Copyright Alert System

Copyright Alert System (CAS) was a voluntary industry effort to educate and penalize internet users who engage in the unauthorized and unlawful distribution of copyrighted works via peer-to-peer file sharing services. The program was operated by the Center for Copyright Information, a consortium consisting of the Recording Industry Association of America (RIAA), the Motion Picture Association of America (MPAA), and the internet service providers AT&T, Cablevision, Comcast, Time Warner Cable, and Verizon.

The CAS used a graduated response system (also known as the "six strikes program"), in which participating ISPs would send warnings notifying subscribers of alleged copyright infringement, as reported by a monitoring service working on behalf of participating copyright owners. The system specified a six-step progression, from advice messages, to warnings that must be acknowledged by the user. After a fifth warning, ISPs were allowed to implement "mitigation measures", which could include penalties such as bandwidth throttling or preventing web access until customers "discuss the matter" with their ISP.

The CAS framework was established on July 7, 2011, after three years in the making. After multiple delays, ISPs began implementing it in late February 2013.

Due to the program not substantially decreasing piracy, the CAS discontinued the program on January 30, 2017.

Overview
The Center for Copyright Information employed the services of MarkMonitor (often doing business as DtecNet) to detect and monitor suspected copyright infringement activity. Although MarkMonitor monitored many infringement venues, in early 2013 the Electronic Frontier Foundation (EFF) said it appeared that for purposes of the CAS, the company will only monitor peer-to-peer traffic from public BitTorrent trackers. The Copyright Alert System does not use deep packet inspection.

A review of MarkMonitor's system for the CAS stated that only uploads were monitored, with infringement being suspected when MarkMonitor's BitTorrent client successfully obtains pieces of known-infringing content from a peer in the swarm. The pieces were compared to pieces from an already-downloaded copy of the content, which had already been matched to content samples supplied by the copyright owners.

When suspected infringement was detected, the ISP for the IP address associated with the suspicious activity was notified. The ISP, in turn, notified the subscriber to whom the IP address was assigned at the time of the alleged infringement, informing the subscriber that their account was suspected of being used to infringe copyright, and warning of potential consequences. Users who continue to receive warnings could be issued up to six alerts in the form of pop-up messages and e-mails before stronger measures were taken by the ISP.

Intent
The Copyright Alert System was intended to be a consumer-focused process for identifying and notifying residential wired Internet access service customers of the participating ISPs (other than dial-up subscribers) who receive multiple notifications of allegations of online infringement made via P2P networks and applications, in an effort to educate consumers, deter online infringement, and direct consumers to lawful online legitimate sources of content online.

The Center for Copyright Information believed that the Copyright Alert System would be effective in reducing both intentional and unintentional copyright infringement. By providing willing infringers with information regarding the serious consequences of copyright infringement, the CCI hoped to steer would-be infringers to legal online content providers. The CCI hoped that unwitting infringers, such as those whose home networks have been hijacked by unauthorized users or the parents of children who are infringing, would use the knowledge that their account is being used for copyright infringement to force users of the account to curtail these activities. The CCI also hoped to increase parents' involvement in what their children are doing online by alerting misconduct and abuse of their accounts.

The EFF claimed the materials used to "educate consumers" were "more like propaganda", and that the framework violated the principle of presumption of innocence.

Alerts
The system of alerts was as follows:


 * The first and second alerts notified ISP subscribers that their Internet account has allegedly been used for copyright infringement, provided an explanation of how to avoid future offenses, and directed users to lawful content sites.
 * If the suspicious behavior persisted, additional alerts were sent. These alerts ask the subscriber to acknowledge receipt of the messages by clicking a notice.
 * After a fifth alert, ISPs were allowed to take "mitigation measures" to prevent future infringement.
 * If the ISP did not institute a mitigation measure following the fifth alert, it had to enact one after the sixth alert.

Mitigation measures included: "temporary reductions of Internet speeds, redirection to a landing page until the subscriber contacts the ISP to discuss the matter or reviews and responds to some educational information about copyright, or other measures (as specified in published policies) that the ISP may deem necessary to help resolve the matter". Mitigation measures varied by company. Verizon was the first to reveal their mitigation policy. Their policy specified that violators with more than three alerts would be directed to an online copyright law information. Upon a fifth or sixth alert, the user would experience a temporary speed reduction down to 256 kbit/s (approximately the speed of dial-up internet access). According to a leaked internal document, AT&T decided that after a 6th alert, a user's "access to many of the most frequently visited websites [would be] restricted" until they completed an "online educational tutorial on copyright". However, AT&T later explained that it would not cut the user off the internet even though such measure appeared in the copyright warning letter. It gave a reason that the six strikes warnings are only allegations; therefore, if the alleged user was still suspected of illegal downloading after completion of the "online educational tutorial on copyright" and the six strikes warnings, unless the copyright owner took legal action; nothing would happen. Time Warner Cable stated that it would not discontinue customers' service, but instead redirect users to educational pages on copyright law upon multiple violations.

The CCI said that at no point in the process would the ISPs reveal customer information to the CCI, the monitoring service, or the copyright owners.

The EFF said that because the system "will not identify those who take steps to anonymize their Internet traffic using a VPN or Tor" it would not stop dedicated infringers.

The EFF also argued that the mitigation measures to be undertaken by ISPs in response to alleged copyright infringement were overly harsh, as they could be used to deny consumers access to the Internet, which EFF maintained is as fundamental a right in the digital era as access to other utilities such as electricity. Annemarie Bridy wrote that although temporary suspension was a possible mitigation measure, market pressure would discourage ISPs from using it, instead relying on more educational measures. Mueller, Kuehn, and Santoso attributed the ISPs' adoption of the Copyright Alert System to its voluntary nature and the fact the ISPs were not required to terminate accounts under the Copyright Alert System.

Appeal process
The CAS process did not allow alerts to be challenged until a mitigation measure was about to be imposed. At that time, the subscriber could request, through a special link provided by their ISP, a special arbitration proceeding. The proceeding would be administered by the American Arbitration Association (AAA), and the arbitrator would be selected by the AAA. The process was "automated to the maximum extent practicable", with the intent of resolving the dispute within thirty days of filing.

The appeal had to be requested within 14 days of the alert triggering the mitigation measure. The subscriber had to pay a $35 filing fee, unless the fee was waived by the AAA. According to CCI Executive Director Jill Lesser, the $35 fee "defray[ed] a small part of the cost of the appeal and [was] intended to discourage frivolous appeals". In order to prevail, the subscriber had to successfully challenge a specified number of alerts (possibly more than one) to block the mitigation measure and receive a refund of the filing fee.

Subscribers could only challenge alerts on one or more of the following pre-defined grounds:
 * Misidentification of Account – The subscriber's account was incorrectly identified as a source of copyright infringement.
 * Unauthorized Use of Account – The alleged infringement was the result of unauthorized, unpreventable use of the subscriber's account by others, without the subscriber's knowledge.
 * Authorization – The subscriber's use of the work identified in the alert was specifically authorized in writing by the work's copyright owner or someone with a license to reproduce the work.
 * Fair Use – The subscriber's use of the work identified in the alert meets the U.S. legal definition of fair use.
 * Misidentification of File – The file "did not consist primarily of the alleged copyrighted work at issue but rather contained other non-infringing material".
 * Work Published Before 1923 – The work identified in the alert was published prior to 1923 and therefore is in the public domain in the United States.

In an appeal, the burden of proof was on the subscriber to demonstrate the elements of one of the above grounds for challenging an alert.

The choice of defenses allowed in an appeal was criticized. The defense of unauthorized use of account was not allowed if the user was a member of the subscriber's household or an invitee, and after the first assertion of this defense, the subscriber had to demonstrate by "clear and convincing evidence" that the subscriber "took reasonable steps to secure the account following the first occurrence of unauthorized use". Bridy wrote that this creates an obligation for subscribers to secure their Internet connection even when they had no legal or contractual obligation to do so. In an Ars Technica article, Cyrus Farivar said that the responsibility placed on the subscriber by the CAS for copyright infringement that occurred using the subscriber's connection would harm the availability of open Wi-Fi that small businesses make available to their customers. In a CCI blog post, Jill Lesser responded that many businesses with open Wi-Fi had business accounts, which were not subject to the CAS. Lesser also said that businesses offering open Wi-Fi through residential accounts would be subject to the CAS, but those accounts, like others subject to the CAS, would not be subject to termination. The defense of publication before 1923 was the only allowable challenge to the copyright status of a work, even though a work may have been out of copyright protection for other reasons. LaFrance criticized the presence of the "work published before 1923" defense but not other factual challenges to the copyright status of the work that she said could just as easily be resolved through the appeal process.

The subscriber's personal information was not shared with the copyright holder in the appeal process unless the subscriber asserted the defense of authorization and the arbitrator deemed disclosure necessary for the copyright holder to respond to the defense. Bridy favorably compared the privacy of an appeal proceeding to the previous system of "mass John Doe litigation". The appeals process involved no hearings and no discovery, although the arbitrator could demand additional information from either party.

The CCI said that subscribers may also challenge alerts or mitigation measures in court; Bridy presumed that such a challenge could be made in the form of a request for declaratory judgment that the subscriber did not infringe. Mary LaFrance wrote that the system prevented any party from introducing a decision from the appeal process into any judicial proceeding. According to the CCI, the failure of a subscriber to appeal a copyright alert under the Copyright Alert System "will not be construed as an admission or waiver in any other proceeding".

Bridy wrote that the copyright law applied in independent reviews would be determined by an expert commissioned by the American Arbitration Association and approved by CCI, who was required to hear "prevailing legal principles" of copyright law as viewed by copyright owners. Bridy suggested that the legal standards in an independent review would call into question the fairness of the independent review proceeding, citing what she said were inaccurate statements from the RIAA on copyright. Bridy also said that the lack of written decisions in the independent review process would make it difficult to determine what the rules are for independent review or whether they are being followed.

The EFF said that the mitigation measures could be imposed without any due process, placing the burden of proof on consumers to show that allegations of copyright infringement are unfounded. The organization recommended that, in the absence of copyright infringement detection systems which have been demonstrated to be entirely accurate, the burden of proof be placed on the content providers to show copyright infringement prior to the mitigation measures. Bridy wrote that IP address collection and content identification methods should be held to a much higher standard (including review by an independent expert with no contractual obligations to the CCI nor non-disclosure obligations), especially since an alert itself could trigger a sanction.

The EFF argued that the procedure for objecting to an alert was unfairly burdensome to the consumer and biased towards the media companies. Bridy said that because the Copyright Alert System arose from a mass consumer contract, the potential for the repeat-player effect to jeopardize the neutrality of the arbitrators was present. However, Bridy wrote that the independent review process was optional, and users were free to go to court to remove alerts or challenge mitigation measures, unlike in other consumer contracts where arbitration was mandatory. Although Bridy said that few subscribers would go to court owing to the possibility of a large damages award, this alternative allowed for full due process safeguards.

According to a May 2014 report by the Center for Copyright Information, from the implementation of the Copyright Alert System through the end of 2013, there were 265 appeals, representing 0.27% of the alerts triggering a mitigation measure for which the appeal process was available. Of the appeals, 47 (17.7%) were successful, the "vast majority" of which involved the "unauthorized use of account" defense. In none of the appeals was it determined that an account or copyrighted work was misidentified.

History
The Copyright Alert System framework was devised by the following companies and organizations:


 * MPAA members Walt Disney Studios Motion Pictures, Paramount Pictures, Sony Pictures Entertainment, Twentieth Century Fox Film Corporation, Universal Studios, and Warner Brothers Entertainment.
 * IFTA
 * RIAA members Universal Music Group, Warner Music Group, Sony Music Entertainment, and EMI Music.
 * A2IM
 * The ISPs AT&T, Cablevision, Comcast, Time Warner Cable, and Verizon.

New York Governor Andrew Cuomo is credited with helping the parties negotiate and create the Copyright Alert System. In April 2013, IFPI CEO Frances Moore indicated that the role of the United States government was greater than previously acknowledged in bringing content owners and ISPs together to fight copyright infringement. Specifically she claimed Vice President Joe Biden and "Copyright Czar" Victoria Espinel, were critical players in "pushing the parties to come to some type of agreement".

The negotiating parties completed a memorandum of understanding in July 2011 and amended it in August 2011 and October 2012. The agreement establishes the framework for the Copyright Alert System, establishing the roles and expectations of the ISPs, the copyright owners, and the monitoring services.

The Copyright Alert System launched in late February 2013.

The EFF cited a number of problems with the memorandum of understanding. Firstly, the EFF criticized the lack of subscriber representation in the CCI, noting that the establishment of the CCI involved only large media corporations and ISPs, but left out representatives of the subscribers who purchase these companies' products. Further, the CCI only allowed for a three-person advisory board from consumer interest groups, while the executive board is composed of six representatives from the media companies and ISPs, an arrangement which the EFF believed to be inadequate for consumer representation.

Technology review
The CCI contracted with Stroz Friedberg, a global digital risk management and investigations firm, to conduct an analysis of MarkMonitor's system for monitoring, verifying, and enforcing online copyright infringement on P2P file sharing networks. Stroz Friedberg assessed the efficacy of MarkMonitor's methodologies to monitor, identify, collect evidence, and generate notices to P2P infringers The contractor published the findings in a confidential report to the CCI in November 2012 (i.e., before the system launched), concluding that the methodologies were "well developed and robust", though not without room for improvement.

The publicly released version of the report contained a number of redactions of various details. Among the report's conclusions were the following claims:
 * "MarkMonitor's methodologies effectively identify P2P online copyright infringers".
 * "MarkMonitor's evidence collection in connection with P2P infringement is robust, defensible, and will withstand adverse party scrutiny or evidentiary challenges".
 * "The methodologies include appropriate checks and balances at key points in the workflow to ensure accuracy".

Although both the CCI and Stroz Friedberg claimed the review was independent, the CCI didn't release the Stroz Friedberg report until after media reports surfaced that Stroz Friedberg was an RIAA lobbying organization from 2004 to 2009. The firm's sole lobbyist for the RIAA (and, briefly, Universal Music Group) was Beryl A. Howell, the company's executive vice president, executive managing director, and general counsel. Howell was previously involved in crafting numerous pieces of legislation for the investigation and prosecution of computer crime and copyright infringement.

In response to the "questions" raised, the CCI issued a statement reaffirming confidence in Stroz Friedberg's propriety and announcing the public release of the report, but also conceding, we are, however, sensitive to any appearance that Stroz lacks independence, and so CCI has decided to have another expert review Stroz's initial evaluation of the content community's processes. We will be selecting the additional expert promptly and will make that information available.

The CCI also hired Stroz Friedberg to review the accuracy of the system by which ISPs match the IP addresses of suspected infringers to the ISPs' subscribers. The results of that review have not yet been publicly released.

In August 2013, the CCI announced it had hired Avi Rubin's high-tech litigation consulting firm Harbor Labs to conduct a follow-up review. In March 2014, Harbor Labs completed a limited review of MarkMonitor's system, concluding that the technical design was generally sound, but that the company needs to improve its safeguards against human error and internal malfeasance. The existence of the report was publicly disclosed when the CCI posted the report's executive summary eight months later. The report itself will not be released because it contains confidential information.

Reception and controversy
The White House supported the memorandum of understanding, calling it "a positive step and consistent with our strategy of encouraging voluntary efforts to strengthen online intellectual property enforcement and with our broader Internet policy principles, emphasizing privacy, free speech, competition and due process".

However, the CAS was criticized for a perceived lack of public input, perverse incentives between media corporations and ISPs, harsh mitigation measures, and reversal of burden of proof standards. The EFF made particularly detailed criticisms.

In March 2013, a Freedom of Information Act request related to the White House's role in the policy was denied by a Washington D.C. federal court. Chris Soghoian, a policy analyst at the American Civil Liberties Union (ACLU), submitted the request to obtain information about the interaction in creating the policy. It was denied in a summary judgement by Judge Royce C. Lamberth. Lamberth's judgement rests on an exemption for drafts and "...reducing the possibility of misleading the public by disclosing documents that suggest certain reasons for a future decision that do not ultimately bear upon that decision".

In 2012, the California ISP Sonic.net CEO told TorrentFreak that his ISP will not be participating in the Copyright Alert System, saying that ISPs are not equipped to police the actions of individuals, and that the MPAA and RIAA have not invited small, independent ISPs to participate. Similarly a representative of Cox Communications told TorrentFreak that they "have decided not to participate for internal reasons". Before the CAS' launch, concern existed that data collected for the CAS would be used for more than just the stated "educational" purposes. In the first draft of the CCI's memorandum of understanding, it was stated that upon that ISPs would be responsible for providing information collected under the CAS program to Content Owners "if it elects to initiate a legal action against the subscriber". The final agreed memorandum of understanding replaced the term "legal action" with "copyright infringement action". [footnote 12 – MOU Art 4 g iv.] Two months after the CAS's implementation, Verizon was subpoenaed to provide a third party plaintiff with information on its users which it recorded for CAS purposes. The plaintiff, Malibu Media argued that "DMCA notices and six strike alerts are relevant because these notices may prove a pattern of infringement and/or notice that infringement is occurring could be used to show a pattern of infringing behaviour". The Northern District Court of Texas agreed and compelled Verizon to give Malibu Media this information. With this information, Malibu Media was able to successfully litigate the first BitTorrent copyright infringement case in American legal history which concluded with a verdict.

Open wireless networks
Tech law professor Derek Bambauer of the University of Arizona, told Ars Technica that the Copyright Alert System "is fundamentally flawed". Bambauer says that injustice could result in the case where a user legally downloaded an entire work under the doctrine of fair use, but the CAS still treated the user as an infringer.

The EFF said that the CAS will hinder the Open Wireless Movement's goals. Jill Lesser, executive director of the Center for Copyright Information, said that the CAS will affect small businesses that use a residential connection for open Wi-Fi: "Depending on the type of Internet service they subscribe to, very small businesses like a home-office or a local real estate office may have an Internet connection that is similar from a network perspective to a residential connection... The practical result is that if an employee of the small business, or someone using an open Wi-Fi connection at the business, engages in infringing activity the primary account owner would receive alerts".

Effects since implementation
According to Jill Lesser, the executive director of the CCI, the CAS's first year was successful as the CAS is "intended to be education based". Lesser indicated that changes for 2014 might include expanding the program to more Internet service providers and also start including other forms of copyrighted media, such as software. In the first year of the CAS's existence, US traffic to The Pirate Bay increased by 31 percent. In June 2013 Warner Brothers Studios began sending warning to users whose internet service was provided by an entity other than one of the five ISP partners of the CCI. In August, Variety revealed that engineers at Comcast and NBC Universal were developing technology designed to recognize the illegal downloading of copyrighted material by its users and launch a pop-up window with links to legal access to such content. This was not a CCI-backed initiative, but rather was viewed as a potential supplement to the CAS as Comcast had begun approaching other content owners and ISPs to explore the concept with them. In the CAS's first year, Comcast, the nation's largest ISP, sent out 625,000 warnings to its users. Largely seen as another supplement to the CAS, in September 2013, AT&T applied for a patent for technology that would allow the company to "prevent bandwidth abuse" by tracking the content its users are sharing via BitTorrent and other P2P networks in order to charge its users for excessive bandwidth use.