By: Barry J. Heyman, Esq.

Click here to view this article as a PDF.

Digital content such as music, film, software, and electronic books are protected under copyright laws, which generally forbids the exchange of unauthorized digital copies.  File sharing is the practice of distributing or providing access to such content online. Peer-to-peer networking (“P2P”) is the software which permits computer users to share these files with each other, and while file sharing has legal uses, the sharing of copyright protected files without the copyright owners’ permission is illegal.

Over the years, the Recording Industry Association of American (“RIAA”) has successfully sued individuals who share their music illegally with others online.  In a recent case, the RIAA sued a Boston University (“BU”) graduate student who was ordered to pay $675,000 to four record companies for illegally downloading 30 songs and sharing music online in violation of their copyrights.  If the verdict stands, the student plans to file for bankruptcy.  As illustrated here, copyright owners can seek substantial money damages (up to $150,000 per infringement) and direct infringers like in this case usually lack assets to satisfy judgments against them. Therefore, copyright owners often seek to impose liability on the party who contributed to the infringement, as an indirect infringer, and can invoke legal theories of vicarious and contributory infringement.  Under these theories, the RIAA has successfully sued companies that develop or distribute P2P software such as Napster and Grokster.

Although these theories assist in the enforcement of copyright laws, they create significant liability risks not only for P2P services, but for others who may provide Internet access and the means for the infringing activities- such as employers, institutions, commercial Internet network owners, as well as individuals, such as parents and homeowners. As such, these parties should be aware of their potential liability.

This article describes some of the legal issues implicated by file sharing of third-party individuals and offers some practical tips to employers, commercial network owners, parents and homeowners, in order to help prevent liability and avoid litigation.


Contributory and Vicarious Infringement

Contributory infringement occurs when someone knowingly induces, causes, or materially contributes to the copyright infringement.  Vicarious infringement does not require knowledge but only that the potentially infringing party has the right and ability to supervise the infringers (or be in a position to control the infringing activity) and directly benefits financially from the infringement.  Basically, vicarious liability is based on one’s failure to cause a third-party to stop its directly infringing activities while contributory liability is based on one’s failure to stop its own actions which facilitate third-party infringement.  Each element of contributory and vicarious liability is fact specific and needs to be considered on a case-by-case basis and in the context of the potentially infringing party- such as an employer, network owner, or parent.



The RIAA has raised the issue of employer liability of copyright infringement by employees in cases where the employer did not directly engage in any infringing activity, but are liable based on the legal theories of vicarious and contributory infringement.

In 2003, the company Integrated Information Systems (“IIS”), paid a settlement in excess of $1 million to the RIAA because its employees had shared music over the company’s internal network using P2P applications.  In this situation, under the theory of contributory liability, the employer, IIS, knew its employees’ use of the network was to file-share predominantly infringing copyrighted materials and IIS materially contributed to it happening.  IIS may have also been vicarious liable since it was aware of, but ignored its employees’ illegal activities. In the employment situation, the right and ability to supervise the infringers can more easily be found, leaving the inquiry of financial benefit to be evaluated.


Commercial Network Owners

Providing an Internet connection and possibly the computer, a commercial network owner may be found to be liable for copyright infringement.  In a recent situation, Brooklyn Law School was informed by its Internet service provider that individuals may be file sharing copyrighted materially illegally on its network.  In this instance, in addition to the RIAA possibly suing the individuals for direct copyright infringement like in the BU graduate student case, since the school is aware or has “reason to know” of the infringing activities on its network, it may be at risk for contributory infringement based on its contribution to the infringement and knowledge.


Homeowners and Parents

The RIAA lawsuits have also raised the issue of whether the homeowner of an unsecured wireless network or a parent of a child who did not directly engage in any infringing activity can be held liable under existing laws.

In the typical RIAA file-sharing cases, where the computer is being used by the child of a parent, a houseguest, or a neighbor via an unsecured Wi-Fi Internet connection, and the homeowner or parent does not have knowledge of the infringing activities nor computer expertise, there is likely little risk of liability. However, if the parent or homeowner receives a clear financial benefit and tacitly approves of or encourages the infringing action, indirect liability could possibly be found.  These claims are very fact-specific.


Practical Tips

Employers, commercial network owners, and parents may want to consider the following to help protect against liability for copyright infringement resulting from others actions.

  • Educate employees, children, students, and others about the seriousness of and potential consequences for committing copyright infringement through the use of the network.
  • Develop, distribute, and enforce a policy prohibiting the use of the company or the commercial network owner’s network to exchange copyrighted materials without the owner’s permission.
  • Employers and commercial network owners should consider including copyright claims based on their employees or other third parties use or misuse of the network in their insurance policies.
  • Implement technical measures such as configuring the company firewall to prevent misuse of P2P technologies over the network.
  • Ensure the Wi-Fi connection is secure and password protected in order to protect the use of the connection by unauthorized persons who can potentially use the network for infringing uses.
  • Remove the P2P file-sharing programs from the computers or be careful that the files being shared are legal.