A judge in California has ruled that Cloudflare isn’t protected from DMCA injunctions. As a result, they may be held liable for alleged copyright infringement of websites they protect.
Cloudflare is a CDN (Content Delivery Network) service. One of the features it provides is protection from Distributed Denial of Service Attacks (DDOS). Their service grew thanks in part because tools to execute DDOS attacks on websites became more easily accessible to more average users. If a server goes down, cached pages hosted by Cloudflare can be put up so that the website is still available. Such mechanisms for the average webmaster isn’t necessarily that readily available otherwise.
As is the case for many other websites, as the website grows, it encounters problems. Sometimes, it’s legal problems as is the case here. YouTube had similar problems when copyright holders accused (and still do sometimes) the site of being a vehicle for copyright infringement. In this case, however, copyright holders are legally challenging the site by saying that they are responsible for the actions of the clients that they serve.
Some websites in question here are BitTorrent websites. Now, under most circumstances, the BitTorrent website, at most, hosts a tracker. They don’t actually host any copyright infringing material such as music or movies. Instead, the tracker basically directs the users to each other so they can exchange bits of data. The allegedly infringing material is actually hosted on the end-users computer.
For several years, rightsholders have been going after these BitTorrent websites with varying degrees of success. For instance, most people in the BitTorrent community would agree that it is crazy to host a public BitTorrent tracker in the US. In fact, most would agree that hosting a private BitTorrent tracker in the US is equally crazy. So, most, if not, all BitTorrent websites that don’t have a legal bent to them typically host their servers in other countries.
So, with the rise of DDOS protection services such as CloudFlare, rightsholders seem to be going after those services in an attempt to at least make it more difficult for website owners like BitTorrent operators to keep their sites up and running. One advantage rightsholders have is that Cloudflare operates in the US. As a result, Cloudflare is well within the US jurisdiction.
Cloudflare, for its part, argued that it doesn’t take part in any of the activities of their clients website. As a result, they cannot be served notice for infringement. According to The Stack, the judge ruled against the service, saying that it can, in fact, be served notice as a participant. From the report:
A Florida district court has ruled that Cloudflare, the content delivery network (CDN), is not protected from anti-piracy injunctions by the Digital Millennium Copyright Act (DMCA).
As a result, Cloudflare may be held responsible for activities undertaken in support of torrent websites that have been served anti-piracy injunctions.
This decision serves as a clarification of the liability a CDN may have in regards to the web content it delivers. While Cloudflare is not directly responsible for copyright infringement activities conducted by clients, it may be responsible for defending actions that are seen as participating in evading legal injunctions against those sites.
For Cloudflare, this is certainly a loss. In fact, it is a potential legal and business loss because they do have websites like BitTorrent sites as clients. This does mean a shrinkage of a revenue stream. How much their revenue stream will shrink as a result, that is something only Cloudflare will ever truly know.
For the Recording Industry Association of America (RIAA), this may seem like a win. Unfortunately, for them, the victory, if it remains a victory, may prove to be a hollow one at best. As mentioned earlier, BitTorrent website operators simply moved offshore to other countries when the legal system was so heavily tilted towards the corporate interests. What this means for entrepreneurs worldwide is that if they start a reliable DDOS protection service, they stand to gain from Cloudflares loss. Because of this, the RIAA goes back to the all too familiar game of whack-a-mole as it did with filesharers on the Kazaa networks several years ago.
How all this plays out in the long run is still unclear. For all we know, Cloudflare could appeal the decision and argue, say, safe harbour. They don’t actively monitor their networks in the same way ISPs don’t actively monitor their networks for infringing activities, how can they be liable for infringement, yet ISPs don’t? For now, this court case can be a new defining moment in the industry’s war on copyright infringement.