Page 1

30 April 2008

WHAT’S HOT IN DIGITAL MEDIA LAW1

INTRODUCTION
Things used to be so simple. The law was securely locked up in expensive tomes sitting on the
shelves of its custodians, we the lawyers, encased in archaic language.
And then along came Tim Berners-Lee, the inventor of the World Wide Web, in the early 1990’s and
it all changed. His specifications for HTTP, HTML and URIs have democratised access to content and
empowered digital citizens and consumers. Ever since, the law has been chasing the long tail of
digital content.
From the moment we set foot on the Information Superhighway and entered the world of
multimedia – remember them? –the law, technology and business models have never been in sync.
They’re each in the grip of different forces and processes, moving at their own speed of change,
from warp to weary!
But the one constant in all of this is powerful, even systemic, change.
We see new actors – search engines, social network sites, online content providers and, of course,
the citizen consumer as content creator.
We have new technological tools, technical standards, and software applications which enable
digital content to be created, located, moved, and shared – legally or illegally - across broadband
networks.
At the same time, analogue media, especially the printed word, continue to co-exist with digital
media and are likely to do so for the foreseeable future.
So is the law fighting a losing battle in the midst of this upheaval? Is it losing its own case in Court
over its right and ability to regulate the world of online media?
As we stride (or, perhaps, stumble!) into this new environment, we can, I think, see four focal
points of change.
1. “What and how do you regulate?” In the traditional world of broadcast television and
spectrum scarcity, this was fairly clear. But what’s the right approach to regulating content
when we move to new online services that deliver a mix of programme-based and on-
demand services, mixing film and TV material along with blogs and literary content? And
what are the right kinds of regulatory tools to be used, ranging from prescriptive laws to
voluntary codes of conduct?
2. “Who carries the can?” What legal responsibilities should ISPs, social network sites and
users have for illegal and harmful content?
3. “Where should the boundary between the public and private domains be drawn?”
The private is the domain of intellectual property rights, especially copyright, data privacy
and notions of permissions and consents. The public is the domain of access, use and re-use
of all types of content and information. The challenge faced by regulators, and by all of us
as digital citizens, is to decide where the digitally-blurred boundaries should be set.

1
This is a transcript of a talk given by Laurence Kaye on 30 April 2008 at the Reform Club, London.

1
Page 2
30 April 2008

4. “Making the transition from analogue to digital”. Here, the fundamental issue is how
we move from a world of paper-based contracts, dusty files and rights holders we can’t
locate to one in which, at the click of a mouse, users can locate works, instantly see
permitted terms of use and obtain permissions.
I am going to describe what’s hot in each of these areas. But first, I want to provide a context by
giving a very brief overview of “digital media” and the digital media market.
“DIGITAL MEDIA”
You can take your pick of definitions of the phrase “digital media”. But I’m using it to mean two
things:
First, digital delivery channels – the Internet, mobile and digital television – to deliver content and
to provide a platform to sell physical products online.
Examples include:
o Online music services.
o Books sold through publishers’ websites as well as distributors such as Amazon.
o TV programmes delivered on-demand via ‘catch up’ services such as the BBC’s i-player
and Channel 4’s 4OD.
o The emerging market for Internet-distributed movies. For instance, Apple recently signed
deals with all Hollywood Studios for itunes rental, although not for digital purchase.
Second, I am using “digital media” to cover new, ‘born digital’ content and services which would
not have existed but for digital technology and the Web. For example:
o ‘3D’ Movies.
o Social Network/community sites such as Youtube, Myspace and Facebook.
o E-books and digital audio books which, with their searchability and other features in
digital form, are really different to their paper and analogue audio counterparts.
o New advertising-supported services such as interactive Internet TV services like
‘Babelgum’ which offers independent and new content, including professionally created
user content with ‘Web 2.0’ features such as tag searches and collaborative filtering.
In fact, this distinction between new distribution channels and new digital services is artificial.
Increasingly, new digital services act both as a channel to distribute what one might call traditional
content such as films and as a platform to deliver new services. For example, MySpace is in talks
with music labels for downloads; there are film clips available on YouTube and blogs like the
‘HuffingtonPost.com’ are morphing into online newspapers.
Over time, these distinctions will disappear and digital media will simply become “media”.
And let’s not forget that content moves just as easily from digital to analogue as the other way
round. Look at the current litigation in New York, in which JK Rowling is suing for copyright
infringement arising from the unauthorised publication of a book, The Harry Potter Lexicon, which
consists substantially of JK Rowling material first published on the Web.
STATE OF THE DIGITAL MEDIA MARKETS
How do the markets for digital media content look to our Regulator?
They’re in a febrile state; “living with uncertainty and ambiguity” you might say if looked at from a
psychological perspective. Markets characterised by change, experimentation and upheaval as well
as the prospect of significant growth. An independent study on the interactive content market in
the EU projects that revenues from online content will more than quadruple from €1.8b in 2005 to
€8.3b by 2010.2

2
Study on Interactive Content and Convergence; Implications for the Information Society”,
commissioned by InfoSoc and Media Directorate General, published 25 January 2007.

2
Page 3
30 April 2008

The biggest challenge facing the media industries today is, I think, commercial rather than legal.
It’s how to re-shape existing business models, and to develop new business and revenue models, in
the face of 3 major trends:-
1. Consumers’ reluctance to pay for Internet-distributed content. Currently, 99.9% of video
consumption over the Internet is advertising supported.
2. The shift in advertising revenues from traditional to digital media outlets.
3. The impact of the Internet on “traditional” distribution models. For example, the market’s desire
for on-demand movie services is putting the film industry’s traditional windows of exploitation –
theatrical release, DVD, Pay TV and sell-through – under increasing strain.
What’s more, the content industries are faced with massive losses through counterfeit DVDs and
large-scale piracy via P2P file sharing. Interestingly, as the TV industry moves to compete with
online videos, television now ranks in the US as the fastest growing category of internet piracy.3
So what our Regulator sees are nascent markets where he or she must tread warily! With that in
mind, let’s start to tread the Regulator’s path and examine the four focal points of change in the
world of digital media law. In doing so, I am concentrating and European and UK law:
1. WHAT AND HOW DO YOU REGULATE?
Ignoring complexity and detail, we can distil digital media law into the ‘laws of the content’ and the
‘laws of the networks’ which deliver that content.
The laws of the networks are the domain of ICANN and Internet Governance; of the EU’s
Telecoms Package governing the provision of electronic communications services; of ‘Net neutrality’
– the principle that providers cannot discriminate against competing applications or content so that
we have a ‘two speed’ Internet; and in the UK OFCOM’s rules governing the sale of radio spectrum
and other infrastructure issues.
I am going to focus on content regulation.
In the analogue world, the regulatory picture for content is pretty clear. But in the world of digital
media, it’s become a bit blurred as ‘television style’ regulation will start to apply to some kinds of
on-demand services. Let me explain.
In the analogue world, there are general laws, such as copyright and defamation, which apply
‘horizontally’ or ‘across the board’ to all media sectors and to all types of content, including films,
books, newspapers, television programmes, magazines and so on.
In addition, the world of analogue broadcasting has always had its own specific ‘vertical’ rules
governing the content of its services (for example, relating to production quotas; sponsorship and
advertising).
These vertical rules reflect the traditional role of broadcasting as a primary medium for the
dissemination of culture and information. At a European level, the main source of those rules is the
1985 ‘Television Without Frontiers’ Directive. In the UK, we find them the Communications Act and
its predecessors which introduced provisions such as quotas requiring 25% of BBC and ITV shows to
be made by independent production companies and, in 2003, gave independents rights to their
shows.
In the digital world, we still have the same ‘horizontal’ laws applying to all forms of content. They
are not industry-specific, applying equally to an e-book, a video clip on YouTube, an on-demand
music service and a message on Facebook just as they do to analogue content.
But the Audiovisual Media Services Directive (“AVMS”), which is due to be implemented by member
states by December 2009, has blurred the distinction which exists in the analogue world between
vertical, sector specific content regulation for broadcasting and horizontal rules for all forms of
media content, by creating two kinds of ‘audiovisual media service’:
• The first is “television broadcasting” which covers programmes based on a programme
schedule which are broadcast simultaneously to viewers; this covers all forms of ‘one to many’

3
According to ‘BigChampagne’ a consultancy that measures online file-sharing, as reported in the
FT on April 7.

3
Page 4
30 April 2008

television broadcasting, including ‘catch up’ broadcasts via services like BBC i-player and C4
On-Demand.
• The second is kind is an “on-demand audiovisual media service” where there is a
catalogue of programmes from which the viewer can choose to view whenever he or she
chooses. A web-based video on demand service would fall into this category, such as the
recently announced joint online video on-demand service for the BBC, ITV, and Channel 4 –
code named “Project Kangaroo” – which the broadcasters hope will be “a Freeview for the
Internet”.
So the result is that, albeit in a limited way, ‘television style’ regulation is finding its way into the
on-demand world. According to the AVMS, the intention is to bring ‘light touch’ regulation to on-
demand audiovisual services with rules governing the content of advertising, ‘windows of release’
for films and to prevent the availability of illegal content.
It’s important to stress that the AVMS only applies to ‘television-like’ services. That is, services that
compete for the same audiences as television broadcasts. There has to be a programme schedule
or guide which is under the editorial control of the service provider. So, online games, newspaper
sites with podcasts, gambling sites, e-book services are all excluded.
But with the increasing variety of on-demand services, and particularly the increasing
sophistication of EPGs (electronic programming guides), it seems reasonable to assume that
‘regulatory creep’ will occur. The notion of ‘regulation free’ cyberspace, if it was ever true (which it
wasn’t) is certainly dead and buried.
2. WHO CARRIES THE CAN?
The issue of how far – if at all – intermediaries such as ISPs and social network sites should have
responsibility for illegal content transmitted by users over their networks or hosted on web servers
or other hosting services, is not, in Internet-time, a new issue.
Indeed, it was at the heart of the E-Commerce and Copyright Directives when they were negotiated
during the mid to late 1990’s.
So why is it such a hot topic now? There are two reasons. First, it’s been put firmly at the top the
digital media law agenda because of pirated audio-visual goods and illegal downloads.
Second, the legal rules about intermediaries’ liabilities, certainly in Europe and the US, were
developed in the mid to late 1990’s in a pre Web 2.0 world, before social network sites and search
engines became ubiquitous. As a result, there is a lack of legal certainty about how these rules
apply to the likes of Facebook and YouTube.

So as legal fights continue, such as the ongoing litigation in the US between Viacom and YouTube,
the emerging theme, I believe, is that voluntary agreements reached by collaboration and
negotiation between all stakeholders underpinned, where necessary, with legal sanctions, is the
best way forward.
With that background in mind, I am going to look first at the position of ISPs and then at hosts.
Liability of ISPs
This is arguably hot topic numero uno. The issue is being driven by the music industry but there’s
no doubt that it is of equal significance to providers of on-demand services of all types of digital
content.
The position of the two main protagonists is clear. The BPI says that “Studies show that more than
six million ISP customers regularly use their broadband accounts to unlawfully download and
distribute music online.” As a result, the BPI wants UK ISPs to help cut down unlawful downloads by
operating a three step procedure which could ultimately result in them cutting off their offending
subscribers.
In response, Charles Dunstone, of TalkTalk says: “We give access to the internet, we do not control
it, nor do we control what are users do on it. I cannot foresee any circumstances in which we would
disconnect a customer’s account on the basis of a third party alleging a wrongdoing. The music
industry has failed to adapt and seeks to foist their problems on someone else”.

4
Page 5
30 April 2008

This is tough talk but he’s right to point out there is a vital link between the fight against illegal
downloads and the available of legitimate, commercially available online services. This link is also
one to which the Regulators’ pay a lot of attention. However, Mr Dunstone is likely to be proven
wrong about the future role of ISP’s on this issue.
Following the Gowers Review on Intellectual Property, the Government has given a commitment to
legislate by April 2009 if ISPs are unable to reach a voluntary agreement or code of practice with
industry.
So here are the key questions:-
1. Given the fact that ISPs enjoy a number of legal immunities, how can they be forced to play a
role? (The short answer is they can, because they are immune from damages, but not absolved
from all legal responsibilities).
2. If they can be forced to play a role, how active a role will that be? In particular, will they have to
use filtering technologies to detect infringing content? Can they be compelled to disclose
personal information about their subscribers?
Let’s take a closer look at ISP immunities.
Under the E-Commerce Directive and the implementing UK Regulations, service providers have
immunity from damages for all types of illegal content transmitted or ‘cached’ in their networks at
the initiation of their customers. This immunity covers all types of illegal content, from copyright
and defamation to obscenity and blasphemous material.
In the EU, this ‘across the board’ immunity for service providers is complemented by ‘mere
conduit’ and ‘caching’ exemptions in the Copyright Directive (and now in UK copyright law)
specifically for copyright materials carried or ‘cached’ on their networks.
In addition, the E-Commerce Directive reinforces these exemptions by providing that there is no
obligation on service providers to monitor the information they transmit or store, nor a general
obligation to actively seek facts or circumstances indicating illegal activity.
However, immunity from damages does not equate to exemption from all responsibilities. Both the
E-Commerce and Copyright Directives contain provisions which allow member states to introduce
legal rules to force ISPs to play a ‘middleman’ role in dealing with illegal content, although there is
debate about their precise scope.
These provisions could lead to legislative measures in member states allowing the Courts to
compel ISPs to terminate or prevent infringement or to require them to provide information to
competent public authorities of alleged illegal activities by their customers “with whom they have
storage arrangements.” This could include information such as IP addresses.
But this is a tricky and complex area of the law. As I try to navigate you through this complexity,
you may think like me that cross-industry voluntary codes have got to be the preferred route, with
the legal rules as ‘backstop’ measures.
Let me give you an example of that complexity. In March this year, the European Court of Justice
(ECJ) made a somewhat Delphic decision in Promusicae v. Telefonica. This arose out of an action
which the Spanish music collecting society brought against Telefonica in the Spanish Courts for an
order to force the ISP to disclose the names and physical addresses of its users who exchange
illegal copies of copyright works using KaZaA' P2P software.
The ECJ were asked to answer this question: does European law require member states to impose
an obligation on ISPs to disclose personal information about their users in the course of civil
proceedings Answer: "no".
But the ECJ's decision does leave the legislative door open for rights holders. The ECJ said that what
it had to do was balance the provisions in Community law that protected intellectual property rights
(IPRs) with those that protected personal privacy. So introducing legal measures that could, in
carefully prescribed circumstances, force the disclosure of user information is not precluded.
We have also had a few interesting Court cases which show that the ISPs’ mantra of “hear no evil,
see no evil’ is becoming increasingly unsustainable as the digital world evolves. The issue is
therefore this: how far will an ISP have to go in dealing with infringing material on its services in
order to preserve its immunities?

5
Page 6
30 April 2008

In a recent case in Belgium, (May 2007) SABAM, a collecting society in the music industry, sued the
ISP Scarlet (formerly Tiscali) for handling peer to peer traffic containing musical files which
breached copyright.
The Judge noted that there was no obligation on the ISP to monitor, the Court decided in favour of
SABAM. Nevertheless, he decided that to be able to take advantage of the immunity, the ISP in this
case had a duty to use filtering technology. He was influenced by one of the introductory
paragraphs in the E Commerce Directive that said that the absence of a duty to monitor "should
not preclude the development and effective operation of technical systems of protection and
identification and of technical surveillance instruments made possible by digital technology.” But
whether and to what extent the use of such technology should be mandated by law is a moot point.
Following that decision, four major record companies – EMI, Sony, Warner and Universal - are suing
Ireland’s largest ISP, Eirecom, demanding that it takes action to prevent users from illegally
downloading or sharing music.
As a result, it’s clear that the UK Government has a mandate to legislate if the ISP and music
industries cannot reach a voluntary agreement. Whilst the issue has been driven by the music
industry, it’s of equal concern to all sectors of the media industry as they build their online
businesses. It seems to me that it’s far better to negotiate a cross-industry deal than risk the heavy
hand of legislation.
Against this background, the BPI on behalf of the music industry is trying to negotiate a ’3 strikes
and you’re out’ procedure with UK ISP’s, through the Internet Service Providers Association (ISPA).
The BPI routinely gathers evidence about illegal downloads by logging on to sites which offer files
and downloads via peer to peer. Under the BPI’s proposals, instead of using the evidence to begin a
process of legal action against the individual customer, the BPI would send the evidence to their
ISP, who can identify that customer from the IP address and send them an advisory letter. That
way, it would avoid the issue of disclosure of personal information by the ISP.
Here is how the BPI describes the procedure it would like to see:
• If an ISP’s customer’s account is being used to file share music illegally, they would be informed
about what is happening and advised as to how they can avoid it happening again.
• If the advice is not followed, the customer does not act on the letter and the account continues
to be used unlawfully, the account is suspended pending a signed undertaking from the
customer to the ISP that the unlawful activity will cease.
• If, after the suspension and undertaking, the customer‘s account is used unlawfully a third time,
the contract is cancelled.
But ISPs are not happy with these proposals and these negotiations will be protracted and difficult.
For example, ISPA wants an indemnity for ISPs in the event that it transpires that an innocent
customer has his or her account wrongly terminated.
But in my view, however difficult to achieve, a voluntary agreement is preferable to surrendering to
the uncertainties of legislation.
In Europe, there are already initiatives underway to create more collaborative arrangements with
all the stakeholders in the digital media industries.
In France – home of author’s rights – there is already quite a far-reaching agreement in place. The
Memorandum of Understanding, otherwise known as the 'Accord Olivennes', is an agreement
sponsored by the French Government between the public authority, rights holders and service
providers, including ISPs and hosts. Interestingly, it imposes obligations on all participants and
makes a direct link between the development of legitimate business models for online delivery and
the fight against piracy.
There are several other features of the agreement which are interesting:-
• The procedure is more heavily Court-based than the proposed UK procedure. The warning
messages are sent out via the ISP in the name of the public authority, not the ISP’s. Court
authority is needed to suspend or terminate the account.

6
Page 7
30 April 2008

• ISPs and rightholders have agreed to work together to test filtering technologies and ISPs have
agreed to use them where technically and financially realistic.
• As regards hosting and content-sharing platforms, ISPs have agreed to cooperate in good faith
with rightholders regarding the potential use of fingerprinting and watermarking technologies.
That’s a sensible approach in my view. As compared with technologies used to identify content,
there are freedom of speech issues to be taken into account when deploying filtering technologies
which, for example, could have the effect of barring legal forms of communication.
Interestingly, as their part of the deal, Audiovisual, film and music rights holders undertake a
number of obligations. These cover technical issues and potentially far reaching changes to
existing ‘windows of exploitation’ to accelerate the availability of films online.
What about the liability of social networks and other hosts?
Hosts, including social network sites, also have immunity under the E-Commerce Directive from
damages claims for content posted by users to their platforms. Furthermore, there is no general
duty to monitor content.
But there are several problem areas in how the law works here. The E-Commerce Directive shows
its age when it refers almost quaintly to “information society service providers.” Article 14 says
that “Where an information society service is provided that consists of the storage of information
provided by a recipient of the service, Member states shall ensure that the service provider is not
liable for the information stored at the request of the service”, provided certain conditions are met.
Does Facebook, MySpace, YouTube sound to you like an information storage service? Think about
AOL’s recent $850m acquisition of Bebo to enable it to become, in the words of its CEO, “a social
medium powerhouse”. You can immediately see why many rightsholders say “no” or, at the very
least, “in some aspects “yes” and in others “no”.
Rightsholders point to sites like YouTube and argue, essentially, that they are not service providers
as envisaged by the E-Commerce Directive or DMCA but are, in essence, content providers and
therefore are either directly infringing copyright or inducing its users to infringe copyright.
But even if a service provider is covered by the exemption, their immunity disappears with
knowledge of the infringing activity, such as the posting of copyright infringing material.
The immunity therefore only applies on condition that:
• The provider does not have actual knowledge of illegal activity nor aware of any facts or
circumstances from it is apparent; or
• On obtaining knowledge or awareness “acts expeditiously to remove or disable access to
the information”.
So in its legal action against YouTube in 2007, another argument raised by Viacom was that
YouTube knew its users were posting copyright infringing material and did nothing to stop it.
The issues here are essentially practical ones. What constitutes “knowledge”, how quick does a
service provider have to be to be “expeditious”? There is no prescribed form of notice.
So the solutions here need to be developed on a cross-industry collaborative basis rather than
through the Courts.
Generally speaking, ‘notice and take down ‘procedures do seem to work. But there are
uncertainties, especially as regards user contributed content. For example in 2007, a French Court,
in Zadig Productions v Google, Inc had to decide whether a hosting site is liable for subsequent re-
postings of the same infringing content, having been notified about it and taken it down once.
The Court looked at what Google needed to do in order to 'act expeditiously' to remove infringing
content from Google Video, and so be able to rely on the exemption from liability for hosts. The
problem here was that although Google removed the infringing content, it was re-posted. The Court
rejected Google's argument that each post required another takedown notice. It took the view that,
having received the first notice of the infringement, Google was responsible for implementing
technical measures to block posting of the same content. This follows the same logic as the judge
applied in the case of SABAM v Scarlett to which I referred earlier.

7
Page 8
30 April 2008

The law, being the law, will continue to evolve. Cases will continue to test the boundaries between
ISP and social network immunities, filtering and information disclosure obligations and freedom of
speech.
But this takes time and is imperfect. As a result, the relationship between technology, business and
the law is never truly in sync. That is why self-regulation and voluntary codes, backed where
necessary with legal sanction, will increasingly be the regulatory instrument of choice.
3. WHERE SHOULD THE BOUNDARY BETWEEN THE PUBLIC DOMAIN AND THE PRIVATE
DOMAIN BE DRAWN?
I’m going to start with copyright.
The debate about copyright in the digital age, which started in ‘cyberspace’ in the early 1990’s, still
rages. Many advocates of the Web’s culture of collaboration, mixing and mashing argue that we’re
in a world of limitless and perfect digital copies produced at zero cost where copyright is overly
restrictive. One leading economist argues that the declining costs of production of original and
subsequent digital copies of works means that the optimal term of copyright protection is 15 years
(Professor Rufus Pollock at Cambridge University).
At the same time, public bodies such as libraries argue for wider and broader copyright exceptions
for the digital age. Ask them - “is digital different?” - and they will say “no” and so argue that all
the existing exceptions to copyright law should apply in the digital age. You can understand their
position given their ambitions in the digital age.
On the other hand, the creative industries – from individual photographers, authors and artists to
media corporations – argue that the raison d’être of their businesses is to produce and make all
kinds of content available for consumers but, without copyright, there is no incentive to invest in
the creation of works nor to protect that investment online when it’s ripped off. Content may be
free at the point of consumption, but, at least in the commercial sphere, it is never free.
So if you ask right holders if “digital is different”, they’ll say “yes, it is different”, pointing to the
fact that digital technology and broadband networks enable the distribution of limitless, perfect
copyright infringing digital copies of films, sound recordings, TV programmes and books.
The central challenge is to balance the public good with legitimate commercial interests.
Let me nail my colours to the mast right away. Of course, I declare an interest. I get paid by rights
holders. But rights holders are a diverse bunch from authors and agents to publishers, producers,
distributors, online service providers and ‘Web 2.0’ businesses. But I firmly believe – not least of all
for the benefit of UK plc – that copyright is and remains absolutely central to our economic and
cultural well being.
At the same time, the creative industries need to work even harder to deliver licensing solutions.
The answer to copyright’s critics lies in the marriage of technology and licensing solutions to
enable users to find what they want, get what they want, where and when they want it in return for
a fair reward.
But as we transition the digital world, the struggle over what you might call the ’balancing
mechanisms’ of copyright, which weigh exclusive rights against public access, goes on. Those
balancing mechanisms are (1) the length of the term of protection of copyright term, (2) the scope
of the exclusive rights it gives; (3) how those rights are managed and (4) exceptions which enable
works to be copied and used without permission. At the moment, regulatory attention is on
exceptions and rights management.
Following the Gowers Review of Intellectual Property last year, the Government published a
Consultation Paper with proposals to update exceptions to copyright law. The consultation process
closed in April and draft legislation is likely to follow later this year.
The issue of copyright exceptions sounds – and often is – very legalistic. But it goes to the very
heart of how copyright functions in the digital world, drawing a boundary between those things that
need permission and those which users are free to do.
Copyright exceptions have to pass the so called ‘3-step’ test which is found in the Berne Copyright
Convention. It states that:
1. Exceptions are to be applied ‘in certain, special cases’….

8
Page 9
30 April 2008

2. Which do not conflict with the normal exploitation of the work and
3. Do not unreasonably prejudice the legitimate interests of the right holder.
In particular, it means that:
• The use must be non-commercial such as copying for research and private study.
• In the case of certain exceptions, the rights holder must receive ‘fair compensation’. This can
be by a licence granted by the rights owner or by a collecting society. For example, the CLA
recently launched a series of new digital licences, starting with the licences for Business and for
Public Administration, which permit the copying and re-use of electronic and online publications
as well as limited central storage of extracts and articles.
• In continental Europe, ‘fair compensation’ is achieved through a share of the levies imposed on
copying equipment or recording media.
Here’s an example of how this ‘3 step test’ may apply to proposed extensions to existing copyright
exceptions in the UK. Under current copyright law (s.36 of the Copyright, Designs & Patents Act) a
teacher can photocopy passages from published literary, dramatic or musical works for classroom
purposes up to specified limits. Should the teacher be allowed to do the digital equivalent using an
electronic whiteboard in the classroom? The answer, of course, is “yes” and that is one of the
proposed extensions to existing copyright law which the Government is proposing.
But to keep within the ‘3 step test’, the expanded exception, like current law, would not apply if the
educational institution can get a licence from the publisher or a collecting society. In fact, licensing
solutions are available or will be developed, either directly from publishers as part of their online
service or through their collecting society.
So with this background in mind, I’m going to look briefly at some of the other Government’s
proposed changes to copyright exceptions which are on the table.
Format Shifting
The proposal here is to create a new exception that, in the Government’s words, would allow
consumers to make a copy of a work they legally own, so that they can make it accessible in
another format for playback on another device which they own. The copy could not be sold, loaned
or given away nor file shared.
Put that way, it sounds fine. To be respected, copyright law needs to be seen to take account of the
realities of the digital world. But the devil is truly in the detail. Should it apply to all categories of
works? Should copies of literary works and films be treated in the same way as musical recordings?
How many format shifts should be allowed? Should more than one copy be allowed to address the
technological process of transferring content? Should the exception apply just to copies made after
the law changes or, to allow format shifts of personal archives, should it apply to works copied after
the law changes?
There are other big questions as well. The European Union Copyright Directive allows an exception
for consumer private copying on condition that the right holder receives ‘fair compensation’.
Supporters of the format shifting exception say that as there’s no harm to rights holders from the
format shift, that could be “zero. But is that right?
The Music Business Group (MBG) is an umbrella group of trade bodies representing music
managers, songwriters, publishers and performers. In its response to UK-IPO’s Consultation, it
argued that "enormous value is derived from the transferability of music," it said in its submission.
"Last year alone, over 20 million MP3-capable portable devices were sold in the UK, and over 90%
of music on the average MP3 player is music that has been copied."
"UK creators and right holders are legally entitled to benefit from this value. At present, this value
is enjoyed by both consumers and technology companies while creators and right holders are
effectively excluded from any value. This constitutes market failure," it said.
So, they’re proposing a license for format shifting carrying a licence fee would be determined by
commercial negotiations between creators and right holders and manufacturers and distributors of
devices substantially used or marketed for making copies of music. So rather than a statutory levy,
it’s a licence-based solution.

9
Page 10
30 April 2008

So this is by no means a settled issue. But however it is resolved, it again illustrates the need to
provide licensing solutions for the digital age. In a nutshell, copyright exceptions are fine as long as
they don’t undermine legitimate commercial content services.
There are other proposed copyright exceptions:
• To extend the existing exception which allows educational establishments to record
broadcasts for educational, non-commercial purposes to allow them to record on-demand
communications in addition to traditional broadcasts. [The question here is why do we
need an exception if the educational institution can get it on-demand?]
• To allow libraries and archives to make copies of sound recordings, films and broadcasts for
preservation or replacement.
• To expand the current ‘fair dealing’ exception for copying for non-commercial research and
private study to cover all forms of content, including films and sound recordings, and not
just literary, artistic, dramatic and musical works. For example, it would allow researchers
to copy parts of archival film materials to consider how best to preserve the materials.
• Controversially, to create a new exception for parody.
So there’s going to be plenty of debate over the legislative detail to implement these changes.
Overall, there is one key theme which emerges: licensed use, not exceptions.
The greater the number and variety of licensed online services– whether it’s music, educational
content, films or otherwise – the less need their customers have to rely on applicable exceptions to
use that content. Instead of reliance on copyright exceptions, it’s the terms of service which
prevail.
But licences need to be ‘exceptions +’; they must ensure that they give the user the permission to
do the things they’re permitted to do under copyright exceptions along with all the other licensed
uses for which permission is needed. In short, we need to code exceptions into contracts.
Privacy and data protection
I now want to turn to another key boundary issue in the public versus the private domain, that of
privacy and data protection, focusing on social network sites. My comments here are based on a
piece I wrote for the Guardian on the issue.
Social network sites know who you are, who you know and what you’re interested in. They know
what you like to buy and where you live. I think it’s time to think about “hardwiring” the law into
social networking websites. Let me explain what I mean.
At present, data protection law in Europe allows search engines and website operators to collect,
use and share personal information provided they do so in accordance with a number of principles.
The core principle is that the user is told about how their information will be used (for example, in a
privacy policy) and that the website operator meets one of several conditions. The one on which
website operators most often rely is users’ consent.
Although you’ll see ‘opt in’ boxes for email marketing, operators will often rely on ‘opt out’. In other
words, you’re deemed to consent unless you opt out. If you’re a Facebook user and go to your
Privacy Settings, you will see that the default position with your Mini-Feed is that Facebook will
publish details to your ‘Friends’ whenever you change your profile, make a comment on a photo or
video or interact with the site in a number of other ways. You can ‘opt-out’ by unticking all the
boxes but, for most users, taking the time to check website privacy settings and preferences is the
last thing on their minds.
But if you don’t change these settings, have you really consented? The European Commission’s
Working Party on Data Protection doesn’t think so. “Using pre-ticked boxes fails to fulfill the
condition that consent must be a clear and unambiguous indication of wishes,” it says. Perhaps,
indeed, we have arrived at a tipping point.
Facebook is paradigmatic of current trends in data sharing online, but the same technologies are
being used by search engines and other social network sites. I am far from saying that we’re
confronted by a straightforward, ‘good guy, bad guy’ scenario: the tailored information and social

10
Page 11
30 April 2008

connectivity the likes of Facebook provide their users - for free - is great. But that we have a
decision to make – about privacy – is undeniable.
How, then, should data protection law strike the right balance between sharing personal
information and safeguarding an individual’s private rights to that data in the Web 2.0 world? Two
things need to happen. First, we must develop the notion of the ‘digital citizen’. The Information
Commissioner published research in November which revealed that people now consider protecting
their personal information as more socially important than the NHS, national security and the
environment. If that’s true, the scene is set for the arrival of the digital citizen – the person who
accepts responsibility for their online personal information as part of managing his or her digital
identity.
Secondly, we need to look to the heart of the matter. At its crux, we’re talking about privacy and
consent. We need to be sure that users really understand how their personal information is being
used and shared, that they’ve really consented to it or that its use really was essential. To achieve
this, the act of giving consent should to be coded – hardwired – into websites through ticking the
relevant boxes or some equivalent act. Hardwiring the law into the web may sound scary, but it’s a
lot less scary than leaving things as they are.
This brings me to the fourth and final focal point of change:
4. KEY ISSUES ARISING FROM THE TRANSITION FROM ANALOGUE TO DIGITAL
“We always overestimate the change that will occur in the next two years and underestimate the
change that will occur in the next ten”. Bill Gates
Google’s revenues were $0 in 1997; Google's profits were $1.21bn (£608m) for the three months
to the end of December 2006!
Change is indeed both slower and quicker than we expect. Over the next 10 years, perhaps the
most important developments will be those hidden in the Web’s plumbing. They will build more
intelligence into the Web so that – to borrow a phrase I heard Simon Juden, The PA’s Chief
Executive use the other day – “Websites become Web services.”
What I’m talking about here is the unglamorous world of technical standards which make it possible
for machines such as search engines to talk ‘intelligently’ to other machines such as websites and
other devices, so that, for you and me as users, we can find the content or service we want, see
and pay for the permissions we need and then download and enjoy that content.
This is the arena of what I call ‘de facto’ law. Although the law (e.g. copyright law) may provide the
overall legal framework for what can and can't be done with copyright content, standards control
what happens. In that sense, they are a kind of 'de facto' law.
In the digital world, technical standards play a major role in determining how digital goods and
services are exchanged. The ACAP ('Automated Content Access Protocol') project is developing a
standard for 'machine to machine' permissions readable by search engines giving website owners
much more control over what search engines can and can't do.
In the publishing industry, ONIX for Licensing Terms is a “family” of XML document schemas which
are being used to express licences in a machine-readable form. For example, ONIX for
Publications Licenses (ONIX-PL) is a means of expressing the licenses agreed between
publishers, hosting services, libraries and consortia in machine readable form.
Some of these tools simply mean that, on the click of a mouse, a user in a library can see what he
or she is allowed to do with the content. It’s just a clever way of attaching and displaying
permissions on screen. It’s then up to the user to respect the permission (or not!). In that way, it
like the Creative Commons licence that is often used to encourage the sharing of content for non-
commercial purposes. In other cases, it is ‘machine actionable’. That’s where one machine – such
as a search engine – interacts with another machine – a web browser.
Taken together, these software tools, built on common standards, are the building blocks of a 21st
century rights management system. In discussing these standards and software tools, I have
deliberately avoided using the term “digital rights management” or “DRM” because they are
generally used to describe technical protection measures such as Apple’s ‘Fairplay’ system which
technically controls the number of copies that can be made as well as the devices on which the
content can be played.

11
Page 12
30 April 2008

Of course, TPMs have a role, especially with regard to enduring content such as films and music,
although many services are now offered TPM free. But I want to use DRM – or other terms – to
describe the bigger picture of tools that can be used to locate works and express permissions,
whether or not TPMs are used.
So is that it? Have we covered the full gamut of digital media law? You bet we haven’t!
Working out which laws apply and which Court’s have jurisdiction remains a challenge when we
have territorially-based laws and jurisdictions applied to cross-border services. But there are
international treaties and legal frameworks to work out the answers in practice. It just takes time to
evolve.
A good example of the old coexisting with the new in the world of digital media law is how Linden
Lab, the owners of Second Life, use good old contract law in the form of their Terms and Service to
deny service to participants who don't play by the rules.
And there’s plenty more. But they are for another day!
You can’t work in this area without having your ‘10’ key principles of digital media law:
• There’s always a solution
• Online rules = offline rules (mostly)
• Living with uncertainty, so manage your risk
• Value your IP
• Copyright: permissions first, restrictions last
• Think privacy
• Collaboration’s the name of the digital media game
• Make it simple(r)
• Do the deal but allow for the exit
• What are the things you don’t know you don’t know?

Laurence Kaye
Laurence Kaye Solicitors
© Laurence Kaye 2008
T: 01923 352 117
E: laurie@laurencekaye.com
www.laurencekaye.com
http://laurencekaye.typepad.com/

This article is not intended to be exhaustive and it does not constitute or substitute
legal advice, which should be sought on a case by case basis.
Please feel free to copy or make available this article without modification in print or electronic
form for non-commercial purposes. If you do so, please include this disclaimer and copyright
wording with attribution. If you want to re-publish or make the whole or part of this article available
in a commercial service or publication, please contact the author at laurie@laurencekaye.com.

12