The Ninth Circuit has ruled that internet service providers cannot be compelled to unmask users through subpoenas under the DMCA, reinforcing long-standing precedent that these subpoenas were never meant to apply to providers that simply offer access to the internet.
The decision blocks an increasingly common tactic copyright owners use to sidestep due process and extract user identities without judicial oversight.
We obtained a copy of the opinion for you here.
The case came about after a copyright owner targeted 29 Cox Communications subscribers accused of sharing the film Fall (2022) through BitTorrent. Rather than filing a lawsuit or seeking a judge’s permission, the copyright holder went straight to a court clerk to obtain a subpoena.
Although Cox was under no obligation to do so, the company notified the affected subscribers. Only one responded to object, triggering a legal dispute that has now resulted in a firm ruling from the Ninth Circuit.
The dispute is a simple but critical distinction. The DMCA outlines separate protections depending on the type of service provided.
Web hosts fall under Section 512(c) and can receive takedown notices for content they store, while IAPs are covered under Section 512(a), which protects them from liability as long as they are acting as neutral conduits for internet traffic.
MORE: How the DMCA has become one of the biggest threats to online speech
Since IAPs do not host content, there is nothing for them to take down, and that makes the 512(h) process incompatible with their role. This should be obvious, but it hasn’t stopped rights holders from trying to overreach.
The court made this clear: “a § 512(a) service provider cannot participate in the notice and takedown process, because there is nothing for a § 512(a) service provider to take down.”
Because valid 512(h) subpoenas depend on a takedown notice that points to a specific location of hosted infringing content, such subpoenas cannot legally apply to IAPs who are not hosting anything.
This is not a novel conclusion. The DC Circuit and the Eighth Circuit both reached the same result back in 2003 with the case. Despite that, copyright groups have continued filing 512(h) requests directed at IAPs.
The reason is clear enough: most providers still comply, even when the law doesn’t require it, which is one of the wide problems of the DMCA in general.
