[This post is by FMC legal intern Margo Varona]

In July of 2011, several Internet Service Providers (ISPs) announced a “Memorandum of Understanding” with the major content industries. In essence, the ISPs agreed to implement a “graduated response” policy to educate and potentially penalize internet users sharing or downloading unauthorized content. Our initial statment on the Copyright Alert System (CAS) lives here.

Almost a year later, the policy is about to be initiated. The “alerts” will begin in the next few months, but aside from some rather unlikely antitrust concerns, we feel pretty much like we did when the Copyright Alert System was made known: there’s nothing particularly disconcerting here.

The jury is still out whether the system will actually help curb online infringement, but one thing seems clear: this is not a dangerous or draconian policy. Education is the key focus of the CAS; as its name implies, it’s more of an “alert system” than a “punishment system.” The reality of the situation is that ISPs have no interest in upsetting their paying customers (translation: no one’s internet is going to be entirely cutoff). As FMC Deputy-Director Casey Rae-Hunter said in our initial statement, “the framework does seem to strike an appropriate balance between access to a crucial communications platform and the need to protect the rights of artists.” And this still seems to be the case.

Penalization under CAS comes after a user has accumulated multiple “strikes” against them. Still, it’s hardly a “three strikes and you’re off the internet” situation. The policy doesn’t lack due process, being subject to a sort of arbitration proceeding where users have the chance to defend their behavior. Most importantly, the ISPs will not be cutting off your internet — at worst a user could experience redirects, temporary lockouts and slowdowns (which can already happen based on bandwith usage).

Lets take a closer look at the Three-Phase Graduated Policy:

How it Works - Content providers will be on the lookout for infringement, note the download time and IP addresses of alleged infringers, and send notice to the ISPs who will actually issue the alert-strikes and implement the other phases of the policy. The number of notices content provider can send ISPs is limited, with content providers dividing notices amongst themselves. Crucially, ISPs will not be turning over any actual information about the allegedly infringing user (no name, no address, etc) without a court order. Additionally, there are other safeguards against abuse stemming from the creation of the “Center for Copyright Information” (CCI) who will hire technical experts to review the reliability and security of the methodologies used by content providers to find alleged infringement.

Phase 1: Education - After a content provider sends a notice to ISPs of alleged infringement, the ISPs will find the user linked to the allegation and send them an initial alert. The alert will tell the user that she has been suspected of infringement, that it is unlawful and can lead to serious consequences (both under law and the terms of service of their ISP account), and inform them of legal options for obtaining the content and of ways to check their online security. This phase will cover the first two notices an ISP receives, but if the two notices come too closer together, seem too egregious, or there are subsequent ones, the ISPs can chose to escalate to phase 2 of the policy.

Phase 2: Acknowledgement - Similar to the educational phase, only at this phase users have to actually acknowledge in some way that they’ve received the alert and pledge to stop infringing behavior. After 5-6 total alerts a user has received the ISP choose to further escalate to phase 3, involving possible the imposition of actual penalties.

If a user goes a year without receiving further notices on their account, the number of strikes gets reset to zero.

Phase 3: Mitigation - At this phase the ISP will have the discretion to choose what possible penalties to impose on a repeatedly red-flagged user, like slowing down internet speeds, redirecting them to copyright educational sites, or at worst, temporarily restricting the user’s internet. ISPs will not disable a user’s voice, emergency, or email services. Additionally, users facing mitigation can appeal (for $35) to an independent arbiter and defend their behavior on several grounds, including asserting that the wrong account was targeted, that the infringement is attributed to unauthorized use of their account, or a fair use argument.

Overall, the policy seems like a balanced way of adressing copyright infringement with enough process checks to prevent abuse by overzealous industry. The hope of CAS is that through the education and acknowledgement phases, escalation to mitigation and punishment can be avoided. Moreover, the punishments involved in mitigation are not terribly drastic, most already exist within an ISP’s terms and conditions, and are appealable. It is also important to remember that the alert system is not the only tool available to combat infringement. Under the Digital Millennium Copyright Act (DMCA), ISPs may be required to cut off internet to repeated infringers. Additionally, the content providers can and have (although less so now) go after individual end users through costly and potentially devastating litigation. The new system is likely to curb end user litigation, which we see as a definite good.

So when you hear people talking about the CAS as though it were, say, SOPA, keep in mind everything we’ve mentioned above. Copyright infringement is a real issue, and impacts not only the big content industry players, but also individual musicians. When attempts to curb this activity are dangerous and overbroad, we say so. When they act in service of advancing a legitimate digital marketplace, we say that, too. It’s our sincere hope that CAS live up to the latter goal.