By , September 22, 2014.

On Thursday, the Digital Citizens Alliance released a report revealing how profitable copyright infringement can be for cyberlockers. The study by NetNames, Behind the Cyberlocker Door, found that the top fifteen direct download cyberlockers and top fifteen streaming cyberlockers rake in over $96 million a year. This represents absurdly high profit margins — 63.4% for direct download and 87.6% for streaming — due in no small part to the exploitation of infringing content. The study estimates that “78.6 percent of files on direct download cyberlockers and 83.7 percent of files on streaming cyberlockers” infringe.

One interesting question that emerges from the report is whether one can draw a distinction between cyberlockers and legitimate online storage providers. The NetNames report provides a useful guide.

Copyright implicates tricky questions when it comes to services that enable copying. Copying is no doubt a useful function: think of photocopiers, VCRs, or even your hard drive, which copies as a matter of function. Yet copying is also one of the exclusive rights of a copyright owner; unchecked copying of copyrighted works can undermine the system of property rights that has resulted in the wealth of cultural prosperity we see today.

Sony Sheep and Grokster Goats

The Supreme Court first broached the question of copyright and copying devices in Sony Corp v Universal City Studios, concerning an infringement case brought against the manufacturer of one of the earliest consumer home video recorders. The district court had found that Sony could not be directly liable for user infringement; it does not “loan or otherwise provide the copyrighted work”, and “The copying occurs not in a store operated and managed by the defendants but rather in a person’s home, a location in which individual privacy is constitutionally protected and over which defendants have no control. Furthermore, defendants’ acts of selling the Betamax and blank tapes to consumers can easily lead to noninfringing uses.” On appeal, the Supreme Court looked at indirect liability. Specifically, it asked when the provision of copying devices gives rise to liability. It answered this question by saying that the mere “sale of copying equipment, like the sale of other articles of commerce, does not constitute contributory infringement if the product is widely used for legitimate, unobjectionable purposes.”

A touch over thirty years later, the Court was asked to look at the liability of companies that provided software that allowed peer-to-peer trading of computer files in Metro-Goldwyn-Mayer Studios Inc. v. Grokster, Ltd. Unlike the manufacturer defendant in Sony, the defendants in Grokster provided the ongoing infrastructure needed for users of their software to distribute files of all types. In addition, there was clear evidence that defendants “clearly voiced the objective that recipients use [their software] to download copyrighted works, and … took active steps to encourage infringement.”

The Supreme Court was asked to apply the Sony test in Grokster, a rule that “barred secondary liability based on presuming or imputing intent to cause infringement solely from the design or distribution of a product capable of substantial lawful use, which the distributor knows is in fact used for infringement.” However, the Court declined. It said:

Sony‘s rule limits imputing culpable intent as a matter of law from the characteristics or uses of a distributed product. But nothing in Sony requires courts to ignore evidence of intent if there is such evidence, and the case was never meant to foreclose rules of fault-based liability derived from the common law.

The Court went on to describe how one could be liable for inducing infringement, holding, “one who distributes a device with the object of promoting its use to infringe copyright, as shown by clear expression or other affirmative steps taken to foster infringement, is liable for the resulting acts of infringement by third parties.”

After Grokster, it was clear that there was a line between legitimate services that might be capable of infringement and illegitimate services that were intended to facilitate infringement, but it was less clear where that line would fall in every case — a question of increasing relevance given the explosion of online services that come into contact with copyrighted works. Columbia Law professor Jane Ginsburg refers to this inquiry as “separating the Sony sheep from the Grokster goats.” 1Jane Ginsburg, Separating the Sony Sheep from the Grokster Goats, 50 Arizona Law Review 577 (2008). She observes that many cloud services are “dual purpose.”

That is, they are not inherently pernicious; they can in fact be put to perfectly lawful and socially desirable uses. If the technology itself is at least in theory neutral, does this pose an insoluble quandary: either enforce copyright at the expense of technological evolution, or promote technology at the cost of copyright? Or can we have it both ways, fostering both authorship and technological innovation? To reach that happy medium, we need to ensure the “neutrality” of the technology as applied in a given business setting. If the entrepreneur is not neutral, and is in fact building its business at the expense of authors and right owners, it should not matter how anodyne in the abstract the technology may be.

Reaching this “happy medium” is particularly challenging when it comes to cloud storage services, since their essential purpose is to serve as repositories of files for third parties. The ability to remotely store and share files is valuable. But it can also allow for a damaging level of copyright infringement — a prospect which, given the profit margins mentioned above, serves as a strong temptation to those willing to risk getting away with it.

Cyberlockers vs Cloud Storage

Prior to the NetNames report, a few observers have discussed ways to distinguish between “legitimate” services — like Dropbox — and services which tend to facilitate infringement — like Megaupload, which was indicted by a grand jury in 2012 for “massive worldwide online piracy.” In Hotfile, Megaupload, and the Future of Copyright on the Internet: What can Cyberlockers Tell Us About DMCA Reform?, Ross Drath highlights four features “that copyright owners (and governments) typically find objectionable” when it comes to remote file storage services: “(1) public (as opposed to password-protected) sharing capability; (2) direct linking; (3) lack of search function; and (4) rewards programs.” 212 J. Marshall Rev. Intelli. Prop. L. 205, 212 (2012).

Carrie Bodner describes a taxonomy of cyberlockers in Master Copies, Unique Copies and Volitional Conduct: Cartoon Network’s Implications for the Liability of Cyber Lockers. 336 Columbia Journal of Law & the Arts 491, 498-504 (2013). On one end of the spectrum are services like Dropbox, SkyDrive, and Amazon Cloud. These services are marketed “primarily as a backup service, similar to an external hard drive,” and thus such services tend to be employed for productive or business uses rather than entertainment. Some services are more geared toward entertainment uses — for example, Amazon Cloud Player and Google Music, both of which provide storage specifically for music files — but Bodner notes that some have nevertheless “avoided an illicit reputation,” citing close ties to reputable businesses and legitimate online music stores. 4Bodner does not mention this in her article, but most of the major services also have explicit agreements with major rightsholders governing features of their cloud storage services that more directly impact copyrighted works. See, e.g., Amazon’s music cloud is licensed by all top labels. On the other end of the spectrum are “one-click file hosts” such as “Rapidshare, Hotfile, Megaupload, MediaFire and 4Shared.” The primary difference is that these services lack any restrictions on who can download files that have been uploaded. Other distinguishing characteristics include the offering of monetary incentives to users who upload content that is downloaded frequently and premium accounts that remove restrictions on download speeds and waiting periods.

The distinction drawn in the NetNames report largely tracks that made by Bodner and Drath. According to the report, cyberlockers (as opposed to “legitimate cloud storage services”) generally place no limits on who can download or stream a file and frequently offer “affiliate programs that reward users when their uploaded content is accessed.” In addition, cyberlockers often delete files that haven’t been accessed after a period of time and don’t offer synchronization with a user’s devices, indicating that their purpose is not personal storage and access. Finally, cyberlockers are lax when it comes to enforcing repeat infringer policies.

In short: for cyberlockers, the client is the downloader. For legitimate cloud storage services, the client is the uploader. Yes, both allow users to store files remotely, but the similarities end there. For cyberlockers, the goal of spreading files as widely as possible permeates every aspect of the service.

That’s not to say that any of the characteristics described above, by itself or taken together, necessarily does or should render any given service liable for copyright infringement. In fact, Behind the Cyberlocker Door calls on credit card processors to take steps to prevent cyberlockers from profiting off the work of others. Outside of the report, voluntary efforts to mitigate piracy from all the various participants in the online ecosystem continue. These efforts are aided by a clear distinction between cyberlockers and legitimate cloud storage services.


1 Jane Ginsburg, Separating the Sony Sheep from the Grokster Goats, 50 Arizona Law Review 577 (2008).
2 12 J. Marshall Rev. Intelli. Prop. L. 205, 212 (2012).
3 36 Columbia Journal of Law & the Arts 491, 498-504 (2013).
4 Bodner does not mention this in her article, but most of the major services also have explicit agreements with major rightsholders governing features of their cloud storage services that more directly impact copyrighted works. See, e.g., Amazon’s music cloud is licensed by all top labels.