Europe's online source of news, data & analysis for professionals involved in packaged media and new delivery technologies

ANALYSIS: Filtering & graduated response against online infringers

In most legal systems, the primary copyright enforcement mechanism is for the copyright owner to bring a civil action against an alleged infringer. Critics have complained that, given widespread online infringement, case-by-case judicial enforcement imposes unjustified costs on all parties. JIM BURGER, Partner at US law firm Dow Lohnes, reviews the remedies being considered.

The cost and perceived limited effectiveness of individual lawsuits have led some copyright owners, and sympathetic governments, to support alternative measures for suppressing illegal Internet file sharing.

The two most popular alternatives to judicial process are filtering and graduated response (or “three-strikes”). Both methods require Internet service providers (ISPs) to take action on behalf of copyright holders. To implement filtering, ISPs must install hardware or software that detects and in some cases slows, stops, or blocks access to allegedly infringing content on their network. Graduated response regimes require ISPs to relay two warnings from copyright holders to alleged infringers and, upon a third allegation, to disconnect users from the Internet, with or without a judicial determination of infringement – hence “three strikes and you’re out.”

Neither form of regulation requires government action. ISPs could agree to implement these measures voluntarily; but few have done so, despite copyright owner efforts. Absent private arrangements, some copyright holders and government officials have advocated government action to require or encourage ISPs to implement filtering and three strikes regimes. This article is the second annual survey of such government action worldwide.

The United States

As noted in last year’s article, there is no specific graduated response or filtering requirement under US law. Nor have there been any legislative proposals to require Internet Service Providers to implement either mechanism. Instead, both have been part of the focus of three ongoing US efforts: the Anti-Counterfeiting Trade Agreement (ACTA), the activities of the new Intellectual Property Enforcement Coordinator (colloquially known as the IP Czarina), and the recent Lime Wire Federal Court decision interpreting the Supreme Court Grokster ruling in a way that appears to require filtering for P2P software publishers that “induce” infringement.

The ACTA negotiations among some 30 countries have become quite controversial worldwide, including prompting a stunning 633-to-13 European Parliament vote critical of Europe ministers participation in the negotiations. The treaty, negotiated in secrecy, contained what was called an “Internet Chapter,” which is the most controversial part of the draft. Under considerable pressure from public bodies, like the EU Parliament, as well as private interests, the ACTA countries released a public draft of the Treaty. It was rumored ACTA would required graduate response. Such a provision was not in the released draft.

There are two options in the draft that are abridged version of the US safe harbor law for ISPs. That law grants ISPs immunity from copyright liability for infringing content flowing over their network or posted on their websites; provided, however, it comply with certain requirements. One of those requirements in the US law is that the ISP has adopted and reasonably implemented, and informs subscribers and account holders of the service provider's system or network of, a policy that provides for the termination in appropriate circumstances of subscribers and account holders of the service provider's system or network who are repeat infringers. (17 U.S.C. §512(i)(1)(A))

There may be such policies on the books of US ISPs, but I am not aware of any ISP that has terminated a subscriber under such a policy.

The first option is a somewhat weaker version of the US “policy” requirement, and would condition ISP IP immunity on: “an online service provider adopting and reasonably implementing a policy to address the unauthorized storage or transmission of materials protected by copyright or related rights….” The second option simply is a savings clause, i.e., ACTA would not bar a judicial or administrative authority, under that country’s law, from requiring an ISP “terminate or prevent an infringement” nor prevent establishment of “procedures governing the removal or disabling access to information.” In essence, if either option winds up in a final agreement, it pretty much leaves the situation as it is today.

The second US related effort is Victoria Espinel’s (the IP Czarina) request for comments on IP enforcement to aid her in preparation of a “Joint Strategic Plan” to the President and Congress as required by the 2008 ProIP Act. The Plan is to make recommendations to coordinate the various Federal Government IP efforts. Her request for public comments was quite expansive.

Beyond asking for specific recommendations to improve enforcement, she asked for recommendations for new legislation and/or regulations. She received some 1,700 comments. A number of those comments discuss filtering and graduated responses. In the main (and I have not read all 1,700 comments), they seem to urge the Czarina to “jaw-bone” the ISPs and content owners into agreements to implement one or both of these measures. Her report should be out by the time you read this, so it is hazardous to predict what will happen; nevertheless, I believe she will follow those recommendations and work to bring both sides together to agree on some sort of anti-online infringement measures. She will likely not recommend government-mandated full blown filtering or graduated response.

Finally, recently a US Federal District trial judge found that Lime Wire – a P2P software company – was secondarily liable for copyright infringement under the Grokster legal standard; i.e., that Lime Wire, by distributing and maintaining the Lime Wire software, intentionally encouraged direct copyright infringement by Lime Wire users. She issued an injunction halting Lime Wire’s operations. In addition to other factors, the judge took Lime Wire to task for failing to implement any meaningful “technological barriers and design choices that are available to diminish infringement through file-sharing programs, such as hash-based filtering, acoustic fingerprinting, filtering based on other digital metadata….”

Judge Wood, however, found that Lime Wire had induced infringement by its users in a variety of ways. Accordingly, its not clear if filtering would have saved Lime Wire from liability unless the filter worked to exclude all infringing material. Lime Wire just announced that it will attempt to get back in business by extensive filtering.

Filtering outside the US

While the US requires filtering only in narrow contexts, filtering technologies have found much wider acceptance among governments abroad. It is well-known that governments in countries such as China, North Korea, and Cuba use filters to enforce cultural and political orthodoxy by suppressing the influence of foreign media and censoring dissident domestic speech.

According to the filtering watchdog group the Open Net Initiative, for example, China has “one of the largest and most sophisticated filtering systems in the world.” China is able to control the Internet usage of its enormous population by using a complex system of regulation, licensing, and ISP liability, touching every point of Internet access and transmission. Indeed, the situation became so intolerable for Google it pulled its search engine out of the market.

In marked contrast to the DMCA safe harbor and similar provisions in the EU’s Electronic Commerce Directive, Chinese ISPs hosting user-posted content are directly liable for any illicit content on their servers. ISPs and Internet Cafes are required to install filtering tools and to keep detailed logs of the activities of their users.


Not without controversy, Australia implemented an Internet filtering trial last year. Some nine ISPs participated (although the largest, iiNet pulled out early on) in a system where they filtered out websites contained in a government blacklist. It was deemed a “success,” even though only 15 customers participated at one reporting ISP and a couple of others at another ISP. There was no public comment from the other ISPs. Mostly the banned sites contained child pornography.

Despite serious doubts about the expense and efficacy of the filtering (including concern the filter would be expanded to exclude other material), the Australian government recently announced it would introduce legislation to require all ISPs to block objectionable overseas hosted websites on the government’s list. (The list includes “child sexual abuse imagery, bestiality, sexual violence, detailed instruction in crime, violence or drug use and/or material that advocates the doing of a terrorist act.”)

Although there has been much talk by the content industry in speeches about filtering to block infringing content, so far it has not gained traction as a government imposed ISP requirement. Google’s YouTube, however, voluntarily uses filtering. It finds content the copyright holders have identified as infringing. Google notifies the copyright holder. The copyright holder has the choice of having Google remove the offending content, or sharing in the advertising revenue generated by that YouTube page. Google claims that the vast majority of copyright holders choose to share in the revenue.


French President Nicolas Sarkozy’s majority party was able to pass a draft Internet filtering bill in the Assemblée Nationale called LOPPSI. Similar to efforts in Australia, draft article 4 would permit the Minister of the Interior to filter child pornography websites. While the subject of intense debate in the lower house, the government’s majority carried the day. At this writing, the Senate has yet to vote on the measure. One of the Opposition’s criticism, i.e., that the measure would be expanded to cover other Internet traffic, was supported by President Sarkozy’s January speech to the French music and publishing industries where he called for experiments with filtering to combat Internet infringement.


Finally, while the German government (as noted below) is firmly opposed to graduated response, the Merkel government approved a new law that would require most of the country’s ISPs to block child pornography websites.

Graduated response


Although one of its nicknames derives from American baseball, “réponse graduée” is a more appropriate name for a proposal whose most vocal and successful advocates are in France. The official name of the French proposal is “Création et Internet.” The law is also known as “HADOPI” or “HADOPI2” (the first was rejected by the French Constitutional Council) after the acronym for a new bureaucracy in charge of enforcing copyright online.

The law empowers HADOPI to process complaints of copyright infringement, send warnings to accused infringers (first by email, then by post), and if accused three times, to bring them before a “traffic court” to fine them and/or prevent the user from accessing the Internet for up to one year. The measure passed handily in the French Parliament last year and become law when the French Constitutional Council approved it.

HADOPI, which spent the winter and spring getting organised, is expected to begin sending out notices to Internet users accused of illegally copying music, movies, or other media. The alleged infringer gets two notices. If accused the third time, the user faces fines and a year suspension of their Internet account.

To satisfy the Constitutional Counsel, the law provides what is described as a “traffic court” judge to quickly assess the fine and/or suspension. Two interesting side notes; first, HADOPI hadn’t even gotten off the ground when it was accused of intellectual property infringement – it used the “Bonjour” typeface that belongs to France Telecom without permission. Second, a very preliminary study of users in one province showed a shift away from traceable bit torrent downloading to other more difficult to trace methods of accessing copyrighted media (e.g., MP3 search engines, streaming media, overseas MP3 sites, newsgroups, anonymous VPN, etc.).

United Kingdom

In April, the UK’s Digital Economy Act 2010 (DEA) became law. Under the DEA, ISPs must “notify their subscribers if the internet protocol (‘IP’) addresses associated with them are reported by Copyright Owners as being used to infringe copyright” and “keep track of the number of reports about each subscriber, and compile, on an anonymous basis, a list of those (‘relevant subscribers’) who are reported on above a threshold to be set in the initial obligations code.” After obtaining a court order to obtain personal details, Copyright Owners will be able to take action against those included on the list.

The law delegated to the Office of Communications (Ofcom) the administration of the law and Ofcom issued proposed Initial Obligations Code at the end of May. Under the draft, after receipt of the third notification, subscribers may be included in a “copyright infringement list” requested by a copyright owner, which has made at least one report against the subscriber. Small and medium-sized ISPs will not be included (i.e., less than 400,000 subscribers) as well as mobile operators. Finally, the draft code includes a subscriber appeal mechanism as well as cost sharing, which could include a fee for copyright owners.


The German approach to graduated response is one word: “nein.” The basic problem with graduated response is that German lawmakers and the Government (recently reaffirmed by Angela Merkel’s administration) believe such a measure would be in conflict with German’s privacy laws.

European Parliament

Controversy over anti-infringement efforts continues to boil in the European Parliament. Fueled by the ACTA debate, in a lop-sided 663-to-13 vote, Parliament called for greater transparency in the ACTA negotiations and prohibited the EU from engaging in secret talks with the other ACTA countries. Embedded in the resolution was the following text: Considers that in order to respect fundamental rights such as freedom of expression and the right to privacy, with full respect for subsidiarity, the proposed Agreement must refrain from imposing any so called "three strikes" procedures.

As this article is being written, Parliament’s Legislative Affairs Committee, by a 13-to-8 vote, passed out a report that, according to Socialist critics, would give the government a mandate to introduce three strikes against Internet users. The author of the report, Marielle Gallo from Spain, denies the report stating that she favors the approach working its way through the Spanish national parliament. The Spanish proposal would only shut down websites found by a judge to be providing illegal downloads to users. The report, however, highlighted a controversial point – can “losses” to Internet infringement be quantified.

South Korea

Korea was the first country to impose a graduated response permitting suspension of Internet access. The rule came into effect 12 July 2009. As of mid-March, there is not one case where the rule has been applied. Many are surprised, given the government’s panicked statements about the claimed loss to content owners of two trillion KRW (€1.35 billion). Repeat offenders Internet access would be suspended for a period shorter than six months and an offending website would be suspended for the same period. However, it does appear that warning notices are effective.

According to statistics compiled by the nation’s Copyright Commission, while tens of thousands of warning notices were sent to users and websites in 2009, and through 31 January 2010, no suspensions were required. Some in Korea have argued that the rule calling for suspension is unnecessary.


We reported last year that Taiwan had passed a strong ‘three strikes’ law. To date, however, there have not been any press reports of actual Internet service suspensions.

New Zealand

As we noted last year, New Zealand went back to the drawing board to rework its ‘three strikes’ implementation. In the re-worked proposal, a rights holder would send a notice that it had detected online copyright infringement to the ISP. The ISP would forward that notice to the alleged offender. If the rights holder believes the infringement has continued, it may forward a “cease and desist” notice through the ISP. If the infringement still continues, the rights holder may go to the newly-established Copyright Tribunal and ask for the offending user’s identity.

The user could then ask for mediation or the Tribunal could impose a fine of up to NZ$15,000 (€8,278) or terminate Internet access. The “kinder, gentler” bill passed its first reading unanimously late this April. The bill was referred to the Commerce Select Committee and a report is expected within 6 months.


In the proceeding year, the filtering and graduated response debate continued unabated. Those proposing filtering for morally offensive material seem to be making some limited headway; but not for filtering out infringing material. Little progress appears to have been made in implementing a pure ‘three strikes’ regime. In the three countries reported above, France’s HADOPI has yet to send out any notices, Korea appears to have been pretty effective in sending out notices without using the suspension power, and we have no reports from Taiwan. Finally, both in the US and in Europe, the US government and the European Parliament have raised the intriguing question of what, if any, are the real losses due to Internet infringement.

Download Table: Filtering/Graduated Response Laws worldwide (pdf 88k)

JIM BURGER, a partner at Dow Lohnes, represents technology companies on IP, communications, and government policy. He was a Senior Director in Apple's Law Department. Jim received his Law (cum laude) degree from NYU Law School, and was editor of the NYU Law Journal. Contact:

Story filed 26.09.10

Bookmark and Share

Article Comments

comments powered by Disqus