Cloud Drive and Copyright Infringement of Computer Software

By Ye Xuan, Liu Yuming, Liu Guochang, Koguan School of Law, SJTU

Liu Ruoqi, China IP

In October 2018, Nanjing Intermediate People’s Court made a first instance decision in the case of Baidu Internet Disk infringement of the Internet information dissemination right of the Internet play of Fleet of Time. The court found infringement against Baidu Internet Disk for the Internet dissemination right of the Internet play Fleet of Time, ordering immediate deletion of the play from Baidu NetCom’s Disks, and payment for economic damages plus reasonable cost in the amount of 500,000 Yuan. This is not the only case. In the advent of cloud, there has come along a large number of cases relating to cloud service provider infringement. Therefore, how to define the legal nature of an act of cloud disk service provider becomes the focal point in these cases.

In this “Forum of Intellectual Property and Law of Competition” and the sub-forum of “Software Copyright and Platform Liabilities,” Mr . YaoBingbing, Chief Judge of Nanjing Intellectual Property Court delivered a keynote speech on “Infringement Liabilities of Cloud Disk Service Providers,” and Mr. Yuan Xinzhong, Arbitrator of Shanghai International Economic and Trade Arbitration Commission, delivered his keynote speech of “Copyright Protection in the Cloud Era,” both shedding light for further consideration on the above issues.

Yao Bingbing: Infringement Liabilities of Cloud Disk Service Providers

We are now in an age of information explosion where the Internet becomes indispensable to people’s life and work. In the larger Internet environment, many Internet platforms emerge, which gives us convenience of life, but also causes us problems of all kinds. The Internet platform is not only a player in the market, but also a market itself. For this reason, the platform should play certain managerial functions. Take the cloud disk for example, for infringement liabilities of cloud disk service providers.

1. Main Functions of Cloud Disk 

   Take Baidu NetDisk for example, it is different from the pure public websites of weblogs. But whether such differences will lead to differentiated infringement liabilities hinges on the understanding of the basic functions of cloud disks.

    

   First, it is the “instant transfer”function of the cloud disk. It operates by transferring cloud disk user’s file from his personal computer to the cloud disk server. Theoretically, this document is uploaded by the user himself, but if there is already a similar one on the cloud disk, the disk server will first compare. If there is an identical one, Baidu NetDisk will store the file on the user’s netdisk. In reality, the file is not uploaded from the user’s computer, but the user would feel that the transfer is “instantly” done. Therefore, the “instant transfer” functions through computer technologies to provide some upload or download services. Baidu NetDisk’s “instant transfer” is achieved this way. Second, the share function, which is also achieved by technical means. Based on the cloud disks’ functional setting, it can achieve sharing according to each user’s request, or can share it to a designated friend. The user can also set different sharing path, to achieve sharing of documents.

    

   Last, the off-line download function, which is also achieved by technical means. The following explains a specific copyright infringement case through net disk, involving new issues worthy of our closer look. The underlying problem is the hot play Fleet of Time which was uploaded by a user to Baidu NetDisk. The specific acts complained was done through the above-mentioned instant transfer and off-line download. The verification method employed by plaintiff is to first search on the Baidu Cloud Disk by technical means for the work Fleet of Time with Internet dissemination r i g h t on the Baidu NetDisk. Subsequently plaintiff made a similar operation at a different time sector verifying how the functions of instant transfer, offline downloading, and sharing have been achieved. Through his own verification, plaintiff discovered the dissemination method on the Internet disks of his work.

    

   Therefore, plaintiff contends that the so-called basic functions of instant transfer, off-line download and sharing provided by Baidu NetDisk are in fact infringement of his right of Internet dissemination. Yet defendant argues that it merely provides information storage space, without knowledge of the stored works. Defendant also argues that since the work is disseminated within certain circles, the platform is unable to actively follow i t . Hence the platform cannot ascertain the specific user who uploaded the infringing work. The case also relates to statutes of limitation, i.e., whether the contention is effectively raised? Whether technical means can be employed to verify the existence of files infringing works with Internet dissemination right? The technical means in this case involves words, heading, spelling, and other verification using MD5 value for such infringing work. The preceding issues deserve our closer attention and further improvement of the legal system.

    

2. Analysis of Current Views

   As to whether the defendant has infringed Internet dissemination right in the above case there are currently two views:

    

   The first view holds that the platform service provider with the burden of proving the accused work is uploaded by Internet user by providing such specific information as user name, registered IP address and upload time, etc. If the platform cannot provide such information, it is presumed that the platform provided the work itself. This view has been applied in current judicial practice.

    

   Under the second view, what is the underlying basics to achieve the above three functions of the Internet platforms is that the relevant work is stored in the cloud disks. Absent the work in cloud disks, there can be no instant transfer, sharing or off-line download by users. In providing the functions of instant transfer, off-line download and sharing functions, the cloud disk service provider has directly transferred the documents from its server to the user, stepping beyond what it claims to be the limit of the service of storing information, and becoming a direct content provider. Thus, the disk service provider has become a content provider, directly liable to the copyright holder for infringement of the video documents.

    

   Under normal circumstances, the platform is not a producer or uploader of relevant works. In other words, it is not a direct actor, but merely plays the role of an Internet intermediary or storage space provider.

    

   In the actual trial of Fleet of Time, first, the acts of upload and sharing shown by plaintiff’s evidence were done with the operations of storing Fleet of Time in its agent’s mobile hard drive, and off-line download is done through the hyperlink of other website redirecting to Baidu NetDisk, sufficient to prove the functions of upload, sharing and download in Baidu NetDisk, but not directly obtaining the accused work of Fleet of Time from Baidu NetDisk server. Second, plaintiff’s evidence explained Fl e e t of Time was uploaded through instant transfer technique, and that an identical copyrighted work was stored on Baidu NetDisk, but whether the work was uploaded by user or by Baidu, i.e., the service provider, is not certain. Third, the evidence is insufficient to prove that a member of the public may download, browse or acquire through other means the video work of Fleet of Time at a time and location of his choice, which is short of proving direct infringement by defendant.

    

   In our view, the cloud platform’s infringing act is at least under the current law akin to indirect infringement. The facts established by plaintiff showed that on April 10, 2017 it sent a Letter of Notice to defendant with such information as MD 5 value, Chinese character name, spelling, English name, etc. of the accused documents. Defendant, upon receipt of the relevant documents , did not take the necessary measure to delete, block or disconnect, nor did it provide technical support to plaintiff. Defendant was made aware of the infringement of the Internet dissemination right of Fleet of Time. Defendant was negligent for failure to take any action when it was informed by plaintiff that its Baidu NetDisk contained a work that was identical to Fleet of Time, for which defendant bears the responsibility corresponding to an Internet platform of examining and taking notice, which places Baidu NetDisk at risk when a user’s upload of allegedly infringing documents might subject Baidu to infringement, for, the user not only can upload, it can also share with designated users or members of the public, and Baidu’s inaction under such circumstances facilitates the dissemination, constituting therefore indirection infringement.

    

   With the continuing development of Internet technologies, and cloud disk as new software and service provider, it is unavoidable that the relevant laws lag behind the development of new technologies. And this case is a typical example. No matter what technological development, an actor’s act must be regulated by the copyright and tort liability laws. As to the liabilities, it is up to the scholars and practitioners to further study and resolve.

    

   Yuan Xinzhong: Copyright Protection and the Cloud Era

3. Introductory Problem

   In recent years, “The Fourth Industrial Revolution” has become a focal issue for attention and discussion, the contents of which comprising artificial intelligence, autopilot, Internet of Things, and cloud computing. From the perspectives of industry development and software manufacturers, copyright protection of software after emergence of cloud computing may encounter these problems: first, determination of legal liabilities of theft and decoding cloud account/product keys/ subscriber account, and the security and privacy challenges arising therefrom; second, legal liabilities of unauthorized use of software by other cloud service providers or platforms. From CD piracy to Internet download, the infringement form for copyright piracy and software infringement has changed, and the legal problems arising therewith must be dealt with.

    

   A Cisco study indicates that the current cloud computing has increased work volume and work efficiency by 5 times of the traditional work volume. Under such circumstances, Microsoft has shifted its emphasis to cloud services, e.g., its Office 365 softwares. In daily life, if a computer goes wrong failing to retrieve the information stored therein, all information on the hard drive can be restored as long as the user retains the account information. Apart from Microsoft, Adobe and Autodesk, etc., all provide such cloud services.

    

4. Theft and Decipher of Cloud Account/Product Keys/Subscriber Account

   From “piracy” in the past to the modern use without authorization, the form of computer software infringement has changed. Currently, the way we use a software is to download from official website and install the software, purchase the keys and activate the software. In this phraseology, software infringement is no longer the “piracy” concept, but becomes unauthorized use, i.e., use of software without purchasing the product key from legitimate source. Whether theft or sale of product keys would be a crime has frequently been a topic in the academic and judicial circles. There were cases in Shanghai, and in the end, the tendency is to treat theft of product keys as copyright infringement or the crime of copyright violation.

    

   The voice against it contends that the product key is like a car key, and the sale of a car key alone is not a crime. But this is not an appropriate comparison, for in practice the software is provided for free, and once the key i s available a user will be able to use the software. So if the condition of crime is met, sale of product keys would certainly constitute crimes.

    

   Apart from product keys, the subscriber account is also at risk. In the software industry, apart from legal considerations, the protection could also be made from technical considerations. Microsoft proposes some basic principles, such as security, privacy control, compliancy and transparency. The Internet safety is one of the direst threats globally, which Microsoft has become aware of, and has been making continued updates on the Internet security.

    

5. Legal Responsibilities of Cloud Service Provider

   In making animation using Adobe, it is necessary to make rendering of characters. In the past, a company may install a software to do the rendering; then a unit may use LAN making the software available to all employees. With the emergence of cloud computing, there emerges a market for large platforms with such software which may assist a user to do it as long as the user is willing to pay a fee. Reality is, some of the rendering companies either use pirated software, or use extensively unauthorized software. If a company directly uses 3DMAX of Autodesk and other software to provide cloud services, should the cloud service provider be civilly liable? Hopefully, such questions will be dealt with and solved in subsequent judicial practice.

   （Translated by Zheng Xiaojun）