The Digital Millennium Copyright Act (DMCA) is a multi-part law that, in 1998, attempted to both modernize U.S. Copyright Law for the Web and bring the U.S into compliance with international treaties it had signed earlier.
While many parts of the law are the subject of constant attention, including the notice and takedown provisions as well as the anti-circumvention provisions, which forbid the breaking of most digital rights management systems, others are less known.
One of those lesser-discussed areas of the law is the DMCA subpoena, a tool built into the law that aims to make it easier for copyright holders to learn the identities of suspected infringers.
While earlier court rulings have almost completely eliminated the most popular use of the power, it’s still a potentially useful, if controversial, tool for content creators to be aware of.
Still, it’s limited use and difficulty in application will likely continue to relegate it to something that’s useful in exceptional cases only. However, as we learn time and again, exceptional cases are still well worth preparing for.
The DMCA Subpoena Process
U.S. copyright law, in Section 512(h), spells out the DMCA subpoena process. Basically, it requires any service provider to provide identification of an alleged infringer.
To do this, a copyright holder has to simply draft a subpoena with three elements (quoted directly from the law):
- A copy of a notification described in subsection (C)(3)(A)
- A proposed subpoena
- A sworn declaration to the effect that the purpose for which the subpoena is sought is to obtain the identity of an alleged infringer and that such information will only be used for the purpose of protecting rights under this title
The subsection referred to in the first part is the requirements for writing an effective DMCA notice. Meaning that one must include all of the components they would in a standard DMCA notice plus the proposed subpoena and the additional sworn declaration.
Once the notice has been drafted, it can be taken to any federal district court in the country where a clerk can then check the subpoena for completeness and sign off on it. No judge needs to approve it and no lawsuit has to be filed.
The subpoena is then sent to the service provider involved, who is then obligated to hand over any relevant identification they have as described in the subpoena. That would, at the very least, include the name, email and other information they collected.
However, DMCA subpoenas haven’t been widely used over the past ten years. The reason is because of a ruling that put a very serious limitation on the process and prohibited the most popular use of it.
RIAA v. Verizon
In 2002, the Recording Industry Association of America (RIAA) was in the thick of its lawsuits against file sharers. As part of that campaign, it sent a DMCA subpoena to Verizon, demanding identification of several suspected file sharers.
Verizon, however, did not comply, saying that 512(h) only applied when the the service provider stored the infringing material, not merely connection to it. The lower court disagreed but Verizon appealed and the Court of Appeals ruled in favor of Verizon.
According to the D.C. Circuit Court of Appeals in 2003, since subsection (C)(3)(A) dealt solely with providers hosting content on the service, the DMCA subpoena provision did as well. The court expressed sympathy for the RIAA and said that, if Congress had been aware of P2P file sharing in 1998 they might have written the law more broadly, but said the court could not rewrite the law for them.
The Supreme Court declined to hear the appeal.
A similar ruling in the 8th Circuit virtually ended the practice of sending DMCA subpoenas to ISPs over file sharing. However, other uses of the subpoena, including sending them to web hosts and others who store content for third parities, remained intact.
Overall, use of the subpoena has been very limited though it has made a resurgence more recently. Rightscorp, sometimes referred to as a copyright “troll”, has been sending DMCA subpoenas to ISPs to glean the identities of suspected file sharers, just like the RIAA in 2002. They use the identities they glean to compel settlements from file sharers and, to date, claim to have closed over 100,000 cases, though it is unclear how many involved DMCA subpoenas (the company also heavily uses regular DMCA notices, which ISPs pass on to suspected infringers).
When asked about the Verizon case, Rightscorp CEO says that, he feels, the court used flawed logic to reach its decision and that the decision can be overturned, especially by the Supreme Court.
However, given that the Supreme Court has already declined to hear the issue once, that is, at best, a risky position.
Your Use for DMCA Subpoenas
Currently, DMCA subpoenas are not meant to be used in file sharing cases but they are still potentially useful in cases where you need to identify someone who uploaded a work to a third party.
So while it might not be the appropriate tool to sue a BitTorrent file sharer, a YouTube user or a webmaster certainly could be targeted.
The question, however, is how useful is that? While the DMCA subpoena process is extremely easy as far as subpoenas go, it is still much more difficult than just sending a takedown notice, which can be done with a form letter and a quick email.
Most likely, if you wanted to send a DMCA subpoena, you’d still need to go through an attorney. That cost and expense means that a DMCA subpoena doesn’t save a great deal of resources.
This is especially true considering that the only reason to seek out someone’s name, normally, is if you’re planning on filing a lawsuit. However, if you’re planning on filing a lawsuit, it’s usually just as easy to file a “John Doe” suit and then use a regular subpoena to get the name of the infringer.
The time this might be most useful is if you need to get the identity of an infringer to see if a lawsuit is practical, such as weeding out jurisdiction or financial issues.
Still, that’s a fairly limited use. While there are many situations where it would be nice to know the name of an infringer, it’s rare that the knowledge is worth enough to file even a simple subpoena, especially considering that one doesn’t need to know a name to file a lawsuit.
Eight years ago, even after the Verizon decision, many people were worried that DMCA subpoenas would be privacy nightmares, used by people to stifle criticism and unveil anonymous bloggers. However, that nightmare never came to fruition.
DMCA subpoenas are remarkably rare. So much that, other than the Rightscorp uses, I had to go back to 2007 to find news stories about their use. I have been unable to find any cases where a DMCA subpoena was clearly used in a way that violated someone’s privacy and not as a legitimate tool.
The reason for this is simple, while the idea of getting an easy subpoena sounds like a great power, it doesn’t save significant time or money when compared to already-available alternatives.
In short, if someone’s to the point where they are willing to file a DMCA subpoena, they’re probably equally willing to file a lawsuit. The exception to the rule, P2P file sharing cases, have been struck down by the courts.
As it stands today, DMCA subpoenas are not widely used. They are limited-use tools that do not (and never did) provide a great risk to privacy on the Web. There are many ways to obtain a subpoena and, while the DMCA is an easy one, it’s far from the only.
Still, the fact they were so controversial points to some of the “chicken little” nature of the copyright debate online. Not every copyright law is a threat to the Internet and reasonable enforcement of copyright doesn’t mean sacrificing privacy or free speech.
When compared to how little of an impact DMCA subpoenas have had in the last ten years, the concern over them seems deeply misplaced and that’s a lesson to remember the next time such a “crisis” arises.