ALS Scan, Inc. v. Cloudflare, Inc. et alMEMORANDUM in Support of NOTICE OF MOTION AND MOTION for Partial Summary Judgment as to Third Amended Complaint against Cloudflare Inc. 324C.D. Cal.January 30, 2018 ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 Jay M. Spillane (Bar No. 126364) jspillane@spillaneplc.com SPILLANE LAW GROUP PLC 468 N. Camden Drive Second Floor Beverly Hills, CA 90210 (424) 217-5980 (888) 590-1683 (fax) John P. Flynn (Az. Bar No. 015065) Kevin D. Neal (Az. Bar No. 011640) GALLAGHER & KENNEDY, P.A. 2575 East Camelback Road Phoenix, Arizona 85016-9225 (602) 530-8000 (602) 530-8500 (fax) john.flynn@gknet.com kevin.neal@gknet.com Attorneys for Plaintiff ALS Scan, Inc. UNITED STATES DISTRICT COURT CENTRAL DISTRICT OF CALIFORNIA ALS SCAN, INC., a Maryland corporation, Plaintiff, vs. CLOUDFLARE, INC., a Delaware corporation, et al., Defendants. Case No.: 2:16-cv-05051-GW-AFM PLAINTIFF’S MEMORANDUM OF POINTS AND AUTHORITIES IN SUPPORT OF ITS MOTION FOR PARTIAL SUMMARY JUDGMENT AGAINST DEFENDANT CLOUDFLARE, INC. Filed Concurrently: Notice; Spillane Declaration; Easton Declaration; Penn Declaration; Statement of Undisputed Issues; Notice of Manual Filing Date: March 5, 2018 Time: 8:30 a.m. Place: Courtroom 9D 350 W. 1st Street Los Angeles, CA Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 1 of 31 Page ID #:7767 i ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 Table of Contents SUMMARY OF MOTION ................................................................................... 1 UNDISPUTED FACTS ........................................................................................ 1 A. ALS’s Content, Infringement and the Sites at Issue. ............................... 1 B. Cloudflare’s Services. .............................................................................. 2 C. Cloudflare’s DNS Service Deprives Copyright Owners of Vital Information. ..................................................................................................... 2 D. Cloudflare’s CDN Reproduces, Distributes and Displays Copyrighted Works. .............................................................................................................. 4 E. Cloudflare Does not Transmit, Route or Provide Connections for Material Through a System or Network Controlled or Operated by Cloudflare; Nor Does it Cache Reproductions of Copyrighted Works for the Purpose of Making the Material Available to User’s of Cloudflare’s System or Network. ...................................................................................................... 7 F. Notices of Infringing ALS Works on Subject Sites ................................. 7 G. Cloudflare has Failed to Adopt and Reasonably Implement a Repeat Infringer Policy. .............................................................................................10 H. Cloudflare Fails to Accommodate, and Interferes with, Standard Technical Measures. ......................................................................................12 SUMMARY JUDGMENT STANDARDS ........................................................13 ARGUMENT ......................................................................................................14 I. CLOUDFLARE IS LIABLE FOR CONTRIBUTORY COPYRIGHT INFRINGEMENT. ...........................................................................................14 II. CLOUDFLARE DOES NOT QUALIFY FOR SAFE HARBOR DEFENSES. .....................................................................................................17 Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 2 of 31 Page ID #:7768 ii ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 A. Cloudflare Does not Qualify for Safe Harbor Protections Under 17 U.S.C. § 512(a). .............................................................................................18 B. Cloudflare Does not Qualify for Safe Harbor Protections Under 17 U.S.C. § 512(b). .............................................................................................19 C. Cloudflare is not Entitled to Safe Harbor Protections Under 17 U.S.C. § 512(i). .............................................................................................................20 A. Cloudflare Has Not Adopted and Informed Account Holders of a Policy of Termination for Repeat Infringement. ......................................................21 B. Cloudflare Has Not Reasonably Implemented a Policy of Termination for Repeat Infringement. ................................................................................22 C. Cloudflare Fails to Accommodate, and Interferes With, Standard Technical Measures. ......................................................................................25 CONCLUSION ...................................................................................................25 Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 3 of 31 Page ID #:7769 iii ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 Table of Authorities Cases Arista Records LLC v. Tkach, 122 F.Supp.3d 32 (S.D.N.Y. 2015)....................15 BMG Rights Mgmt. v. Cox, 149 F.Supp.3d 634 (E.D. Va. 2015) ............... 14, 24 Capitol Records, Inc. v. MP3Tunes, LLC, 821 F.Supp.2d 627 (S.D.N.Y. 2011) ...............................................................................................21 Columbia Pictures Industries, Inc. v. Fung, 710 F.3d 1020 (9th Cir. 2013).......18 Disney Enterprises, Inc. v. Hotfile Corp., 1:11-cv-20427-KMW, 2013 WL 6336286 (S.D. Fla. Sept. 20, 2013) .................................................24 Ellison v. Robertson, 357 F.3d 1072 (9th Cir. 2004) .................................... 15, 23 Experience Hendrix LLC v. Hendrixlicensing.com Ltd., 762 F.3d 829 (9th Cir. 2014) ...................................................................................................14 Fonovisa v. Cherry Auction, Inc., 76 F.3d 259 (9th Cir. 1996)...........................14 Gershwin Publ’g Corp. v. Columbia Artists Mgmt., Inc., 443 F.2d 1159 (2d Cir. 1971) ...................................................................................................14 Louis Vuitton Malletier, S.A. v. Akonic Solutions, Inc., 658 F.3d 936 (9th Cir. 2011) ..................................................................................................15 MGM v. Grokster, 545 U.S. 913 (2005) .............................................................16 Nissan Fire & Marine Ins. Co. Ltd. v. Fritz Cos., Inc., 201 F.3d 1099 (9th Cir. 2000) ...................................................................................................13 Perfect 10 v. Cybernet Ventures, 213 F.Supp.2d 1146 (C.D. Cal. 2002) ...........21 Perfect 10, Inc v. Amazon.com, Inc, 508 F.3d 1146 (9th Cir. 2007) ...................16 Perfect 10, Inc. v. CCBill, LLC, 488 F.3d 1102 (9th Cir. 2007) .........................22 Religious Tech. Ctr. v. Netcom, 907 F.Supp. 1361 (N.D. Cal. 1995) ................15 Southern Calif. Gas Co. v. City of Santa Ana, 336 F.3d 885 (9th Cir. 2003) .....13 UMG Recordings, Inc. v. Veoh Networks, Inc., 665 F.Supp.2d 1099 (C.D. Cal. 2009) ...............................................................................................21 Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 4 of 31 Page ID #:7770 iv ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 Statutes 17 U.S.C. § 106 ...................................................................................................14 17 U.S.C. § 512(a) ........................................................................... 17, 18, 19, 20 17 U.S.C. § 512(b) ................................................................................. 17, 19, 20 17 U.S.C. § 512(k)(1)(A) ....................................................................................18 Rules Fed. R. Civ. P. 56(a) ...........................................................................................13 Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 5 of 31 Page ID #:7771 - 1 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 SUMMARY OF MOTION The evidence is undisputed. Cloudflare materially assists website operators in reproduction, distribution and display of copyrighted works, including infringing copies of ALS works. Cloudflare also masks information about pirate sites and their hosts. Cloudflare has no available safe harbors. Even if any safe harbors apply, Cloudflare has lost such safe harbors for failure to adopt and reasonably implement a policy including termination of repeat infringers. ALS hereby moves for partial summary judgment on liability for contributory copyright infringement. If the Court grants the motion, trial would remain to establish damages. UNDISPUTED FACTS A. ALS’s Content, Infringement and the Sites at Issue. ALS owns the copyright to a library of adult content. ALS’s content is displayed on two websites, alsscan.com and alsangels.com. Other than limited “teaser” selections of ALS works on public tour pages for these sites, or made available to advertisers for the purpose of directing Internet traffic to ALS’s sites, ALS’s content is lawfully available only to paying members of ALS’s sites. ALS does not sell or license its copyrighted content. [Walsh Decl. ¶¶ 2- 4; Complaint Ex. 1.] ALS has been faced with the repeated availability of infringing ALS content on Internet sites. [Walsh Decl. ¶¶ 5-12; Penn Decl. passim; Easton Decl. passim; Notice of Manual Filing.] This motion involves infringement of ALS works on the following sites, all Cloudflare customers: artofx.org, bestofsexpics.com, cumonmy.com, fboom.me, greenpiccs.com, imagetwist.com, imgchili.net, imgflash.net, imgsen.se, imgspice.com, imgspot.org, imgtrex.com, img.yt, namethatpornstar.com, slimpics.com, stooorage.com and vipergirls.to (collectively the “Cloudflare Customer Sites”). Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 6 of 31 Page ID #:7772 - 2 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 [Walsh Decl. ¶¶ 5-12; Penn Decl. passim; Easton Decl. passim; Notice of Manual Filing; Cloudflare Response to Interrogatory No. 20, Spillane Decl. ¶ 2, Ex. A.] Cloudflare may say that the Cloudflare Customer Sites are themselves service providers entitled to DMCA protections, however, none have qualified for safe harbors by submitting the required notices to the US Copyright Office. [Spillane Decl. ¶ 14.] B. Cloudflare’s Services. “Cloudflare provides internet services to optimize and protect websites, including by increasing the speed at which website content is delivered to end users, making such delivery considerably more bandwidth efficient, and by adding security services to prevent malicious attacks.” (3/2/17 Guinn Decl., Doc. 124-2 ¶ 3.) Says Cloudflare: “Cloudflare’s global Anycast network of 119 data centers across 58 countries reduces latency and time to first byte by delivering content closer to visitors. Cloudflare’s size and distribution of internet connects gives customers fast, reliable delivery throughout the world.” [Spillane Decl. ¶ 3, Ex. B; https://www.cloudflare.com/performance/.] To accomplish these results, CloudFlare offers, among other services, a managed domain name system (“DNS”) and a content delivery network (“CDN”). (3/2/17 Guinn Decl., Doc. 124-2, passim.) C. Cloudflare’s DNS Service Deprives Copyright Owners of Vital Information. To become a Cloudflare client, Cloudflare requires the client to name two Cloudflare nameservers as the authoritative nameservers for their website domain.1 (3/2/17 Guinn Decl. ¶ 7, Doc. 124-2; 4/5/17 Guinn Depo. 13:14- 1 “Nameservers convert the text-based Uniform Resource Locator Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 7 of 31 Page ID #:7773 - 3 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 14:22, Ex. 1.)2 “This service is why an IP address WHOIS lookup regarding a website operated by a Cloudflare customer traces to Cloudflare -- because the customer has designated Cloudflare as its domain nameserver.” (3/2/17 Guinn Decl. ¶ 7, Doc. 124-2.) Q … [W]hy does Cloudflare have customers designate two Cloudflare nameservers? A· ·Cloudflare has customers designate Cloudflare nameservers in order to route Internet requests to Cloudflare so that [its]3 service can operate. Q· ·And what does that enable Cloudflare to do? A· ·It enables Cloudflare to direct website visitors to Cloudflare servers. (4/5/17 Guinn Depo. 14:23-15:5.) Cloudflare’s DNS system frustrates efforts by copyright owners to find information about direct and contributory infringers and to send notification of infringement. Says Cloudflare: “Cloud Flare will mask your IP.” (Spillane Decl. ¶ 7, Ex. F, Cloudflare 142.) When copyright owners look for information about Cloudflare customers on standard whois lookup services, no information is available regarding the company storing the site on its server (the “host”) or the site owner. No information is available concerning the IP address for the (“URL”) of a website into a computer-readable address to point users and internet browsers in the direction of content stored elsewhere. Stated another way, nameservers give directions by telling a user’s personal computer where to look to find the website the user is searching for.” (3/2/17 Guinn Decl.¶ 6, Doc 124-2.) 2 The pages and exhibits from the Guinn Deposition, plus errata and signature sheets, are attached to the Spillane Declaration as Exhibits C (4/5/17), D (9/15/17) and E (1/22/18). 3 Corrections from the deposition errata sheet are incorporated in brackets. Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 8 of 31 Page ID #:7774 - 4 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 site in question. The only available information regarding nameservers and IP is for Cloudflare. [Penn Decl. ¶¶ 25-30, Exs. 18-23; Easton Decl. ¶¶ 15-16.] Two sites at issue show the problem. imagebam.com and namethatpornstar.com weren’t previously Cloudflare customers, which is how ALS discovered, provided notice to and ultimately sued their respective hosts, Steadfast and former defendant Hivelocity. Now that both sites have moved to Cloudflare, ALS can no longer see site owner or host information for those sites on whois lookups. [Penn Decl. ¶¶ 29, 30, Exs. 20-23.] While Cloudflare will in some cases respond to an infringement notice with the name of, and an email contact for, the site host, it does not disclose the IP address for the infringing website, which web hosts want in order to locate the site, nor does Cloudflare disclose any information concern the site owner or operator. [Easton Decl. ¶¶ 15-16; Spillane Decl. ¶¶ 8-9, Ex. G.] D. Cloudflare’s CDN Reproduces, Distributes and Displays Copyrighted Works. Cloudflare’s CDN, its “Global Anycast Network,” as of March 2017 comprised 102 data centers throughout the world. (3/9/17 Spillane Decl., ¶ 7, Ex. E, Cloudflare 133, Doc. 133; 4/5/17 Guinn Depo. 19:12-21:9, Ex. 4.) “The Cloudflare . . . Global Anycast network contains caching servers4 as well as nameservers.” (4/5/17 Guinn Depo. 16:2-5.) 4 “Caching servers are servers that temporarily cache content, typically for a few hours before being cleared (also known as ‘evicted’) in order to improve the time it takes for website content from the host server to reach the end users in a particular geographic area. The more geographically distant an end user is from a server, the longer it takes for content from that server to reach that end user. A caching server that is located nearer to the end user than the host server shortens the physical distance that the host’s content must travel, and therefore also shortens the time it takes for the content to load in an end user’s browser.” (3/2/17 Guinn Decl. ¶ 6, Doc. 124-2; see also 4/5/17 Guinn Depo. 90:25-91:11.) Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 9 of 31 Page ID #:7775 - 5 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 “A content delivery network (CDN) takes your static content and stores a copy closer to your visitors.” (3/9/17 Spillane Decl. ¶ 8, Ex. F, Doc. 133.) “When an end user chooses to visit a Cloudflare customer’s website, the user is routed through the Cloudflare caching server closest to that end user’s computer. See Ex. B (Cloudflare Support > Getting Started > Cloudflare 101 > Step 1).” (3/2/17 Guinn Decl. ¶ 8, Ex. B, Doc 124-2; Penn Decl. ¶ 24, 4/20/17 Penn Decl. Doc. 170; 4/20/17 Spillane Decl. Doc 171.) The ALS images in question in this suit are .jpg static files. (3/9/17 Penn Decl. ¶ 4, Doc. 134.) “Cloudflare’s CDN caches [.jpg files] for all account types by default.” (4/5/17 Guinn Depo. 21:23-24:9 Ex. 5.) Q … [I]s there . . . a step after [a query reaches a Cloudflare DNS server] which the DNS server employs to send the visitor to the nearest Cloudflare caching server, provided that the user’s seeking to access something that is cached? Ms. Kassabian: Objection. Vague A· ·Yes. Q· ·Please explain how that works. A· ·So when a visitor visits a website, they first do a DNS lookup. It’s similar to looking up someone’s phone number in the phone book. . . . The DNS server responds with an IP address of the web server, and in that instance, the second request which is similar to making the phone call after doing a lookup in the phone book is the request to a Cloudflare caching server. Q· ·So . . . in this process, the Cloudflare DNS server will direct the user to the nearest Cloudflare caching server? A· ·Yes. Q· ·And . . . that’s the nearest Cloudflare caching server within the Cloudflare global AnyCast network? A· ·Correct. (4/5/17 Guinn Depo. 17:1-18:1; see also 4/5/17 Guinn Depo. 28:9-13..) Q: [S]ay I'm sitting at my computer in Los Angeles, and I put into the browser bar a URL imgchili.net, slash, whatever Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 10 of 31 Page ID #:7776 - 6 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 ending in .jpg.· Okay?· Now, if I then hit enter, where do I first go? MS. KASSABIAN:· Objection.· Incomplete hypothetical. You can answer. THE WITNESS:· What will happen is you will do a DNS lookup.· That DNS response will come from a DNS server in the region, very likely in Los Angeles. The -- then you make an H[T]TP request for that -- that URL which ends in .jpg, potentially to the Los Angeles data center.· If that file is in the cache, we can deliver it from our temporary cache, and if the file is not in cache, we would proxy the request through to the web server and take a copy of the file from the web server and deliver it to the web browser. (4/5/17 Guinn Depo. 25:10-26:2.) When a copy of a requested image is proxied from the origin server, the delivery path is from the origin server, through the Cloudflare caching server then to the consumer. (4/5/17 Guinn Depo. 29:9-24.) When a consumer requests an image on a Cloudflare client site, whether the image is in cache or is proxied from the origin server, Cloudflare distributes a copy of the requested content to the consumer’s computer, where it would reside in the consumer’s hard drive or RAM. The data on the consumer’s computer would then result in a display of the request image on the consumer’s browser. [01/22/18 Guinn Depo. 36:21-40:23; 09/15/17 Guinn Depo. 129:8- 22.] “[W]e want to deliver essentially what the website publisher has published. We want to deliver that so it shows up the same way to the website visitor. We just want to optimize the delivery.” [09/15/17 Guinn Depo. 205:3- 11.] If the origin server storing a Cloudflare client site went down, say from a malicious attack, for a time consumers could still request and retrieve images from that site stored in Cloudflare’s cache. [01/22/18 Guinn Depo. 70:12-71:3; (“for a short period of time, if a website was unavailable, we could potentially deliver the assets from cache”).] Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 11 of 31 Page ID #:7777 - 7 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 E. Cloudflare is Not a Conduit Provider; Nor Does it System Cache for the Purpose of Delivering Material to Users of Cloudflare’s System. Cloudflare’s customers are businesses that operate web properties. [01/22/18 Guinn Depo. 57:12-20.] Cloudflare does not provide Internet or cable access to consumers. Any connections Cloudflare offers to transit information would be limited to connections between Cloudflare data centers and also between Cloudflare and some customer data centers. [09/15/17 Guinn Depo. 123:20-125:6.] If a consumer makes a request for an image on a Cloudflare customer site, the image would exit Cloudflare’s system and transit through another service provider’s conduit, for example Time Warner Cable. [09/15/17 Guinn Depo. 129:23-133:24.] “Depending on where the visitor is coming from on the internet, which is a very large and diverse network . . . the request could traverse many networks.” Id. 133:21-24. Cloudflare does not create or publish a browser for consumers. [01/22/18 Guinn Depo. 60:13-23.] Cloudflare does not interact with consumers. Said Matthew Prince, Cloudflare’s CEO: “If you haven’t heard of us, I’m not surprised. We’re part of the internet’s infrastructure, one of the groups operating behind the scenes to bring you everything you enjoy online.” [Spillane Decl. ¶ 17, Ex. N.] Cloudflare modifies content that it delivers to consumers. [09/15/17 Guinn Depo. 148:16-150:20.] “There are many ways in which [Cloudflare] may modify content of a site.” [09/15/17 Guinn Depo. 150:11-12.] F. Notices of Infringing ALS Works on Subject Sites ALS has engaged Steve Easton to observe infringement of ALS works on the Internet and send notice of infringement to responsible parties. [Walsh Decl. ¶¶ 9-12; Easton Decl. passim.] Mr. Easton also represents other adult Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 12 of 31 Page ID #:7778 - 8 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 copyright owners and has the same level of knowledge regarding their content. [Easton Decl. ¶ 4.] Mr. Easton personally observed infringing copies of his clients’ works, including ALS, on the Cloudflare Customer Sites. Mr. Easton prepared a notice of infringement via email. He addressed the email to the site operator and service providers if he knew the email addresses of these parties. The email contained, in the body, hyperlinks to each and every web page on which the infringing content appeared. His intent in providing hyperlinks for each infringing work was to simultaneously disclose the work in question and also the location of the infringing copy on the Internet. Mr. Easton is familiar with, and provided the other information required by, 17 U.S.C. § 512(c). [Easton Decl. ¶¶ 4-6.] Mr. Easton observed infringing content belonging to ALS and his other clients on the Cloudflare Customer Sites. Between January 26, 2014 to June 23, 2017, Mr. Easton sent email infringement notifications to Cloudflare, on behalf of ALS and others, pertaining to the following sites in the following numbers: a) artofx: 24 total, 14 ALS; b) bestofsexpics: 21 total, 14 ALS; c) cumonmy: 17 total, 17 ALS; d) fboom: 29 total, 29 ALS; e) greenpiccs: 29 total, 25 ALS; f) imagetwist: 82 total, 25 ALS; g) imgchili: 1175 total, 361 ALS; h) imgflash: 8 total, 8 ALS; i) imgsen.se: 20 total, 12 ALS; j) imgspice: 149 total, 15 ALS; k) imgspot: 11 total, 6 ALS; l) imgtrex: 30 total, 27 ALS; m) img.yt: 147 total,; 42 ALS; n) namethatpornstar: 4 total, 4 ALS; o) slimpics: 25 total, 25 ALS; p) stooorage: 11 total, 11 ALS; and q) vipergirls: 21 total, 10 ALS. The grand total: 1,803 total, 645 ALS. [Easton Decl. ¶¶ 4-10; Penn Decl. ¶¶ 5-23, Exs. 1-17; Notice of Manual Filing.] Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 13 of 31 Page ID #:7779 - 9 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 Cloudflare has received additional infringement notifications from other copyright owners about the sites at issue.5 [Cloudflare Response to Interrogatory No. 22; Spillane Decl. ¶ 2, Ex. A.] While some of the content went down in response to these notices, in some cases, despite notice to Cloudflare, the infringing ALS content remains live on the Cloudflare customer site, months after Mr. Easton’s notices. [Penn Decl. ¶¶ 7, 35, 37-42, Exs. 1-3, 5, 7, 14, 26-31.] At no time in response to these notices did Mr. Easton receive a “bounce” notice indicating that Cloudflare did not receive the emails, nor did Mr. Easton receive any counter-notifications, in other words, a reply from the site operator that the content in a notice was authorized. [Easton Decl. ¶¶ 11-12.] Cloudflare has taken the litigation position that none of Mr. Easton’s notices were “valid” and therefore Cloudflare was under no burden to respond or take them into account in enforcing its (alleged) repeat infringer policy. [Cloudfare Response to Interrogatory Nos. 7 & 8 (no valid notices received regarding the at-issue websites), No. 15 (Easton notices not “valid” because he did not submit through the web page and failed to provide information required by DMCA), Spillane Decl. ¶ 12, Ex. J.] This is not what Cloudflare said at the time. Of the emails from Cloudflare to Easton, only one said that Cloudflare would not process infringement notices submitted via email. [Easton Decl. ¶ 13; Spillane Decl. ¶¶ 8-9, Ex. G.] Many said that to “expedite” his complaints would he “please” submit through the web form. [Id.] Others said generally that Cloudflare could 5 The complaint count submitted by Cloudflare cannot include the Easton notifications. For most sites the number of complaints listed are fewer, in some cases many fewer, than the number sent by Easton alone. Given Cloudflare’s blunderbuss position that email notices are not “valid,” the count likely reflects only complaints submitted through Cloudflare’s web form. Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 14 of 31 Page ID #:7780 - 10 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 not respond to each notice but would take “enforcement action.” [Id.] Still others responded to his email notices with information about the host and an email contact, yet declining to provide an IP address for the subject site to the copyright owner. [Id.] None of these communications said that Mr. Easton’s emails were not “valid” or would not be considered or acted upon. [Id.] Cloudflare sent some emails telling Mr. Easton that his notices lacked one or more elements required by the DMCA. However, only three pertained to the sites at issue, and only one pertained to any of the 1,803 email infringement notices submitted with this motion. [Easton Decl. ¶ 13; Spillane Decl. ¶ 10, Ex. H.] Even this one notice from Cloudflare was incorrect. [Cf. Spillane Decl. ¶ 10, Ex. H p.3; Spillane Decl. ¶ 11, Ex. I.] G. Cloudflare has Failed to Adopt and Reasonably Implement a Repeat Infringer Policy. Cloudflare has stated a nominal policy to investigate infringement complaints and terminate repeat infringers, https://www.cloudflare.com/terms/, Spillane Decl. ¶ 13, Ex. K. Cloudflare makes a passing reference to termination of service in § 11, but does not say what conduct is prohibited nor how Cloudflare would determine whether to terminate an account. Cloudflare makes the ultimate statement that it could terminate a customer for repeat infringement at § 15, yet there is no information concerning how Cloudflare would make that determination. Id. In fact Cloudflare has only terminated its customers for repeat copyright infringement upon receipt of a court order finding that customer liable for infringement. [Cloudflare Response to Interrogatory No. 10, Spillane Decl. ¶ 12, Ex. J.] Cloudflare can and has terminated a customer without a court order. Cloudflare terminated services to the Daily Stormer because it was a neo-Nazi site. [Spillane Decl. ¶ 17, Ex. N.] Matthew Prince made that decision because Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 15 of 31 Page ID #:7781 - 11 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 he woke up “in a bad mood,” decided “the people behind the Daily Stormer are assholes” “and decided to kick them off the Internet.” [9/15/17 Guinn Depo. 182:15-24; Spillane Decl. ¶ 18, Ex. O.] Cloudflare could also terminate services to copyright infringers, as determined by its abuse policies and by “leadership,” including Matthew Prince. [9/15/17 Guinn Depo. 196:21-198:12, 202:4-9.] Cloudflare could stop or limit alleged copyright infringement by terminating services to Cloudflare customers who are infringers. [1/22/18 Guinn Depo. 67:5-11.] However, despite receipt of over 1800 notices of infringement from Mr. Easton concerning the at-issue sites, and more from other copyright owners, Cloudflare has not terminated a single such site for repeat infringement. [Cloudflare Response to Interrogatory No. 7, Spillane Decl. ¶ 12, Ex. J, (“Cloudflare has not terminated any of the accounts associated with those WEBSITES”).] It appears that Cloudflare has no policy to follow up on infringement notifications to determine whether the infringing content was removed. In some cases ALS sent notification to Cloudflare of infringing ALS content on Cloudflare Customer Sites and the infringing content remains live. [Penn Decl. ¶¶ 7, 35, 37-42, Exs. 1-3, 5, 7, 14, 26-31.] During discovery Cloudflare asked why ALS did not submit notices through Cloudflare’s abuse page. ALS tried doing that, but that effort did not result in removal of the infringing content. [Penn Decl. ¶¶ 43-44, Ex. 32.] Cloudflare says some of the at-issue websites are user-upload sites, potentially entitled to protections under the DMCA. However, none have submitted the required information to the Copyright Office to maintain any safe harbors. [Spillane Decl. ¶ 14.] Cloudflare complains that it cannot ascertain whether an image is infringing, and that determination of doctrines such as fair use are best left to Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 16 of 31 Page ID #:7782 - 12 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 “courts, or at best, lawyers highly experienced in copyright law.” [Cloudflare Expert Disclosures, Spillane Dec. ¶ 15, Ex. L.] Id. pp. 9-10. However, Cloudflare does not employee any attorneys in its Trust & Safety department, which is responsible for infringement complaints. [01/22/18 Justin Paine Depo. 26:23-28:3, 39:2-18.]6 H. Cloudflare Fails to Accommodate, and Interferes with, Standard Technical Measures. While Cloudflare has disclosed a contact email address for infringement complaints in the form submitted to the Copyright Office, Cloudflare has not published an email address on its website which copyright owners can use to submit infringement notifications via email. [Easton Decl. ¶ 14 Ex. A; Penn. Decl. ¶¶ 31-32, Exs. 24, 25.] Cloudflare has taken the position (applied inconsistently, if at all, to Mr. Easton) that it need not and will not respond to infringement complaints submitted via email. [Cloudfare Response to Interrogatory Nos. 7 & 8 (no valid notices received regarding the at-issue websites), No. 15 (Easton notices not “valid” because he did not submit through the web page and failed to provide information required by DMCA), Spillane Decl. ¶ 12, Ex. J.] Cloudflare does not forward email infringement notices from copyright owners to its customers, but rather responds to the sender redirecting his attention to the abuse form. [Penn Decl. ¶¶ 7, 35, 37-42, Exs. 1-3, 5, 7, 14, 26- 31.]; 01/22/18 Paine Depo. 22:18-23:5.] Submissions via Cloudflare’s web form populate automatically into a database. [01/22/18 Paine Depo. 13:7-14:3.] However, Cloudflare would have to hire additional staff to read and process email submissions. [01/22/18 Paine Depo. 23:6-24:5.] 6 The cited pages from the Justin Paine deposition are attached to the Spillane Decl. as Ex. M. Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 17 of 31 Page ID #:7783 - 13 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 Cloudflare’s web abuse form has qualities that limit the ability of copyright owners to provide notice of infringement. First, it says that only ten infringement complaints may be submitted through the form at one time. [Easton Decl. ¶ 18 Ex. B.] ALS’s DMCA agent, Steve Easton, frequently sends notification of infringement of hundreds of ALS works, which would require splitting up the notice to Cloudflare into multiple submissions through the online form. [Easton Decl. ¶¶ 17-18.] Second, Cloudflare’s abuse pages say Cloudflare will act only if the submission is “legitimate” or “valid,” terms nowhere defined on Cloudflare’s website. [Penn Decl. ¶¶ 31, 32, Exs. 24, 25.] Third, the online form seeks to intimidate copyright owners through a statement that “you understand, under 17 U.S.C. § 512(f), you may be liable for any damages, including costs and attorneys' fees, if you knowingly materially misrepresent reported material,” even though no such acknowledgement is a required element of a DMCA notification under 17 U.S.C. § 512(c)(3)(A). Id. Fourth, ALS can afford to pay Mr. Easton relatively little to send DMCA notifications on its behalf. Sending notification by email is a far more time and cost efficient method compared to having to submit notices to each provider through web forms. If Mr. Easton were required to submit notification only through web forms, ALS’s infringement notification procedures would become unaffordable and break down. [Easton Decl. ¶¶ 17-18; Walsh Decl. ¶ 10.] SUMMARY JUDGMENT STANDARDS Summary judgment is warranted on a claim or defense, or part thereof, where “there is no genuine issue as to any material fact” and “the moving party is entitled to a judgment as a matter of law.” Fed. R. Civ. P. 56(a). The Court may enter summary judgment in favor of the plaintiff on its claim for relief, or on a defense, where no reasonable trier of fact could find other than for the plaintiff. Southern Calif. Gas Co. v. City of Santa Ana, 336 F.3d 885, 888 (9th Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 18 of 31 Page ID #:7784 - 14 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 Cir. 2003) (claim for relief); Nissan Fire & Marine Ins. Co. Ltd. v. Fritz Cos., Inc., 201 F.3d 1099, 1102 (9th Cir. 2000) (defense). Summary adjudication may be obtained on “part of each claim or defense” - “partial summary judgment.” FRCP R. 56(a). The Court has the power to grant ALS’s instant motion, one for summary judgment on liability while leaving damages to trial. Experience Hendrix LLC v. Hendrixlicensing.com Ltd., 762 F.3d 829, 833 (9th Cir. 2014) (court granted partial summary judgment on trademark infringement; damages were determined at trial); BMG Rights Mgmt. v. Cox, 149 F.Supp.3d 634, 662 (E.D. Va. 2015) (court granted partial summary judgment determining that Cox did not qualify for a safe harbor defense against copyright infringement). ARGUMENT I. CLOUDFLARE IS LIABLE FOR CONTRIBUTORY COPYRIGHT INFRINGEMENT. Cloudflare has, without controversy, materially contributed to direct infringement of ALS’s exclusive rights to reproduce, distribute and display its copyrighted works. 17 U.S.C. § 106(1), (3), (5).7 “[O]ne who, with knowledge of the infringing activity, induces, causes or materially contributes to the infringing conduct of another, may be held liable as a ‘contributory’ infringer.” Fonovisa v. Cherry Auction, Inc., 76 F.3d 259 7 In its order of October 24, 2016, Doc. 60, the Court found that ALS had sufficiently averred that Cloudflare materially contributed to infringement through its content delivery network (“CDN”), by storing copies of copyrighted works on its caching servers and distributing such works to be displayed on consumers’ computer screens. Doc. 60 pp. 7-8. Also, the court found that ALS had sufficiently averred that Cloudflare’s domain name service (“DNS”) masks information about pirate sites and their hosts, thus hindering the ability of copyright owners to hold such parties accountable. Doc. 60 pp. 8. Here, the undisputed evidence backs up the averments. Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 19 of 31 Page ID #:7785 - 15 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 (9th Cir. 1996), quoting Gershwin Publ’g Corp. v. Columbia Artists Mgmt., Inc., 443 F.2d 1159, 1162 (2d Cir. 1971). Express promotion or encouragement of infringement is not required. Rather, “providing the site and facilities for known infringing activity is sufficient to establish contributory liability.” Fonovisa, 76 F.3d at 264 (swap meet operator failed to evict vendor selling counterfeit recordings after raids and notice by law enforcement). Contributory liability exists where a service provider aids in the “reproduction, . . . display and distribution of [plaintiff’s] images over the Internet.” Perfect 10 v. Visa Intern. Service Ass’n, 494 F.3d 788, 796 (9th Cir. 2007). See also Ellison v. Robertson, 357 F.3d 1072, 1078 (9th Cir. 2004) (“[A] reasonable trier of fact could conclude that AOL materially contributed to the copyright infringement by storing infringing copies of Ellison’s works on its USENET groups and providing the groups’ users with access to those copies”); Louis Vuitton Malletier, S.A. v. Akonic Solutions, Inc., 658 F.3d 936, 943 (9th Cir. 2011) (“[t]here is no question that providing direct infringers with server space” satisfies the material contribution standard); Religious Tech. Ctr. v. Netcom, 907 F.Supp. 1361, 1375 (N.D. Cal. 1995) (finding internet service provider liable for contributory infringement because the provider “‘allows [the primary infringer’s] infringing messages to remain on its system and be further distributed to other [users] worldwide.’”). In Arista Records LLC v. Tkach, 122 F.Supp.3d 32, 36 (S.D.N.Y. 2015) the court ordered Cloudflare to comply with a TRO against an infringing website, a Cloudflare customer, and all others acting in concert with such site, because Cloudflare’s DNS services enabled consumers to find the site and because Cloudflare’s CDN improved the performance of the site. Here Cloudflare had actual knowledge of infringement of ALS works on Cloudflare customer sites through numerous notifications from Steve Easton. Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 20 of 31 Page ID #:7786 - 16 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 Yet, with the right and ability to terminate services to the customers identified in Mr. Easton’s notices, Cloudflare materially contributed to the direct infringement of ALS’s exclusive rights by assisting, and continuing to assist, those sites to reproduce, distribute and display infringing copies of ALS’s copyrighted works. When a website becomes a Cloudflare customer, Cloudflare’s system causes copies of the site’s works to be made and stored on Cloudflare’s caching servers. When a consumer makes a browser query for an image residing on a Cloudflare client site, Cloudflare’s system searches for that image within its own data centers and distributes a copy of that image to the consumer’s computer from the nearest Cloudflare caching server. If the requested image is not in Cloudflare’s cache, then Cloudflare will retrieve and distribute a copy of the image from the origin server to the consumer’s computer. Once Cloudflare has distributed a copy of the requested image to the consumer’s computer, the copy so distributed is displayed on the consumer’s computer screen. Says Cloudflare: “[W]e want to deliver essentially what the website publisher has published. We want to deliver that so it shows up the same way to the website visitor. We just want to optimize the delivery.” All of this is to “increase[e] the speed at which website content is delivered to end users” and to “give[] customers fast, reliable delivery throughout the world.” Cloudflare also materially contributes to copyright infringement by making it harder to locate, if not entirely concealing, information ALS and other copyright owners need to enforce their rights and by erecting barriers to copyright owners’ ability to economically send notice of infringement. See Perfect 10, Inc v. Amazon.com, Inc, 508 F.3d 1146, 1172 (9th Cir. 2007) (‘copyright holders cannot protect their rights in a meaningful way unless they can hold providers of [internet] services or products accountable’); MGM v. Grokster, 545 U.S. 913, 929-30 (2005) (“When a widely shared service or Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 21 of 31 Page ID #:7787 - 17 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 product is used to commit infringement, it may be impossible to enforce rights in the protected work effectively against all direct infringers.”). Says Cloudflare: “Cloud Flare will mask your IP.” When copyright owners seek information about site owners and hosts on standard whois lookups, they retrieve information about Cloudflare instead. The IP addresses listed, which hosts want to find sites on their servers, are Cloudflare IPs, not the IP of the website. Cloudflare says that copyright owners can get the IP address to hosts, but only through a multi-step run around. These actions by Cloudflare constitute material contribution to infringement. II. CLOUDFLARE DOES NOT QUALIFY FOR SAFE HARBOR DEFENSES. The Digital Millennium Copyright Act (“DMCA”) was enacted in 1998. At the time, web “portals” ruled the Internet - AOL, Lycos, Netscape, MSN. These all-in-one services provided consumers with Internet connection, caching, storage and browsing capabilities. These operations became referenced in 17 U.S.C. §§ 512(a)-(d) respectively. Content delivery networks did not exist then. Cloudflare’s operations do not fit the language of §§ 512(a) or 512(b), the two safe harbors it claims. Cloudflare can bring a bill to Congress, but it has no defense in the DMCA as presently constituted. In the unlikely event the Court finds that Cloudflare’s operations fall within one or more safe harbors afforded in Section 512, Cloudflare nevertheless lost such safe harbors by failing to adopt and reasonably implement a repeat infringer policy and by interfering with standard technical measures. 17 U.S.C. § 512(i). Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 22 of 31 Page ID #:7788 - 18 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 A. Cloudflare Does not Qualify for Safe Harbor Protections Under 17 U.S.C. § 512(a). Cloudflare cannot show that it is entitled to a “safe harbor” under 17 U.S.C. § 512(a) - the “conduit” safe harbor. Section 512(a) provides a safe harbor “for infringement of copyright by reason of the provider’s transmitting, routing, or providing connections for, material through a system or network controlled or operated by or for the service provider,” 17 U.S.C. § 512(a), provided that certain requirements are met, including that “the material is transmitted through the system or network without modification of its content.” 17 U.S.C. § 512(a)(5). “As used in [section 512](a), the term ‘service provider’ means an entity offering the transmission, routing, or providing of connections for digital online communications, between or among points specified by a user, of material of the user's choosing, without modification to the content of the material as sent or received.” 17 U.S.C. § 512(k)(1)(A). This safe harbor is only available to “service providers” as defined in Section 512(k)(1)(A) and only where the services encompass the “conduit” activities that fall within the statutory language. Columbia Pictures Industries, Inc. v. Fung, 710 F.3d 1020, 1041-42 (9th Cir. 2013). Cloudflare’s operations do not fit within the parameters of Section 512(a) for three reasons. First, Cloudflare is not being sued because copies of infringing works transit through a system or network maintained by Cloudflare. Cloudflare is being sued for contributing to the reproduction, distribution and display of infringing material from Cloudflare data centers, or in some cases the origin host, through system or networks - “conduits” - owned by third parties. In other words, a Cloudflare data center or the origin host is simply the origin Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 23 of 31 Page ID #:7789 - 19 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 point for transmission of infringing works through conduits owned and operated by third party ISPs, such as Time Warner Cable, to the user’s browser. Second, Cloudflare does not meet the definition of a service provider for purposes of Section 512(a) because its service does not enable transit of material “between or among points specified by a user” as required by Section 512(k)(1)(A). In other words, a 512(a) service provider offers a “dumb” pipeline, not a smart system that determines the point from which the request content will be delivered. With Cloudlfare, a user’s browser query for a work on the origin host is redirected to a Cloudflare nameserver, which then determines whether to deliver a copy of the work from a Cloudflare data center or to proxy a copy from the origin host. Thus it is Cloudflare, not the user, which determines the point from which the requested work will be delivered. In this case Cloudflare’s services are not unlike Fung’s torrent trackers in Columbia Pictures Industries, Inc. v. Fung, supra, which did not fall within the scope of Section 512(a) because the service provider collected users into a swarm and dictated the points from which a user would download a requested work. 710 F.3d at 1041-42. Third, Cloudflare is not entitled to this safe harbor because Cloudflare does modify the content it delivers. “There are many ways in which [Cloudflare] may modify content of a site.” B. Cloudflare Does not Qualify for Safe Harbor Protections Under 17 U.S.C. § 512(b). The Section 512(b) safe harbor exists where a service provider caches content requested by one of its customers for later delivery to another customer of that service provider. A service provider may have a safe harbor against liability for caching material on its “system or network,” 11 U.S.C. § 512(b)(1), where the material is made available online by a website operator, 11 U.S.C. § 512(b)(1)(A), requested by one consumer, 17 U.S.C. § 512(b)(1)(B), then Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 24 of 31 Page ID #:7790 - 20 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 automatically stored in cache for delivery to another user of that service provider’s “system or network.” 17 U.S.C. § 512(b)(1)(C). In other words, a query for website material from a Google user can result in Google caching the requested information for later delivery to another Google user. See Amazon, Inc., 508 F.3d at 1156 n.3 (discussing computer and browser caching). Section 512(b) doesn’t describe a content delivery network, a service provider that didn’t exist in 1998. Consumers aren’t users of Cloudfare’s system or network. Website operators are users of Cloudflare’s system or network. As Matthew Prince said, “If you haven’t heard of us, I’m not surprised. We’re part of the internet’s infrastructure, one of the groups operating behind the scenes to bring you everything you enjoy online.” Here, a query for material on a Cloudflare customer website from a Google user will result in Cloudflare storing a copy on its caching servers for later delivery to another user of Google’s system or network, not Cloudflare’s system or network. Additionally, Cloudflare is not entitled to Section 512(b) safe harbors because Cloudflare modifies content. 17 U.S.C. § 512(b)(2)(A). Cloudflare’s remedy is to ask Congress to amend Section 512 to capture the activities of content delivery networks. However, until then, Cloudflare is not entitled to safe harbors. C. Cloudflare is not Entitled to Safe Harbor Protections Under 17 U.S.C. § 512(i). Even if Cloudflare qualifies for safe harbor protections under either Section 512(a) or 512(b), Cloudflare has lost those safe harbor protections. “(i) Conditions for Eligibility.- (1) Accommodation of technology.-The limitations on liability established by this section shall apply to a service provider only if the service provider- Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 25 of 31 Page ID #:7791 - 21 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 (A) has adopted and reasonably implemented, and informs subscribers and account holders of the service provider’s system or network of, a policy that provides for the termination in appropriate circumstances of subscribers and account holders of the service provider’s system or network who are repeat infringers; and (B) accommodates and does not interfere with standard technical measures.” 17 U.S.C. § 512(i). The requirement that service providers implement a repeat infringer policy is a “fundamental safeguard for copyright owners” and “essential to maintain[ing] the strong incentives for service providers to prevent their services from becoming safe havens or conduits for known repeat copyright infringers.” Capitol Records, Inc. v. MP3Tunes, LLC, 821 F.Supp.2d 627, 637 (S.D.N.Y. 2011). In Perfect 10 v. Cybernet Ventures, 213 F.Supp.2d 1146, 1178 (C.D. Cal. 2002) this Court “recognize[d] that online service providers are meant to have strong incentives to work with copyright holders. The possible loss of the safe harbor provides that incentive and furthers a regulatory scheme in which courts are meant to play a secondary role to self-regulation.” A. Cloudflare Has Not Adopted and Informed Account Holders of a Policy of Termination for Repeat Infringement. To qualify for safe harbors, Steadfast must have 1) “adopted” and 2) “inform[ed] . . . account holders” of a “policy” providing for “termination” of “repeat infringers.” The “inform[ation]” should be published in the ISP’s website and, where applicable, in account holder agreements. See UMG Recordings, Inc. v. Veoh Networks, Inc., 665 F.Supp.2d 1099, 1102 (C.D. Cal. 2009) (“Veoh’s Terms of Use has always contained language prohibiting users from uploading videos that infringe copyrights and reserving Veoh’s right to remove videos and terminate repeat infringers”); Capitol Records, LLC v. Escape Media Group, Inc., 2015 WL 1402049 *10 (S.D.N.Y. 2015) (quoting Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 26 of 31 Page ID #:7792 - 22 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 terms explaining actions Escape may take in response to notification of infringement and process for termination of an account for repeat infringement). Here, Cloudflare has articulated an alleged “policy” to terminate repeat infringers in only the sparest ultimate terms. Cloudflare does not state any factors or considerations that would weigh on a decision to terminate services for repeat infringement. In fact, Cloudflare has simply abdicated any role in discerning what facts can or should result in terminating an account for repeat infringement. Cloudlfare has not hired legal personnel in its Trust & Safety department to make judgments Cloudflare says are difficult and require legal training. Cloudflare has effectively outsourced its repeat infringement policy to the courts, terminating services only after a court has determined for Cloudflare that a site is infringing. Alternatively, Matthew Prince could wake up in a bad mood and decide to terminate repeat infringers. Thus far he has not. This is not a “policy.” This is abdication, or perhaps caprice. B. Cloudflare Has Not Reasonably Implemented a Policy of Termination for Repeat Infringement. To qualify for safe harbors, an ISP must not only adopt and inform account holders of its repeat infringer policy, it must “reasonably implement[]” that policy. In other words, it must actually do what it says it will do. To comply with Section 512(i), the service provider must have a “working notification system” and “a procedure for dealing with DMCA- compliant notifications.” The provider must “not actively prevent copyright owners from collecting information needed to issue notifications.” Perfect 10, Inc. v. CCBill, LLC, 488 F.3d 1102, 1109 (9th Cir. 2007). Service providers are required to publish an email address at which they will receive infringement complaints, both on their website and also in a form required for submission to the Copyright Office. 17 U.S.C. § 512(c)(2); 37 CFR § 201.38(b)(4). In Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 27 of 31 Page ID #:7793 - 23 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 Ellison v. Robertson, 357 F.3d 1072, 1080 (9th Cir. 2004), the jury could have concluded AOL did not qualify for safe harbors under Section 512(i) because AOL changed its email address for infringement complaints, failed to timely notify the Copyright Office of the change and failed to implement a system to forward emails sent to the old address. Cloudflare fails under these measures. It did not publish an email address for infringement complaints on its website. While Cloudflare supplied an email address on its submission to the Copyright Office, it at least discouraged copyright owners from using that address, if not outright told them it would not process email notifications. Cloudflare has adopted the litigation position that none of Mr. Easton’s 1800+ email notifications were “valid” because they were not submitted through its abuse form, a more tedious venue for submitting infringement complaints. Cloudflare appears not to have processed the Easton emails, as when an infringement complaint is sent to Cloudflare only, the infringing content remains live. Cloudflare blocks copyright owners from collecting information needed to issue notifications throught its DNS system. Cloudflare has also lost safe harbor protections by receiving numerous notifications of infringement on its customers’ sites without terminating a single account. Assessing a party’s eligibility for safe harbors under Section 512(i) involves an assessment of that party’s actions with respect to copyright holders not party to the litigation because the court must assess implementation of a “policy,” not merely treatment of a particular copyright holder. 488 F.3d at 1113. “To implement the repeat infringer policy contemplated by § 512(i), the penalty imposed by service providers must be termination.” BMG Rights Mgmt., supra, 149 F.Supp.3d at 658. In that case BMG owned a catalog of Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 28 of 31 Page ID #:7794 - 24 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 musical compositions. Cox provided high-speed Internet services to users who allegedly used those services to access file sharing sites with infringing copies of BMG’s works. The court rejected Cox’s defense that it needed terminate only adjudicated infringers, holding that Cox had a burden to implement a repeat infringer policy where it had knowledge of infringement. 149 F.Supp.3d at 654, 661. Cox mouthed procedures to impose graduated responses to infringement but in fact terminated almost no customers. 149 F.Supp.3d at 658- 59. Cox received fourteen notices of infringement on certain accounts within a six month period, yet failed to terminate those accounts. 149 F.Supp.3d at 661- 62. Cox lost its safe harbors due to failure to reasonably implement a policy for termination of repeat infringers. 149 F.Supp.3d at 662. See also Disney Enterprises, Inc. v. Hotfile Corp., 1:11-cv-20427-KMW, 2013 WL 6336286 (S.D. Fla. Sept. 20, 2013) (Hotfile terminated few accounts despite receipt of millions of infringement notices; Hotfile terminated users only on threat of litigation or receipt of court order; Hotfile was “unable to point to a single specific user who was terminated pursuant to its policy of manual review and exercise of ‘discretion’”) Here, Cloudflare has receive thousands of complaints abouot the subjec sites. In combination Cloudflare has received more - for most sites many more - than fourteen notices for the sites in question, the number at which Cox should have terminated services to its customers. Yet, Cloudflare terminated services to none of these sites. Like Cox and Hotfile, Cloudflare failed to exercise any discretion to terminate services. The intention of 512(i) is to require copyright owners and service providers to mediate infringement complaints through voluntary enforcement of a repeat infringer policy without court intervention. Instead, Cloudflare refused to terminate for repeat infringement except upon receipt of a court order. Cloudflare has not terminated services even under the threat, or here the actuality, of litigation. Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 29 of 31 Page ID #:7795 - 25 - ALS MSJ - Cloudflare - Memorandum 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 Cloudflare claims some sites in question are themselves service providers entitled to safe harbors. If so Cloudflare was not absolved from terminating those accounts. Congress did not limit the sweep of Section 512(i) to termination of repeat direct infringers. Allowing service providers to abdicate responsibility for terminating accounts of other service providers would undermine incentivizes for service providers to work with copyright owners to combat infringement. Cybernet, supra. Plus, these sites lost any safe harbors by failing to register with the Copyright Office. 17 U.S.C. § 512(c)(2). C. Cloudflare Fails to Accommodate, and Interferes With, Standard Technical Measures. Cloudflare’s DNS service blocks information copyright owners need to hold site owners and hosts responsible. Cloudflare does not publish email contacts on its website and dissuades, if not bars, copyright owners from submitting information via email. Cloudflare insists that copyright owners submit infringement notifications only through web abuse forms, a more tedious and time consuming method. Cloudflare therefore fails to accommodate, and interferes with, standard technical measures. 17 U.S.C. § 512(i)(1)(B). CONCLUSION ALS’s motion for partial summary judgment against Cloudflare should be granted. DATED: January 30, 2018 SPILLANE LAW GROUP PLC GALLAGHER & KENNEDY, P.A. By: _____________________________ Jay M. Spillane Attorneys for Plaintiff ALS Scan, Inc. Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 30 of 31 Page ID #:7796 PROOF OF SERVICE OF DOCUMENT I am over the age of 18 and not a party to this action. My business address is: 468 N. Camden Drive, Second Floor, Beverly Hills, CA 90210-4507. A true and correct copy of the foregoing document entitled (specify): PLAINTIFF’S MEMORANDUM OF POINTS AND AUTHORITIES IN SUPPORT OF ITS MOTION FOR PARTIAL SUMMARY JUDGMENT AGAINST DEFENDANT CLOUDFLARE, INC. will be served or was served (a) on the judge in chambers in the form and manner required by Local Rules and (b) in the manner stated below: 1. TO BE SERVED BY THE COURT VIA NOTICE OF ELECTRONIC FILING (NEF): Pursuant to controlling General Orders and Local Rules, the foregoing document will be served by the court via NEF and hyperlink to the document. On (date) January 30, 2018, I checked the CM/ECF docket for this action and determined that the following persons are on the Electronic Mail Notice List to receive NEF transmission at the email addresses stated below: Gary L. Bostwick- gbostwick@B1Law.com Kevin S. Toll - kevin@silversteinlegal.com Lawrence G. Walters - larry@firstamendment.com Corey D. Silverstein - corey@silversteinlegal.com Rachel Kassabian - rachelkassabian@quinnemanuel.com Carolyn M. Homer - carolynhomer@quinnemanuel.com Mark Thomas Gray markgray@quinnemanuel.com Armen Nercessian anercessian@fenwick.com Jedediah Wakefield jwakefield@fenwick.com Sapna S Mehta smehta@fenwick.com Colin TJ O’Brien - tm@partridgepartnerspc.com John L. Ambrogi - jla@partridgepartnerspc.com Daniel L Rogna daniel@partridgepartnerspc.com Paul Supnick - paul@supnick.com Raymond Katrinak - pkatrinak@kernanlaw.net Ryan Carreon - rcarreon@kernanlaw.net Stephen M Kernan - kernanlaw@gmail.com John P Flynn john.flynn@gknet.com Kevin D Neal kevin.neal@gknet.com Service information continued on attached page 2. SERVED BY UNITED STATES MAIL: On (date) January 30, 2018, I served the following persons and/or entities at the last known addresses in this case by placing a true and correct copy thereof in a sealed envelope in the United States mail, first class, postage prepaid, and addressed as follows. Listing the judge here constitutes a declaration that mailing to the judge will be completed no later than 24 hours after the document is filed. Service information continued on attached page 3. SERVED BY PERSONAL DELIVERY, OVERNIGHT MAIL, FACSIMILE TRANSMISSION OR EMAIL (state method for each person or entity served): Pursuant to F.R.Civ.P. 5 and/or controlling Local Rule, on (date) January 30, 2018, I served the following persons and/or entities by personal delivery, overnight mail service, or (for those who consented in writing to such service method), by facsimile transmission and/or email as follows. Listing the judge here constitutes a declaration that personal delivery on, or overnight mail to, the judge will be completed no later than 24 hours after the document is filed. Served by Overnight Mail or Attorney Service Hon. George H. Wu U.S. District Court 350 W. 1st Street Courtroom 9D Los Angeles, CA 90012 Service information continued on attached page I declare under penalty of perjury under the laws of the United States that the foregoing is true and correct. 1/30/2018 Jessie Gietl Date Printed Name Signature Case 2:16-cv-05051-GW-AFM Document 325 Filed 01/30/18 Page 31 of 31 Page ID #:7797
