Porn Purveyor Follows the Money - Perfect 10 v. CCBill

The Porn Connection

Perfect 10 runs a porn site at Perfect 10 also publishes a magazine of the same name. Together, they have created approximately 5,000 images of naked women. Norman Zada, owner of Perfect 10, noticed his images appearing on other competing porn sites.

Many of the porn sites in question use CCBill, or other similar payment services, to collect subscription fees for their site. Consequently, a user who wished to view the images on a particular porn site would be directed to CCBill's payment gateway where the user's payment would be processed. Upon completion of the payment transaction, CCBill would then redirect the user to the full access version of the porn site.

Zada sued CCBill and related web-hosting company CWIE for contributory infringement of copyright and rights of publicity. The theory here is that CCBill is acting as an Online Service Provider by providing the connection to the porn site, and CWIE provides the “ping, power and pipe” for the offending websites. Since there is some evidence of possible common ownership of the two entities, and since the court treated them as one for the relevant analysis, we will refer to them collectively as “Cave Creek”. It should be noted here that the copyright claim is a federal claim based in the copyright act, and the right of publicity claim is based in state law.

Contributory Copyright Infringement

Cave Creek claims that since it is a third party that merely provides a connection to the offending porn sites, they should be immune from liability for contributory copyright infringement by virtue of the Safe Harbors provided under the Digital Millennium Copyright Act.

Safe Harbor Eligibility

In order to be eligible for any of the four Safe Harbors, the following two pre-conditions must be met:

  • (A) OSP has reasonably implemented a repeat offender policy
  • (2) OSP does not interfere with technical measures

Perfect 10 claims that since Cave Creek did not keep track of repeatedly infringing webmasters, that they failed to implement their repeat offender policy.


While “reasonably implemented” is not defined, this court held that a service provider “implements” a policy if it has a working notification system, a procedure for dealing with DMCA-compliant notifications, and if it does not actively prevent copyright owners from collecting information needed to issue such notifications. The court noted that in Ellison, even though the infringing activity was not discovered until after AOL had notified the U.S. Copyright Office of the correct email address, the court found that “AOL allowed notices of potential copyright infringement to fall into a vacuum and go unheeded; that fact is sufficient for a reasonable jury to conclude that AOL had not reasonably implemented its policy against repeat infringers.”

In this case, the court concluded that if in fact Cave Creek had failed to keep track of repeatedly infringing webmasters, that would create an issue as to implementation. However, in this case, the court found that Cave Creek did in fact keep track, albeit somewhat sloppily, and therefore since most repeatedly infringing webmasters were tracked, the policy was implemented.


Perfect 10 claims that the policy was not reasonably implemented since Cave Creek did not terminate as many repeat offenders as it should have, given 1) notice of infringement from Perfect 10, 2) notice of infringement from third parties, and 3) “red flags”.

Regarding the notice of infringement from Perfect 10, the court indicated that it did not read the 4th Circuit's holding in ALS Scan. v. RemarQ ), as holding that only location information is required for substantial compliance with the terms of Safe Harbor notice requirements.

Helpfully, this court acknowledges that accusations of alleged infringement have drastic consequences:

“A user could have content removed, or may have his access terminated entirely. If the content infringes, justice has been done. But if it does not, speech protected under the First Amendment could be removed. Therefore, the court stated it is not required that a service provider start potentially invasive proceedings if the complainant is unwilling to state under penalty of perjury that he is an authorized representative of the copyright owner, and that he has a good-faith belief that the material is unlicensed.”

Perfect 10’s notice consisted of documents, including identifying pictures and URLs of Perfect 10 models posted on Cave Creek client websites, and spreadsheets identifying the Perfect 10 models. While arguably this notice exceeds in detail that of ALS Scan, this court distinguishes itself from the 4th Circuit by noting that the authorized signature, good-faith statement and accuracy statement are not optional elements. Consequently, Perfect 10’s notice is defective and does not serve to put Cave Creek on notice of the infringement.

However, if third parties provided DMCA-compliant notices which Cave Creek did not act upon, then Cave Creek could lose its eligibility for not having reasonably implemented its policy.

The “red flag” test states that a service provider may lose immunity if it fails to take action with regard to infringing material when it is “aware of facts or circumstances from which infringing activity is apparent.” However, notice that fails to substantially comply with notice provision of § 512(c)(3) cannot be deemed to impart such awareness.

Since Perfect 10’s notice does not qualify to impart awareness, Perfect 10 alleged other red flags, such as the suggestive URLs of the infringing websites, such as “” and “”. The court didn’t find this flag red enough, and declared that in order for a website to qualify as a “red flag” of infringement, it would need to be apparent that the website instructed or enabled users to infringe another's copyright. The court declined to impose such investigative duties on service providers.

“technical measures”

On the technical measures issue, Perfect 10 argued that CCBill does not qualify for any safe harbor because it interfered with “standard technical measures” by blocking Perfect 10's access to Cave Creek affiliated porn websites. Perfect 10 argued this was done in order to prevent Perfect 10 from discovering whether those websites infringed Perfect 10 copyrights, but the evidence showed that Perfect 10 was in fact charging to gain access to subscription porn site and then canceling the credit card charges. Needless to say, this was not considered interference with standard technical measures.

Safe Harbor Applicability

Transitory Digital Network Communications

For the purposes of this Safe Harbor, a service provider is “an entity offering the transmission, routing, or providing of connections for digital online communications.” Clearly Cave Creek is involved in the routing, and the court found that Cave Creek was eligible for this Safe Harbor.

Interestingly, in contesting Cave Creek’s eligibility here, Perfect 10 argued that Cave Creek did not itself transmit the infringing material.

Information Location Tools

While the court acknowledged that the hyperlink provided by Cave Creek to an infringing website could be viewed as an “information location tool,” it noted that the majority of Cave Creek's functions would remain outside of this particular safe harbor.  Consequently, even if Cave Creekl's provision of a hyperlink is immune, Cave Creek does not thereby receive blanket immunity for its other services.

Information Residing on Systems or Networks at the Direction of Users

Perfect 10 claims that Cave Creek is ineligible for the safe harbor, because a service provider may not receive a direct financial benefit from the infringing activity if the service provider also has the right and ability to control the infringing activity.

The noted that in Ellison, the court held that “no jury could reasonably conclude that AOL received a direct financial benefit from providing access to the infringing material” because “[t]he record lacks evidence that AOL attracted or retained subscriptions because of the infringement...” Consequently, Cave Creek is not ineligible for this safe harbor if it meets the threshold requirements.

Right of Publicity

Regarding the Right of Publicity claims, these are state claims. Cave Creek claims that the Communications Decency Act provides immunity for the state right of publicity claims.

The Communications Decency Act is an anti-pornography statute, the anti-pornography parts of which were contested as unconstitutional. However, the current surviving incarnation of the statute has protections for service which establish broad federal immunity to any cause of action that would make service providers liable for information originating with a third-party user of the service.

The immunity is constrained so that it would neither limit or expand any law pertaining to intellectual property. Because material on a website may be viewed across the Internet, and thus in more than one state at a time, permitting the reach of any particular state's definition of intellectual property to "dictate the contours of this federal immunity would be contrary to Congress's expressed goal of insulating the development of the Internet from the various state-law regimes."

In the absence of a definition from Congress, the court construed the term “intellectual property” to mean “federal intellectual property.” Accordingly, Cave Creek is eligible for CDA immunity for all of the state claims raised by Perfect 10.