Notes from the 5th Internet, Law and Politics Conference: The Pros and Cons of Social Networking Sites, organized by the Open University of Catalonia, School of Law and Political Science, and held in Barcelona, Spain, on July 6th and 7th, 2009. More notes on this event: idp2009.
Social Networking Sites and Individual Rights
Chaired by Raquel Xalabarder
Jane Ginsburg, Morton L. Janklow Professor of Literary and Artistic Property Law Columbia University, School of Law, New York;
Alain Strowel, Covington & Burling LLP, Professor, Facultés universitaires Saint-Louis Brussels.
Facebook’s mission is to make the world more open, people more available one’s to each others, to make information more accessible. Facebook is the people, is the communities. But what are the economics behind SNSs? These social networking sites are expensive to maintain, and so a business plan is required… and this business plan often includes (or involves) intellectual property rights. Intellectual property rights often hold by third parties.
What are the copyright consequences of creating content on a social networking site? what jurisdiction applies? What appears on the sites is protected. But who owns these rights?
In the case of Facebook, IP rights are transferred (non-exclusively) to Facebook, with no financial compensation, also transferable at its turn, etc. In the case of MySpace the license includes transforming content, etc.
A CC-by-nc-nd license would be a good solution to all these agreements where usage is allowed but with more restrictive clauses that clearly benefit the copyright owner. Protecting your rights ex-ante is most difficult in SNS.
When there’s infringement, liability has to be demonstrated and author ownership also recognized.
Another problem is that once the content is made available, the operator of the site should communicate that it is published under copyright law. If it includes adaptation, then the limits of the right to make derivative works should also be clearly stated on the platform.
What happens when there’s more than one creator and people have collaborated to create that work? On user generated content sites, things get complicated, because collaborative work overlaps with a sequence of several re-creations (or modifications) of the original work.
In the US, in a joint work one of the joint authors can exploit the work on their own, but in Europe agreement must be reached among all joint authors. When there are incremental contributions (v1.0, v1.1, v1.2, etc.) exploitation of the work becomes way more complicated as incremental authorship increasingly becomes unclear.
The potential value of the works shared also poses different problems: while it’s likely to see IP problems on YouTube because of the higher potential value of the content shared there, this is less likely to happen in e.g. Flickr or Facebook.
- Copyright does not apply because there is no “copy”, as the original was used
- The original can be used because there is a signed license
- It’s part of an exception to the law (and there are lots of them and distinguishing whether they apply and which one applies is really complicated)
What’s the liability of the intermediaries? SNSs, those making links, carriers, hosting providers, etc.
In Europe copyright and trademark infringement applies equally, though there are some safe harbours that cover intermediaries on some specific cases. But as soon as you don’t fall on safe harbours, the principles of copyright infringement apply, but they are not the same ones across Europe and, also, not the same ones as in the US.
Indeed, even within country regulatory frameworks, difficulties still apply: e.g. what is a hosting provider? Does it have to monitor all the content on its site? Is it an editor (like in a journal) or just a holding platform?
In order to benefit from the safe harbour (US law) YouTube cannot perform any kind of price discrimination for advertising depending on the content watched (e.g. home made video vs. commercial Hollywood movies). This is not optimal on a business model point of view, but it is a requisite of the safe harbour clause on the US copyright law (“you don’t know what’s on your site”).
Privacy and Social Networking Sites
Antoni Roig, Professor of Constitutional Law, Autonomous University of Barcelona
Difference between IT Law and IT for Lawyers. It is very difficult that IT Law and IT regulation can answer all the questions that the Internet is bringing on the table.
The Spanish Constitution (1978) already spoke about privacy and honour, but later on this article was limited to data protection in the Spanish Law (1999). Privacy and data get separated one from the other (good), but privacy seems to be forgotten from the citizen bill of rights (bad).
In Spain, all rights infringements are understood the “old” way but infringements related to data. Most likely Spanish Law should be updated in fields such as privacy or security under the light of the debate that is taking place at the international level.
The international community seems to be reaching a growing consensus based on:
- Awareness raising in the field of privacy and digital competences, including engineers that are coding the applications
- Liability of the providers, but also of the users when they upload or tag third parties’ content or information
- Right to inform: about privacy risks (or information leakages), identity, consent, etc.
- Technological measures: use of nicknames, privacy by default, privacy enhancing technologies (PET), etc.
The problem is that social network analysis to mine data from SNSs represents a real threat even when the user is behaving correctly concerning their own privacy. The semantic web will make this even more transparent and privacy more fragile.
What is then the role of Privacy enhancing technologies?
- Privacy preserving data mining (P2PM) technologies, to block data mining procedures
- Use of several nicknames to protect access and avoid nickname tracking
- Reputation systems that guarantee privacy: be able to change nicknames, etc. but keep reputation despite the changes of digital identities
- Technologies for transparency and information control
Summing up, regulation in privacy issues is still limited and technology is underused and expensive (PETs are normally added up ex-post, which implies costs). We should maybe be moving towards privacy in the design, that privacy is part of the core business. PETs would then disappear and be embedded in the usual code and practices.
Miquel Peguera: Could control by ISPs be set by agreement or contract and then disable the safe harbour? Could YouTube discriminate prices based on the number of visits? Does it make any sense to protect a user identity by using nicknames, when precisely is the absence of nicknames the norm in SNSs? Alain Strowel: Control is difficult to state by contract. Jane Ginsburg: This kind of agreements might imply a legal incoherence. Regarding popularity and price discrimination, it should be proven that this is a legitimate criteria, and that popularity is not an intrinsic characteristic for copyrighted material.
James Grimmelmann: the increasing value of trademarks and names on the Internet, bound to digital identity and usually regulated by the domain name registry might now be at stake when SNSs such Facebook allow you to create subdomains under their domain. How does this change things? Alain Strowel: it surely puts a lot of pressure on trademark law, indeed, and trademark liability, and not only IP law.
Q: How will ISP and content and online services providers agreements evolve? Jane Ginsburg: We’d expect to see more compatibilities amongst contracts across jurisdictions. People should figure out how to draft contracts that can be enforceable in as much jurisdictions as possible.
- IDP2009: Rights, by Daithí Mac Sithigh
- What friends are for, article at the Financial Times by David Gelles
- PRIME – Privacy and Identity Management for Europe
- PrimeLife – Bringing sustainable privacy and identity management to future networks and services