Cryptome's Publication of Microsoft's Compliance Manual is a Fair Use
Yesterday, Microsoft used a Digital Millennium Copyright Act (DMCA) takedown notice to demand that a copy of the "Microsoft® Online Services Global Criminal Compliance Handbook" (the Compliance Manual) be removed from Cryptome, a security website. As a result, Network Solutions felt obliged to takedown the entire Cryptome.org domain, a repository for thousands of important and controversial documents.
As is often the case, the ensuing uproar simply called more attention to the document in question. Yesterday evening, Microsoft wrote to Network Solutions and withdrew its takedown demand, while insisting that its copyright concern was nevertheless legitimate.
We appreciate that Microsoft acted quickly to correct its error, but are still disappointed that Microsoft nonetheless insists that, in the words of Evan Cox, outside counsel for Microsoft, "Microsoft has a good faith belief that the distribution of the file that was made available at that address infringes Microsoft's copyrights."
To the contrary, as we explain below, Cryptome's publication of the Compliance Manual is a clear fair use under the Copyright Act.
To determine whether a use of a work is fair, courts engage in a case-by-case analysis, starting with the four factors set out in the Act: the purpose and character of the use; the nature of the work; the amount and substantiality of the work; and the harm to the market for the work.
On the first factor, Cryptome used the manual for a noncommercial, transformative purpose—to educate the public on how the government and Microsoft work together and to illustrate how much information is available about internet users. Cryptome did not stand to profit, and was not seeking to exploit the work for money.
Cryptome's use is also transformative because it does not merely supersede original, but instead "adds something new." Cryptome took a work designed to inform law enforcement how to work effectively with Microsoft, and, by putting it in a new context, formed the basis for newsworthy criticism of Microsoft and its compliance practices.
The "nature of the work," factor also favors fair use: factual works like the Compliance Manual receive only thin protection under copyright law, especially where the material has been published.
The extent of permissible fair use copying varies with the purpose and character of the use, and, as the Ninth Circuit has held, "[i]f the secondary user only copies as much as is necessary for his or her intended use, then this factor will not weigh against him or her." While Cryptome copied the whole work, the whole work was necessary for the public to understand Microsoft's policies for allowing the government to obtain personal information about them.
The market harm factor balances the benefit the public will derive if the use is permitted and the financial gain the copyright owner will receive if the use is denied. Here, the public, many of whom have personal information stored by Microsoft, benefits by being informed of Microsoft's compliance practices. And, since Microsoft does not sell or license the manual, posting it on Cryptome didn't cost Microsoft a penny. As explained by the Supreme Court, a "use that has no demonstrable effect upon the potential market for, or the value of, the copyrighted work need not be prohibited in order to protect the author's incentive to create." This factor favors fair use as well.
The four factors are balanced in light of the purposes of copyright. And here, Microsoft does not need any copyright incentive to create the manual—it has plenty of business incentives to create a guide that will reduce the costs of its interactions with law enforcement. At the same time, Cryptome's publication serves the welfare of the public by allowing the public to know how their information may be involuntarily disclosed to the government.
Evaluating all the factors together, a court should find that Cryptome's publication of the Compliance Manual is a fair use.
Recent DeepLinks Posts
Oct 2, 2015
Oct 2, 2015
Oct 2, 2015
Oct 2, 2015
Oct 1, 2015
- Fair Use and Intellectual Property: Defending the Balance
- Free Speech
- Know Your Rights
- Trade Agreements and Digital Rights
- State-Sponsored Malware
- Abortion Reporting
- Analog Hole
- Anti-Counterfeiting Trade Agreement
- Bloggers' Rights
- Broadcast Flag
- Broadcasting Treaty
- Cell Tracking
- Coders' Rights Project
- Computer Fraud And Abuse Act Reform
- Content Blocking
- Copyright Trolls
- Council of Europe
- Cyber Security Legislation
- Defend Your Right to Repair!
- Development Agenda
- Digital Books
- Digital Radio
- Digital Video
- DMCA Rulemaking
- Do Not Track
- E-Voting Rights
- EFF Europe
- Encrypting the Web
- Export Controls
- FAQs for Lodsys Targets
- File Sharing
- Fixing Copyright? The 2013-2015 Copyright Review Process
- Genetic Information Privacy
- Hollywood v. DVD
- How Patents Hinder Innovation (Graphic)
- International Privacy Standards
- Internet Governance Forum
- Law Enforcement Access
- Legislative Solutions for Patent Reform
- Locational Privacy
- Mandatory Data Retention
- Mandatory National IDs and Biometric Databases
- Mass Surveillance Technologies
- Medical Privacy
- National Security and Medical Information
- National Security Letters
- Net Neutrality
- No Downtime for Free Speech
- NSA Spying
- Offline : Imprisoned Bloggers and Technologists
- Online Behavioral Tracking
- Open Access
- Open Wireless
- Patent Busting Project
- Patent Trolls
- PATRIOT Act
- Pen Trap
- Policy Analysis
- Public Health Reporting and Hospital Discharge Data
- Reading Accessibility
- Real ID
- Search Engines
- Search Incident to Arrest
- Section 230 of the Communications Decency Act
- Social Networks
- SOPA/PIPA: Internet Blacklist Legislation
- Student and Community Organizing
- Stupid Patent of the Month
- Surveillance and Human Rights
- Surveillance Drones
- Terms Of (Ab)Use
- Test Your ISP
- The "Six Strikes" Copyright Surveillance Machine
- The Global Network Initiative
- The Law and Medical Privacy
- TPP's Copyright Trap
- Trans-Pacific Partnership Agreement
- Travel Screening
- Trusted Computing
- Video Games