• by Wendy Davis  @wendyndavis, February 1, 2018

In a mixed ruling, an appellate court has reversed a $25 million verdict against the Internet service provider Cox Communications in a battle over piracy.

The order, issued Thursday by a three-judge panel of the 4th Circuit Court of Appeals, returns the case to the district court for a new trial, due to an error in the way the jury was instructed. But the 4th Circuit also ruled against Cox on a key point: The appeals judges said Cox wasn't entitled to rely on so-called "safe harbor" provisions that typically protect service providers from liability when users infringe copyright.

The ruling stems from a 2014 lawsuit by record label BMG, which sought to hold Cox liable for copyright infringement because its subscribers were sharing pirated files online.

Cox defended itself by arguing that it was protected by the federal copyright law's so-called "safe harbor" provisions. Those provisions immunize Internet service providers from liability for users' activity, but only if the ISPs have policies for handling repeat offenders.

But BMG convinced the trial judge that Cox wasn't entitled to the safe harbor protections because it failed to disconnect people who repeatedly infringed. The record label said it informed Cox that thousands of its customers were infringing copyright, and that Cox didn't take any action.

A jury ultimately sided with BMG and decided Cox should pay $25 million. That decision marked the first time that a broadband carrier was found liable for piracy by its subscribers. Cox then appealed to the 4th Circuit.

The appellate judges agreed with BMG that Cox wasn't entitled to rely on the safe harbor protections, writing that the broadband provider's policy was lacking. Officially, Cox had a "13-strike" repeat-offender policy, meaning that the company would consider terminating subscribers after they received 13 notices of copyright infringement. But in practice, the company went to great lengths to avoid disconnecting people.

"Cox formally adopted a repeat infringer 'policy,' but ... made every effort to avoid reasonably implementing that policy," the opinion states. "Indeed, in carrying out its thirteen-strike process, Cox very clearly determined not to terminate subscribers who in fact repeatedly violated the policy."

The opinion notes that in the two years before BMG sued, Cox only terminated a total of 21 people -- and in 17 cases, the subscribers had failed to pay their bills on time or exceeded their bandwidth caps. During that time, Cox issued more than 500,000 email warnings and temporary suspensions, according to the opinion.

"Cox failed to qualify for the ... safe harbor because it failed to implement its policy in any consistent or meaningful way -- leaving it essentially with no policy," the judges wrote.

But the judges also found that even without the safe harbor protection, Cox might not been responsible for users' infringement. That's because, according to the appellate court, companies are only liable for contributing to infringement if the companies either know about acts of infringement, or are willfully blind to them.

The panel went on to rule that the trial judge incorrectly told the jurors that they could find Cox liable if it knew or should have known about infringement by users. "The formulation 'should have known' reflects negligence and is therefore too low a standard," the appellate judges wrote. "Because there is a reasonable probability that this erroneous instruction affected the jury’s verdict, we remand for a new trial."