As leaked data from extramarital affair web site Ashley Madison continues to bubble up like toxic waste, the company is firing off copyright takedown notices to stop file sharing and social networking sites like Twitter from propagating customer and internal information.
The “desperate move” is “the last refuge of people who are embarrassed about something on the Internet,” says copyright lawyer Ren Bucholz of Lenczner Slaght Royce Smith Griffin LLP. “They’re trying to use copyright to try and shut down web sites and stop the flow of information they don’t want to be available, but which really, on it’s face, is not copyrighted.
“This is just another company trying to put the toothpaste back in the tube.”
In fact there is no copyright in “basic facts” such as company and personal information, says Noel Courage, a partner with Bereskin & Parr LLP. There can be, however, some copyright in how the information is “organized and laid out” by Ashley Madison.
The use of takedown notices has not historically had much success and comes with some perils as well, especially when applied in the United States.
“The music industry has not been able to solve its copyright problems by over a decade of takedown notices, even though it has clear copyright,” says Courage. “Ashley Madison will continue to find the data popping up online like a persistent STD outbreak. Of course, taking links and web pages down after the fact is also cold comfort to a middle-aged man already banished to the couch.”
Issuing takedown notices to reporters and news organizations is “overzealous,” says May Cheng, partner with Fasken Martineau DuMoulin LLP.
“There is an exception to copyright infringement for ‘news reporting’ under the fair dealing exceptions in Canada, for example,” she says.
“The U.S. and Canada have somewhat similar copyright laws, but as with most intellectual property laws, the U.S. law is more stringent and offers generally better remedies for infringement.”
Bucholz recalls a 2004 American case he was involved in in which internal e-mails from the archive of an electronic voting machine company were leaked during an election year and posted online. The e-mails expressed concern about security issues with the voting machines. The company, Diebold, used the U.S. Digital Millennium Copyright Act to try and get the material taken offline.
“There are provisions in that legislation that allow a party to challenge the notice and recover punitive costs if there has been an abuse of the takedown procedures,” he says.
The case — OPG v. Diebold — was a similar situation where there was a security breach and the party whose material was put online was casting about to find any legal tool they could to try and stop the information from getting out without a lot of attention paid to whether the material was copyrighted.
A U.S. district judge in California ruled the plaintiffs’ publishing of the e-mails was clearly fair use “because there was no commercial harm and no diminishment of value of the works” in republishing them. Diebold was found to have misrepresented its copyright control, putting it in violation of the DMCA, leaving it liable for court costs and damages.
With respect to the user information, Bucholz points out that copyright only applies to “original expressions fixed in a tangible medium.”
“It’s very difficult to imagine how a collection of people’s addresses and names could reach that level of originality to even attract copyright protection in the first place,” says.
The problem is that even under the U.S. copyright regime, considered to be the most robust, Ashley Madison would have to establish a good faith belief the things they are complaining about are actually copyrighted.
“The notices must state that the complaint is being made under penalty of perjury and I would be very nervous if I were a lawyer for a company that was making that kind of statement under these circumstances,” adds Bucholz.
“The idea you would be able to send a number of sternly worded letters to address this — I don’t think there is a great cost-benefit analysis, but it could be they also need to be shown to be doing something,” he says. “We may yet hear that it’s what a ‘reasonable company’ might do in the circumstances.”
