectual Property last year, the Government published a Consultation Paper with proposals to update exceptions to copyright law. The consultation process closed in April and draft legislation is likely to follow later this year. The issue of copyright exceptions sounds – and often is – very legalistic. But it goes to the very heart of how copyright functions in the digital world, drawing a boundary between those things that need permission and those which users are free to do. Copyright exceptions have to pass the so called ‘3-step’ test which is found in the Berne Copyright Convention. It states that: 1. Exceptions are to be applied ‘in certain, special cases’….

8

Page 9 30 April 2008 2. Which do not conflict with the normal exploitation of the work and 3. Do not unreasonably prejudice the legitimate interests of the right holder. In particular, it means that: • • The use must be non-commercial such as copying for research and private study. In the case of certain exceptions, the rights holder must receive ‘fair compensation’. This can be by a licence granted by the rights owner or by a collecting society. For example, the CLA recently launched a series of new digital licences, starting with the licences for Business and for Public Administration, which permit the copying and re-use of electronic and online publications as well as limited central storage of extracts and articles. In continental Europe, ‘fair compensation’ is achieved through a share of the levies imposed on copying equipment or recording media.

Here’s an example of how this ‘3 step test’ may apply to proposed extensions to existing copyright exceptions in the UK. Under current copyright law (s.36 of the Copyright, Designs & Patents Act) a teacher can photocopy passages from published literary, dramatic or musical works for classroom purposes up to specified limits. Should the teacher be allowed to do the digital equivalent using an electronic whiteboard in the classroom? The answer, of course, is “yes” and that is one of the proposed extensions to existing copyright law which the Government is proposing. But to keep within the ‘3 step test’, the expanded exception, like current law, would not apply if the educational institution can get a licence from the publisher or a collecting society. In fact, licensing solutions are available or will be developed, either directly from publishers as part of their online service or through their collecting society. So with this background in mind, I’m going to look briefly at some of the other Government’s proposed changes to copyright exceptions which are on the table. Format Shifting The proposal here is to create a new exception that, in the Government’s words, would allow consumers to make a copy of a work they legally own, so that they can make it accessible in another format for playback on another device which they own. The copy could not be sold, loaned or given away nor file shared. Put that way, it sounds fine. To be respected, copyright law needs to be seen to take account of the realities of the digital world. But the devil is truly in the detail. Should it apply to all categories of works? Should copies of literary works and films be treated in the same way as musical recordings? How many format shifts should be allowed? Should more than one copy be allowed to address the technological process of transferring content? Should the exception apply just to copies made after the law changes or, to allow format shifts of personal archives, should it apply to works copied after the law changes? There are other big questions as well. The European Union Copyright Directive allows an exception for consumer private copying on condition that the right holder receives ‘fair compensation’. Supporters of the format shifting exception say that as there’s no harm to rights holders from the format shift, that could be “zero. But is that right? The Music Business Group (MBG) is an umbrella group of trade bodies representing music managers, songwriters, publishers and performers. In its response to UK-IPO’s Consultation, it argued that "enormous value is derived from the transferability of music," it said in its submission. "Last year alone, over 20 million MP3-capable portable devices were sold in the UK, and over 90% of music on the average MP3 player is music that has been copied." "UK creators and right holders are legally entitled to benefit from this value. At present, this value is enjoyed by both consumers and technology companies while creators and right holders are effectively excluded from any value. This constitutes market failure," it said. So, they’re proposing a license for format shifting carrying a licence fee would be determined by commercial negotiations between creators and right holders and manufacturers and distributors of devices substantially used or marketed for making copies of music. So rather than a statutory levy, it’s a licence-based solution.

9

Page 10 30 April 2008 So this is by no means a settled issue. But however it is resolved, it again illustrates the need to provide licensing solutions for the digital age. In a nutshell, copyright exceptions are fine as long as they don’t undermine legitimate commercial content services. There are other proposed copyright exceptions: • To extend the existing exception which allows educational establishments to record broadcasts for educational, non-commercial purposes to allow them to record on-demand communications in addition to traditional broadcasts. [The question here is why do we need an exception if the educational institution can get it on-demand?] To allow libraries and archives to make copies of sound recordings, films and broadcasts for preservation or replacement. To expand the current ‘fair dealing’ exception for copying for non-commercial research and private study to cover all forms of content, including films and sound recordings, and not just literary, artistic, dramatic and musical works. For example, it would allow researchers to copy parts of archival film materials to consider how best to preserve the materials. Controversially, to create a new exception for parody.

• •

So there’s going to be plenty of debate over the legislative detail to implement these changes. Overall, there is one key theme which emerges: licensed use, not exceptions. The greater the number and variety of licensed online services– whether it’s music, educational content, films or otherwise – the less need their customers have to rely on applicable exceptions to use that content. Instead of reliance on copyright exceptions, it’s the terms of service which prevail. But licences need to be ‘exceptions +’; they must ensure that they give the user the permission to do the things they’re permitted to do under copyright exceptions along with all the other licensed uses for which permission is needed. In short, we need to code exceptions into contracts. Privacy and data protection I now want to turn to another key boundary issue in the public versus the private domain, that of privacy and data protection, focusing on social network sites. My comments here are based on a piece I wrote for the Guardian on the issue. Social network sites know who you are, who you know and what you’re interested in. They know what you like to buy and where you live. I think it’s time to think about “hardwiring” the law into social networking websites. Let me explain what I mean. At present, data protection law in Europe allows search engines and website operators to collect, use and share personal information provided they do so in accordance with a number of principles. The core principle is that the user is told about how their information will be used (for example, in a privacy policy) and that the website operator meets one of several conditions. The one on which website operators most often rely is users’ consent. Although you’ll see ‘opt in’ boxes for email marketing, operators will often rely on ‘opt out’. In other words, you’re deemed to consent unless you opt out. If you’re a Facebook user and go to your Privacy Settings, you will see that the default position with your Mini-Feed is that Facebook will publish details to your ‘Friends’ whenever you change your profile, make a comment on a photo or video or interact with the site in a number of other ways. You can ‘opt-out’ by unticking all the boxes but, for most users, taking the time to check website privacy settings and preferences is the last thing on their minds. But if you don’t change these settings, have you really consented? The European Commission’s Working Party on Data Protection doesn’t think so. “Using pre-ticked boxes fails to fulfill the condition that consent must be a clear and unambiguous indication of wishes,” it says. Perhaps, indeed, we have arrived at a tipping point. Facebook is paradigmatic of current trends in data sharing online, but the same technologies are being used by search engines and other social network sites. I am far from saying that we’re confronted by a straightforward, ‘good guy, bad guy’ scenario: the tailored information and social

10

Page 11 30 April 2008 connectivity the likes of Facebook provide their users - for free - is great. But that we have a decision to make – about privacy – is undeniable. How, then, should data protection law strike the right balance between sharing personal information and safeguarding an individual’s private rights to that data in the Web 2.0 world? Two things need to happen. First, we must develop the notion of the ‘digital citizen’. The Information Commissioner published research in November which revealed that people now consider protecting their personal information as more socially important than the NHS, national security and the environment. If that’s true, the scene is set for the arrival of the digital citizen – the person who accepts responsibility for their online personal information as part of managing his or her digital identity. Secondly, we need to look to the heart of the matter. At its crux, we’re talking about privacy and consent. We need to be sure that users really understand how their personal information is being used and shared, that they’ve really consented to it or that its use really was essential. To achieve this, the act of giving consent should to be coded – hardwired – into websites through ticking the relevant boxes or some equivalent act. Hardwiring the law into the web may sound scary, but it’s a lot less scary than leaving things as they are. This brings me to the fourth and final focal point of change: 4. KEY ISSUES ARISING FROM THE TRANSITION FROM ANALOGUE TO DIGITAL “We always overestimate the change that will occur in the next two years and underestimate the change that will occur in the next ten”. Bill Gates Google’s revenues were $0 in 1997; Google's profits were $1.21bn (£608m) for the three months to the end of December 2006! Change is indeed both slower and quicker than we expect. Over the next 10 years, perhaps the most important developments will be those hidden in the Web’s plumbing. They will build more intelligence into the Web so that – to borrow a phrase I heard Simon Juden, The PA’s Chief Executive use the other day – “Websites become Web services.” What I’m talking about here is the unglamorous world of technical standards which make it possible for machines such as search engines to talk ‘intelligently’ to other machines such as websites and other devices, so that, for you and me as users, we can find the content or service we want, see and pay for the permissions we need and then download and enjoy that content. This is the arena of what I call ‘de facto’ law. Although the law (e.g. copyright law) may provide the overall legal framework for what can and can't be done with copyright content, standards control what happens. In that sense, they are a kind of 'de facto' law. In the digital world, technical standards play a major role in determining how digital goods and services are exchanged. The ACAP ('Automated Content Access Protocol') project is developing a standard for 'machine to machine' permissions readable by search engines giving website owners much more control over what search engines can and can't do. In the publishing industry, ONIX for Licensing Terms is a “family” of XML document schemas which are being used to express licences in a machine-readable form. For example, ONIX for Publications Licenses (ONIX-PL) is a means of expressing the licenses agreed between publishers, hosting services, libraries and consortia in machine readable form. Some of these tools simply mean that, on the click of a mouse, a user in a library can see what he or she is allowed to do with the content. It’s just a clever way of attaching and displaying permissions on screen. It’s then up to the user to respect the permission (or not!). In that way, it like the Creative Commons licence that is often used to encourage the sharing of content for noncommercial purposes. In other cases, it is ‘machine actionable’. That’s where one machine – such as a search engine – interacts with another machine – a web browser. Taken together, these software tools, built on common standards, are the building blocks of a 21st century rights management system. In discussing these standards and software tools, I have deliberately avoided using the term “digital rights management” or “DRM” because they are generally used to describe technical protection measures such as Apple’s ‘Fairplay’ system which technically controls the number of copies that can be made as well as the devices on which the content can be played.

11

Page 12 30 April 2008 Of course, TPMs have a role, especially with regard to enduring content such as films and music, although many services are now offered TPM free. But I want to use DRM – or other terms – to describe the bigger picture of tools that can be used to locate works and express permissions, whether or not TPMs are used. So is that it? Have we covered the full gamut of digital media law? You bet we haven’t! Working out which laws apply and which Court’s have jurisdiction remains a challenge when we have territorially-based laws and jurisdictions applied to cross-border services. But there are international treaties and legal frameworks to work out the answers in practice. It just takes time to evolve. A good example of the old coexisting with the new in the world of digital media law is how Linden Lab, the owners of Second Life, use good old contract law in the form of their Terms and Service to deny service to participants who don't play by the rules. And there’s plenty more. But they are for another day! You can’t work in this area without having your ‘10’ key principles of digital media law: • • • • • • • • • • There’s always a solution Online rules = offline rules (mostly) Living with uncertainty, so manage your risk Value your IP Copyright: permissions first, restrictions last Think privacy Collaboration’s the name of the digital media game Make it simple(r) Do the deal but allow for the exit What are the things you don’t know you don’t know?

Laurence Kaye Laurence Kaye Solicitors © Laurence Kaye 2008 T: 01923 352 117 E: laurie@laurencekaye.com www.laurencekaye.com http://laurencekaye.typepad.com/ This article is not intended to be exhaustive and it does not constitute or substitute legal advice, which should be sought on a case by case basis. Please feel free to copy or make available this article without modification in print or electronic form for non-commercial purposes. If you do so, please include this disclaimer and copyright wording with attribution. If you want to re-publish or make the whole or part of this article available in a commercial service or publication, please contact the author at laurie@laurencekaye.com.

12

Sign up to vote on this title
UsefulNot useful