Top 3 Copyright Handling Best Practices for Internet Service Providers cover


Top 3 Copyright Handling Best Practices for Internet Service Providers

Copyright and trademark infringement risk used to be lower for movie studios, book publishers, and record companies. They knew who produced consumer products, how many were made, where they were shipped, and how many remained unsold. While piracy still occurred, pirates had to find rogue manufacturing and invest heavily to physically copy books, movies, or recordings before the internet.

With the advent of the internet, it became easier and more profitable to circumvent copyright laws. Copying and distributing digital works cost almost nothing, and millions of copies can be in consumers' hands within minutes.

As a result, the companies that produce intellectual property (IP), such as films, books, and other products, began to lose revenue. This loss has also been felt by the authors, producers, actors, and other individuals compensated through their related royalties.

In response, countries are increasingly banding together to enforce intellectual property laws. In the USA, the Digital Millennium Copyright Act (DMCA) is the premiere IP law. No matter the country, IP laws provide protection to network providers (ISPs and hosting providers) while providing support to legitimate copyright holders if they follow several simple rules. Learn more about how copyright and trademark theft affects service providers.

How Following Copyright Handling Best Practices Help Internet Service Providers
Copyright and Intellectual Property Law

Network Provider Liability for Copyright Infringement

There are three circumstances under which a Network Provider (ISP or Hosting Provider) could be found liable for copyright infringement committed by its users.

  1. If the Network Provider knowingly hosts copyrighted items and directly benefits from them financially, it could be guilty of direct infringement.
  2. If the Network Provider knows about the infringing activity and materially contributes to or assists with the infringement, it could be guilty of contributory infringement.
  3. If the Network Provider receives a financial benefit from the infringement and has the ability and suitability to control its users, it could be guilty of vicarious liability.

Contributory infringement is more common than direct infringement. Vicarious infringement can be difficult to prove because plaintiffs must demonstrate the network provider's ability and suitability to control its users. However, some ISPs have been caught because their terms of service specifically state that they can terminate a user's account for a list of violations, including copyright infringement, yet they fail to do so.

Safe Harbor for Network Providers

The DMCA (Digital Millennium Copyright Act) provides a safe harbor provision that can protect a network provider (ISP or hosting provider) from liability for copyright infringement. Other countries are similar in their requirements. Here are the conditions:

  1. The network provider has no direct knowledge or substantial reason to suspect infringement.
  2. The network provider is not receiving a financial benefit from the infringement.
  3. The network provider complies with any takedown notice provisions for removing copyrighted material sent by the copyright owner or an authorized agent of the copyright owner.

However, lawsuits over the last few years have shown that the safe harbor provision has become less secure. Network providers must follow the DMCA or their country's laws verbatim if they expect safe harbor protection.

Three actions prevent network providers from being held liable for copyright and trademark Infringement.

To protect your network from potential liability, it's essential to acknowledge that some of your users may violate intellectual property laws. Here are three ways to shield yourself:

1. Adopt and communicate a copyright infringement policy to your users. 

Display the policy prominently on your website or include it in your terms of use. The policy should explain that you'll respond promptly, terminate accounts, or ban users who infringe repeatedly.

2. Adopt and communicate a copyright infringement notification policy and process. 

Display the notification policy and procedure on your website in an easy-to-locate location. Provide information about the proper process that notice to your network must follow, including your abuse address [email protected].

Since many automated reporters will automatically use the abuse address you have registered with your RIR, you should use this as your copyright address and not a unique email address.

Also, the policy request that reports sent to the abuse address uses a standardized format. We recommend using XARF by SMTP with the Copyright Schema.

If you are a hosting provider, provide a web form for individuals filing copyright claims to make processing easier. Configure your web form to use the XARF JSON schema also makes storing all report information in a unified form easier.

Regardless if a report is filed by email or web form, it is also required in the posted policy (and in any web form) that copyright infringement reports include:

  • identification of the infringed works
  • an electronic or physical signature of someone authorized by the copyright owner to file the claim
  • the complaining party's contact information: a statement that the filer believes in good faith, that the copyright owner did not authorize using the material, and that the information submitted in the complaint is accurate

3. Process infringement reports immediately and automatically.

Upon receipt of copyright infringement reports, immediately verify that the notice complies with the requirements.

If the infringing material is hosted on a website, typically at a hosting provider, disable access to the offending material and notify your subscriber or user of the removal so they can file a counter-notice. If you receive a valid counter-notice, notify the copyright owner and include a copy of the user counter-claim.

If the copyright notification involves a peer-to-peer transfer of intellectual property, typical of an access provider, notify the subscriber of the copyright infringement and your five or six-strikes policy (and post a link to your terms of use) that says repeat offenses will result in the termination of the subscriber's service. You should also warn the user of the high prevalence of malware with peer-to-peer transfers.

Digital piracy is a persistent problem, and network providers must comply with all DMCA provisions to qualify for safe harbor protections. Automation can help.

Abusix's AbuseHQ can dramatically increase your efficiency in processing reports and reduce risk. Our customers testify that after implementing AbuseHQ, 100% of all reports to the abuse@ address get processed and acted upon, and staff is more efficient and effective.

If you're serious about reducing your potential liability, contact us at [email protected] today to learn more about how we can help you.

Read More


Introduction Navigating the online world, our emails are often targeted by sneaky cyber threats, always crafting new ways to slip...


For over 15 years, Abusix has been dedicated to enhancing Trust and Safety on the internet, starting the company with...


Integration with leading business management software protects against cyber attacks NEW YORK, August 10, 2021 – With cyber attacks on...