General Legal Points
1. The United States has charged Kim Dotcom and the rest of the Megaupload defendants with criminal copyright infringement for the acts of cloud storage users, a form of secondary copyright infringement, but no criminal statute for secondary copyright infringement exists under US law. The attempt by prosecutors to expand criminal liability to secondary copyright infringement goes against established precedent in case law and repeated positions taken by the US Congress.
The fundamental legal problem with this aspect of the government’s case is that only Congress can create new criminal liability; judges cannot. Previous instances in which courts have imposed “civil liability for secondary copyright infringement” do not apply in criminal proceedings. Courts and judges cannot create a new criminal liability, only Congress can by enacting legislation. Federal crimes must be expressly authorised by statute; the courts have no power to impose or create a basis for criminal liability beyond what’s authorised by statute.
2. Cloud storage services such as Megaupload are a dual use technology capable of substantial non-infringing uses and therefore protected under the Sony doctrine. Any kind of online service, including cloud storage services, are susceptible to misuse by some customers. Megaupload instituted several measures to comply with global “safe-harbor” provisions such as those under the Digital Millennium Copyright Act (DMCA). Megaupload cooperated with copyright owners by following the “notice and takedown” procedures described in the DMCA millions of times.
The recent federal court decision in Viacom v YouTube upholds the safe-harbour provisions of the DMCA, declaring unequivocally that generalized knowledge of copyright infringement does not deprive a service provider of those protections. The court noted that service providers serve a useful function. Given the volume of content being uploaded/downloaded on a site like YouTube “no service provider could possibly be aware of the contents of each such video.” Congress put the burden on the copyright owner to notify the service provider of infringements, in writing and with specified contents. The court concluded that the burden could not be shifted back to YouTube to disprove its knowledge. The Viacom court also emphasized that YouTube was not required to affirmatively seek out or locate any infringing material; it had no duty to do so.
Megaupload went above and beyond what it was legally required to do under the DMCA’s safe-harbour provisions. It negotiated with numerous major copyright holders or their agents, including the Recording Industry Association of America, Disney, Warner Brothers, NBC and Microsoft, to allow them access to remove directly an active link to material they believed infringed their copyrights. This direct access enabled such parties to protect their copyrights in a fast and automated fashion and resulted in more than 15 million take-downs.
3. Criminal copyright infringement requires willful infringement – a very rigorous level of criminal intent – and it is one of the rare criminal claims where both ignorance of the law and a defendant’s mistaken belief that he is compliant with the law are complete defenses. Megaupload immediately responded to copyright take-down notices from copyright holders on millions of occasions. The company’s subjective belief that it was operating within the law (even if it turns out to have somehow been wrong in that regard) should by itself be enough to negate the criminal willfulness requirement, especially considering the novel nature of the prosecution’s legal theory.