11 January, 2022

Just in the Middle - CJEU Decides on Intermediary Liability for Copyright Infringing User Content

The issue of intermediary liability for copyright infringement has been a thorny issue in recent years, and the case involving YouTube (discussed more here) in this regard has been trundling through the EU courts for what feels like decades (exacerbated by the pandemic no doubt). However, the European courts have reached their decision last summer, giving some needed guidance on the matter and setting the scene for intermediary liability for the future. This writer is woefully behind the times in writing about this decision, but it does merit belated discussion and is a very important decision to keep in mind in relation to intermediaries.

The case of Frank Peterson v Google LLC (along with another case; Elsevier v Cyando) concerns Nemo Studio, a company owned by Mr Peterson who is a music producer. In 1996, Nemo Studio entered into a worldwide artist contract with Sarah Brightman covering the use of her audio and video recordings. Further agreements were entered into in the subsequent years, including one with Capitol Records for the exclusive distribution of Ms Brightman's recordings and performances. One of her albums, "A Winter Symphony", was released in 2008 along with an accompanying tour that year. The same year her album and private recordings from her tour were uploaded onto YouTube. Mr Peterson attempted to have the materials removed from the platform, including through cease-and-desist letters, and Google subsequently blocked access to the offending videos. However, even after this the content could be accessed on YouTube again, and Mr Peterson initiated legal proceedings against Google in Germany for copyright infringement, with the matter ultimately ending up with the CJEU.

The other combined case, very briefly put, dealt with at the same time involved Elsevier, an international specialist publisher and Cyando, a website where users could upload files for hosting and sharing. Users had uploaded copies of three works for which Elsevier owns the copyright onto the Cyando website, which were then shared on other websites via web links. Elsevier also brought legal proceedings against Cyando in Germany for copyright infringement, after which the CJEU combined both actions into one.

The first question posed to the court concerned "…whether Article 3(1) of the Copyright Directive must be interpreted as meaning that the operator of a video-sharing platform or a file-hosting and ‑sharing platform, on which users can illegally make protected content available to the public, itself makes a ‘communication to the public’ of that content".

As a primer, Article 3(1) provides the exclusive right to copyright holders to communicate their works to the public, which also gives them the right to prevent said communications by other parties without authorization. Additionally, what amounts to a 'communication to the public' includes all communication to the public not present at the place where the communication originates, so giving a very broad right to copyright holders. However, a balance has to be struck between the interests of the copyright holder and the interests and fundamental rights of users, in particular their freedom of expression and of information.

To dive a bit deeper into the meaning of the phrase 'communication to the public', this encompasses two specific criteria, namely: (i) an act of communication of a work; and (ii) the communication of that work to a public. 

In terms of the first criterion, an online platform performs and 'act of communication' where "…it intervenes, in full knowledge of the consequences of its action, to give its customers access to a protected work, particularly where, in the absence of that intervention, those customers would not, in principle, be able to enjoy the broadcast work". For the second criterion, a 'public' comprises "…an indeterminate number of potential recipients and implies, moreover, a fairly large number of people".

Finally, in addition to the above criteria, the courts have determined that for an act to be a 'communication to the public' "…a protected work must be communicated using specific technical means, different from those previously used or, failing that, to a ‘new public’, that is to say, to a public that was not already taken into account by the copyright holder when it authorised the initial communication of its work to the public"

One thing to note in the context of both YouTube and Cyando is that both platforms operate through user uploads, who act autonomously from the platform, decide whether the content will be publicly available and are responsible for their own actions. For file-hosting services, like Cyando, there is the additional requirement that the users have to share a link to the content for it to be accessed and/or downloaded, which is up to them to do. While the users might very well be doing an 'act of communication to the public', it remains unclear whether the intermediaries are doing the same through this.

The Court noted that the platforms play an indispensable part in making potentially illegal content available, but this is not the only criterion that you need to concern yourself with; the intervention of the platform needs to be deliberate and not just incidental. This means that the platforms have to intervene in full knowledge of the consequences of doing so, with the aim of giving the public access to protected works for there to be an infringement.

The Court highlighted that, in order to determine this, one has to "…take into account all the factors characterising the situation at issue which make it possible to draw, directly or indirectly, conclusions as to whether or not its intervention in the illegal communication of that content was deliberate". These circumstances can include: "...[i] the circumstance that such an operator, despite the fact that it knows or ought to know that users of its platform are making protected content available to the public illegally via its platform, refrains from putting in place the appropriate technological measures that can be expected from a reasonably diligent operator in its situation in order to counter credibly and effectively copyright infringements on that platform; and [ii] the circumstance that that operator participates in selecting protected content illegally communicated to the public, that it provides tools on its platform specifically intended for the illegal sharing of such content or that it knowingly promotes such sharing, which may be attested by the fact that that operator has adopted a financial model that encourages users of its platform illegally to communicate protected content to the public via that platform".

In short this means that platforms will have to take positive steps to prevent the sharing of infringing content. Mere knowledge that this is being done isn't sufficient to conclude that a platform intervenes with the purpose of giving internet users access to that content unless they have been specifically warned by rightsholders of this activity. Making a profit from this activity will also not, in itself, make a platform liable. 

The Court summarized its answer to the question as: "… Article 3(1)… must be interpreted as meaning that the operator of a video-sharing platform or a file-hosting and ‑sharing platform, on which users can illegally make protected content available to the public, does not make a ‘communication to the public’ of that content… unless it contributes, beyond merely making that platform available, to giving access to such content to the public in breach of copyright. That is the case, inter alia, where that operator has specific knowledge that protected content is available illegally on its platform and refrains from expeditiously deleting it or blocking access to it, or where that operator, despite the fact that it knows or ought to know, in a general sense, that users of its platform are making protected content available to the public illegally via its platform, refrains from putting in place the appropriate technological measures that can be expected from a reasonably diligent operator in its situation in order to counter credibly and effectively copyright infringements on that platform, or where that operator participates in selecting protected content illegally communicated to the public, provides tools on its platform specifically intended for the illegal sharing of such content or knowingly promotes such sharing, which may be attested by the fact that that operator has adopted a financial model that encourages users of its platform illegally to communicate protected content to the public via that platform".

The Court then turned to the second and third questions together, which it posed as asking: "…whether Article 14(1) of the Directive on Electronic Commerce must be interpreted as meaning that the activity of the operator of a video‑sharing platform or a file-hosting and -sharing platform falls within the scope of that provision, to the extent that that activity covers content uploaded to its platform by platform users. If that is the case, that court wishes to know, in essence, whether Article 14(1)(a) of that directive must be interpreted as meaning that, for that operator to be excluded, under that provision, from the exemption from liability provided for in Article 14(1), it must have knowledge of specific illegal acts committed by its users relating to protected content that was uploaded to its platform"

Under Article 14(1) Member States have to ensure that service providers of information society services are not liable for the information stored at the request of the recipient of the services, i.e. users, provided that the provider does not have actual knowledge of illegal activity or information and, is not aware of facts or circumstances from which the illegal activity or information is apparent, or that the provider, upon obtaining such knowledge or awareness, acts expeditiously to remove the information or to disable access to it. What is key here is that the provider has to be an ‘intermediary service provider’, meaning one that they are "…of a mere technical, automatic and passive nature, [i.e.] that service provider has neither knowledge of nor control over the information which is transmitted or stored".

The above assessment can be made considering Article 3(1), and if a provider contributes, beyond merely providing its platform, to giving the public access to protected content in breach of copyright, they won't be able to rely on the above exemption (but this isn't the sole determination on the exemption). Also, the technological measures that a provider takes to prevent copyright infringement, as discussed above, doesn't give the provider active knowledge of the infringing activity, and bring them outside the scope of Article 14(1). Knowledge or awareness, however, can be derived through internal investigations by the providers or through notifications by third parties.

Summarizing its position in relation to the questions the Court determined that "…Article 14(1)… must be interpreted as meaning that the activity of the operator of a video-sharing platform or a file-hosting and -sharing platform falls within the scope of that provision, provided that that operator does not play an active role of such a kind as to give it knowledge of or control over the content uploaded to its platform"

The Court then moved on to the fourth question, which asked "…whether Article 8(3) of the Copyright Directive must be interpreted as precluding a situation where the rightholder is not able to obtain an injunction against an intermediary whose services are used by a third party to infringe the rights of that rightholder unless that infringement has previously been notified to that intermediary and that infringement is repeated".

To put in simpler terms, the question asks if rightsholders are prevented from seeking an injunction against an intermediary if their services are used to infringe their rights, unless they have been notified of the infringement previously. 

The Court considered that national courts have to be able to stop current and/or future infringements under the Article. The process and any requirements are up to Member States to determine (but must not interfere with other adjacent EU provisions), which includes a potential requirement of notification before an injunction can be granted. However, this isn't the case strictly under the relevant Article. 

The Court did note that, pursuant to Article 15(1) of the E-Commerce Directive, Member States cannot impose a monitoring obligation on service providers over the data that they store. With that in mind, any obligation to monitor content in order to prevent any future infringement of intellectual property rights is incompatible with this Article.

In light of its considerations on the question, the Court summarized its position as: "…Article 8(3) of the Copyright Directive must be interpreted as not precluding a situation under national law whereby a copyright holder or holder of a related right may not obtain an injunction against an intermediary whose service has been used by a third party to infringe his or her right, that intermediary having had no knowledge or awareness of that infringement, within the meaning of Article 14(1)(a) of the Directive on Electronic Commerce, unless, before court proceedings are commenced, that infringement has first been notified to that intermediary and the latter has failed to intervene expeditiously in order to remove the content in question or to block access to it and to ensure that such infringements do not recur. It is, however, for the national courts to satisfy themselves, when applying such a condition, that that condition does not result in the actual cessation of the infringement being delayed in such a way as to cause disproportionate damage to the rightholder".

The fifth and sixth questions were the only ones remaining, but the Court decided that they didn't need to be answered as the first and second questions were answered in the negative.

As is apparent, the case is a huge milestone for the regulation of intermediaries and copyright on the Internet. It sets fairly clear guidelines and expectations on service providers but seems to attempt to strike a proper balance with freedom of expression and the interests of service providers and rightsholders. This, however, is very much subject to change with the introduction of the Digital Copyright Directive, which, under Article 17, now imposes an obligation on service providers to under threat of liability to make 'best efforts' to obtain authorization and act in a similar way when infringing content is present on their services. The case and the new Directive set the scene for service providers, who will have to stay on their toes with the prevalence of infringing content online these days.

18 October, 2021

An Unusual Inventor - Australian Federal Court Gives Green Light for AI Inventors of Patents

Having spoken about whether artificial intelligence could be deemed to be an inventor was something that was discussed on this blog over a year ago, with both the UK, the US and the EU, currently, not allowing for AI to be considered as an 'inventor' and therefore any inventions created by the AI would not be patentable. While this position seems to remain in those jurisdiction, an interesting development has emerged in Australia which seems to go counter to what the above jurisdictions have decided. 

The case Thaler v Commissioner of Patents concerned a patent application for a patent by Stephen Thaler (application VID108/2021) for a patent for two inventions, created by DABUS (Mr Thaler's AI system), for an improved beverage container and a flashing beacon to be used for emergencies. The case focused on whether the AI system could be an inventor under the Patents Act 1990. The Deputy Commissioner of Patents initially rejected the application as, in their view, the application didn't comply with specific requirements and that under s. 15 of the Patents Act an AI could not be treated as an inventor. Mr Thaler then sought a judicial review of the decision, which ended up in the Federal Court.

The Court first discussed the issue generally, noting that: (i) there is no specific provision in the Patents Act that expressly refutes the proposition that an artificial intelligence system can be an inventor; (ii) there is no specific aspect of patent law, unlike copyright law involving the requirement for a human author or the existence of moral rights, that would drive a construction of the Act as excluding non-human inventors; (iii) the word "inventor" has not been expressly defined and under its ordinary meaning it can include any 'agent' which invents, including AI; (iv) the definition of an "inventor" can be seen to potentially evolve and change with the times, potentially to include non-human authors; and (v) the object of the Act is to promote the economic wellbeing of the country, which should inform the construction of the Act. 

To include AI as an inventor would, according to the Court, help in promoting innovation and the promotion of economic wellbeing in Australia. But the problem of who the ultimate legal owner of the rights still remains. This would indeed promote the objective of s. 2A of the Act, which sets out the object of the Act as discussed above. 

The Court highlighted the need for a human applicant, on behalf of the AI system, for any inventions that these systems might come up with, who would then also have the rights to any patents granted for that AI system. 

The Court also discussed the notion of the "inventive step" under s. 18 of the Act, which is a legal requirement for patentability. Both s. 18 and 7, which elaborates more on the meaning of the "inventive step", don't require an inventor per say, nor that such an inventor, if even required, would be legal person. The Court concluded that, for there to be an inventive step, a legal person isn't required as the inventor at all, even though the Act does refer to "mental acts" and "thoughts".

The Court then moved onto discussing the various dictionary definitions for what an "inventor" is. This was quickly dismissed as a grounds to limiting inventors to legal persons, as the Court noted that the definitions, as set out, have moved on from the historical meanings given to them and can't be limited in the same way. 

The next issue was who the patent would be granted to under s. 15 of the Act (but focusing on still who could be classed as an "inventor"). The section includes four different classes of person to whom a patent can be granted. 

The first is if the inventor is a person. The Court quickly determined that, as DABUS is not a person that the section won't apply in this instance, but also discussed that this does not demonstrate that the concept of a "person" would be different to that of an "inventor". An AI system could indeed be the inventor, but not able to be granted a patent as they don't fulfill the requirements of s. 15. 

The second one is a person who would, on the grant of a patent for the invention, be entitled to have the patent assigned to them. This will be discussed in more detail following the other classes. 

The third one is a person who derives title to the invention from the inventor or a person mentioned in the second class. Again, this will be discussed further in the context of the second class. 

Finally, the fourth one is a person who is the legal representative of a deceased person in one of the earlier named classes, which, unsurprisingly, the Court determined to not apply here.

Returning to the question of the second and third classes, the Court first highlighted that Mr Thaler could indeed fall under the second class as the programmer and operator of DABUS, through which he could acquire title in any inventions that may be granted patents over. The title in the patent flows through to Mr Thaler automatically, so wouldn't require the assignment of any rights by the inventor (here DABUS) to Mr Thaler. Additionally, the Court determined that s. 15 doesn't require an inventor at all, but only requires that an applicant is entitled to have a patent assigned to them. 

Also, Mr Thaler, according to the Court, would fall under the third class as he, on the face of it, he has derived title to the invention from DABUS. As the AI system cannot legally assign any inventions to Mr Thaler, however, the language of s. 15 does allow for one to derive rights in an invention even outside of legal assignment of those rights. All of Mr Thaler's rights in any invention become his by virtue of his ownership and operation of the inventor, DABUS. 

The Court succinctly summarised the matter as "generally, on a fair reading of ss. 15(1)(b) and 15(1)(c), a patent can be granted to a legal person for an invention with an artificial intelligence system or device as the inventor".

Ultimately what the case focused on is whether a valid patent application has been made, rather than who will own any patent that might be granted in the future. 

What the Court determined was that "...an inventor as recognised under the Act can be an artificial intelligence system or device. But such a non-human inventor can neither be an applicant for a patent nor a grantee of a patent". This still leaves the ownership of a patent in the air, but, focusing on what was discussed by the Court, it is more than likely that ownership in any AI inventions would automatically pass to the owner and operator of that AI system. 

The Australian Court's approach to this question has hugely departed from the viewpoints of that of the US, UK and the EU, where AI systems have been rejected as potential inventors. It will be very interesting to see the law change and evolve in this in the years to come, in particular any decisions on the granting of a patent to the owner of an AI system, but so far at least Australia seems to be on the vanguard of allowing for AI systems to potentially push the envelope on innovation and to protect those innovations in the process. 

10 August, 2021

Copying Not Allowed - Search Engines Copying Databases Infringes Database Rights If It Causes Financial Detriment, says CJEU

Following an earlier opinion from the Advocate General, the CJEU set out its findings on the infringement of database rights by search engines in the indexing of other websites' content. Discussed earlier in this blog, the decision is an important one to set the potential boundaries of database rights and indexing, especially when indexing is so ubiquitous in how the Internet as we know it functions. The decision will leave some rightsholders wanting more, as now the position swings firmly in the direction of the indexing websites.

The decision in CV-Online Latvia SIA v Melons SIA concerned the website CV-Online, which included a database of job advertisements published by various employers. The website also included various metatags, or 'microdata', which, while not visible to the users of the website, contained key information to allow internet search engines to better identify the content of each page in order to index it correctly. These metatags included keywords like  ‘job title’, ‘name of the undertaking’, ‘place of employment’, and ‘date of publication of the notice’.

Melons operate a separate website containing a search engine that specializes in job ads. The search engine allows users to search a number of websites containing job ads in one go according to specific criteria that they set. The Melons' website then produces results based on that search, where users can click on links that take them to that particular job website where the ad is located (including CV-Online). Unhappy about this indexing of their content, CV-Online took Melons to court for a breach of their 'sui generis' right under Article 7 of Directive 96/9. The case progressed through the Latvian courts, ultimately ending up with the CJEU this Summer. 

The CJEU was asked two questions, which the court decided together. 

The question posed to the court asked: "whether... the display, by a specialised search engine, of a hyperlink redirecting the user of that search engine to a website, provided by a third party, where the contents of a database concerning job advertisements can be consulted, falls within the definition of ‘re-utilisation’ in Article 7(2)... and... whether the information from the meta tags of that website displayed by that search engine is to be interpreted as falling within the definition of ‘extraction’ in Article 7(2)(a) of that directive".

The court first discussed 'sui generis' rights in general, which allow rightsholders to ensure the protection of a substantial investment in the obtaining, verification or presentation of the contents of a database. What is required for a database to be protectable is "...qualitatively and/or quantitatively a substantial investment in the obtaining, verification or presentation of the contents of that database". Without that investment, the courts will not protect any databases under sui generis rights. The court assumed that this would be the case in terms of CV-Online, however, this matter would ultimately be decided by the local courts following the CJEU's decision. 

For there to be an infringement of sui generis rights there has to be an ‘extraction’ and/or ‘re-utilisation’ within the meaning of Directive, which, as summarised by the court, includes "...any act of appropriating and making available to the public, without the consent of the maker of the database, the results of his or her investment, thus depriving him or her of revenue which should have enabled him or her to redeem the cost of that investment"

The court discussed the applicability of the above to the operation of Melons' website and determined that such a search engine would indeed fall within the meaning of extraction and re-utilisation of those databases that the website copies its information from (including in indexing that content). However, this extraction/re-utilisation is only prohibited if it has the effect of depriving that person of income intended to enable him or her to redeem the cost of that investment. This is important since without this negative financial impact the copying will be allowed under EU law.

The court also highlighted that a balance needs to be struck between the legitimate interest of the makers of databases in being able to redeem their substantial investment and that of users and competitors of those makers in having access to the information contained in those databases and the possibility of creating innovative products based on that information. Content aggregators, such as Melons, are argued to add value to the information sector through their acts and allow for information to be better structured online, thus contributing to the smooth functioning of competition and to the transparency of offers and prices.

The referring court would therefore have to look at two issues: (i) whether the obtaining, verification or presentation of the contents of the database concerned attests to a substantial investment; and (ii) whether the extraction or re-utilisation in question constitutes a risk to the possibility of redeeming that investment.

The court finally summarised its position on the questions as "...Article 7(1) and (2)... must be interpreted as meaning that an internet search engine specialising in searching the contents of databases, which copies and indexes the whole or a substantial part of a database freely accessible on the internet and then allows its users to search that database on its own website according to criteria relevant to its content, is ‘extracting’ and ‘re-utilising’ the content of that database within the meaning of that provision, which may be prohibited by the maker of such a database where those acts adversely affect its investment in the obtaining, verification or presentation of that content, namely that they constitute a risk to the possibility of redeeming that investment through the normal operation of the database in question, which it is for the referring court to verify".

The decision will, as said above, come as a big blow to database owners, as the added requirement of financial detriment will be a big hurdle for many to overcome in order to protect their databases from potential copying. The CJEU also notes the utility of indexing and the 'copying' of such databases by content aggregators as useful means of organizing the Internet, which leads to the question of where the limits actually are. It will remain to be seen how the decision will impact databases going forward, but one might imagine the more commercial value in a database the less likely the courts will allow copying of that database. 

08 June, 2021

Broken Down and Built Again - AG Szpunar Opines Whether the Decompilation of Computer Programs Infringe Copyright

Hot off the heels of the recent decision in Oracle v Google, copyright protection in computer programming is facing its latest hurdle, which is this time in the European courts. A big aspect of computer software management is the fixing of ever-present errors, be it due to the implementation of the software or the software in isolation. When you encounter such bugs you might have to decompile the program, which, to put simply, means to convert an executable computer program into source code, allowing you to fix errors and then to recompile the program to enable its execution. While decompiling can be used for more nefarious purposes (such as to enable the 'cracking' of protected software), it can allow for the fixing of legitimate issues in licensed copies of software. But, because of this potential nefarious way of using decompilation, would doing so breach copyright? Luckily the CJEU is on the case, but before the main court has looked at the issue Advovate General Szpunar gave his two cents a little while ago.

The case of Top System SA v Belgian State concerned a number of applications developed by Top Systems for the Belgian Selection Office of the Federal Authorities (also called SELOR), including SELOR Web Access and eRecruiting, which is in charge of the selection and orientation of future personnel for the authorities' various public services. Many of the applications developed by Top Systems contained tailor-made components according to SELOR's specifications. In February 2008 Top Systems and SELOR agreed on a set of agreements, one of which concerned the installation and configuration of a new development environment as well as the integration of the sources of SELOR’s applications into, and their migration to, that new environment. As with many projects, there were issues which affected the various applications. Following these problems Top Systems took SELOR (and the Belgian state) to court for copyright infringement due to the decompilation of Top Systems' software. After the usual progression of the matter through the Belgian courts the matter ultimately ended up with the CJEU, and also the desk of the AG. The referring court asked the CJEU two questions. 

The first question asked "...whether Article 5(1) of Directive 91/250 permits a lawful acquirer of a computer program to decompile that program where such decompilation is necessary in order to correct errors affecting its functioning"

The AG first noted that, while computer programs have copyright protection over the reproduction of the program, it is limited due to the nature of how computer programs work (i.e. they need to be reproduced on a computers memory to operate). Strict enforcement would impede consumers' use of computer programs and therefore isn't desirable. The same applies to the protection against alteration. The Directive above does take account of this and sets out that reproduction and alteration of computer programs "...do not require authorisation by the rightholder where they are necessary for the use of the program by the lawful acquirer, including for error correction". However, Article 5 does leave the possibility open to restrict these acts through contractual provisions. 

Even with that being a possibility, the ability to contractually restrict the reproduction or alteration is there, this cannot extend to all such activities, as the acts of loading and running of a computer program necessary for that use may not be prohibited by contract. 

The AG then moved onto the matter of decompilation for the purposes of correcting errors. He agreed with the submissions made by the interested parties in that decompilation is covered by the author's exclusive rights under the Directive, even though there is no express 'decompilation' provision there. 

Gary wanted to fix the software, but his hands were tied...

Although argued by TopSystems, decompilation cannot be excluded from those rights under Article 6 according to the AG (which allows for reproduction and translation of a computer program if it is indispensable for the operation of the program with other programs). The relevant provision therefore remains at Article 5 and 6 will have no bearing on the exclusion of decompilation. Article 6 does not stand as the only instances where it is possible to decompile a computer program.

The AG therefore proposed that the first question be answered as "... Article 5(1)... is to be interpreted as permitting a lawful acquirer of a computer program to decompile that program where that is necessary in order to correct errors affecting its functioning"

He then moved onto the second question which asked "...in the event that Article 5(1)... were to be interpreted as permitting a lawful acquirer of a computer program to decompile that program where that is necessary in order to correct errors, that decompilation must satisfy the requirements laid down in Article 6 of that directive or, indeed, other requirements"

Article 6 sets out, as discussed above, the decompilation of a computer program where that is necessary in order to ensure the compatibility of another independently created program with the program. The AG discussed the specific requirements under Article 6, namely that: (i) they only apply to those who have lawfully acquired the program; (ii) the decompilation must be necessary in order for that program to be used in accordance with its intended purpose and for error correction; and (iii) the intervention of the user of the computer program must be necessary from the perspective of the objective pursued. 

In relation to the second condition, the AG noted that an 'error' should be defined as "...a malfunction which prevents the program from being used in accordance with its intended purpose". One has to note that this does not include the amendment and/or improvement of a program, but simply the enabling of the use of the program for its intended purpose. 

On the third condition, the AG specified that, while the decompilation of a program can be necessary, it always isn't. He determined that "...the lawful acquirer of a computer program is therefore entitled, under [Article 5(1)], to decompile the program to the extent necessary not only to correct an error stricto sensu, but also to locate that error and the part of the program that has to be amended". So, a lawful user can decompile a program to both fix and locate any errors, which gives them quite a wide berth in doing so. Nonetheless, the AG noted that the decompiled program cannot be used for other purposes. 

The AG therefore proposed the answer to the second question as "...Article 5(1)… is to be interpreted as meaning that the decompilation of a computer program... by a lawful acquirer, in order to correct errors in that program, is not subject to the requirements of Article 6 of that directive. However, such decompilation may be carried out only to the extent necessary for that correction and within the limits of the acquirer’s contractual obligations"

The CJEU's decision will be an interesting one and will undoubtedly impact the ability of programmers and companies to decompile computer programs to correct any errors they might find during the use of said programs. It would make sense to allow for their decompilation for this restricted purpose, since without that right major errors could render programs useless until the point when the provider can, and decides to fix those errors. It remains to be seen whether the CJEU will agree with the AG, but it would seem sensible for them to follow his responses. 

13 April, 2021

Not as the Oracle Foretold - US Supreme Court Decides on Copyright Infringement in relation to APIs

APIs, or Application Programming Interfaces, are absolutely everywhere these days. APIs allow for two pieces of software to 'speak' with each other, sharing information across to allow for interactivity and interconnectivity between different software applications. While many providers share their APIs freely for implementation, there is still certain rights that attach to those APIs in the form of copyright over the code itself. Just like text in a book, code can be protected by copyright and, in many instances, is absolutely worth protection if a particular coding language becomes very popular. This has been the central focus of an epic legal battle between Oracle and Google in the US, which has spanned for nearly 10 years (discussed previously on this very blog), and the highly anticipated US Supreme Court decision has finally been handed down in early April 2021. 

The case of Google LLC v Oracle America Inc. concerned the Java SE program, which uses Oracle's Java programming language. Parts of the Java SE program's code (roughly 11,500 lines of code) was used in the development of Google's Android operating system, which formed a part of the Java SE API. Java SE is commonly used to develop programs primarily to be used on desktop and laptop computers, which also extends into the realm of smartphones. Oracle subsequently sued Google for copyright infringement over this copied code, and the matter finally ended with the Supreme Court after a long 10-year journey through the US courts. 

The Supreme Court were tasked at looking at two questions: (i) whether Java SE’s owner could copyright the portion that Google copied; and (ii) whether Google’s copying nonetheless constituted a “fair use” of that material. 

Justice Breyer, handing down the majority's judgment, first started off discussing the basic requirements for copyright protection. This means that the work has to be one of authorship, original and fixed in a tangible medium. Copyright encompasses many types of works, such as literary, musical and architectural works, but in a more unconventional manner it includes 'computer programs', which are "...a set of statements or instructions to be used directly or indirectly in a computer in order to bring about a certain result". In terms of limitations, copyright does not extend to "...any idea procedure, process, system, method of operation, concept, principle, or discovery". In addition to copyright protection in general, one has to consider the remit of 'fair use', which allows for the use of copyright protected works for various purposes, e.g. criticism, satire and news reporting. 

The first question, as set out above, concerned whether the provision extending copyright protection to 'computer programs' includes APIs and/or whether they are excluded as 'processes', 'systems' or 'methods of operation' from copyright protection. However, the Supreme Court skipped the copyright aspect of the matter and immediately dove into whether Google's use of the API was fair use.

Justice Breyer noted that computer programs differ from other 'literary works' in that such programs almost always serve functional purposes, which makes the application of copyright to them more difficult. He also mentioned that, in discussions to extend copyright to computer programs, it should not "...grant anyone more economic power than is necessary to achieve the incentive to create". The key is to not allow copyright to stifle innovation in the realm of computer programs. 

Justice Breyer also mentioned that fair use can be used to distinguish between expressive and functional features of computer code where those features are mixed, and allow for different programs to be more readily distinguished in the light of protection. 

Turning to actually considering whether Google's copying fell into fair use, the Supreme Court had to look at the well-established factors of fair use: (i) the nature of the copyrighted work; (ii) the purpose and character of the use; (iii) the amount and substantiality of the portion used; and (iv) market effects. 

In relation to the first factor, the Supreme Court discussed the use of APIs in general as a way for computer programs to speak to each other. APIs also comprise three different 'functional' aspects, which are various parts of code that handle different aspects of the APIs functionality. Justice Breyer highlighted that the parts are inherently functional and bound together by uncopyrightable ideas (i.e. task division and organization) and new creative expression in the form of Android's implementing code. In their view the nature of APIs diminishes the need for copyright protection over them.

In terms of the second factor, the focus is on the transformative nature of a copyright protected works use. Google sought to make new products using the API and to expand the usefulness of the Android OS - argued to be transformative and innovative around the copying of the API. The Supreme Court also noted that one has to consider both the commerciality and good faith in relation to the copying. Justice Breyer determined that, while Google's use of the API was a commercial endeavor, it doesn't mean that the use cannot be transformative. Good faith was not a consideration in the case, but Justice Breyer did highlight that the other factors on the copying of the API weight towards a finding of fair use. 

The Court then moved onto looking at the amount of the work copied. As discussed above, Google copied approximately 11,500 lines of code, which was a mere fraction of the totality of 2.8 million lines in Java SE. While the amount is important, it's the substance of what was copied that is the most important part when thinking about substantiality. Why the lines were copied was to enable Java experienced programmers to work with Android; without which this would have been very difficult. This objective for the copying was to enable the expansion of Android, not to replace Java SE, and the Court did see that this favored a finding of fair use.

Finally, the Court turned to the market effects of the copying, i.e. did it impact the market value of the protected work. Thinking of the use of the code, it was in a market sector where Sun Microsystems (Oracle's predecessor) was not well-positioned, and the primary market for Java SE was PCs and laptops. Android used in smartphones was in no way a substitute for traditional computers where Java SE was typically used. However, the code's implementation did benefit Android through attracting developers to improve the OS. The Court saw that the copying didn't impact Sun Microsystem's position in the marketplace, and issues with an impact on creativity within the development of programs like Android, weighed for a finding of fair use. 

Rounding things off, Justice Breyer discussed the application of copyright in the world of computers and the difficulties the old concept has in adapting to this new environment. In his view, copyright very much persists in computer programs (and their underlying code), but emphasized the fair use doctrine's place in the same. 

The Supreme Court ultimately concluded that Google's copying was fair use as a matter of law and therefore there was no infringement of Oracle's code.

The case is a massive milestone in the application of copyright in computer programs and code, and as the court observed, Google only took "...what was needed to allow users to put their accrued talents to work in a new and transformative program". This is curious and can open the door for others to copy code as and when needed, without licensing, if it is used to allow for innovation through the implementation of well-established technologies. Justice Thomas did indeed write a very strong dissent to the majority's verdict, which highlights the blurring of copyright in relation to code. It remains to be seen how this precedent is applied by the courts in future cases, but it could very well lead to the limits of fair use in relation to code being tested sooner than you think. 

23 March, 2021

Removing the Frame - Circumvention of Technical Measures Stopping the Sharing of Copyright Works is Communication to the Public, says CJEU

The use of images online seems to be near a free-for-all, where content is copied, shared and viewed across websites and with very little consideration on IP issues. One such way is 'framing', where you showcase an image on your website through the original URL on the website where it was uploaded. This allows for you to share the image, but not copy it across, i.e. 'framing' it within your web page. The CJEU looked at this matter some 6 years ago in BestWater, however, the issue has now come back again for determination at the CJEU. This time around the question related to the restriction of framing on websites.

The case of VG Bild-Kunst v Stiftung Preu├čischer Kulturbesitz concerned a German digital library called "Deutsche Digitale Bibliothek", operated by SPK, which networks German cultural and scientific institutions. The website contains links to digitized content stored on the internet portals of participating institutions; however, many of these are stored as simple thumbnails on the site, which then lead to the page on that subject matter. VG asserted that the license agreement between the parties allowing for the use of its catalogue works in the thumbnails required that adequate security measures be put in place by SPK when using the images on the DDB website. SPK objected to this, considering it to not be a reasonable requirement, and sought declaratory relief to this effect in the German courts, requiring the granting of the license by VG without such a condition.  After traveling through the German courts the matter ultimately ended up with the CJEU, who handed down their decision earlier this month.

The CJEU summarized the question posed as "...whether Article 3(1) of Directive 2001/29 must be interpreted as meaning that the embedding, by means of the technique of framing, in a third party website page of works that are protected by copyright and that are made freely accessible to the public with the authorisation of the copyright holder on another website, where that embedding circumvents protective measures against framing adopted or imposed by the copyright holder, constitutes a communication to the public within the meaning of that provision"

Article 3 requires that EU Member States protect the exclusive rights given to copyright holders through national legislation, specifically in relation to communication to the public via wired or wireless means (i.e. the Internet). The focus for the CJEU was to decide whether the framing of the thumbnails on the DDB website is itself to be considered to be a communication to the public within the meaning of Article 3(1). 

The CJEU noted, as a primer, that a 'communication to the public' includes the transmission of works wirelessly via the Internet. Additionally, authorization of the inclusion of protected works in a communication to the public does not exhaust the right to authorize or prohibit other communications to the public of such works. As such, VG still retained the right to prevent any further communication it objected to. 

As has been discussed before, the actual 'communication to the public' of a work looks at two factors: (i) an ‘act of communication’ of a work; and (ii) the communication of that work to a ‘public’. 

Firstly, any act where a user, in full knowledge of the consequences of what he or she is doing, gives access to protected work is liable to constitute an act of communication. Secondly, for that act to be classed as a 'communication to the public', the protected work must be communicated to a public consisting of an indeterminate number of potential recipients. The communication itself has to be done using specific technical means different from those previously used, or to a new public, i.e. a public that was not already taken into account by the copyright holder when he or she authorized the initial communication. 

Following the consideration of the legal underpinnings of the matter, the CJEU turned to considering whether there had indeed been a communication to the public.

The act of framing, according to the CJEU, at first blush does constitute a communication to the public; however, as set out in previous CJEU case law, provided that the technical means used by the technique of framing are the same as those previously used to communicate the protected work to the public on the original website (i.e. the Internet), the work is not communicated to 'the public' as it isn't communicated to a new public. Since the works were left freely available on the websites, with no technological means implemented to prevent sharing, a new public wasn't possible and they tacitly authorized the distribution of the works by third-parties. However, if a link has been added to a website allowing for the circumvention of any technological means implemented to stop the sharing of the content, this would be a communication to the public and therefore an infringement. 

Tying matters to the case at hand, the CJEU saw that "...by adopting, or by obliging licensees to employ, technological measures limiting access to his or her works from websites other than that on which he or she has authorised communication to the public of such works, the copyright holder is to be deemed to have expressed his or her intention to attach qualifications to his or her authorisation to communicate those works to the public by means of the Internet, in order to confine the public for those works solely to the users of one particular website". If there then is sharing of those works, e.g. by framing, it would be communication to the public and an infringement (as that was not authorized by the copyright holder). 

Following further discussion, the CJEU concluded that "...Article 3(1)... must be interpreted as meaning that the embedding, by means of the technique of framing, in a third party website page, of works that are protected by copyright and that are freely accessible to the public with the authorisation of the copyright holder on another website, where that embedding circumvents measures adopted or imposed by that copyright holder to provide protection from framing, constitutes a communication to the public within the meaning of that provision".

The decision adds on to the already sizeable precedent pool on framing, and highlights that, if technical measures are employed to prevent the sharing of content beyond a specific website, the communication of that work would be an infringement of copyright. This makes sense, since the licensing, and subsequent protection, of works for use on a specific website would be pointless if that were rendered effectively void by allowing for the wanton sharing of that content. The case highlights the need for copyright holders to put in requirements for the implementation of measures to protect their rights so as to avoid implicit consent to the sharing of their works online. 

10 March, 2021

Non-Fungible Tokens (NFTs) are All the Rage - It Is Not Copyright and is Ripe for Misunderstanding and Misuse

Anyone who works in the sphere of intellectual property in the law will have come accustomed to misunderstandings in how various IP rights work, what they mean in real terms and how they can be utilized by both people and businesses. Recently I have come across a new world of "copyright" (even though it is not copyright in any form) that seems to be speculated over, which is Non-Fungible Tokens or NFTs that are used to sell "rights" in digital art. 

For the uninitiated, NFTs are a part of the Ethereum cryptocurrency blockchain, allowing for the distribution and/or sale of unique (i.e. non-fungible) tokens that are separate from the cryptocurrency itself. NFTs themselves can be anything that is digital, and identified as unique through the token (proving that the piece is indeed the original), and can be sold much like a physical piece of art, but in the digital world. What has made things surprising to this writer is the misunderstanding and mixing up of NFTs with copyright, so it might be worth discussing the differences between these and the implications of copyright on the sale of NFTs. 

As a brief primer, copyright is an IP rights that protects the expression of ideas, but not the ideas themselves. This means that you will have copyright in e.g. a piece of art you draw, a photo you take or a video you create, and can utilize copyright to prevent others from copying that work. This also enables the licensing of these rights to others, allowing them to copy the works under the terms of the license; however, copyright does not really impact the sale of a physical item such as a painting. Often the latter point leads to confusion as to the application of copyright to the sale of works, but it undoubtedly will impact the sale of digital copies of works. 

The potential problem with how NFTs are portrayed seems to equate them to the world of copyright, meaning the NFT gives you some sort of rights over the digital art you've purchased the token for. In fact, this is not the case, since NFTs don't give anyone any rights over the digital art, but simply act as provenance to the fact that you "own" the original digital piece. Even though you "own" the art, the ultimate copyright holder retains the rights over the distribution of the art piece. 

With that in mind, do you actually own anything? Yes and no. You own the 'receipt' for the digital art piece in the form of the NFT, but this doesn't give you any further rights, especially under copyright. The artist keeps those rights unless they sell it to you along with the NFT (and in most instances they will not do so). 

One issue that can be overlooked here is individuals or companies could conceivably claim an NFT on works that are not their own and take away monetary gains from artists who don't know, or haven't cared to, do so themselves. This could then lead to a wider sharing of works through these "authenticated" copies that negatively impacts the artist, including the aforementioned monetary loss through a missed opportunity to sell a genuine NFT to your works. Artists will have claims under copyright to challenge the sale of any NFTs (and the potential distribution of their works). 

It seems that NFTs are riding the craze of cryptocurrency, and one should be careful and understand what NFTs actually mean in terms of ownership, and what implications there are in the light of copyright. There will be issues that artists, sellers and purchasers will have to keep in mind, and while it might be cool to "own" a 'signed' copy of a piece of digital art when you buy an NFT, its limits are simply that; it's a way to prove that you have potentially purchased the genuine article, but that's it.