Gimme-Shelter-Complete-LR.Pdf

Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 1 of 49

FOR PUBLICATION UNITED STATES COURT OF APPEALS FOR THE NINTH CIRCUIT

 UMG RECORDINGS, INC., a Delaware corporation; UNIVERSAL MUSIC CORP., a New York corporation; SONGS OF UNIVERSAL, INC., a California corporation; UNIVERSAL-POLYGRAM INTERNATIONAL PUBLISHING, INC., a Delaware corporation; RONDOR MUSIC INTERNATIONAL, INC., a California corporation; UNIVERSAL MUSIC-MGB NA LLC, a California Limited Liability Company; UNIVERSAL MUSIC-Z TUNES LLC, a New York Limited  Liability Company; UNIVERSAL MUSIC-MBG MUSIC PUBLISHING LTD., a UK Company, Plaintiffs-Appellants, v. SHELTER CAPITAL PARTNERS LLC, a Delaware Limited Liability Company; SHELTER VENTURE FUND LP, a Delaware Limited Partnership; SPARK CAPITAL LLC, a Delaware Limited Liability Company; SPARK CAPITAL, L.P., a Delaware Limited Partnership; 

21055 Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 2 of 49

21056 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS

 TORNANTE COMPANY, LLC, a Delaware Limited Liability Company, No. 09-55902 Defendants-Appellees,  D.C. No. and 2:07-cv-05744- VEOH NETWORKS, INC., a California AHM-AJW corporation, Defendant. 

 UMG RECORDINGS, INC., a Delaware corporation; UNIVERSAL MUSIC CORP., a New York corporation; SONGS OF UNIVERSAL, INC., a California corporation; UNIVERSAL-POLYGRAM INTERNATIONAL PUBLISHING, INC., a Delaware corporation; RONDOR MUSIC INTERNATIONAL, INC., a California corporation; UNIVERSAL MUSIC-MGB NA LLC, a California Limited Liability  Company; UNIVERSAL MUSIC-Z TUNES LLC, a New York Limited Liability Company; UNIVERSAL MUSIC-MBG MUSIC PUBLISHING LTD., a UK Company, Plaintiffs-Appellants, v. VEOH NETWORKS, INC., a California corporation, Defendant-Appellee,  Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 3 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21057

and  SHELTER CAPITAL PARTNERS LLC, a Delaware Limited Liability Company; SHELTER VENTURE FUND LP, a Delaware Limited No. 09-56777 Partnership; SPARK CAPITAL LLC, a D.C. No. Delaware Limited Liability  2:07-cv-05744- Company; SPARK CAPITAL, L.P., a AHM-AJW Delaware Limited Partnership; TORNANTE COMPANY, LLC, a Delaware Limited Liability Company, Defendants. 

 UMG RECORDINGS, INC., a Delaware corporation; UNIVERSAL MUSIC CORP., a New York corporation; SONGS OF UNIVERSAL, INC., a California corporation; UNIVERSAL-POLYGRAM INTERNATIONAL PUBLISHING, INC., a Delaware corporation; RONDOR MUSIC INTERNATIONAL, INC., a California corporation; UNIVERSAL  MUSIC-MGB NA LLC, a California Limited Liability company; UNIVERSAL MUSIC-Z TUNES LLC, a New York Limited Liability company; UNIVERSAL MUSIC-MBG MUSIC PUBLISHING LTD., a UK company, Plaintiffs-Appellees, v.  Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 4 of 49

21058 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS

 VEOH NETWORKS, INC., a California No. 10-55732 corporation, D.C. No. Defendant-Appellant.  2:07-cv-05744- AHM-AJW  OPINION

Appeals from the United States District Court for the Central District of California A. Howard Matz, District Judge, Presiding

Argued and Submitted May 6, 2011—Pasadena, California

Filed December 20, 2011

Before: Harry Pregerson, Raymond C. Fisher and Marsha S. Berzon, Circuit Judges.

Opinion by Judge Fisher Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 5 of 49

21062 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS COUNSEL

Steven A. Marenberg (argued), Brian D. Ledahl and Carter Batsell, Irell & Manella LLP, Los Angeles, California, for the plaintiffs-appellants-cross-appellees.

Michael S. Elkin (argued), Thomas P. Lane (argued), Jennifer A. Golinveaux and Erin R. Ranahan, Winston & Strawn LLP, Los Angeles, California, for the defendant-appellee-cross- appellant.

Robert G. Badal (argued), Joel S. Cavanaugh and Emily S. Churg, Wilmer Cutler Pickering Hale and Dorr LLP, Los Angeles, California; Glen L. Kulik (argued) and Alisa S. Edelson, Kulik, Gottesman, Mouton & Siegel, LLP, Sherman Oaks, California, for the defendants-appellees.

Jeffrey G. Knowles and Julia D. Greer, Coblentz, Patch, Duffy & Bass LLP, San Francisco, California; Eric J. Sch- wartz, Mitchell Silberberg & Knupp LLP, Washington, D.C., for amici curiae Broadcast Music, Inc., and American Society of Composers, Authors and Publishers.

Ronald L. Johnston, Sean Morris and Emilia P.E. Morris, Arnold & Porter LLP, Los Angeles, California; Robert Gar- rett, Arnold & Porter LLP, Washington, D.C., for amici curiae Recording Industry Association of America, National Music Publishers’ Association, NBC Universal Inc., and American Federation of Musicians.

Daniel J. Popeo and Cory L. Andrews, Washington Legal Foundation, Washington, D.C.; Clifford M. Sloan, Mary E. Rasenberger and Christopher G. Clark, Skadden, Arps, Slate, Meager & Flom LLP, Washington, D.C., for amicus curiae Washington Legal Foundation.

Corynne McSherry and Michael Barclay, Electronic Frontier Foundation & Internet Archive, San Francisco, California, for Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 6 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21063 amici curiae Electronic Frontier Foundation, Internet Archive, American Library Association, Association of College and Research Libraries, Association of College and Research Libraries, Computer and Communications Industry Associa- tion, Public Knowledge, Center for Democracy and Technol- ogy and Netcoalition.

Matthew M. Werdegar, Michael S. Kwun and Benjamin Ber- kowitz, Keker & Van Nest LLP, San Francisco, California, for amici curiae eBay Inc., Facebook, Inc., Google Inc., IAC/InterActiveCorp., and Yahoo! Inc.

OPINION

FISHER, Circuit Judge:

Veoh Networks (Veoh) operates a publicly accessible website that enables users to share videos with other users. Uni- versal Music Group (UMG) is one of the world’s largest recorded music and music publishing companies, and includes record labels such as Motown, Def Jam and Geffen. In addition to producing and distributing recorded music, UMG pro- duces music videos. Although Veoh has implemented various procedures to prevent copyright infringement through its system, users of Veoh’s service have in the past been able, without UMG’s authorization, to download videos containing songs for which UMG owns the copyright. UMG responded by filing suit against Veoh for direct and secondary copyright infringement. The district court granted summary judgment to Veoh after determining that it was protected by the Digital Millennium Copyright Act (DMCA) “safe harbor” limiting service providers’ liability for “infringement of copyright by reason of the storage at the direction of a user of material that resides on a system or network controlled or operated by or for the service provider.” 17 U.S.C. § 512(c). We agree, and accordingly affirm. Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 7 of 49

21064 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS

BACKGROUND1

Veoh allows people to share video content over the Inter- net. Users can view videos uploaded by other users as well as authorized “partner content” made available by major copyright holders such as SonyBMG, ABC and ESPN. There are two ways to use Veoh’s service: through a standalone software client application launched in late 2005, or through the veoh.com website launched in early 2006 that users access via a standard web browser. Both services are provided free of charge. Veoh generates revenue from advertising displayed along with the videos. “As of April 2009, Veoh had well over a million videos available for viewing, and users had uploaded more than four million videos to Veoh.”

Before a user may share a video through Veoh, he must register at veoh.com by providing an email address, user name and password. He must then state that he has read and agreed to Veoh’s “Publisher Terms and Conditions” (PTC). The PTC instructs users that they “may not submit [material] . . . that contains any . . . infringing . . . or illegal content” and directs that they “may only upload and publish [material] on the Veoh Service to which [they] have sufficient rights and licenses to permit the distribution of [their] [material] via the Veoh Services.” The PTC agreement also gives Veoh a license to “publicly display, publicly perform, transmit, distribute, copy, store, reproduce and/or provide” the uploaded video “through the Veoh Service, either in its original form, copy or in the form of an encoded work.”

A user who wants to share a video must also agree to Veoh’s “Terms of Use,” which give Veoh a license “to use, reproduce, modify, distribute, prepare derivative works of, display, publish, perform and transmit” the video. The Terms of Use provide that “you expressly represent and warrant that you own or have the necessary licenses, rights, consents, and

1The facts are undisputed unless otherwise noted. Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 8 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21065 permissions to use and authorize Veoh to use all . . . copyright or other proprietary rights in and to any and all [material shared on Veoh].” Users must agree “not to (a) take any action or (b) upload, download, post, submit or otherwise distribute or facilitate distribution of any [material] . . . through the Veoh Service, that . . . infringes any . . . copyright.” Once a user agrees to the PTC and Terms of Use, he may upload a video. Each time a user begins to upload a video to Veoh’s website, a message appears stating, “Do not upload videos that infringe copyright, are pornographic, obscene, violent, or any other videos that violate Veoh’s Terms of Use.”

When a video is uploaded, various automated processes take place. Veoh’s software automatically breaks down the video file into smaller 256-kilobyte “chunks,” which facilitate making the video accessible to others. Veoh’s software also automatically converts, or “transcodes,” the video file into Flash 7 format. This is done because “the vast majority of internet users have software that can play videos” in this format. Veoh presets the requisite settings for the Flash conver- sion. If the user is a “Pro” user, Veoh’s software also converts the uploaded video into Flash 8 and MPEG-4 formats, which are playable on some portable devices. Accordingly, when a Pro user uploads a video, Veoh automatically creates and retains four copies: the chunked file, the Flash 7 file, the Flash 8 file and the MPEG-4 file. None of these automated conversions affects the content of the video.

Veoh’s computers also automatically extract metadata from information users provide to help others locate the video for viewing. Users can provide a title, as well as tags or keywords that describe the video, and can also select pre-set categories describing the video, such as “music,” “faith” or “politics.” The Veoh system then automatically assigns every uploaded video a “permalink,” or web address, that uniquely identifies the video and makes it available to users. Veoh employees do Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 9 of 49

21066 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS not review the user-submitted video, title or tags before the video is made available.2

Veoh’s system allows users to access shared videos in two ways. First, the video may be “streamed” from a server, whereby the user’s web browser begins displaying the video almost immediately, before the entire file has been transmitted to the user’s computer. Depending on whether the user stops his web browser from streaming the full video, a partial or full copy of the video is stored temporarily on the user’s computer. Second, the user can download a copy of the video through Veoh’s website or client software application. Veoh transfers a “chunked” copy of the file to the user’s computer, and the software reassembles the chunks into a viewable copy. The downloaded file is stored on the user’s computer in a Veoh directory, which gives Veoh the ability to terminate access to the files.

Veoh employs various technologies to automatically prevent copyright infringement on its system. In 2006, Veoh adopted “hash filtering” software. Whenever Veoh disables access to an infringing video, the hash filter also automatically disables access to any identical videos and blocks any subsequently submitted duplicates. Veoh also began developing an additional filtering method of its own, but in 2007 opted instead to adopt a third-party filtering solution produced by a company called Audible Magic. Audible Magic’s technology takes audio “fingerprints” from video files and com- pares them to a database of copyrighted content provided by copyright holders. If a user attempts to upload a video that matches a fingerprint from Audible Magic’s database of forbidden material, the video never becomes available for viewing. Approximately nine months after beginning to apply the Audible Magic filter to all newly uploaded videos, Veoh

2Veoh employees do monitor already accessible videos for pornography, which is removed, using a “porn tool” to review thumbnail images of uploaded videos tagged as “sexy.” Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 10 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21067 applied the filter to its backlog of previously uploaded videos. This resulted in the removal of more than 60,000 videos, including some incorporating UMG’s works. Veoh has also implemented a policy for terminating users who repeatedly upload infringing material, and has terminated thousands of user accounts.

Despite Veoh’s efforts to prevent copyright infringement on its system, both Veoh and UMG agree that some of Veoh’s users were able to download unauthorized videos containing songs for which UMG owns the copyright. The parties also agree that before UMG filed its complaint, the only notices Veoh received regarding alleged infringements of UMG’s works were sent by the Recording Industry Association of America (RIAA). The RIAA notices listed specific videos that were allegedly infringing, and included links to those videos. The notices did not assert rights to all works by the identified artists, and did not mention UMG. UMG does not dispute that Veoh removed the material located at the links identified in the RIAA notices.

In September 2007, UMG filed suit against Veoh for direct, vicarious and contributory copyright infringement, and for inducement of infringement. UMG contended that Veoh’s efforts to prevent copyright infringement on its system were “too little too late” because Veoh did not adopt filtering technology until “after Veoh harbored infringing material for its own benefit,” and initially it ran the filters only on newly uploaded videos. UMG also argued that Veoh “remove[d] copyrighted material only if identified specifically in a notice of infringement,” and “[e]ven then, Veoh would only remove the video associated with the particular URL and bit-for-bit copies of that same video.”

In UMG’s first amended complaint (FAC), it added three of Veoh’s investors as defendants on theories of secondary liability.3 The Investor Defendants sought dismissal of UMG’s

3The three investors, Shelter Capital LLC, Spark Capital LLC and the Tornante Company are referred to collectively as “the Investor Defen- dants.” Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 11 of 49

21068 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS FAC for failure to state a claim against them under Federal Rule of Civil Procedure 12(b)(6). The district court granted the motion to dismiss without prejudice and UMG filed a Sec- ond Amended Complaint (SAC). The Investor Defendants again moved to dismiss, and the district court dismissed the claims against the Investor Defendants with prejudice, holding that UMG’s “allegations amounted to little more than what is legally and customarily required of corporate board members.” Final judgment on that ground was entered on June 1, 2009.

Veoh asserted as an affirmative defense that it is protected by the DMCA safe harbor provisions. UMG moved for partial summary judgment that Veoh is not entitled to protection under the 17 U.S.C. § 512(c) safe harbor because the alleged infringement did not qualify as “by reason of the storage [of material] at the direction of a user.” The district court disagreed and denied UMG’s motion. See UMG Recordings, Inc. v. Veoh Networks Inc. (UMG I), 620 F. Supp. 2d 1081, 1092 (C.D. Cal. 2008). Veoh then moved for summary judgment on the basis that it satisfied the remaining requirements of § 512(c). Judge Matz granted the motion in a careful and comprehensive decision holding that Veoh met all the § 512(c) requirements and was thus entitled to DMCA safe harbor protection. See UMG Recordings, Inc. v. Veoh Net- works Inc. (UMG II), 665 F. Supp. 2d 1099, 1118 (C.D. Cal. 2009). The parties thereafter stipulated to final judgment, which was entered on November 3, 2009.

Veoh moved for an award of costs and attorney’s fees under Federal Rule of Civil Procedure 68 and the Copyright Act, 17 U.S.C. § 505. Although the district court found that Veoh was the prevailing party “on the core issue in the litigation,” the court declined to exercise its discretion to award Veoh fees under § 505 because Veoh “failed to demonstrate that UMG’s legal challenge was improper, in bad faith, or contrary to the purposes of the Copyright Act.” Because the court concluded fees were not “properly awardable” under Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 12 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21069 § 505, it also denied Veoh fees and costs under Rule 68. Veoh does not challenge the denial of fees under § 505, but appeals the denial of Rule 68 costs and fees. UMG appeals the entry of summary judgment in Veoh’s favor and the dismissal of its complaint against the Investor Defendants.

DISCUSSION

The district court had jurisdiction over these matters under 28 U.S.C. § 1331, and we have jurisdiction over the appeals under 28 U.S.C. § 1291. We review de novo a district court’s summary judgment ruling. See Rossi v. Motion Picture Ass’n of Am. Inc., 391 F.3d 1000, 1002 (9th Cir. 2004). “Viewing the evidence in the light most favorable to the non-moving party,” the moving party has the “burden to show that there are no genuine issues of material fact,” and that it is entitled to judgment as a matter of law. Kennedy v. Allied Mut. Ins. Co., 952 F.2d 262, 265 (9th Cir. 1991). Review of a dismissal for failure to state a claim under Rule 12(b)(6) is likewise de novo. See Balistreri v. Pacifica Police Dep’t, 901 F.2d 696, 699 (9th Cir. 1990). “On a motion to dismiss, the court accepts the facts alleged in the complaint as true,” and “[d]ismissal can be based on the lack of a cognizable legal theory or the absence of sufficient facts alleged.” Id. We also review de novo the district court’s interpretation of the Copy- right Act, see Rossi, 391 F.3d at 1002-03, and of Rule 68, see Champion Produce, Inc. v. Ruby Robinson Co., 342 F.3d 1016, 1020 (9th Cir. 2003).

II.

“Difficult and controversial questions of copyright liability in the online world prompted Congress to enact Title II of the DMCA, the Online Copyright Infringement Liability Limita- tion Act (OCILLA).” Ellison v. Robertson, 357 F.3d 1072, 1076 (9th Cir. 2004). Congress recognized that “[i]n the ordi- Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 13 of 49

21070 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS nary course of their operations service providers must engage in all kinds of acts that expose them to potential copyright infringement liability.” S. Rep. No. 105-190, at 8 (1998). Although Congress was aware that the services provided by companies like Veoh are capable of being misused to facilitate copyright infringement, it was loath to permit the specter of liability to chill innovation that could also serve substantial socially beneficial functions. Congress decided that “by limiting [service providers’] liability,” it would “ensure[ ] that the efficiency of the Internet will continue to improve and that the variety and quality of services on the Internet will continue to expand.” Id. To that end, OCILLA created four safe harbors that preclude imposing monetary liability on service providers for copyright infringement that occurs as a result of specified activities. The district court concluded that Veoh qualified for one such safe harbor, under 17 U.S.C. § 512(c). UMG chal- lenges that determination and the consequent entry of summary judgment in Veoh’s favor.

[1] There are a number of requirements that must be met for a “service provider” like Veoh to receive § 512(c) safe harbor protection.4 Section 512(c) provides in relevant part:

(1) In general. — A service provider shall not be liable for monetary relief, or, except as provided in subsection (j), for injunctive or other equitable relief, for infringement of copyright by reason of the storage at the direction of a user of material that resides on a system or network controlled or operated by or for the service provider, if the service provider —

4We assume without deciding that Veoh qualifies as a “service provider” because UMG does not contend otherwise. Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 14 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21071 (A)(i) does not have actual knowledge that the material or an activity using the material on the system or network is infringing;

(ii) in the absence of such actual knowledge, is not aware of facts or circumstances from which infringing activity is apparent; or

(iii) upon obtaining such knowledge or awareness, acts expeditiously to remove, or disable access to, the material;

(B) does not receive a financial benefit directly attributable to the infringing activity, in a case in which the service provider has the right and ability to control such activity; and

(C) upon notification of claimed infringement as described in paragraph (3), responds expeditiously to remove, or disable access to, the material that is claimed to be infringing or to be the subject of infringing activity.

On appeal, UMG contends that three of these requirements were not met. First, UMG argues that the alleged infringing activities do not fall within the plain meaning of “infringement of copyright by reason of the storage [of material] at the direction of a user,” a threshold requirement under § 512(c)(1). Second, UMG argues that genuine issues of fact remain about whether Veoh had actual knowledge of infringement, or was “aware of facts or circumstances from which infringing activity [wa]s apparent” under § 512(c)(1)(A). Finally, UMG argues that it presented sufficient evidence that Veoh “receive[d] a financial benefit directly attributable to . . . infringing activity” that it had the right and ability to con- Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 15 of 49

21072 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS trol under § 512(c)(1)(B). We disagree on each count, and accordingly we affirm the district court.5

[2] We must first decide whether the functions automatically performed by Veoh’s software when a user uploads a video fall within the meaning of “by reason of the storage at the direction of a user.” 17 U.S.C. § 512(c)(1). Although UMG concedes that “[s]torage on computers involves making a copy of the underlying data,” it argues that “nothing in the ordinary definition of ‘storage’ encompasses” the automatic processes undertaken to facilitate public access to user- uploaded videos. Facilitation of access, UMG argues, goes beyond “storage.” Therefore the creation of chunked and Flash files and the streaming and downloading of videos fall outside § 512(c). UMG also contends that these automatic processes are not undertaken “at the direction of the user.”

[3] The district court concluded that UMG’s reading of § 512(c) was too narrow, wrongly requiring “that the infringing conduct be storage,” rather than be “ ‘by reason of the storage,’ ” as its terms provide. UMG I, 620 F. Supp. 2d at 1088-89 (quoting § 512(c)) (emphasis in original). We agree

5We do not address whether Veoh adopted and reasonably implemented a repeat infringer termination policy as required by § 512(i), or whether, upon notification, Veoh expeditiously removed or disabled access to infringing material under § 512(c)(1)(C). Although UMG contested those points in the district court, its only mention of them on appeal was in a footnote in its opening brief stating summarily that the district court also committed reversible error “in holding that no genuine issues of fact existed as to whether Veoh satisfied the requirements” of those provisions, but “[d]ue to space constraints, UMG focuses on errors in the District Court’s ruling concerning subsections 512(c)(1)(A) and (B).” Given that UMG presented no argument on these points, Veoh declined to address them in its answering brief. Accordingly, we will not discuss them either. See Retlaw Broad. Co. v. NLRB, 53 F.3d 1002, 1005 n.1 (9th Cir. 1995) (“Although the issue . . . is summarily mentioned in [the] opening brief, it has not been fully briefed, and we therefore decline to address it.”). Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 16 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21073 that the phrase “by reason of the storage at the direction of the user” is broader causal language than UMG contends, “clearly meant to cover more than mere electronic storage lockers.” Id. at 1088. We hold that the language and structure of the statute, as well as the legislative intent that motivated its enact- ment, clarify that § 512(c) encompasses the access-facilitating processes that automatically occur when a user uploads a video to Veoh.

[4] UMG’s argument that the district court too broadly construed the scope of § 512(c) rests in part on UMG’s contention that the DMCA’s “by reason of” language should be interpreted in the same way as similar language in the Racke- teer Influenced and Corrupt Organizations Act (RICO), 18 U.S.C. §§ 1961-1968. RICO provides that “[a]ny person injured in his business or property by reason of a violation of section 1962 of this chapter may sue therefor.” 18 U.S.C. § 1964(c). In Holmes v. Securities Investor Protection Corp., 503 U.S. 258, 268 (1992), the Supreme Court held that RICO’s “by reason of” language required proximate causation. UMG contends that we should thus read § 512(c)’s “by reason of storage” to mean that infringement must be proxi- mately caused by the storage, rather than caused by the access that the storage facilitates.

[5] Ordinarily we presume that “similar language in similar statutes should be interpreted similarly.” United States v. Sioux, 362 F.3d 1241, 1246 (9th Cir. 2004); see also North- cross v. Bd. of Educ. of Memphis City Schs., 412 U.S. 427, 428 (1973) (noting that the “similarity of language” in two statutes is an indicator that the statutes “should be interpreted pari passu,” particularly when they “share a common raison d’etre” (internal quotations omitted)). In this case, however, there are important differences between the statutes and their purposes. The reasoning underlying Holmes counsels against extending its reading to the DMCA, and the language and structure of § 512(c) compel us to conclude that it should not be interpreted in the same manner as RICO. Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 17 of 49

21074 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS The Holmes Court began its analysis by recognizing that “by reason of” “can, of course, be read to mean that . . . the defendant’s violation was a ‘but for’ cause of plaintiff’s injury.” 503 U.S. at 265-66.6 Ultimately, however, Holmes held that the “unlikelihood that Congress meant to allow all factu- ally injured plaintiffs to recover persuades us that RICO should not get such an expansive reading.” Id. at 266. Holmes explained that “[t]he key to the better interpretation lies in some statutory history,” and traced the “by reason of” language back to § 4 of the Clayton Act, which courts had long held required proximate causation. Id. at 267. Because RICO was specifically modeled on § 4, Holmes concluded that the Clayton Act’s interpretation was particularly persuasive. See id. at 267-68.

Holmes also explained that “such directness of relation- ship” between the harm and the alleged wrong is a “central element[ ]” of “Clayton Act causation” for three primary reasons, and, significantly, concluded that all three “apply with equal force to suits under [RICO].” Id. at 269-70. First, “the less direct an injury is, the more difficult it becomes to ascertain the amount of a plaintiff’s damages attributable to the violation.” Id. at 269. Second, “recognizing claims of the indirectly injured would force courts to adopt complicated rules apportioning damages among plaintiffs removed at different levels of injury from the violative acts, to obviate the risk of multiple recoveries.” Id. “And, finally, the need to grapple

6“ ‘But for’ causation is a short way of saying ‘[t]he defendant’s conduct is a cause of the event if the event would not have occurred but for that conduct.’ It is sometimes stated as ‘sine qua non’ causation, i.e., ‘without which not . . . .’ ” Boeing Co. v. Cascade Corp., 207 F.3d 1177, 1183 (9th Cir. 2000). “In determining whether a particular factor was a but-for cause of a given event, we begin by assuming that that factor was present at the time of the event, and then ask whether, even if that factor had been absent, the event nevertheless would have transpired in the same way.” Price Waterhouse v. Hopkins, 490 U.S. 228, 240 (1989) (plurality opinion), superseded in part by statute on other grounds as recognized in Raytheon Co. v. Hernandez, 540 U.S. 44 (2003). Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 18 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21075 with these problems is simply unjustified by the general interest in deterring injurious conduct, since directly injured vic- tims can generally be counted on to vindicate the law as private attorneys general, without any of the problems attendant upon suits by plaintiffs injured more remotely.” Id. at 269-70.

[6] None of these concerns applies to the DMCA, which, unlike the Clayton Act and RICO, involves a narrow affirmative defense rather than the expansion of liability. Further, unlike in Holmes, there is no indication that Congress modeled the DMCA on the Clayton Act or RICO. We are therefore doubtful that in this quite different context, Holmes’ strict reading of “by reason of” is what Congress intended.7

Our doubts are confirmed by the fact that UMG’s reading

7A number of other courts have concluded, outside the RICO and Clay- ton Act context, that “by reason of” should be read to require only “but for” rather than proximate causation. See, e.g., Gross v. FBL Fin. Servs., Inc., 129 S. Ct. 2343, 2350 (2009) (“The words ‘because of’ mean ‘by reason of: on account of.’ Thus, the ordinary meaning of the ADEA’s requirement that an employer took adverse action ‘because of’ age is that age was the ‘reason’ that the employer decided to act. To establish a disparate- treatment claim under the plain language of the ADEA, therefore, a plaintiff must prove that age was the ‘but-for’ cause of the employer’s adverse decision.” (citations omitted) (emphasis added)); Robinson Knife Mfg. Co. v. C.I.R., 600 F.3d 121, 131-32 (2d Cir. 2010) (holding that in 26 C.F.R. § 1.263A-1(e)(3)(i), the language “ ‘directly benefit or are incurred by reason of’ boils down to a but-for causation test”); Spirtas Co. v. Ins. Co. of Pa., 555 F.3d 647, 652 (8th Cir. 2009) (holding that the “language ‘by reason of having executed any bond’ is unambiguous and sets forth a simple cause-in-fact or ‘but-for’ causation test.”); New Directions Treatment Servs. v. City of Reading, 490 F.3d 293, 301 n.4 (3d Cir. 2007) (“[T]he ADA prohibits discrimination against an individual ‘by reason of such dis- ability.’ . . . [T]his language . . . clearly establishes that the . . . ADA . . . requires only but for causation.” (citations omitted)); Pacific Ins. Co. v. Eaton Vance Mgmt., 369 F.3d 584, 589 (1st Cir. 2004) (“[W]e consider the language unambiguous: ‘by reason of’ means ‘because of,’ Black’s Law Dictionary 201 (6th ed. 1990), and thus necessitates an analysis at least approximating a ‘but-for’ causation test.”). Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 19 of 49

21076 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS of the “by reason of” language would create internal statutory conflicts. By its terms, § 512(c) presupposes that service providers will provide access to users’ stored material, and we would thus contravene the statute if we held that such access disqualified Veoh from the safe harbor. Section 512(c) codi- fies a detailed notice and takedown procedure by which copyright holders inform service providers of infringing material accessible through their sites, and service providers then “disable access to” such materials. 17 U.S.C. § 512(c)(1)(A)(iii), (c)(1)(C) & (c)(3)(A)(iii) (emphasis added). This carefully considered protocol, and the statute’s attendant references to “disabl[ing] access” to infringing materials, see id., would be superfluous if we accepted UMG’s constrained reading of the statute. See Greenwood v. CompuCredit Corp., 615 F.3d 1204, 1209 (9th Cir. 2010) (“We must, if possible, interpret a statute such that all its language is given effect, and none of it is rendered superfluous.” (citing TRW Inc. v. Andrews, 534 U.S. 19, 31 (2001))). Indeed, it is not clear how copyright holders could even discover infringing materials on service providers’ sites to notify them as the protocol dictates if § 512(c) did not contemplate that there would be access to the materials.8

[7] We do not find persuasive UMG’s effort to reconcile the internal contradictions its reading of the statute creates by positing that Congress must have meant § 512(c) to protect only “web hosting” services. Web hosts “host” websites on their servers, thereby “mak[ing] storage resources available to website operators.” The thrust of UMG’s argument seems to be that web hosts do not undertake the sorts of accessibility-

8One commentator discussing the district court’s decision in this case observed that “[UMG’s] interpretation would have rendered the safe harbor a complete nullity. Virtually all [service providers] that host third- party content — ranging from website hosting companies such as GoDaddy to content companies such as MySpace, Facebook, or YouTube — host such content so that it can be shared with others over the internet.” See Edward Lee, Decoding the DMCA Safe Harbors, 32 Colum. J.L. & Arts 233, 261 (2009). Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 20 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21077 facilitating functions that Veoh does, and thus the services they perform “fit within the ordinary meaning of ‘storage,’ ” and thereby “harmoniz[e]” with the notice and takedown procedures. UMG’s theory fails to account for the reality that web hosts, like Veoh, also store user-submitted materials in order to make those materials accessible to other Internet users. The reason one has a website is so that others may view it. As amici note, these access activities define web hosting — if the web host only stored information for a single user, it would be more aptly described as an online back-up service. See Brief for Electronic Frontier Found. et al. as Amici Curiae Supporting Appellees at 15, UMG Recordings, Inc. v. Veoh Networks, Inc., No. 09-56777 (9th Cir. 2011).

[8] In addition, the technological processes involved in providing web hosting services require those service providers to make, transmit and download multiple copies of users’ stored materials. To create a website, the user uploads content to the web host’s computers, which make an initial copy. “Content may be any number of things — family photos, poems, . . . even sound clips and movies.” Preston Gralla, How The Internet Works 132 (2d ed. 1999). Then, when another Internet user wants to access the website by clicking a link or entering the URL, all the website’s relevant content is transmitted to the user’s computer, where another copy is automatically made by the user’s web browser software in order to assemble the materials for viewing and listening. See id. at 157. To carry out their function of making websites available to Internet users, web hosting services thus routinely copy content and transmit it to Internet users. See id. We cannot see how these access-facilitating processes are meaning- fully distinguishable from Veoh’s for § 512(c)(1) purposes.

Further, the language of the statute recognizes that one is unlikely to infringe a copyright by merely storing material that no one could access, and so includes activities that go beyond storage. Section 512(c)(1)(A)(i) so recognizes in stating “the material or an activity using the material . . . is Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 21 of 49

21078 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS infringing.” (Emphasis added.) Section 512(c)(1)(A)(ii) similarly addresses “infringing activity.” Section 512(c)(1)(A)(iii) also reinforces this reading by requiring the service provider “to remove, or disable access to, the material,” suggesting that if the material were still being stored by the service provider, but was inaccessible, it might well not be infringing. (Emphasis added.)

Finally, if Congress wanted to confine § 512(c) exclusively to web hosts rather than reach a wider range of service providers, we very much doubt it would have done so with the oblique “by reason of storage” language. We presume that Congress instead would have taken the more straightforward course of clarifying in the definition of “service provider” that, as it applies to § 512(c), only web hosts qualify. Indeed, Congress already gives two definitions of “service provider[s]” — one narrow definition specific to § 512(a), and one broader definition that applies to the rest of § 512.9 We therefore see no basis for adopting UMG’s novel theory that Con- gress intended § 512(c) to protect only web hosting services.10

9Section 512(k)(1)(A) provides that, “As used in subsection (a), the term ‘service provider’ means an entity offering the transmission, routing, or providing of connections for digital online communications, between or among points specified by a user, of material of the user’s choosing, without modification to the content of the material as sent or received.” By contrast, § 512(k)(1)(B) provides that, “As used in this section, other than subsection (a), the term ‘service provider’ means a provider of online services or network access, or the operator of facilities therefor, and includes an entity described in subparagraph (A).” 10We are also unpersuaded by UMG’s argument that “the District Court used one activity — ‘storage’ — to immunize other activities,” in violation of § 512(n). We certainly agree that this would be improper — § 512(n) clearly states that “[w]hether a service provider qualifies for the limitation on liability in any one of those subsections . . . shall not affect a determination of whether that service provider qualifies for the limitations on liability under any other such subsection.” But we do not under- stand Veoh to argue, or the district court to have held, that a service provider qualifying under § 512(c) necessarily also qualifies under any other safe harbor. Rather, we affirm the district court’s holding that the Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 22 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21079 OCILLA’s two “service provider” definitions also under- mine UMG’s argument that the automatic processes that make user-uploaded videos accessible are not undertaken “at the direction of the user.” The narrower definition that applies exclusively to § 512(a), which governs conduit-only functions, expressly excludes service providers that “modif[y] [ ] the content of the material as sent or received.” 17 U.S.C. § 512(k)(1)(A). Under the broader definition applying to § 512(c), by contrast, there is no limitation on the service provider’s ability to modify user-submitted material to facilitate storage and access, as Veoh’s automatic processes do. See Io Grp., Inc. v. Veoh Networks, Inc., 586 F. Supp. 2d 1132, 1147 (N.D. Cal. 2008). Had Congress intended to include such a limitation, it would have said so expressly and unambigu- ously, as it did in the narrower definition of “service provider.” See id.

[9] “Veoh has simply established a system whereby software automatically processes user-submitted content and recasts it in a format that is readily accessible to its users.” Id. at 1148. Veoh does not actively participate in or supervise file uploading, “[n]or does it preview or select the files before the upload is completed.” Id. Rather, this “automated process” for making files accessible “is initiated entirely at the volition of Veoh’s users.” Id.; see also CoStar Grp., Inc. v. Loopnet, Inc.,

“by reason of storage” language in § 512(c) itself covers the access- facilitating automatic functions Veoh’s system undertakes, without being supplemented by any other subsection. These functions are “separate and distinct,” 17 U.S.C. § 512(n), from the “transmitting, routing, or providing connections” protected under § 512(a), which addresses “[t]ransitory digital network communications” where the service provider “merely acts as a conduit for infringing material without storing, caching, or providing links to copyrighted material,” and thus “has no ability to remove the infringing material from its system or disable access to the infringing material.” In re Charter Commc’ns, Inc., Subpoena Enforcement Matter, 393 F.3d 771, 776 (8th Cir. 2005); see also Ellison, 357 F.3d at 1081 (discussing § 512(a) “conduit service provider[s]”). Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 23 of 49

21080 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 373 F.3d 544, 555 (4th Cir. 2004). We therefore hold that Veoh has satisfied the threshold requirement that the infringement be “by reason of the storage at the direction of a user of material” residing on Veoh’s system. 17 U.S.C. § 512(c)(1).

[10] Under § 512(c)(1)(A), a service provider can receive safe harbor protection only if it “(i) does not have actual knowledge that the material or an activity using the material on the system or network is infringing;” “(ii) in the absence of such actual knowledge, is not aware of facts or circumstances from which infringing activity is apparent; or” “(iii) upon obtaining such knowledge or awareness, acts expeditiously to remove, or disable access to, the material.”11 UMG has never disputed that when Veoh became aware of allegedly infringing material as a result of the RIAA’s DMCA notices, it removed the files. Rather, it argues that Veoh had knowledge or awareness of other infringing videos that it did not remove. The district court found that UMG failed to rebut Veoh’s showing “that when it did acquire knowledge of allegedly infringing material — whether from DMCA notices, informal notices, or other means — it expeditiously removed such material.” UMG II, 665 F. Supp. 2d at 1107. UMG argues on appeal that the district court erred by improperly construing the knowledge requirement to unduly restrict the circumstances in which a service provider has “actual knowledge” under subsection (i) and setting too stringent a standard for what we have termed “red flag” awareness based on facts or circumstances from which infringing activity is apparent

11We note that, to be coherent, the statute must be read to have an implicit “and” between § 512(c)(1)(A)(i) and (ii). We thus treat the provisions as stating that to qualify for the safe harbor, a service provider must either (1) have no actual knowledge and no “aware[ness] of facts or circumstances from which infringing activity is apparent” or (2) expeditiously remove or disable access to infringing material of which it knows or is aware. Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 24 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21081 under subsection (ii). We hold that the district court properly construed these requirements.

[11] It is undisputed that, until the filing of this lawsuit, UMG “had not identified to Veoh any specific infringing video available on Veoh’s system.” UMG’s decision to forgo the DMCA notice protocol “stripped it of the most powerful evidence of a service provider’s knowledge — actual notice of infringement from the copyright holder.” Corbis Corp. v. Amazon.com, Inc., 351 F. Supp. 2d 1090, 1107 (W.D. Wash. 2004) (citing 3 M. Nimmer & D. Nimmer, Nimmer on Copy- right § 12B.04(A)(3), at 12B-53 [hereinafter “Nimmer”]); see also Io Grp., 586 F. Supp. 2d at 1148. Nevertheless, UMG contends that Veoh hosted a category of copyrightable content — music — for which it had no license from any major music company. UMG argues Veoh thus must have known this content was unauthorized, given its general knowledge that its services could be used to post infringing material. UMG urges us to hold that this sufficiently demonstrates knowledge of infringement. We cannot, for several reasons.

As an initial matter, contrary to UMG’s contentions, there are many music videos that could in fact legally appear on Veoh. “Among the types of videos subject to copyright protection but lawfully available on Veoh’s system were videos with music created by users and videos that Veoh provided pursuant to arrangements it reached with major copyright holders, such as SonyBMG.” UMG II, 665 F. Supp. 2d at 1109. Further, Congress’ express intention that the DMCA “facilitate making available quickly and conveniently via the Internet . . . movies, music, software, and literary works” — precisely the service Veoh provides — makes us skeptical that UMG’s narrow interpretation of § 512(c) is plausible. S. Rep. No. 105-190, at 8. Finally, if merely hosting material that falls within a category of content capable of copyright protection, with the general knowledge that one’s services Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 25 of 49

21082 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS could be used to share unauthorized copies of copyrighted material, was sufficient to impute knowledge to service providers, the § 512(c) safe harbor would be rendered a dead let- ter: § 512(c) applies only to claims of copyright infringement, yet the fact that a service provider’s website contained copyrightable material would remove the service provider from § 512(c) eligibility.

[12] Cases analyzing knowledge in the secondary copyright infringement context also counsel against UMG’s general knowledge approach. In Sony Corp. of America v. Universal City Studios, Inc., 464 U.S. 417 (1984), the Supreme Court held that there was “no precedent in the law of copyright for the imposition of” liability based on the theory that the defendant had “sold equipment with constructive knowledge of the fact that their customers may use that equipment to make unauthorized copies of copyrighted material.” Id. at 439. So long as the product was “capable of substantial noninfringing uses,” the Court refused to impute knowledge of infringement. Id. at 442. Applying Sony to the Internet context, we held in A&M Records, Inc. v. Napster, Inc., 239 F.3d 1004 (9th Cir. 2001), that “if a computer system operator learns of specific infringing material available on his system and fails to purge such material from the system, the operator knows of and contributes to direct infringement.” Id. at 1021. But “absent any specific information which identifies infringing activity, a computer system operator cannot be liable for contributory infringement merely because the structure of the system allows for the exchange of copyrighted material.” Id.

Requiring specific knowledge of particular infringing activity makes good sense in the context of the DMCA, which Congress enacted to foster cooperation among copyright holders and service providers in dealing with infringement on the Internet. See S. Rep. No. 105-190, at 20 (noting OCILLA was intended to provide “strong incentives for service providers and copyright owners to cooperate to detect and deal with copyright infringements”); H.R. Rep. No. 105-551, pt. 2, at 49 Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 26 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21083 (1998) (same). Copyright holders know precisely what materials they own, and are thus better able to efficiently identify infringing copies than service providers like Veoh, who cannot readily ascertain what material is copyrighted and what is not. See S. Rep. No. 105-190, at 48; (“[A] [service] provider could not be expected, during the course of its brief cataloguing visit, to determine whether [a] photograph was still protected by copyright or was in the public domain; if the photograph was still protected by copyright, whether the use was licensed; and if the use was not licensed, whether it was permitted under the fair use doctrine.”); H.R. Rep. No. 105- 551, pt. 2, at 57-58 (same).

These considerations are reflected in Congress’ decision to enact a notice and takedown protocol encouraging copyright holders to identify specific infringing material to service providers. They are also evidenced in the “exclusionary rule” that prohibits consideration of substantially deficient § 512(c)(3)(A) notices for purposes of “determining whether a service provider has actual knowledge or is aware of facts and circumstances from which infringing activity is apparent.” 17 U.S.C. § 512(c)(3)(B)(i); see also H.R. Rep. No. 105- 551, pt. 2, at 56 (explaining this provision); Nimmer § 12B.04(B)(4)(c) (“[T]he copyright owner bears the burden of demonstrating knowledge independently of the failed notification.”). Congress’ intention is further reflected in the DMCA’s direct statement that “[n]othing in this section shall be construed to condition the applicability of subsections (a) through (d) on . . . a service provider monitoring its service or affirmatively seeking facts indicating infringing activity.” 17 U.S.C. § 512(m).12 Congress made a considered policy

12We are not persuaded by UMG’s argument that § 512(m)’s title, “Pro- tection of privacy,” should cause us to read the provision differently. “Headings and titles are not meant to take the place of the detailed provisions of the text.” Greenwood, 615 F.3d at 1212 (quoting Bhd. of R.R. Trainmen v. Balt. & Ohio R.R., Co., 331 U.S. 519, 528-29 (1947)) (internal quotation marks and alteration omitted). Even if privacy was the impe- Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 27 of 49

21084 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS determination that the “DMCA notification procedures [would] place the burden of policing copyright infringement — identifying the potentially infringing material and adequately documenting infringement — squarely on the owners of the copyright.” Perfect 10, Inc. v. CCBill LLC, 488 F.3d 1102, 1113 (9th Cir. 2007). In parsing § 512(c)(3), we have “decline[d] to shift [that] substantial burden from the copyright owner to the provider.” Id.

[13] UMG asks us to change course with regard to § 512(c)(1)(A) by adopting a broad conception of the knowledge requirement. We see no principled basis for doing so. We therefore hold that merely hosting a category of copyrightable content, such as music videos, with the general knowledge that one’s services could be used to share infringing material, is insufficient to meet the actual knowledge requirement under § 512(c)(1)(A)(i).

[14] We reach the same conclusion with regard to the § 512(c)(1)(A)(ii) inquiry into whether a service provider is “aware of facts or circumstances from which infringing activity is apparent.” The district court’s conception of this “red flag test” properly followed our analysis in CCBill, which reiterated that the burden remains with the copyright holder rather than the service provider. See id. at 1114. The plaintiffs in CCBill argued that there were a number of red flags that made it apparent infringing activity was afoot, noting that the defendant hosted sites with names such as “illegal.net” and “stolencelebritypics.com,” as well as password hacking websites, which obviously infringe. See id. We disagreed that these were sufficient red flags because “[w]e do not place the

tus for this subsection, nothing in § 512(m) suggests that this should limit its application. As the district court noted, the statute’s text “could hardly be more straightforward,” UMG II, 665 F. Supp. 2d at 1113 n.17, and “where the plain text of the statute is unambiguous, ‘the heading of a section cannot limit the plain meaning of the text,’ ” Greenwood, 615 F.3d at 1212 (quoting Bhd. of R.R. Trainmen, 331 U.S. at 528-29). Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 28 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21085 burden of determining whether [materials] are actually illegal on a service provider,” and “[w]e impose no such investigative duties on service providers.” Id. For the same reasons, we hold that Veoh’s general knowledge that it hosted copyrightable material and that its services could be used for infringement is insufficient to constitute a red flag.

We are not persuaded that UMG’s other purported evidence of Veoh’s actual or apparent knowledge of infringement war- rants trial. First, UMG points to the tagging of videos on Veoh’s service as “music videos.” Relying on the theory rejected above, UMG contends that this demonstrates Veoh’s knowledge that it hosted a category of infringing content. Relatedly, UMG argues that Veoh’s purchase of certain search terms through the Google AdWords program demonstrates knowledge of infringing activity because some of the terms purchased, such as “50 Cent,” “Avril Lavigne” and “Britney Spears,” are the names of UMG artists. However, artists are not always in exclusive relationships with recording companies, so just because UMG owns the copyrights for some Britney Spears songs does not mean it owns the copyright for all Britney Spears songs. Indeed, 50 Cent, Avril Lavigne and Britney Spears are also affiliated with Sony- BMG, which gave Veoh permission to stream its videos by these artists. Furthermore, even if Veoh had not had such permission, we recognize that companies sometimes purchase search terms they believe will lead potential customers to their websites even if the terms do not describe goods or services the company actually provides. For example, a sunglass company might buy the search terms “sunscreen” or “vaca- tion” because it believed that people interested in such searches would often also be interested in sunglasses. Accord- ingly, Veoh’s search term purchases do little to demonstrate that it knew it hosted infringing material.

UMG also argues that Veoh’s removal of unauthorized content identified in RIAA notices demonstrates knowledge, Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 29 of 49

21086 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS even if Veoh complied with § 512(c)’s notice and takedown procedures. According to UMG, Veoh should have taken the initiative to use search and indexing tools to locate and remove from its website any other content by the artists identified in the notices. Relatedly, UMG argues that some of the videos on Veoh that had been pulled from MTV or other broadcast television stations bore information about the artist, song title and record label. UMG contends that Veoh should have used this information to find and remove unauthorized videos. As we have explained, however, to so require would conflict with § 512(m), § 512(c)(1)(C) and CCBill’s refusal to “impose . . . investigative duties on service providers.” 488 F.3d at 1114. It could also result in removal of noninfringing content.

UMG also points to news articles discussing the availability of copyrighted materials on Veoh. One article reported that “several major media companies . . . say that Veoh.com has been among the least aggressive video sharing sites in fight- ing copyrighted content,” and has thus “become a haven for pirated content.” Brad Stone, Veoh’s Vexing Visitor Numbers, N.Y. Times Bits Blog (July 15, 2007, 9:35 AM), http://bits.blogs.nytimes.com/2007/07/15/veohs-vexing- visitor-numbers/. Another article reported that,

Veoh Networks CEO Dmitry Shapiro acknowledges that only a week after the company’s official debut, Veoh.com is host to a wide range of unauthorized and full-length copies of popular programs. But Sha- piro says it’s not his upstart company’s fault: . . . “We have a policy that specifically states that when we see copyright material posted, we take it down,” Shapiro said. “This problem is the democratization of publishing. Anyone can now post a video to the Internet. Sometimes the material belongs to someone else. We take this very seriously.”

Greg Sandoval, A new copyright battlefield: Veoh Networks, CNET News (Feb. 21, 2007, 4:00 AM), http://news.cnet.com/ Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 30 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21087 A-new-copyright-battlefield-Veoh-Networks/2100-1026_3- 6160860.html. UMG elicited deposition testimony from Sha- piro that he had heard of these articles, and was aware that, “from time to time,” “material belonging to someone else end[ed] up on” Veoh. UMG argues that this evidence of knowledge that, as a general matter, unauthorized materials had been previously posted on Veoh is sufficient to meet the § 512(c)(1)(A) requirements.

At base, this argument relies on UMG’s primary theory, which we rejected above. Here, as well, more specific information than UMG has adduced is required. The DMCA’s detailed notice and takedown procedure assumes that, “from time to time,” “material belonging to someone else ends up” on service providers’ websites, and establishes a process for ensuring the prompt removal of such unauthorized material. If Veoh’s CEO’s acknowledgment of this general problem and awareness of news reports discussing it was enough to remove a service provider from DMCA safe harbor eligibility, the notice and takedown procedures would make little sense and the safe harbors would be effectively nullified. We cannot conclude that Congress intended such a result, and we therefore hold that this evidence is insufficient to warrant a trial.

UMG comes closer to meeting the § 512(c)(1)(A) requirements with its evidence of emails sent to Veoh executives and investors by copyright holders and users identifying infringing content. One email, sent by the CEO of Disney, a major copyright holder, to Michael Eisner, a Veoh investor, stated that the movie Cinderella III and various episodes from the television show Lost were available on Veoh without Dis- ney’s authorization. If this notification had come from a third party, such as a Veoh user, rather than from a copyright holder, it might meet the red flag test because it specified particular infringing material.13 As a copyright holder, however,

13Of course, even then it would not be obvious how Veoh’s awareness of apparent infringement of Disney’s copyrights over movies and television shows would advance UMG’s claims that Veoh hosted unauthorized UMG music videos. Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 31 of 49

21088 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS Disney is subject to the notification requirements in § 512(c)(3), which this informal email failed to meet. Accord- ingly, this deficient notice “shall not be considered under paragraph (1)(A) in determining whether a service provider has actual knowledge or is aware of facts or circumstances from which infringing activity is apparent.” 17 U.S.C. § 512(c)(3)(B)(i). Further, even if this email could have created actual knowledge or qualified as a red flag, Eisner’s email in response assured Disney that he would instruct Veoh to “take it down,” and Eisner copied Veoh’s founder to ensure this happened “right away.” UMG nowhere alleges that the offending material was not immediately removed, and accordingly Veoh would be saved by § 512(c)(1)(A)(iii), which pre- serves the safe harbor for service providers with such knowledge so long as they “act[ ] expeditiously to remove, or disable access to, the material.”

UMG also points to an email from a Veoh user whose video was rejected for containing infringing content. Upset that Veoh would not post his unauthorized material, he stated that he had seen “plenty of [other] copyright infringement material” on the site, and identified another user who he said posted infringing content. It is possible that this email would be sufficient to constitute a red flag under § 512(c)(1)(A)(ii), even though it would not qualify as sufficient notice from a copyright holder under § 512(c)(3). But even assuming that is so, UMG has not specifically alleged that Veoh failed to expeditiously remove the infringing content identified by the user’s email, or that the content at issue was owned by UMG. Accordingly, this too fails to create a genuine issue of material fact regarding Veoh’s knowledge of infringement.14

14We do not credit UMG’s contention that the district court conflated the actual knowledge and red flag awareness tests. A user email informing Veoh of infringing material and specifying its location provides a good example of the distinction. Although the user’s allegations would not give Veoh actual knowledge under § 512(c)(1)(A)(i), because Veoh would have no assurance that a third party who does not hold the copyright in question could know whether the material was infringing, the email could act as a red flag under § 512(c)(1)(A)(ii) provided its information was sufficiently specific. Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 32 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21089 C.

[15] A service provider is eligible for the § 512(c) safe harbor only if it “does not receive a financial benefit directly attributable to the infringing activity, in a case in which the service provider has the right and ability to control such activity.” 17 U.S.C. § 512(c)(1)(B). UMG appeals the district court’s determination that Veoh did not have the necessary right and ability to control infringing activity and thus remained eligible for safe harbor protection. We conclude the district court was correct, and therefore affirm.15

“Statutory interpretation begins with the language of the statute.” Children’s Hosp. & Health Ctr. v. Belshe, 188 F.3d 1090, 1096 (9th Cir. 1999). When terms are not defined within a statute, they are accorded their plain and ordinary meaning, which can be deduced through reference sources such as general usage dictionaries. See Bilski v. Kappos, 130 S. Ct. 3218, 3226 (2010). “[S]tatutory language must always be read in its proper context,” McCarthy v. Bronson, 500 U.S. 136, 139 (1991), and “[i]n determining the meaning of the statute, we look not only to the particular statutory language, but to the design of the statute as a whole and to its object and policy,” Crandon v. United States, 494 U.S. 152, 158 (1990). We must, if possible, interpret a statute such that all its language is given effect, and none of it is rendered superfluous. See TRW Inc. v. Andrews, 534 U.S. 19, 31 (2001).

[16] Whether Veoh had the requisite “ability to control” the infringing activity at issue depends on what the statute means by that phrase, which the statute does not define. Look- ing first to the dictionary, “ability” is defined as “the quality or state of being able: physical, mental, or legal power to perform: competence in doing”; and “able” is in turn defined as “possessed of needed powers (as intelligence or strength) or

15We need not consider whether Veoh received “a financial benefit directly attributable to the infringing activity.” Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 33 of 49

21090 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS of needed resources (as means or influence) to accomplish an objective . . . : constituted or situated so as to be susceptible or readily subjected to some action or treatment.” Webster’s Third New International Dictionary 3, 4 (2002). “Control” is defined as having the “power or authority to guide or manage: directing or restraining domination.” Id. at 496. Where, as here, it is a practical impossibility for Veoh to ensure that no infringing material is ever uploaded to its site, or to remove unauthorized material that has not yet been identified to Veoh as infringing, we do not believe that Veoh can properly be said to possess the “needed powers . . . or needed resources” to be “competen[t] in” exercising the sort of “restraining domination” that § 512(c)(1)(B) requires for denying safe harbor eligibility.

As discussed, in the knowledge context it is not enough for a service provider to know as a general matter that users are capable of posting unauthorized content; more specific knowledge is required. Similarly, a service provider may, as a general matter, have the legal right and necessary technology to remove infringing content, but until it becomes aware of specific unauthorized material, it cannot exercise its “power or authority” over the specific infringing item. In practical terms, it does not have the kind of ability to control infringing activity the statute contemplates. See Viacom Int’l Inc. v. YouTube, Inc., 718 F. Supp. 2d 514, 527 (S.D.N.Y. 2010) (“[T]he provider must know of the particular case before he can control it.” (emphasis added)); cf. Perfect 10, Inc. v. Amazon.com, Inc., 508 F.3d 1146, 1174 (9th Cir. 2007) (“Google’s supervisory power is limited because Google’s software lacks the ability to analyze every image on the [I]nternet, compare each image to all the other copyrighted images that exist in the world . . . and determine whether a certain image on the web infringes someone’s copyright.” (alterations in original) (internal quotation marks omitted)).

Our reading of § 512(c)(1)(B) is informed and reinforced by our concern that the statute would be internally inconsis- Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 34 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21091 tent were we to interpret the “right and ability to control” language as UMG urges. First, § 512(m) cuts against holding that Veoh’s general knowledge that infringing material could be uploaded to its site triggered an obligation to “police” its services to the “fullest extent” possible. As we have explained, § 512(m) provides that § 512(c)’s safe harbor protection may not be conditioned on “a service provider monitoring its service or affirmatively seeking facts indicating infringing activity.” UMG’s reading of the “right and ability to control” language would similarly run afoul of CCBill, 488 F.3d at 1113-14, which likewise clarified that § 512(c) “impose[s] no such investigative duties on service providers,” and “place[s] the burden of policing copyright infringement . . . squarely on the owners of the copyright.” We are not persuaded by UMG’s suggestion that Congress meant this limitation on the duty to monitor to apply only to service providers who do not receive a direct financial benefit under subsection (B). Rather, we conclude that a service provider must be aware of specific infringing material to have the ability to control that infringing activity within the meaning of § 512(c)(1)(B). Only then would its failure to exercise its ability to control deny it a safe harbor.

Second, § 512(c) actually presumes that service providers have the sort of control that UMG argues satisfies the § 512(c)(1)(B) “right and ability to control” requirement: they must “remove[ ] or disable access to” infringing material when they become aware of it. 17 U.S.C. § 512(c)(1)(A)(iii) & (C). Quoting Napster, 239 F.3d at 1024, UMG argues that service providers have “the right and ability to control” infringing activity, § 512(c)(1)(B), as long as they have “the ability to locate infringing material” and “terminate users’ access.” Under that reading, service providers would have the “right and ability to control” infringing activity regardless of their becoming “aware of” the material. Under that interpretation, the prerequisite to § 512(c) protection under § 512(c)(1)(A)(iii) and (C), would at the same time be a dis- qualifier under § 512(c)(1)(B). We agree with Judge Matz that Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 35 of 49

21092 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS “Congress could not have intended for courts to hold that a service provider loses immunity under the safe harbor provision of the DMCA because it engages in acts that are specifically required by the DMCA.” UMG II, 665 F. Supp. 2d at 1113 (quoting Hendrickson v. eBay, Inc., 165 F. Supp. 2d 1082, 1093-94 (C.D. Cal. 2001)) (internal quotation marks omitted); see also Io Grp., Inc. v. Veoh Networks, Inc., 586 F. Supp. 2d 1132, 1151 (N.D. Cal. 2008) (same); Lee, supra, 32 Colum. J.L. & Arts at 247 (“A[ ] [service provider’s] ability to remove materials posted by third parties does not satisfy the ‘right and ability to control’ prong, because such power is necessary for a[ ] [service provider] to satisfy the basic requirement of ‘takedown’ under the DMCA.”).16

[17] Accordingly, we hold that the “right and ability to control” under § 512(c) requires control over specific infringing activity the provider knows about. A service provider’s general right and ability to remove materials from its services is, alone, insufficient. Of course, a service provider cannot willfully bury its head in the sand to avoid obtaining such specific knowledge. Viewing the evidence in the light most

16Most courts that have confronted this question have likewise declined to assume that Congress created this Catch-22. See, e.g., Perfect 10 v. Cybernet Ventures, Inc., 213 F. Supp. 2d 1146, 1181 (C.D. Cal. 2002) (“[C]losing the safe harbor based on the mere ability to exclude users from the system is inconsistent with the statutory scheme.”); eBay, 165 F. Supp. 2d at 1093 (“[T]he ‘right and ability to control’ the infringing activity, as the concept is used in the DMCA, cannot simply mean the ability of a service provider to remove or block access to materials posted on its website or stored in its system. To hold otherwise would defeat the purpose of the DMCA and render the statute internally inconsistent.”); CoStar Grp. Inc. v. LoopNet, Inc., 164 F. Supp. 2d 688, 702 (D. Md. 2001) (“It would be inconsistent . . . if in order to get into the safe harbor, the provider needed to lack the control to remove or block access.”), aff’d, 373 F.3d 544 (4th Cir. 2004); see also Lee, supra, 32 Colum. J.L. & Arts at 239, 247-48 & nn.59-65 (noting that “most courts have interpreted the ‘right and ability to control such activity’ portion of Section 512(c)(1)(B), as being narrower than the analogous standard under vicarious liability,” and collect- ing cases). Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 36 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21093 favorable to UMG, as we must here, we agree with the district court there is no evidence that Veoh acted in such a manner. Rather, the evidence demonstrates that Veoh promptly removed infringing material when it became aware of specific instances of infringement. Although the parties agree, in retro- spect, that at times there was infringing material available on Veoh’s services, the DMCA recognizes that service providers who are not able to locate and remove infringing materials they do not specifically know of should not suffer the loss of safe harbor protection.

UMG seeks to avoid our reading of the statute’s plain language and structure by arguing that we should instead interpret § 512(c) as we read similar language in the common law vicarious liability context in Napster, 239 F.3d at 1024. We are unpersuaded for several reasons, and conclude instead, as previously discussed, that whereas the vicarious liability standard applied in Napster can be met by merely having the general ability to locate infringing material and terminate users’ access, see Napster, 239 F.3d at 1024, § 512(c) requires “something more,” Cybernet Ventures, 213 F. Supp. 2d at 1181 (internal quotation marks omitted).

First, § 512(c) nowhere mentions the term “vicarious liability.” Although it uses a set of words that has sometimes been used to describe common law vicarious liability, the language used in the common law standard is loose and has varied. For example, Metro-Goldwyn-Mayer Studios Inc. v. Grokster, Ltd., 545 U.S. 913, 930 n.9 (2005), refers to “supervis[ing] the direct infringer” rather than “control[ing] such [infringing] activity,” § 512(c)(1)(B), and “supervise” and “control” are different in potentially significant ways. “Control,” which we have noted means having the “power or authority to guide or manage: directing or restraining domination,” involves more command than “supervise,” which means “to look over, inspect, oversee.” Webster’s Third New International Dictio- nary 496, 2296. Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 37 of 49

21094 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS Second, Napster was decided after the DMCA was enacted, so Congress could not have intended to codify Napster’s pre- cise application upon which UMG relies. Third, although not definitive, the legislative history informs our conclusion that Congress did not intend to exclude from § 512(c)’s safe harbor all service providers who would be vicariously liable for their users’ infringing activity under the common law. The legislative history did, at one point, suggest an intention to codify the “right and ability to control” element of vicarious infringement, and § 512(c)(1)(B) was not modified following that report.17 That report, however, referred to a version of the bill different from the one ultimately passed, and the discussion of vicarious liability is omitted from all later reports and, notably, from the statutory language. See H.R. Rep. No. 105- 551, pt. 2, at 54; S. Rep. No. 105-190, at 44-45; H.R. Conf. Rep. No. 105-796, at 64 (1998), reprinted in 1998 U.S.C.C.A.N. 639, 649.

Subsequent legislative statements help clarify Congress’ intent. First, Congress explicitly stated in three different reports that the DMCA was intended to “protect qualifying service providers from liability for all monetary relief for direct, vicarious and contributory infringement.” H.R. Conf. Rep. No. 105-796, at 64, 1998 U.S.C.C.A.N. at 649 (emphasis added); S. Rep. No. 105-190, at 18, 36; H.R. Rep. No. 105- 551, pt. 2, at 50. Under UMG’s interpretation, however, every service provider subject to vicarious liability would be automatically excluded from safe harbor protection. Second, Con- gress made clear that it intended to provide safe harbor protection not by altering the common law vicarious liability standards, but rather by carving out permanent safe harbors to that liability for Internet service providers even while the

17“The financial benefit standard in subparagraph (B) is intended to codify and clarify the direct financial benefit element of vicarious liability . . . . The ‘right and ability to control’ language in Subparagraph (B) codi- fies the second element of vicarious liability.” H.R. Rep. No. 105-551, pt. 1, at 25-26. Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 38 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21095 common law standards continue to evolve. See S. Rep. No. 105-190, at 17 (“There have been several cases relevant to service provider liability for copyright infringement. Most have approached the issue from the standpoint of contributory and vicarious liability. Rather than embarking upon a wholesale clarification of these doctrines, the Committee decided to leave current law in its evolving state and, instead, to create a series of ‘safe harbors,’ for certain common activities of service providers. A service provider which qualifies for a safe harbor, receives the benefit of limited liability.” (footnote omitted)).

Given Congress’ explicit intention to protect qualifying service providers who would otherwise be subject to vicarious liability, it would be puzzling for Congress to make § 512(c) entirely coextensive with the vicarious liability requirements, which would effectively exclude all vicarious liability claims from the § 512(c) safe harbor. See, e.g., Lee, supra, 32 Colum. J.L. & Arts at 236-37 (acknowledging that interpret- ing the DMCA to exclude service providers subject to vicarious liability would “undo the benefits of the safe harbors altogether” (quoting Mark A. Lemley, Rationalizing Internet Safe Harbors, 6 J. Telecomm. & High Tech. L. 101, 104 (2007)) (internal quotation marks omitted)). In addition, it is difficult to envision, from a policy perspective, why Congress would have chosen to exclude vicarious infringement from the safe harbors, but retain protection for contributory infringement. It is not apparent why the former might be seen as somehow worse than the latter. See id. at 243-44.

Furthermore, if Congress had intended that the § 512(c)(1)(B) “right and ability to control” requirement be coextensive with vicarious liability law, the statute could have accomplished that result in a more direct manner.

It is conceivable that Congress [would have] intended that [service providers] which receive a financial benefit directly attributable to the infring- Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 39 of 49

21096 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS ing activity would not, under any circumstances, be able to qualify for the subsection (c) safe harbor. But if that was indeed their intention, it would have been far simpler and much more straightforward to simply say as much. The Court does not accept that Con- gress would express its desire to do so by creating a confusing, self-contradictory catch-22 situation that pits 512(c)(1)(B) and 512(c)(1)(C) directly at odds with one another, particularly when there is a much simpler explanation: the DMCA requires more than the mere ability to delete and block access to infringing material after that material has been posted in order for the [service provider] to be said to have “the right and ability to control such activity.”

Ellison v. Robertson, 189 F. Supp. 2d 1051, 1061 (C.D. Cal. 2002), aff’d in part and rev’d in part on different grounds, 357 F.3d 1072 (9th Cir. 2004). Indeed, in the anti- circumvention provision in Title I of the DMCA, which was enacted at the same time as the § 512 safe harbors, Congress explicitly stated, “Nothing in this section shall enlarge or diminish vicarious or contributory liability for copyright infringement in connection with any technology, product, service, device, component, or part thereof.” 17 U.S.C. § 1201(c)(2). “If Congress had intended to exclude vicarious liability from the DMCA [Title II] safe harbors, it would have done so expressly as it did in Title I of the DMCA.” Lee, supra, 32 Colum. J.L. & Arts at 242.

[18] In light of the DMCA’s language, structure, purpose and legislative history, we are compelled to reject UMG’s argument that the district court should have employed Nap- ster’s vicarious liability standard to evaluate whether Veoh had sufficient “right and ability to control” infringing activity under § 512(c). Although in some cases service providers subject to vicarious liability will be excluded from the § 512(c) safe harbor, in others they will not. Because we conclude that Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 40 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21097 Veoh met all the § 512(c) requirements, we affirm the entry of summary judgment in its favor.

III.

[19] UMG also appeals the district court’s Rule 12(b)(6) dismissal of its complaint against the Investor Defendants for vicarious infringement, contributory infringement and inducement of infringement. It is well-established that “[s]econdary liability for copyright infringement does not exist in the absence of direct infringement . . . .” Napster, 239 F.3d at 1013 n.2. UMG argues, however, that even if summary judgment was properly granted to Veoh on the basis of the DMCA safe harbor, as we have held it was, “the [Investor] Defen- dants remain potentially liable for their related indirect infringement” because the district court did not “make a finding regarding Veoh’s direct infringement,” and the Investor Defendants do not qualify as “service providers” who can receive DMCA safe harbor protection. The Investor Defen- dants argue that it would be illogical to impose greater liability on them than on Veoh itself. Although we agree that this would create an anomalous result, we assume without deciding that the suit against the Investor Defendants can properly proceed even though Veoh is protected from monetary liability by the DMCA.18 Reaching the merits of UMG’s secondary

18In Perfect 10, Inc. v. Visa International Service Ass’n, 494 F.3d 788 (9th Cir. 2007), we commented on a similar circumstance. There, the plaintiff sought secondary liability against a credit card company that had processed payments for websites that posted infringing materials. Visa observed that, The result, under Perfect 10’s theories, would therefore be that a service provider with actual knowledge of infringement and the actual ability to remove the infringing material, but which has not received a statutorily compliant notice, is entitled to a safe harbor from liability, while credit card companies with actual knowledge but without the actual ability to remove infringing material, would benefit from no safe harbor. We recognize that the DMCA was not intended to displace the development of secondary liabil- Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 41 of 49

21098 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS liability arguments, we hold that the district court properly dismissed the complaint.

[20] UMG first alleges that the Investor Defendants are liable for contributory infringement. “[O]ne who, with knowledge of the infringing activity, induces, causes or materially contributes to the infringing conduct of another, may be held liable as a ‘contributory’ infringer.” Fonovisa, Inc. v. Cherry Auction, Inc., 76 F.3d 259, 264 (9th Cir. 1996) (quoting Gershwin Publ’g Corp. v. Columbia Artists Mgmt., Inc., 443 F.2d 1159, 1162 (2d Cir. 1971)) (alteration in original) (internal quotation marks omitted); see also Grokster, 545 U.S. at 930 (“One infringes contributorily by intentionally inducing or encouraging direct infringement.”). In Fonovisa, 76 F.3d at 264, we established the “site and facilities” test: “providing the site and facilities for known infringing activity is sufficient to establish contributory liability” where the defendant “actively strives to provide the environment and the market for counterfeit . . . sales to thrive.” The district court concluded this test was not met, dismissing the complaint because UMG did “not allege sufficiently that [the Investor Defen- dants] gave material assistance in helping Veoh or its users accomplish infringement.” We agree.

ity in the courts; rather, we simply take note of the anomalous result Perfect 10 seeks. Id. at 795 n.4. We remain concerned about the possibility of imposing secondary liability on tangentially involved parties, like Visa and the Investor Defendants, while those accused of direct infringement receive safe harbor protection. “[B]y limiting the liability of service providers,” the DMCA sought to assuage any “hesitat[ion] to make the necessary investment in the expansion of the speed and capacity of the Internet.” S. Rep. No. 105- 190, at 7. Congress was no doubt well aware that service providers can make the desired investment only if they receive funding from investors like the Investor Defendants. Although we do not decide the matter today, were we to hold that Veoh was protected, but its investors were not, investors might hesitate to provide the necessary funding to companies like Veoh, and Congress’ purpose in passing the DMCA would be under- mined. Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 42 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21099 UMG acknowledges that funding alone cannot satisfy the material assistance requirement. It thus argues that the Inves- tor Defendants “provided Veoh’s necessary funding and directed its spending” on “basic operations including . . . hardware, software, and employees” — “elements” UMG argues “form ‘the site and facilities’ for Veoh’s direct infringement.” UMG thus attempts to liken its case to UMG Recordings, Inc. v. Bertelsmann AG et al., 222 F.R.D. 408 (N.D. Cal. 2004), where the district court denied an investor’s motion to dismiss claims of contributory infringement. In Bertelsmann, however, the investor was Napster’s “only available source of funding,” and thus “held significant power and control over Napster’s operations.” Id. at 412. Here, by contrast, there were multiple investors, and none of the Inves- tor Defendants could individually control Veoh. Accordingly, UMG hinges its novel theory of secondary liability on the contention that the three Investor Defendants together took control of Veoh’s operations by “obtain[ing] three of the five seats on Veoh’s Board of Directors,” and effectively provided the “site and facilities” for direct infringement by wielding their majority power to direct spending.

Even assuming that such joint control, not typically an element of contributory infringement, could satisfy Fonovisa’s site and facilities requirement, UMG’s argument fails on its own terms, because the complaint nowhere alleged that the Investor Defendants agreed to work in concert to this end. UMG suggests that it “did allege that the [Investor] Defen- dants agreed to ‘operate’ Veoh jointly — UMG alleged that the [Investor] Defendants operated Veoh by ‘s[eeking] and obtain[ing] seats on Veoh’s Board of Directors as a condition of their investments.’ ” But three investors individually acquiring one seat apiece is not the same as agreeing to operate as a unified entity to obtain and leverage majority control. Unless the three independent investors were on some level working in concert, then none of them actually had sufficient control over the Board to direct Veoh in the way UMG contends. This missing allegation is critical because finding sec- Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 43 of 49

21100 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS ondary liability without it would allow plaintiffs to sue any collection of directors making up 51 percent of the board on the theory that they constitute a majority, and therefore together they control the company. Without this lynchpin allegation, UMG’s claim that the Investor Defendants had sufficient control over Veoh to direct its spending and operations in a manner that might theoretically satisfy the “site and facilities” test falls apart. We therefore affirm the dismissal of UMG’s contributory infringement claim.

This missing allegation likewise requires us to affirm the district court’s dismissal of UMG’s vicarious liability and inducement of infringement claims. Inducement liability is proper where “one [ ] distributes a device with the object of promoting its use to infringe copyright, as shown by clear expression or other affirmative steps taken to foster infringement.” Grokster, 545 U.S. at 936-37. Vicarious liability is warranted if “the defendant profits directly from the infringement and has a right and ability to supervise the direct infringer.” Grokster, 545 U.S. at 930 n.9; see also Visa, 494 F.3d at 802. UMG’s arguments that the Investor Defendants “distribute[d]” Veoh’s services and had the right and ability to supervise the infringing users are premised on the unalleged contention that the Investor Defendants agreed to act in concert, and thus together they held a majority of seats on the Board and “maintained operational control over the company.” We therefore affirm the dismissal of the complaint against the Investor Defendants.19

19Although the district court did not reach the right and ability to supervise prong in its vicarious liability analysis, resting instead on its determination that the Investor Defendants did not profit directly from the infringement, we may affirm a district court’s dismissal for failure to state a claim “on any basis fairly supported by the record.” Corrie v. Caterpil- lar, Inc., 503 F.3d 974, 979 (9th Cir. 2007). Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 44 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21101 IV.

Veoh appeals the district court’s refusal to grant it costs and attorney’s fees under Federal Rule of Civil Procedure 68. “Under Rule 68, if a plaintiff rejects a defendant’s offer of judgment, and the judgment finally obtained by plaintiff is not more favorable than the offer, the plaintiff must pay the costs incurred subsequent to the offer.” United States v. Trident Seafoods Corp., 92 F.3d 855, 859 (9th Cir. 1996).20 “Rule 68 is designed to ‘require plaintiffs to think very hard about whether continued litigation is worthwhile,’ ” and compensate defendants for costs they ought not have had to incur. Cham- pion Produce, Inc. v. Ruby Robinson Co., 342 F.3d 1016, 1032 (9th Cir. 2003) (quoting Marek v. Chesny, 473 U.S. 1, 11 (1985)). In October 2008, Veoh offered UMG $100,000 to settle this lawsuit, pursuant to the procedures set forth in Rule 68. UMG declined the offer and ultimately failed to win any monetary relief. After the district court ruled that Veoh was entitled to § 512(c) protection, the parties requested the entry of judgment and stipulated that Veoh “agree[d] to continue to disable access to the Allegedly Infringing Video Files and to continue to use hash filtering to prevent [infringing] video files . . . from being accessed by users,” and UMG “agree[d] that, even if it were to prevail on its remaining claims against Veoh . . . , it is entitled to no further relief.”

[21] Veoh contends that it was entitled to receive Rule 68 costs incurred from the time of its October 2008 settlement offer. It argues these costs should include attorney’s fees because Marek, 473 U.S. at 9, held that, “where the underlying statute defines ‘costs’ to include attorney’s fees, . . . such

20Rule 68 provides, in relevant part: “ [A] party defending against a claim may serve upon an opposing party an offer to allow judgment on specified terms, with costs then accrued. . . . If the judgment that the offeree finally obtains is not more favorable than the unaccepted offer, the offeree must pay the costs incurred after the offer was made.” Fed. R. Civ. P. 68 (emphasis added). Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 45 of 49

21102 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS fees are to be included as costs for purposes of Rule 68,” and the Copyright Act, 17 U.S.C. § 505, provides that a court “may . . . award a reasonable attorney’s fee to the prevailing party as part of the costs.” Relying on Trident, the district court declined to grant attorney’s fees under Rule 68 because it had previously determined that fees were not “properly awardable” under § 505.21 Veoh has not challenged the district court’s decision with regard to § 505, but argues on appeal that under Rule 68 an award of costs, including fees, was mandatory. We agree with the district court that, because it found that attorney’s fees were not “properly awardable” under § 505 in this case, fees could not be awarded under Rule 68. We remand to the district court to separately analyze whether Rule 68 costs, excluding attorney’s fees, are warranted.

In Marek, the Supreme Court held that “the term ‘costs’ in Rule 68 was intended to refer to all costs properly awardable under the relevant substantive statute.” 473 U.S. at 9 (emphasis added). We have interpreted this to mean that attorney’s fees may be awarded as Rule 68 costs only if those fees would have been properly awarded under the relevant substantive statute in that particular case. In Trident, 92 F.3d at 860, for example, the issue was the interplay between the Clean Air Act (CAA) and Rule 68. Under the CAA, fees may only be awarded if the action was “unreasonable.” See id.22 Trident

21The court declined to exercise its discretion to grant fees under § 505 despite its conclusion that Veoh was “the prevailing party on the core issue in the litigation” because it found that, under the factors described in Fogerty v. Fantasy, Inc., 510 U.S. 517, 533 & 534 n.19 (1994), UMG’s legal challenge was not “improper, in bad faith, or contrary to the purposes of the Copyright Act,” and the manner in which it pursued its claims was not objectively unreasonable. 22When determining whether to award fees under the Copyright Act, we consider “(1) the degree of success obtained; (2) frivolousness; (3) motiva- Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 46 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21103 held that “[t]he only interpretation that gives meaning to every word in both Rule 68 and the [CAA] is that ‘costs’ in Rule 68 include attorneys’ fees only if the action was unreasonable.” Id. The fact that fees could have been awarded under the CAA, had its requirements been met, was insufficient to make them “properly awardable” within the meaning of Marek when the district court decided not to grant them in that case. See id.

[22] We confronted the same issue with regard to a different substantive statute in Champion. There, we considered whether Rule 68 “costs” included attorney’s fees where Idaho Code § 12-120(3) permitted the award of fees to a “prevailing party,” and the district court expressly held that the defendant had not prevailed within the meaning of that section. See Champion, 342 F.3d at 1031. Relying on Trident, we held that “Rule 68 is not intended to expand the bases for a party’s recovery of attorneys’ fees,” id. at 1029, and thus,

[j]ust as attorneys’ fees are not “properly awardable” to a defendant in a Clean Air Act case unless “the court finds that such action was unreasonable,” Tri- dent, 92 F.3d at 860, attorneys’ fees are not “properly awardable” to a defendant in a case where the relevant statute awards attorneys’ fees to a prevailing party unless the defendant is a prevailing party within the meaning of that statute.

Id. at 1031 (citing Payne v. Milwaukee Cnty., 288 F.3d 1021, 1026 (7th Cir. 2002) (“Briefly put, ‘costs’ cannot encompass more than the rules or other relevant statutes authorize.”)).

tion; (4) the objective unreasonableness of the losing party’s factual and legal arguments; and (5) the need, in particular circumstances, to advance considerations of compensation and deterrence.” Love v. Associated News- papers, Ltd., 611 F.3d 601, 614-15 (9th Cir. 2010) (citing Fogerty, 510 U.S. at 534 n.19). Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 47 of 49

21104 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS Although we have not yet confronted this question in a Copy- right Act case, Trident and Champion make clear that in this context as well, because the district court determined that attorney’s fees were not “properly awardable” to Veoh under § 505, they were not awardable under Rule 68 either.23

Even though Veoh is not entitled to attorney’s fees under Rule 68, it may be entitled to its other costs. See, e.g., Cham- pion, 342 F.3d at 1028 (holding that even though attorney’s fees were not properly awardable under Rule 68, costs (excluding fees) were mandatory). The district court, however, did not analyze whether costs apart from fees were warranted. Veoh has already been awarded some of its costs under Federal Rule of Civil Procedure 54(d), but it argues on appeal that it is entitled to all of its post-settlement offer costs under Rule 68. This may be true, if certain conditions are met. First, costs are awardable under Rule 68 where “the judgment that the offeree finally obtains is not more favorable than the unaccepted offer.” Fed. R. Civ. P. 68(d). Veoh argues that “[b]ecause Veoh was already taking the measures set forth in the [stipulated] injunction, and UMG was primarily seeking monetary damages, the value of that stipulation was less than Veoh’s Rule 68 Offer.” Although this may prove true, the value of the stipulated injunction is not clear on this record.

Second, Veoh can recover Rule 68 costs only if it is not a prevailing defendant. In Delta Air Lines, Inc. v. August, 450 U.S. 346, 352 (1981), the Supreme Court held that Rule 68 “applies only to offers made by the defendant and only to

23Veoh argues that we should not follow Trident because it “misapplied the Supreme Court’s approach in Marek,” and urges us instead to follow the Eleventh Circuit’s contrary approach in Jordan v. Time, Inc., 111 F.3d 102, 105 (11th Cir. 1997). We disagree. In Champion, 342 F.3d at 1029- 31, we reaffirmed Trident’s application of Marek and explicitly rejected the Eleventh Circuit’s approach in Jordan. Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 48 of 49

UMG RECORDINGS v. SHELTER CAPITAL PARTNERS 21105 judgments obtained by the plaintiff,” and “therefore is simply inapplicable [where] it was the defendant that obtained the judgment.” See also Goldberg v. Pac. Indem. Co., 627 F.3d 752, 755 (9th Cir. 2010) (“Rule 68 does not allow a defendant to recover costs when judgment is entered in the defendant’s favor.”). The Court observed that holding otherwise would create an odd system in which “any settlement offer, no matter how small, would apparently trigger the operation of the Rule,” and “[t]hus any defendant, by performing the meaning- less act of making a nominal settlement offer, could eliminate the trial judge’s discretion under Rule 54(d).” Delta, 450 U.S. at 353. Delta rejected such an understanding of Rule 68:

We cannot reasonably conclude that the drafters of the Federal Rules intended on the one hand affirmatively to grant the district judge discretion to deny costs to the prevailing party under Rule 54(d) and then on the other hand to give defendants — and only defendants — the power to take away that discretion by performing a token act.

Id.; see also MRO Commc’ns, Inc. v. Am. Tel. & Tel. Co., 197 F.3d 1276, 1280 (9th Cir. 1999) (“Where a defendant prevails after making an offer of judgment, ‘the trial judge retains his Rule 54(d) discretion.’ ” (quoting Delta, 450 U.S. at 354)).

Veoh argues that Delta does not apply because UMG “actually obtained certain relief” in the form of the parties’ stipulation that Veoh would continue removing infringing content discovered by its hash filtering system, and thus UMG rather than Veoh “obtained the judgment.” Delta, 450 U.S. at 352. Although the district court determined that Veoh was “the prevailing party on the core issue in the litigation” for § 505 purposes, it did not clarify whether it also concluded that Veoh was a prevailing defendant under Delta for Rule 68 purposes. We therefore remand to the district court to consider in the first instance whether Veoh is eligible to receive Rule 68 costs under Delta, and, if so, whether “the judgment that the Case: 09-55902 12/20/2011 ID: 8006118 DktEntry: 39-1 Page: 49 of 49

21106 UMG RECORDINGS v. SHELTER CAPITAL PARTNERS offeree finally obtain[ed] [wa]s not more favorable than the unaccepted offer.” Fed. R. Civ. P. 68(d). If both conditions are met, then the district court should determine what remaining costs are due to Veoh.

CONCLUSION

We affirm the district court’s determination on summary judgment that Veoh is entitled to § 512(c) safe harbor protection, and its dismissal of the claims of secondary liability against the Investor Defendants. We also affirm its determination that, in this case, attorney’s fees may not be awarded under Rule 68. We remand for the district court to consider in the first instance whether Veoh is entitled to Rule 68 costs excluding attorney’s fees.

The parties shall bear their own costs on appeal.

The motions of the Recording Industry Association of America et al., the Electronic Frontier Foundation et al., and eBay Inc. et al., for leave to file amicus curiae briefs are granted, and the briefs are ordered filed.

AFFIRMED in part and REMANDED in part.

UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF NEW YORK ------X VIACOM INTERNATIONAL INC., COMEDY PARTNERS, COUNTRY MUSIC TELEVISION, INC., PARAMOUNT PICTURES CORPORATION, and BLACK ENTERTAINMENT TELEVISION LLC,

Plaintiffs, 07 Civ. 2103 (LLS)

-against-

YOUTUBE, INC., YOUTUBE, LLC, and GOOGLE, INC.,

Defendants, ------X OPINION AND ORDER THE FOOTBALL ASSOCIATION PREMIER LEAGUE LIMITED, et al., on behalf of themselves and all others similarly situated,

Plaintiffs,

-against- 07 Civ. 3582 (LLS) YOUTUBE, INC., YOUTUBE, LLC, and GOOGLE, INC.,

Defendants. ------X

Defendants move for summary judgment that they are entitled to the Digital Millennium Copyright Act’s (“DMCA”), 17

U.S.C. § 512(c), “safe harbor” protection against all of plaintiffs’ direct and secondary infringement claims, including claims for “inducement” contributory liability, because they had insufficient notice, under the DMCA, of the particular infringements in suit. Plaintiffs cross-move for partial summary judgment that defendants are not protected by the statutory “safe harbor” provision, but “are liable for the intentional infringement of thousands of Viacom’s copyrighted works, . . . for the vicarious infringement of those works, and for the direct infringement of those works . . . because: (1) Defendants had ‘actual knowledge’ and were ‘aware of facts and circumstances from which infringing activity [was] apparent,’ but failed to ‘act[] expeditiously’ to stop it; (2) Defendants ‘receive[d] a financial benefit directly attributable to the infringing activity’ and ‘had the right and ability to control such activity;’ and (3) Defendants’ infringement does not result solely from providing ‘storage at the direction of a user’ or any other Internet function specified in section 512.” (See the parties’ Notices of Motion).

Resolution of the key legal issue presented on the parties’ cross-motions requires examination of the DMCA’s “safe harbor” provisions, 17 U.S.C. § 512(c), (m) and (n) which state:

(c) Information residing on systems or networks at direction of users.— (1) In general.—A service provider shall not be liable for monetary relief, or, except as provided in subsection (j), for injunctive or other equitable relief, for infringement of copyright by reason of the storage at the direction of a user of material that resides on a system or network controlled or operated by or for the service provider, if the service provider—

- 2 - (A)(i) does not have actual knowledge that the material or an activity using the material on the system or network is infringing;

(ii) in the absence of such actual knowledge, is not aware of facts or circumstances from which infringing activity is apparent; or

(iii) upon obtaining such knowledge or awareness, acts expeditiously to remove, or disable access to, the material;

(B) does not receive a financial benefit directly attributable to the infringing activity, in a case in which the service provider has the right and ability to control such activity; and

(C) upon notification of claimed infringement as described in paragraph (3), responds expeditiously to remove, or disable access to, the material that is claimed to be infringing or to be the subject of infringing activity.

(2) Designated agent.—The limitations on liability established in this subsection apply to a service provider only if the service provider has designated an agent to receive notifications of claimed infringement described in paragraph (3), by making available through its service, including on its website in a location accessible to the public, and by providing to the Copyright Office, substantially the following information:

(A) the name, address, phone number, and electronic mail address of the agent.

(B) Other contact information which the Register of Copyrights may deem appropriate.

The Register of Copyrights shall maintain a current directory of agents available to the public for inspection, including through the Internet, in both electronic and hard copy formats, and may require payment of a fee by service providers to cover the costs of maintaining the directory.

- 3 - (3) Elements of notification.—

(A) To be effective under this subsection, a notification of claimed infringement must be a written communication provided to the designated agent of a service provider that includes substantially the following:

(i) A physical or electronic signature of a person authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.

(ii) Identification of the copyrighted work claimed to have been infringed, or, if multiple copyrighted works at a single online site are covered by a single notification, a representative list of such works at that site.

(iii) Identification of the material that is claimed to be infringing or to be the subject of infringing activity and that is to be removed or access to which is to be disabled, and information reasonably sufficient to permit the service provider to locate the material.

(iv) Information reasonably sufficient to permit the service provider to contact the complaining party, such as an address, telephone number, and, if available, an electronic mail address at which the complaining party may be contacted.

(v) A statement that the complaining party has a good faith belief that use of the material in the manner complained of is not authorized by the copyright owner, its agent, or the law.

(vi) A statement that the information in the notification is accurate, and under penalty of perjury, that the complaining party is authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.

- 4 -

(B)(i) Subject to clause (ii), a notification from a copyright owner or from a person authorized to act on behalf of the copyright owner that fails to comply substantially with the provisions of subparagraph (A) shall not be considered under paragraph (1)(A) in determining whether a service provider has actual knowledge or is aware of facts or circumstances from which infringing activity is apparent.

(ii) In a case in which the notification that is provided to the service provider’s designated agent fails to comply substantially with all the provisions of subparagraph (A) but substantially complies with clauses (ii), (iii), and (iv) of subparagraph (A), clause (i) of this subparagraph applies only if the service provider promptly attempts to contact the person making the notification or takes other reasonable steps to assist in the receipt of notification that substantially complies with all the provisions of subparagraph (A).

* * *

(m) Protection of privacy.—Nothing in this section shall be construed to condition the applicability of subsections (a) through (d) on—

(1) a service provider monitoring its service or affirmatively seeking facts indicating infringing activity, except to the extent consistent with a standard technical measure complying with the provisions of subsection (i); or

(2) a service provider gaining access to, removing, or disabling access to material in cases in which such conduct is prohibited by law.

(n) Construction.—Subsections (a), (b), (c), and (d) describe separate and distinct functions for purposes of applying this section. Whether a

- 5 - service provider qualifies for the limitation on liability in any one of those subsections shall be based solely on the criteria in that subsection, and shall not affect a determination of whether that service provider qualifies for the limitations on liability under any other such subsection.

Defendant YouTube, owned by defendant Google, operates a website at http://www.youtube.com onto which users may upload video files free of charge. Uploaded files are copied and formatted by YouTube’s computer systems, and then made available for viewing on YouTube. Presently, over 24 hours of new video- viewing time is uploaded to the YouTube website every minute.

As a “provider of online services or network access, or the operator of facilities therefor” as defined in 17 U.S.C. §

512(k)(1)(B), YouTube is a service provider for purposes of §

512(c).

From plaintiffs’ submissions on the motions, a jury could find that the defendants not only were generally aware of, but welcomed, copyright-infringing material being placed on their website. Such material was attractive to users, whose increased usage enhanced defendants’ income from advertisements displayed on certain pages of the website, with no discrimination between infringing and non-infringing content.

Plaintiffs claim that “tens of thousands of videos on

YouTube, resulting in hundreds of millions of views, were taken unlawfully from Viacom’s copyrighted works without

- 6 - authorization” (Viacom Br., Dkt. No. 186, p. 1), and that

“Defendants had ‘actual knowledge’ and were ‘aware of facts or circumstances from which infringing activity [was] apparent,’ but failed to do anything about it.” (Id. at 4) (alteration in original).

However, defendants designated an agent, and when they received specific notice that a particular item infringed a copyright, they swiftly removed it. It is uncontroverted that all the clips in suit are off the YouTube website, most having been removed in response to DMCA takedown notices.

Thus, the critical question is whether the statutory phrases “actual knowledge that the material or an activity using the material on the system or network is infringing,” and “facts or circumstances from which infringing activity is apparent” in

§ 512(c)(1)(A)(i) and (ii) mean a general awareness that there are infringements (here, claimed to be widespread and common), or rather mean actual or constructive knowledge of specific and identifiable infringements of individual items.

Legislative History

The Senate Committee on the Judiciary Report, S. Rep.

No. 105-190 (1998), gives the background at page 8:

- 7 - Due to the ease with which digital works can be copied and distributed worldwide virtually instantaneously, copyright owners will hesitate to make their works readily available on the Internet without reasonable assurance that they will be protected against massive piracy. Legislation implementing the treaties provides this protection and creates the legal platform for launching the global digital on-line marketplace for copyrighted works. It will facilitate making available quickly and conveniently via the Internet the movies, music, software, and literary works that are the fruit of American creative genius. It will also encourage the continued growth of the existing off-line global marketplace for copyrighted works in digital format by setting strong international copyright standards. At the same time, without clarification of their liability, service providers may hesitate to make the necessary investment in the expansion of the speed and capacity of the Internet. In the ordinary course of their operations service providers must engage in all kinds of acts that expose them to potential copyright infringement liability. For example, service providers must make innumerable electronic copies by simply transmitting information over the Internet. Certain electronic copies are made in order to host World Wide Web sites. Many service providers engage in directing users to sites in response to inquiries by users or they volunteer sites that users may find attractive. Some of these sites might contain infringing material. In short, by limiting the liability of service providers, the DMCA ensures that the efficiency of the Internet will continue to improve and that the variety and quality of services on the Internet will continue to expand.

It elaborates:

There have been several cases relevant to service provider liability for copyright infringement. Most have approached the issue from the standpoint of contributory and vicarious liability. Rather than embarking upon a wholesale clarification of these doctrines, the Committee decided to leave current law in its evolving state and, instead, to create a series of “safe harbors,” for certain common activities of

- 8 - service providers. A service provider which qualifies for a safe harbor, receives the benefit of limited liability.

Id. at 19 (footnote omitted).

The Senate Judiciary Committee Report and the House

Committee on Commerce Report, H.R. Rep. No. 105-551, pt. 2

(1998), in almost identical language describe the DMCA’s purpose and structure (Senate Report at 40-41, House Report at 50):

New section 512 contains limitations on service providers’ liability for five general categories of activity set forth in subsections (a) through (d) and subsection (f). As provided in subsection (k), section 512 is not intended to imply that a service provider is or is not liable as an infringer either for conduct that qualifies for a limitation of liability or for conduct that fails to so qualify. Rather, the limitations of liability apply if the provider is found to be liable under existing principles of law. The limitations in subsections (a) through (d) protect qualifying service providers from liability for all monetary relief for direct, vicarious and contributory infringement. Monetary relief is defined in subsection (j)(2) as encompassing damages, costs, attorneys’ fees, and any other form of monetary payment. These subsections also limit injunctive relief against qualifying service providers to the extent specified in subsection (i). To qualify for these protections, service providers must meet the conditions set forth in subsection (h), and service providers’ activities at issue must involve a function described in subsection (a), (b), (c), (d) or (f), respectively. The liability limitations apply to networks “operated by or for the service provider,” thereby protecting both service providers who offer a service and subcontractors who may operate parts of, or an entire, system or network for another service provider.

- 9 - They discuss the “applicable knowledge standard”

(Senate Report at 44-45, House Report at 53-54):

Subsection (c)(1)—In general.—Subsection (c)(1)(A) sets forth the applicable knowledge standard. This standard is met either by actual knowledge of infringement or in the absence of such knowledge by awareness of facts or circumstances from which infringing activity is apparent. The term “activity” is intended to mean activity using the material on the system or network. The Committee intends such activity to refer to wrongful activity that is occurring at the site on the provider’s system or network at which the material resides, regardless of whether copyright infringement is technically deemed to occur at that site or at the location where the material is received. For example, the activity at an online site offering audio or video may be unauthorized public performance of a musical composition, a sound recording, or an audio-visual work, rather than (or in addition to) the creation of an unauthorized copy of any of these works. Subsection (c)(1)(A)(ii) can best be described as a “red flag” test. As stated in subsection (l), a service provider need not monitor its service or affirmatively seek facts indicating infringing activity (except to the extent consistent with a standard technical measure complying with subsection (h)), in order to claim this limitation on liability (or, indeed any other limitation provided by the legislation). However, if the service provider becomes aware of a “red flag” from which infringing activity is apparent, it will lose the limitation of liability if it takes no action. The “red flag” test has both a subjective and an objective element. In determining whether the service provider was aware of a “red flag,” the subjective awareness of the service provider of the facts or circumstances in question must be determined. However, in deciding whether those facts or circumstances constitute a “red flag”— in other words, whether infringing activity would have been apparent to a reasonable person operating under the same or similar circumstances—an objective standard should be used.

- 10 - Subsection (c)(1)(A)(iii) provides that once a service provider obtains actual knowledge or awareness of facts or circumstances from which infringing material or activity on the service provider’s system or network is apparent, the service provider does not lose the limitation of liability set forth in subsection (c) if it acts expeditiously to remove or disable access to the infringing material. Because the factual circumstances and technical parameters may vary from case to case, it is not possible to identify a uniform time limit for expeditious action. Subsection (c)(1)(B) sets forth the circumstances under which a service provider would lose the protection of subsection (c) by virtue of its benefit from the control over infringing activity. In determining whether the financial benefit criterion is satisfied, courts should take a common-sense, fact- based approach, not a formalistic one. In general, a service provider conducting a legitimate business would not be considered to receive a “financial benefit directly attributable to the infringing activity” where the infringer makes the same kind of payment as non-infringing users of the provider’s service. Thus, receiving a one-time set-up fee and flat periodic payments for service from a person engaging in infringing activities would not constitute receiving a “financial benefit directly attributable to the infringing activity.” Nor is subparagraph (B) intended to cover fees based on the length of the message (per number of bytes, for example) or by connect time. It would however, include any such fees where the value of the service lies in providing access to infringing material. and at Senate Report 45, House Report 54:

Section 512 does not require use of the notice and take-down procedure. A service provider wishing to benefit from the limitation on liability under subsection (c) must “take down” or disable access to infringing material residing on its system or network of which it has actual knowledge or that meets the “red flag” test, even if the copyright owner or its agent does not notify it of a claimed infringement. On the other hand, the service provider is free to refuse to “take down” the material or site, even after receiving a notification of claimed infringement from

- 11 - the copyright owner; in such a situation, the service provider’s liability, if any, will be decided without reference to section 512(c). For their part, copyright owners are not obligated to give notification of claimed infringement in order to enforce their rights. However, neither actual knowledge nor awareness of a red flag may be imputed to a service provider based on information from a copyright owner or its agent that does not comply with the notification provisions of subsection (c)(3), and the limitation of liability set forth in subsection (c) may apply.

The reports continue (Senate Report at 46-47, House

Report at 55-56):

Subsection (c)(3)(A)(iii) requires that the copyright owner or its authorized agent provide the service provider with information reasonably sufficient to permit the service provider to identify and locate the allegedly infringing material. An example of such sufficient information would be a copy or description of the allegedly infringing material and the URL address of the location (web page) which is alleged to contain the infringing material. The goal of this provision is to provide the service provider with adequate information to find and address the allegedly infringing material expeditiously.

* * *

Subsection (c)(3)(B) addresses the effect of notifications that do not substantially comply with the requirements of subsection (c)(3). Under this subsection, the court shall not consider such notifications as evidence of whether the service provider has actual knowledge, is aware of facts or circumstances, or has received a notification for purposes of subsection (c)(1)(A). However, a defective notice provided to the designated agent may be considered in evaluating the service provider’s knowledge or awareness of facts and circumstances, if (i) the complaining party has provided the requisite information concerning the identification of the

- 12 - copyrighted work, identification of the allegedly infringing material, and information sufficient for the service provider to contact the complaining party, and (ii) the service provider does not promptly attempt to contact the person making the notification or take other reasonable steps to assist in the receipt of notification that substantially complies with paragraph (3)(A). If the service provider subsequently receives a substantially compliant notice, the provisions of paragraph (1)(C) would then apply upon receipt of the notice.

When discussing section 512(d) of the DMCA which deals with information location tools, the Committee Reports contain an instructive explanation of the need for specificity (Senate

Report at 48-49, House Report at 57-58):

Like the information storage safe harbor in section 512(c), a service provider would qualify for this safe harbor if, among other requirements, it “does not have actual knowledge that the material or activity is infringing” or, in the absence of such actual knowledge, it is “not aware of facts or circumstances from which infringing activity is apparent.” Under this standard, a service provider would have no obligation to seek out copyright infringement, but it would not qualify for the safe harbor if it had turned a blind eye to “red flags” of obvious infringement. For instance, the copyright owner could show that the provider was aware of facts from which infringing activity was apparent if the copyright owner could prove that the location was clearly, at the time the directory provider viewed it, a “pirate” site of the type described below, where sound recordings, software, movies or books were available for unauthorized downloading, public performance or public display. Absent such “red flags” or actual knowledge, a directory provider would not be similarly aware merely because it saw one or more well known photographs of a celebrity at a site devoted to that person. The provider could not be expected, during the course of its brief cataloguing visit, to determine whether the photograph was still protected by copyright or was in the public domain; if the

- 13 - photograph was still protected by copyright, whether the use was licensed; and if the use was not licensed, whether it was permitted under the fair use doctrine. The important intended objective of this standard is to exclude sophisticated “pirate” directories—which refer Internet users to other selected Internet sites where pirate software, books, movies, and music can be downloaded or transmitted—from the safe harbor. Such pirate directories refer Internet users to sites that are obviously infringing because they typically use words such as “pirate,” “bootleg,” or slang terms in their uniform resource locator (URL) and header information to make their illegal purpose obvious to the pirate directories and other Internet users. Because the infringing nature of such sites would be apparent from even a brief and casual viewing, safe harbor status for a provider that views such a site and then establishes a link to it would not be appropriate. Pirate directories do not follow the routine business practices of legitimate service providers preparing directories, and thus evidence that they have viewed the infringing site may be all that is available for copyright owners to rebut their claim to a safe harbor. In this way, the “red flag” test in section 512(d) strikes the right balance. The common-sense result of this “red flag” test is that online editors and catalogers would not be required to make discriminating judgments about potential copyright infringement. If, however, an Internet site is obviously pirate, then seeing it may be all that is needed for the service provider to encounter a “red flag.” A provider proceeding in the face of such a red flag must do so without the benefit of a safe harbor. Information location tools are essential to the operation of the Internet; without them, users would not be able to find the information they need. Directories are particularly helpful in conducting effective searches by filtering out irrelevant and offensive material. The Yahoo! Directory, for example, currently categorizes over 800,000 online locations and serves as a “card catalogue” to the World Wide Web, which over 35,000,000 different users visit each month. Directories such as Yahoo!’s usually are created by people visiting sites to categorize them. It is precisely the human judgment

- 14 - and editorial discretion exercised by these cataloguers which makes directories valuable. This provision is intended to promote the development of information location tools generally, and Internet directories such as Yahoo!’s in particular, by establishing a safe-harbor from copyright infringement liability for information location tool providers if they comply with the notice and takedown procedures and other requirements of subsection (d). The knowledge or awareness standard should not be applied in a manner which would create a disincentive to the development of directories which involve human intervention. Absent actual knowledge, awareness of infringement as provided in subsection (d) should typically be imputed to a directory provider only with respect to pirate sites or in similarly obvious and conspicuous circumstances, and not simply because the provider viewed an infringing site during the course of assembling the directory.

The tenor of the foregoing provisions is that the phrases “actual knowledge that the material or an activity” is infringing, and “facts or circumstances” indicating infringing activity, describe knowledge of specific and identifiable infringements of particular individual items. Mere knowledge of prevalence of such activity in general is not enough. That is consistent with an area of the law devoted to protection of distinctive individual works, not of libraries. To let knowledge of a generalized practice of infringement in the industry, or of a proclivity of users to post infringing materials, impose responsibility on service providers to discover which of their users’ postings infringe a copyright would contravene the structure and operation of the DMCA. As

- 15 - stated in Perfect 10, Inc. v. CCBill LLC, 488 F.3d 1102, 1113

(9th Cir. 2007):

The DMCA notification procedures place the burden of policing copyright infringement—identifying the potentially infringing material and adequately documenting infringement—squarely on the owners of the copyright. We decline to shift a substantial burden from the copyright owner to the provider . . . .

That makes sense, as the infringing works in suit may be a small fraction of millions of works posted by others on the service’s platform, whose provider cannot by inspection determine whether the use has been licensed by the owner, or whether its posting is a “fair use” of the material, or even whether its copyright owner or licensee objects to its posting.

The DMCA is explicit: it shall not be construed to condition

“safe harbor” protection on “a service provider monitoring its service or affirmatively seeking facts indicating infringing activity . . . .” Id. § 512(m)(1); see Senate Report at 44,

House Report at 53.

Indeed, the present case shows that the DMCA notification regime works efficiently: when Viacom over a period of months accumulated some 100,000 videos and then sent one mass take-down notice on February 2, 2007, by the next business day YouTube had removed virtually all of them.

- 16 - 2.

Case Law

In CCBill LLC, supra, the defendants provided web hosting and other services to various websites. The plaintiff argued that defendants had received notice of apparent infringement from circumstances that raised “red flags”: websites were named “illegal.net” and “stolencelebritypics.com,” and others involved “password-hacking.” 488 F.3d at 1114

(internal quotation marks omitted). As to each ground, the

Ninth Circuit disagreed, stating “We do not place the burden of determining whether photographs are actually illegal on a service provider”; and “There is simply no way for a service provider to conclude that the passwords enabled infringement without trying the passwords, and verifying that they enabled illegal access to copyrighted material. We impose no such investigative duties on service providers.” Id.

The District Court in UMG Recordings, Inc. v. Veoh

Networks, Inc., 665 F. Supp. 2d 1099, 1108 (C.D. Cal. 2009), concluded that “CCBill teaches that if investigation of ‘facts and circumstances’ is required to identify material as infringing, then those facts and circumstances are not ‘red flags.’” That observation captures the reason why awareness of pervasive copyright-infringing, however flagrant and blatant,

- 17 - does not impose liability on the service provider. It furnishes

at most a statistical estimate of the chance any particular

posting is infringing — and that is not a “red flag” marking any

particular work.

In Corbis Corp. v. Amazon.com, Inc., 351 F. Supp. 2d

1090, 1108 (W.D. Wash. 2004) the court stated that “The issue is

not whether Amazon had a general awareness that a particular

type of item may be easily infringed. The issue is whether

Amazon actually knew that specific zShops vendors were selling

items that infringed Corbis copyrights.” It required a “showing

that those sites contained the type of blatant infringing

activity that would have sent up a red flag for Amazon.” Id. at

1109. Other evidence of “red flags” was unavailing, for it

“provides no evidence from which to infer that Amazon was aware of, but chose to ignore, red flags of blatant copyright infringement on specific zShops sites.” Id.

A similar recent decision of the Second Circuit

involved analogous claims of trademark infringement (and

therefore did not involve the DMCA) by sales of counterfeit

Tiffany merchandise on eBay, Inc.’s website. In Tiffany (NJ)

Inc. v. eBay Inc., 600 F.3d 93 (2d Cir. April 1, 2010) the Court

of Appeals affirmed the dismissal of trademark infringement and

dilution claims against eBay’s advertising and listing

practices. The sellers on eBay offered Tiffany sterling silver

- 18 - jewelry of which a significant portion (perhaps up to 75%) were counterfeit, although a substantial number of Tiffany goods sold on eBay were authentic. (Id. at 97-98). The particular issue was “whether eBay is liable for contributory trademark infringement — i.e., for culpably facilitating the infringing conduct of the counterfeiting vendors” (id. at 103) because

“eBay continued to supply its services to the sellers of counterfeit Tiffany goods while knowing or having reason to know that such sellers were infringing Tiffany’s mark.” (Id. at

106). Tiffany alleged that eBay knew, or had reason to know, that counterfeit Tiffany goods were being sold “ubiquitously” on eBay, and the District Court had found that eBay indeed “had generalized notice that some portion of the Tiffany goods sold on its website might be counterfeit” (id.; emphasis in original). Nevertheless, the District Court (Sullivan, J.) dismissed, holding that such generalized knowledge was insufficient to impose upon eBay an affirmative duty to remedy the problem. It held that “for Tiffany to establish eBay’s contributory liability, Tiffany would have to show that eBay

‘knew or had reason to know of specific instances of actual infringement’ beyond those that it addressed upon learning of them.” (Id. at 107).

The Court of Appeals held (Id.):

- 19 - We agree with the district court. For contributory trademark infringement liability to lie, a service provider must have more than a general knowledge or reason to know that its service is being used to sell counterfeit goods. Some contemporary knowledge of which particular listings are infringing or will infringe in the future is necessary.

And at p. 110:

eBay appears to concede that it knew as a general matter that counterfeit Tiffany products were listed and sold through its website. Tiffany, 576 F.Supp.2d at 514. Without more, however, this knowledge is insufficient to trigger liability under Inwood.[1]

Although by a different technique, the DMCA applies the same principle, and its establishment of a safe harbor is clear and practical: if a service provider knows (from notice from the owner, or a “red flag”) of specific instances of infringement, the provider must promptly remove the infringing material. If not, the burden is on the owner to identify the infringement. General knowledge that infringement is

“ubiquitous” does not impose a duty on the service provider to monitor or search its service for infringements.

1 See Inwood Labs., Inc. v. Ives Labs., Inc., 456 U.S. 844, 102 S. Ct. 2182 (1982).

- 20 - 3.

The Grokster Case

Metro-Goldwyn-Mayer Studios Inc. v. Grokster, Ltd.,

545 U.S. 913 (2005) and its progeny Arista Records LLC v.

Usenet.com, Inc., 633 F. Supp. 2d 124 (S.D.N.Y. 2009)

(dismissing DMCA defense as sanction for spoliation and evasive

discovery tactics), Columbia Pictures Industries, Inc. v. Fung,

No. 06 Civ. 5578, 2009 U.S. Dist. LEXIS 122661 (C.D. Cal. Dec.

21, 2009), and Arista Records LLC v. Lime Group LLC, No. 06 Civ.

5936 (KMW), ___ F. Supp. 2d ___, 2010 WL 2291485 (S.D.N.Y. May

25, 2010), which furnish core principles heavily relied on by

plaintiffs and their supporting amici, have little application

here. Grokster, Fung, and Lime Group involved peer-to-peer

file-sharing networks which are not covered by the safe harbor

provisions of DMCA § 512(c). The Grokster and Lime Group opinions do not even mention the DMCA. Fung was an admitted copyright thief whose DMCA defense under § 512(d) was denied on undisputed evidence of “‘purposeful, culpable expression and conduct’ aimed at promoting infringing uses of the websites”

(2009 U.S. Dist. LEXIS 122661, at *56).

Grokster addressed the more general law of

contributory liability for copyright infringement, and its

application to the particular subset of service providers

- 21 - protected by the DMCA is strained. In a setting of distribution

of software products that allowed computer-to-computer exchanges

of infringing material, with the expressed intent of succeeding

to the business of the notoriously infringing Napster (see 545

U.S. at 923-26) the Grokster Court held (id. at 919, 936-37):

. . . that one who distributes a device with the object of promoting its use to infringe copyright, as shown by clear expression or other affirmative steps taken to foster infringement, is liable for the resulting acts of infringement by third parties.

On these cross-motions for summary judgment I make no

findings of fact as between the parties, but I note that

plaintiff Viacom’s General Counsel said in a 2006 e-mail that “.

. . the difference between YouTube’s behavior and Grokster’s is

staggering.” Ex. 173 to Schapiro Opp. Affid., Dkt. No. 306,

Att. 4. Defendants asserted in their brief supporting their

motion (Dkt. No. 188, p.60) and Viacom’s response does not

controvert (Dkt. No. 296, p.29, ¶ 1.80) that:

It is not remotely the case that YouTube exists “solely to provide the site and facilities for copyright infringement.” . . . Even the plaintiffs do not (and could not) suggest as much. Indeed, they have repeatedly acknowledged the contrary.

The Grokster model does not comport with that of a

service provider who furnishes a platform on which its users

post and access all sorts of materials as they wish, while the

provider is unaware of its content, but identifies an agent to

receive complaints of infringement, and removes identified

- 22 - material when he learns it infringes. To such a provider, the

DMCA gives a safe harbor, even if otherwise he would be held as a contributory infringer under the general law. In this case, it is uncontroverted that when YouTube was given the notices, it removed the material. It is thus protected “from liability for all monetary relief for direct, vicarious and contributory infringement” subject to the specific provisions of the DMCA.

Senate Report at 40, House Report at 50.

Other Points

(a)

Plaintiffs claim that the replication, transmittal and display of videos on YouTube fall outside the protection §

512(c)(1) of the DMCA gives to “infringement of copyright by reason of the storage at the direction of a user of material” on a service provider’s system or network. That confines the word

“storage” too narrowly to meet the statute’s purpose.

In § 512(k)(1)(B) a “service provider” is defined as

“a provider of online services or network access, or the operator of facilities therefor,” and includes “an entity offering the transmission, routing, or providing of connections

- 23 - for digital online communications.” Surely the provision of

such services, access, and operation of facilities are within

the safe harbor when they flow from the material’s placement on

the provider’s system or network: it is inconceivable that they

are left exposed to be claimed as unprotected infringements. As

the Senate Report states (p. 8):

In the ordinary course of their operations service providers must engage in all kinds of acts that expose them to potential copyright infringement liability. . . . In short, by limiting the liability of service providers, the DMCA ensures that the efficiency of the Internet will continue to improve and that the variety and quality of services on the Internet will continue to expand.

As stated in Io Group, Inc. v. Veoh Networks, Inc.,

586 F. Supp. 2d 1132, 1148 (N.D. Cal. 2008), such “means of facilitating user access to material on its website” do not cost the service provider its safe harbor. See also UMG Recordings,

Inc. v. Veoh Networks, Inc., 620 F. Supp. 2d 1081, 1089 (C.D.

Cal. 2008):

Although Veoh correctly observes that the language of § 512(c) is “broad,” it does not venture to define its outermost limits. It is unnecessary for this Court to do so either, because the critical statutory language really is pretty clear. Common sense and widespread usage establish that “by reason of” means “as a result of” or “something that can be attributed to . . . .” So understood, when copyrighted content is displayed or distributed on Veoh it is “as a result of” or “attributable to” the fact that users uploaded the content to Veoh’s servers to be accessed by other means. If providing access could trigger liability without the possibility of DMCA immunity, service providers would be greatly

- 24 - deterred from performing their basic, vital and salutary function—namely, providing access to information and material for the public.

To the extent defendants’ activities go beyond what can fairly be characterized as meeting the above-described collateral scope of “storage” and allied functions, and present the elements of infringements under existing principles of copyright law, they are not facially protected by § 512(c).

Such activities simply fall beyond the bounds of the safe harbor and liability for conducting them must be judged according to the general law of copyright infringement. That follows from the language of § 512(c)(1) that “A service provider shall not be liable . . . for infringement of copyright by reason of the storage . . . .” However, such instances have no bearing on the coverage of the safe harbor in all other respects.

(b)

The safe harbor requires that the service provider

“not receive a financial benefit directly attributable to the infringing activity, in a case in which the service provider has the right and ability to control such activity . . . .” §

512(c)(1)(B). The “right and ability to control” the activity requires knowledge of it, which must be item-specific. (See

Parts 1 and 2 above.) There may be arguments whether revenues

- 25 - from advertising, applied equally to space regardless of whether its contents are or are not infringing, are “directly attributable to” infringements, but in any event the provider must know of the particular case before he can control it. As shown by the discussion in Parts 1 and 2 above, the provider need not monitor or seek out facts indicating such activity. If

“red flags” identify infringing material with sufficient particularity, it must be taken down.

(c)

Three minor arguments do not singly or cumulatively affect YouTube’s safe harbor coverage.

(1) YouTube has implemented a policy of terminating a user after warnings from YouTube (stimulated by its receipt of

DMCA notices) that the user has uploaded infringing matter (a

“three strikes” repeat-infringer policy). That YouTube counts as only one strike against a user both (1) a single DMCA takedown notice identifying multiple videos uploaded by the user, and (2) multiple take-down notices identifying videos uploaded by the user received by YouTube within a two-hour period, does not mean that the policy was not “reasonably implemented” as required by § 512(i)(1)(A). In Corbis Corp. v. Amazon.com,

Inc., 351 F. Supp. 2d 1090, 1105 (W.D. Wash. 2004), in

- 26 - evaluating whether Amazon complied with § 512(i), the Court stated that even DMCA-compliant notices “did not, in themselves, provide evidence of blatant copyright infringement.” In UMG

Recordings, Inc. v. Veoh Networks, Inc., 665 F. Supp. 2d 1099,

1116, 1118 (C.D. Cal. 2009), the Court upheld Veoh’s policy of terminating users after a second warning, even if the first warning resulted from a take-down notice listing multiple infringements. It stated:

As the Corbis court noted, “[t]he key term, ‘repeat infringer,’ is not defined. . . . The fact that Congress chose not to adopt such specific provisions when defining a user policy indicates its intent to leave the policy requirements, and the subsequent obligations of the service providers, loosely defined.” Corbis, 351 F.Supp.2d at 1100-01. This Court finds that Veoh’s policy satisfies Congress’s intent that “those who repeatedly or flagrantly abuse their access to the Internet through disrespect for the intellectual property rights of others should know that there is a realistic threat of losing that access.” H.R. Rep. 105-551(II), at 61.

Id. at 1118. (alteration and omission in original).

(2) In its “Claim Your Content” system, YouTube used

Audible Magic, a fingerprinting tool which removed an offending video automatically if it matched some portion of a reference video submitted by a copyright owner who had designated this service. It also removed a video if the rights-holder operated a manual function after viewing the infringing video. YouTube assigned strikes only when the rights-holder manually requested the video to be removed. Requiring the rights-holder to take

- 27 - that position does not violate § 512(i)(1)(A). See UMG

Recordings, 665 F. Supp. 2d at 1116-18 (automated Audible Magic filter “does not meet the standard of reliability and verifiability required by the Ninth Circuit in order to justify terminating a user’s account”); see also Perfect 10, Inc. v.

CCBill LLC, 488 F.3d 1102, 1112 (9th Cir. 2007) (“We therefore do not require a service provider to start potentially invasive proceedings if the complainant is unwilling to state under penalty of perjury that he is an authorized representative of the copyright owner, and that he has a good-faith belief that the material is unlicensed.”).

YouTube’s initial hesitation in counting such rights- holder requests as strikes was reasonable: the six month delay was needed to monitor the system’s use by rights-holders, and for engineering work to assure that strikes would be assigned accurately.

(3) Plaintiffs complain that YouTube removes only the specific clips identified in DMCA notices, and not other clips which infringe the same works. They point to the provision in §

512(c)(3)(A)(ii) that a notification must include

“Identification of the copyrighted work claimed to have been infringed, or, if multiple copyrighted works at a single online site are covered by a single notification, a representative list of such works at that site.” This “representative list”

- 28 - reference would eviscerate the required specificity of notice

(see discussion in Parts 1 and 2 above) if it were construed to

mean a merely generic description (“all works by Gershwin”)

without also giving the works’ locations at the site, and would

put the provider to the factual search forbidden by § 512(m).

Although the statute states that the “works” may be described

representatively, 512(c)(3)(A)(ii), the subsection which

immediately follows requires that the identification of the

infringing material that is to be removed must be accompanied by

“information reasonably sufficient to permit the service

provider to locate the material.” 512(c)(3)(A)(iii). See House

Report at 55; Senate Report at 46: “An example of such

sufficient information would be a copy or description of the

allegedly infringing material and the so-called “uniform

resource locator” (URL) (i.e., web site address) which allegedly

contains the infringing material.” See also UMG Recordings, 665

F. Supp. 2d at 1109-10 (DMCA notices which demanded removal of unspecified clips of video recordings by certain artists did not provide “‘information reasonably sufficient to permit the service provider to locate [such] material.’”) (alteration in original).

- 29 -

Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 1 of 90 PageID# 246

FILED OPEN COURT

IN THE UNITED STATES DISTRICT COURT FOR THE J 6 zuiz

EASTERN DISTRICT OF VIRGINIA CLERK, U.S. DISTRICT COURT ALEXANDRIA. VIRGINIA

Alexandria Division

UNITED STATES OF AMERICA Criminal No. 1:12CR3

Count One: 18 U.S.C. § 1962(d) - Conspiracy to Commit Racketeering

Count Two: 18 U.S.C. §371 - Conspiracy to Commit Copyright Infringement

Count Three: 18 U.S.C. § 1956(h) - Conspiracy to Commit Money Laundering

Count Four: 18 U.S.C. §§ 2, 2319: 17 U.S.C. §506- Criminal Copyright Infringement By Distributing a Copyrighted Work Being Prepared for Commercial v. Distribution on a Computer Network & Aiding and Abetting ofCriminal Copyright Infringement

Counts Five through Eight: 18 U.S.C. §§2,2319; KIM DOTCOM, 17 U.S.C. §506- MEGAUPLOAD LIMITED, Criminal Copyright Infringement By VESTOR LIMITED, Electronic Means & FINN BATATO, Aiding and Abetting ofCriminal JULIUS BENCKO, Copyright Infringement SVEN ECHTERNACH, MATHIAS ORTMANN, Counts Nine through Thirteen: ANDRUS NOMM, and 18 U.S.C. §§2, 1343- BRAM VAN DER KOLK, Fraud By Wire & Aiding and Defendants Abetting of Fraud by Wire

SUPERSEDING INDICTMENT

FEBRUARY 2012 TERM - at Alexandria, Virginia Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 2 of 90 PageID# 247

THE GRAND JURY CHARGES THAT:

GENERAL ALLEGATIONS

At all times relevant to this Superseding Indictment:

1. KIM DOTCOM, MEGAUPLOAD LIMITED, VESTOR LIMITED, FINN

BATATO, JULIUS BENCKO, SVEN ECHTERNACH, MATHIAS ORTMANN, ANDRUS

NOMM, and BRAM VAN DER KOLK, the defendants, and others known and unknown to the

Grand Jury, were members ofthe "Mega Conspiracy," a worldwide criminal organization whose members engaged in criminal copyright infringement and money laundering on a massive scale with estimatedharm to copyrightholders well in excess of$500,000,000 and reportedincome in excess of$175,000,000.

2. Megaupload.comis a commercialwebsite and service operated by the Mega

Conspiracy that reproduces and distributes copies of popular copyrighted content over the

Internet without authorization. Since at least September 2005, Megaupload.com has been used by the defendants and other members and associates ofthe Mega Conspiracyto willfully reproduceand distributemany millions of infringing copies ofcopyrightedworks, including motion pictures, television programs, musical recordings, electronic books, images, video games,

and other computer software. Over the more than five years ofits existence, the Mega

Conspiracy has aggressively expanded its operations into a large number ofrelated Internet

businesses, which are connected directly to, or at least financially dependent upon, the criminal

conduct associated with Megaupload.com.

3. Megaupload.com was at one point in its history estimated to be the 13th most

frequently visited website on the entire Internet. The site claims to have had more than one

billion visitors in its history, more than 180,000,000 registered users to date, an average of Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 3 of 90 PageID# 248

50 million daily visits, and to account for approximately four percent ofthe total traffic on the Internet. As ofJanuary 19, 2012, there were actually approximately 66.6 million users registered in the Mega Conspiracy's internal database records; ofthese registered users, the records furthershow that, at most, only 5.86 million users had ever uploaded a single file to either Megaupload.com or Megavideo.com.

4. Megaupload.com's income comes primarily from two sources: premium subscriptions and onlineadvertising. Premium subscriptions for Megaupload.com have been availablefor onlinepurchasefor as little as a few dollarsper day or as much as approximately

$260 for a lifetime. In exchange for payment, the Mega Conspiracy provides the fast reproductionand distributionof infringingcopies of copyrightedworks from its computer servers located around the world. Premium users ofthe site, a small percentage ofthe overall user base, are able to download and upload files with few, ifany, limitations. Subscription fees collected during the existence ofthe Mega Conspiracy from premium users are estimated to be more than $150 million. Online advertising on Megaupload.com and its associated websites, which is heavily dependent on the popularity ofcopyright infringing content to attract website visits, has further obtained more than $25 million for the Mega Conspiracy.

5. The financial proceeds ofMegaupload.com have been primarily directed to four sources. First, the Conspiracy has directed the bulkof its revenues to the defendants, corporate entitiesthey control, otherco-conspirators, and employees for their commercial advantage and private financial gain. Second, the Mega Conspiracy has spent millionsof dollars developing and promoting Megaupload.com and complementary Internet sites and services, such as

Megavideo.com, Megaclick.com, Megaporn.com, and a host of others (collectively the "Mega

Sites"). Third, for much ofits operation, the Mega Conspiracy has offered an "Uploader Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 4 of 90 PageID# 249

Rewards" Program, which promised premium subscribers transfers ofcash and other financial incentives to upload popular works, including copyrighted works, to computer servers under the

Mega Conspiracy's direct control and for the Conspiracy's ultimate financial benefit. The more popular content that was present on Mega Conspiracy servers would increase the number of visitors and premium users that the Conspiracy could monetize. In total, the Mega Conspiracy directly paid uploadersmillions of dollars through online payments. Fourth, the Mega

Conspiracyspends millions ofdollars per month on the infrastructuresupportingtheir businesses, including the leasing ofcomputers, hosting charges, and Internet bandwidth. In contrast to legitimate Internet distributors ofcopyrighted content, Megaupload.com does not make any significant payments to the copyright owners ofthe many thousands ofworks that are willfully reproduced and distributed on the Mega Sites each and every day.

6. Any Internet user who goes to the Megaupload.com website can upload a computerfile. Once that user has selecteda file on their computer and clicks the "upload" button, Megaupload.com reproduces the file on at least one computer server it controls and provides the uploading user with a unique Uniform Resource Locator ("URL") link that allows anyone with the link to download the file. For example, a link distributed on December 3,2006 by defendant DOTCOM (www.megaupload.com/?d=BYl 5XE3V) linksto a musical recording by U.S. recording artist "50 Cent." A singleclick on the link accessesa Megaupload.com downloadpage that allows any Internetuser to download a copy ofthe file from a computer server that is controlled by the Mega Conspiracy.

7. Megaupload.com advertises itselfas a "cyberlocker," which is a private data storage provider. However, as part ofthe design ofthe service, the vast majority of

Megaupload.com users do not have significant capabilities to store private content long-term.

4 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 5 of 90 PageID# 250

Unregistered anonymous users (referred to as "Non-Members" by the Conspiracy) are allowed to upload and download content files, but any Non-Member-uploaded content that is not downloaded within 21 days is permanently deleted. Similarly, registered free users (or

"Members") are allowed to upload and download content files, but each uploaded file must be downloaded every 90 days in order to remain on the system. Only premium users have a realistic chance ofhaving any private long-term storage, since their files are not regularly deleted due to non-use. In contrast, when any type ofuser on Megaupload.com uploads a copy ofa popular file that is repeatedly downloaded, including infringingcopies ofcopyrighted works available for download,that file remains on Mega Conspiracy-controlledcomputers and is available for distribution by anyone who can locate an active link to the file.

8. Furthermore, in order to mass distribute copies ofthe works on the systems it controls,the Mega Conspiracy has createda computer system architecture that keeps its most frequently downloadedfiles in memory (rather than in storage) on a number ofdedicatedhigh- end computer servers that are located at two facilities that belong to one ofthe leading broadband providers in the world. The vast majority of the files on these computers are infringing copies of copyrightedworks, and the Mega Conspiracy has purposefullymade their rapid and repeated distribution a primary focus oftheir infrastructure.

9. Once a user clicks on a Megaupload.comdownload link, the user is generally brought to a download page for the file. The download page contains online advertisements providedby the Conspiracy, which means that every download on Megaupload.com provides a financial gain to the Conspiracy that is directly tied to the download. The more popular the content, such as copies ofwell-known copyrighted works, the more users that find their way to a

Megaupload.comdownloadpage; the access ofthese additional users, in turn, makes the Mega Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 6 of 90 PageID# 251

Conspiracymore money. Becauseapproximately one percent ofMegaupload.com users pay for their use of the systems, Mega Conspiracy's businessstrategy for advertisingrequires maximizingthe number ofonline downloads (i.e., distributions ofcontent), which is also

inconsistent with the concept ofprivate storage.

10. In addition to displaying online advertisements, the downloadpages on

Megaupload.com are designedto increase premiumsubscriptions. All non-premium users are encouraged to buy a premium subscription to decrease wait and download times, which can be at

least an hourfor popular content(and, for someperiods oftime, these users have been ineligible to download files overa certain size). As a result, non-premium usersare repeatedly asked by the Conspiracy to pay for more and faster access to content on Megaupload.com. Users are also promptedto viewvideos uploaded to Megaupload.com directlyon a proprietary player designed

by the Conspiracy and offered through the Megavideo.com website and service. Users have also

been askedif they want to generate a new link to the downloading file and import it to their own

Megaupload.comaccounts, which facilitates distribution that is again inconsistent with

private storage.

11. The content availablefrom Megaupload.com is not searchableon the website,

which allows the Mega Conspiracy to conceal the scope of its infringement. Instead of hosting a

searchfunction on its own site,the MegaConspiracy business modelpurposefully relieson

thousands ofthird party "linking" sites, which contain user-generated postings oflinks created

by Megaupload.com (as well as those createdby other Mega Sites, includingMegavideo.com

and Megaporn.com). Whilethe Conspiracy may not operatethese third party sites, the Mega

Conspiracy didprovide financial incentives for premium usersto post linkson linking sites

through the "Uploader Rewards" program, which ensured widespread distribution of Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 7 of 90 PageID# 252

Megaupload.com links throughout the Internet and an inventory ofpopular content on the Mega

Conspiracy's computer servers. These linkingsites, which are usually well organizedand easy to use, promote and direct users to Mega Conspiracydownload pages that allow the reproduction and distribution ofinfringing copies ofcopyrighted works.

12. Popular linking sites that contained Mega Conspiracy-generated links include: niniavideo.net, megaupload.net, megarelease.net, kino.to, alluc.org, peliculasvonkis.com. seriesvonkis.com, surfthechannel.com, taringa.net, thepiratecitv.org, and mulinks.com. While several ofthese websites exclusively offer Megaupload.com links, all maintained an index of

URL links to identified copies ofcopyrighted content that were stored on servers directly controlled by the Mega Conspiracy.

13. The Mega Conspiracy closely monitors the traffic from linkingsites to the Mega

Sites and services. The Conspiracy is awarethat linkingsites generatea very high percentage of the millions ofvisits to its websites and services each week and provide the Conspiracy direct financial benefits throughadvertising revenue and opportunities for new premiumsubscriptions.

14. Members ofthe Mega Conspiracy have knowingly interacted with users of linking sites and visited the sites (and associated online forums) themselves. Specifically, some ofthe defendants have instructed individual users how to locate links to infringing content on the

Mega Sites (including recommending specific linking websites). Several ofthe defendants have also shared witheach other commentsfrom Mega Site users demonstratingthat they have used or are attempting to use the Mega Sites to get infringing copies ofcopyrighted content.

15. In contrast to the public who is required to significantly rely on third party indexes, members ofthe Conspiracy have full access to the listings ofactual files that are stored on their servers (as well as the Megaupload.com- and Megavideo.com- and Megaporn.com- Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 8 of 90 PageID# 253

generated links to those files). Conspirators have searched the internal database for their associates and themselves so that they may directly access copyright-infringing content on servers controlled by the Mega Conspiracy.

16. Though the public-facing Megaupload.com website itselfdoes not allow searches, it does list its "Top 100 files", which includes motion picture trailers and software trials that are freely available on the Internet. The Top 100 list, however, does not actually portray the most popular downloads on Megaupload.com, which makes the website appear more legitimate and hides the popular copyright-infringing content that drives its revenue.

17. If a user uploads a video file to Megaupload.com. the user can utilize the provided

URL link to redirect others to another Mega Conspiracy-controlled website, Megavideo.com. where they can view the file using a "Flash" video player. Alternatively, a user who hosts a personal or commercial website can embed the Megavideo.com player into their own website to display the video file (and provide advertising content from the Mega Conspiracy).

Megavideo.com has been estimated to be as popular as the 52nd most frequently visited website on the entire Internet.

18. A non-premiumuser is limited to watching 72 minutes ofany given video on

Megavideo.com at a time, which, since nearly all commercial motionpictures exceed that length, provides a significant incentive for users who are seeking infringing copies ofmotion pictures to paythe MegaConspiracy a fee for premium access. Somepremium usersare,therefore, paying the Mega Conspiracy directly for access to infringing copies ofcopyrighted works.

19. Before any video can be viewed on Megavideo.com. the user must view an advertisement. Originally, the Mega Conspiracy had contracted with companies such as adBrite, Inc., Google AdSense, and PartyGaming pic for advertising. Currently, the

8 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 9 of 90 PageID# 254

Conspiracy's own advertising website, Megaclick.com. is used to set up advertising campaigns on all the Mega Sites. The high traffic volume on the Conspiracy websites allows the Conspiracy to charge advertisers up-front and at a higher rate than would be achievedby the percentage-per-click methodologyused by other popular Internet advertising companies.

The popularity ofthe infringing content on the Mega Sites has generated more than $25 million in online advertising revenues for the Conspiracy.

20. Like Megaupload.com, Megavideo.comconceals many ofthe infringing copies of popular copyrighted videos that are available on and distributed by the site and the associated service. Megavideo.com does purport to provide both browse and search functions, but any user's search on Megavideo.com for a full length copyrighted video (which can be downloaded from a Mega Conspiracy-controlled server somewhere in the world) will not produce any results.

Similarly, browsing the front page ofMegavideo.com does not show any obviously infringing copies ofany copyrighted works; instead, the page contains videos ofnews stories, user- generated videos, and general Internet videos in a manner substantially similar to Youtube.com.

Browsing the most-viewed videos in the Entertainment category on Megavideo.com. however, has at times revealed a number ofinfringing copies ofcopyrighted works that are available from Mega Conspiracy-controlled servers and are amongst the most viewed materials being offered.

21. Members of the Conspiracyhave publicly stated that they operate the Mega Sites in compliance with the notice and takedown provisions ofthe Digital Millennium Copyright

Act ("DMCA"), codified at Title 17, United States Code, Section 512, despite the fact that they are violating its provisions. Internet providers gain a safe harbor under the DMCA from civil copyright infringement suits in the United States ifthey meet certain criteria. The members of Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 10 of 90 PageID# 255

Mega Conspiracy do not meet these criteria1 because they are willfully infringing copyrights

themselves on these systems; haveactualknowledge that the materials on their systems are

infringing (or alternatively knowfacts or circumstances that wouldmake infringing material

apparent); receive a financial benefit directly attributable to copyright-infringing activity where the provider can control that activity; and have not removed, or disabled access to, known

22. Members ofthe Mega Conspiracy negotiated the use ofan "Abuse Tool" with

somemajorU.S.copyright holders to purportedly remove copyright-infringing material from

Mega Conspiracy-controlled servers. The Abuse Tool allowed copyright holders to enter

specific URL links to copyright infringing content of which theywere aware, andtheywere told by the Conspiracy that the Mega Conspiracy's systems would then remove, or disable access to,the material from computer servers the Conspiracy controls. The Mega Conspiracy's

AbuseTooldid not actually function as a DMCA compliance tool as the copyright owners were

led to believe.

23. When a file is being uploaded to Megaupload.com. the Conspiracy's automated

system calculates a unique identifier for thefile (called a "MD5 hash") that is generated using a

mathematical algorithm. If, after the MD5 hash calculation, the system determines that the

uploading file already existson a server controlled by the Mega Conspiracy, Megaupload.com

does notreproduce a second copy ofthefile onthat server. Instead, thesystem provides a new

andunique URL linkto thenewuserthat is pointed to the original file already present on the

1Furthermore, the safe harbor requires that an eligible provider have an agent designated with the U.S. Copyright Officeto receiveinfringement notices; despitehavingmillions of users in the United States since at least thebeginning of the Conspiracy, the Conspiracy didnot designate such an agent until October 15, 2009, years after Megaupload.comand many ofits associated sites had been operating and the DMCA had gone into effect.

10 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 11 of 90 PageID# 256

server. Ifthere is more than one URL link to a file, then any attempt by the copyrightholder to terminate access to the file using the AbuseTool or other DMCA takedownrequest will fail because the additional access links will continue to be available.

24. The infringing copy ofthe copyrighted work, therefore, remains on the

Conspiracy's systems (and accessible to at least onemember of the public) as long as a single link remains unknownto the copyrightholder. The Conspiracy's internal reference database tracks the links thathavebeengenerated by the system, but duplicative links to infringing materialsare neither disclosedto copyright holders, nor are they automaticallydeletedwhen a copyright holder eitheruses the Abuse Tool or makes a standard DMCA copyright infringement takedownrequest. Duringthe course ofthe Conspiracy, the Mega Conspiracy has received many millions of requests (through the Abuse Tool andotherwise) to remove infringing copies of copyrighted works and yetthe Conspiracy has, at best,only deletedthe particular URL of which the copyright holder complained, andpurposefully leftthe actual infringing copy of the copyrighted work onthe Mega Conspiracy-controlled server and allowed access to the infringing work to continue.

25. In addition to copyrighted files, othertypesof illicitcontent have beenuploaded onto the Megaupload.com servers, includingpornographyand terrorism propaganda videos.

Members of the Conspiracy haveindicated to eachotherthat they canautomatically identify and delete such materials on all oftheir servers by calculating MD5 hash values ofknown child pornography or other illicit content, searching the system forthese values, andeliminating them; in fact, such files withmatching hashvalues have beendeletedfromthe MegaConspiracy's

11 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 12 of 90 PageID# 257

servers. Members ofthe Mega Conspiracy have failed to implement a similar program to actually delete or terminate access to copyright infringing content.

26. On or about June 24, 2010, members ofthe Mega Conspiracy were informed, pursuant to a criminal search warrant from the U.S. District Court for the Eastern District of

Virginia, that thirty-nineinfringingcopies of copyrightedmotion pictures were present on their leased servers at Carpathia Hosting, a hosting company headquartered in the Eastern District of

Virginia. A member ofthe Mega Conspiracy informed several ofhis co-conspirators at that time that he located the named files using internal searches oftheir systems. As ofNovember 18,

2011, more than a year later, thirty-six ofthe thirty-nine infringing motion pictures were still being stored on the servers controlled by the Mega Conspiracy.

27. At all times relevant to this Indictment, the defendants and other members ofthe

Mega Conspiracy knew that they did not have license, permission, authorization, or other authority from owners ofhundreds ofthousands ofcopyrighted works to reproduce and distributethose works, includingmaking them available over the Internet. Membersofthe Mega

Conspiracy are aware ofthe way that their sites are actually used by others; have themselves used the systems to upload, as well as reproduce and distribute, infringing copies of copyrighted content; and are aware that they have financially benefitted directly from the infringement of copyrighted works that they are in a position to control.

28. In addition to Megaupload.com, Megavideo.com, and Megaclick.com. the other websites created and domains owned by the Mega Conspiracy include: Megaworld.com:

Megalive.com; Megapix.com; Megacar.com; Megafund.com; Megakev.com; Megaking.com:

Megahelp.com; Megagogo.com: Megamovie.com: Megaporn.com; Megabackup.com;

Internal records ofthe Mega Conspiracy suggest, as ofJanuary 19, 2012, however, that only 221 unique actual files have been deleted in this manner.

12 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 13 of 90 PageID# 258

Megapav.com; Megabox.com; and Megabest.com. Several ofthese additional sites have also hosted infringing copies ofcopyrighted works. The websites and services, as well as the domainsthemselves, have been facilitated and promoted by illicit proceeds from the operations ofMegaupload.com, Megavideo.com, and Megaclick.com.

29. In addition to MEGAUPLOAD LIMITED, VESTOR LIMITED, Megamedia

Limited, Megavideo Limited, Megarotic Limited, Megapix Limited, Kingdom International

Ventures Limited, Netplus International Limited LLC, Basemax International Limited, and

Mindpoint International Limited LLC, the following companies and entities have facilitated and promotedthe Mega Conspiracy's operations: KimvestorLimited; Trendax Limited;Monkey

Limited; Kimpire Limited; A Limited;Nl Limited; RNK Media Company; Megapay Limited;

MegamusicLimited; Finn Batato Kommunikation; Mega Services Europe Ltd.; Megateam

Limited; MegastuffLimited; Megacard Inc.; Megasite Inc.; Seventures Limited; SECtravel; and

Bramos B.V. In addition, the creation and operation ofthese companies and entities has been facilitated and promoted by illicit proceeds from the operations ofthe Mega Conspiracy.

THE DEFENDANTS

30. KIM DOTCOM, who has also been known as KIM SCHMITZ and KIM TIM

JIM VESTOR, is a resident ofboth Hong Kong and New Zealand, and a dual citizen ofFinland and Germany. DOTCOM is the founder ofMEGAUPLOAD LIMITED ("MUL") and

Megamedia Limited ("MMG"). Until on or about August 14,2011, DOTCOM was the Chief

Executive Officer for MUL, and he is currently MUL's ChiefInnovation Officer. As the head of the Mega Conspiracy, DOTCOM employs more than 30 people residing in approximately nine countries. From the onset ofthe Mega Conspiracy through to the present, DOTCOM has supervised the development ofthe websites and companies utilized in the Mega Conspiracy.

13 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 14 of 90 PageID# 259

DOTCOMdirectedthe creation ofthe network infrastructure behind the Mega Conspiracy websites, negotiated contracts with Internet Service Providers and advertisers, administered the domain names used by the Mega Conspiracy, and exercises ultimate control over all decisions in the MegaConspiracy. DOTCOM has arranged millions of dollars in payments for the computer servers utilized by the MUL and MMG properties around the world, and has also distributed proceeds ofthe Conspiracy to his co-conspirators. DOTCOM is the director and sole shareholder ofboth VESTOR LIMITED and Kingdom International Ventures Limited, which have been usedto hold his ownership interests in MUL- and MMG- related properties; for example, DOTCOM owns approximately 68% ofMegaupload.com, Megaclick.com. and

Megapix.com. and 100% ofthe registered companies behind Megavideo.com. Megapom.com. and Megapav.com, through VESTOR LIMITED. DOTCOM has personally distributed a link to a copy of a copyrighted work on, and has receivedat least one infringingcopyofa copyrighted work from, the Mega Sites. Additionally, on numerous instances, DOTCOM received DMCA copyright infringementtakedown notices from third-party companies. In calendar year 2010 alone, DOTCOM received more than $42 million from the Mega Conspiracy.

31. MEGAUPLOAD LIMITED is the registered owner ofMegaupload.com. the primary website operated by the Mega Conspiracy, and Megaclick.com. a site that offers advertising associated with Mega Conspiracy properties. MUL is a registered companyin Hong

Kong with a registrynumber of 0835149. MUL has a number ofbank accounts in Hong Kong that have been used to facilitate the operations ofthe Mega Conspiracy. DOTCOM, in addition to holding the title ofChiefExecutive Officer ofMUL until as recently as August 2011, owns, through VESTOR LIMITED, approximately 68% ofthe shares ofMUL; MATHIAS

ORTMANN, through Netplus International Limited LLC, owns an additional 25%; JULIUS

14 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 15 of 90 PageID# 260

BENCKO, through Basemax International Limited, owns 2.5%; BRAM VAN DER KOLK utilizes Mindpoint International Limited LLC to hold 2.5% ofthe shares ofMUL;

SVEN ECHTERNACH owns approximately 1%; and the remaining 1% is owned by an investor in Hong Kong.

32. VESTOR LIMITED is a registered company in Hong Kong with a registry number of0994358. VESTOR LIMITED has a DBS Bank account in Hong Kong that has been used to facilitate the operations ofthe Mega Conspiracy. DOTCOM (under the alias KIM TIM

JIM VESTOR) is the sole director and shareholder ofVESTOR LIMITED, and thus is effectively the sole director and 68% owner ofMUL, Megaupload.com. Megaclick.com. and

Megapix.com. DOTCOM is the sole director of, and VESTOR LIMITED is the sole shareholder of, MMG, which is the parent company and sole shareholder ofthe following companies: Megavideo Limited (which is the registered owner ofMegavideo.com).

Megarotic Limited (which is the registered owner ofMegaporn.com). and Megapay Limited.

VESTOR LIMITED is also the sole owner ofMegaworld.com.

33. FINN BATATO is both a citizen and resident ofGermany. BATATO is the

Chief Marketingand Sales Officer for Megaupload.com and other Mega Conspiracyproperties.

Specifically, BATATOis in charge ofselling advertising space, primarily through

Megaclick.com. BATATO supervises a team ofapproximately ten sales people around the world. The purpose ofthe sales team is to increase the advertising revenue in localized markets by targeting certainadvertisements in certain countries. BATATO handles advertising customers on the Megaclick.com website and approves advertising campaigns for

Megaupload.com, Megavideo.com, and Megaporn.com. BATATO has personally distributed a link to at least one infringing copy ofa copyrighted work to a Mega Site. Additionally, on

15 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 16 of 90 PageID# 261

numerous instances, BATATO received DMCA copyright infringement takedown notices from third-party companies. In calendar year 2010, BATATO received more than $400,000 from the

Mega Conspiracy.

34. JULIUS BENCKO is both a citizen and resident ofSlovakia. BENCKO is the

Graphic Director for MUL and MMG. BENCKO, as the director and sole shareholder of

Basemax International Limited, is effectively a 2.5% shareholder ofMUL. From the onset ofthe

Conspiracy through to the present, BENCKO has been the lead graphic designer ofthe

Megaupload.com and other Mega Conspiracy websites. He has designed the Megaupload.com logos, the layouts ofadvertisement space, and the integration ofthe Flash video player.

BENCKO has requested and received at least one infringing copy ofa copyrighted work as part ofthe Mega Conspiracy. In calendar year 2010, BENCKO received more than $1 million from the Mega Conspiracy.

35. SVEN ECHTERNACH is both a citizen and resident ofGermany.

ECHTERNACH is the Head ofBusiness Development for MMG and MUL. ECHTERNACH is a 1% shareholder in MUL. ECHTERNACH leads the Mega Team company, registered in the

Philippines, which is tasked with removing illegal or abusive content from the Mega Conspiracy websites, reviewing advertising campaigns for inappropriate content, and responding to customer support e-mails. Additionally, ECHTERNACH handles the Mega Conspiracy's relationships with electronic payment processors, accounting firms, and law firms. His activities include traveling and approaching companies for new business ventures and services.

Additionally, on numerous instances, ECHTERNACH received DMCA copyright infringement takedown notices from third-party companies. In calendar year 2010, ECHTERNACH received more than $500,000 from the Mega Conspiracy.

16 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 17 of 90 PageID# 262

36. MATHIAS ORTMANNis a citizen ofGermany and a resident ofboth Germany and Hong Kong. ORTMANN is the ChiefTechnical Officer, co-founder, and a director of

MUL. ORTMANN, as the director and sole shareholder ofNetplus International Limited LLC, effectively owns 25% ofthe shares ofMUL. From the onset ofthe Conspiracythrough to the present, ORTMANN has overseensoftwareprogrammers that developedthe Mega Conspiracy's websites,and has handledtechnicalissues with the ISPs. His particular areas of responsibility include setting up new servers, sending and responding to equipment service requests, and problem solving connectivityproblems with the Mega Conspiracy websites. Additionally, on numerous occasions, ORTMANN received DMCA copyright infringement takedown notices from other conspirators and third-party companies. ORTMANN also had authority to distribute funds from one ofthe Conspiracy's main financial accounts. ORTMANN has received a link to a copy ofa copyrighted work associated with the Mega Conspiracy. In calendar year 2010 alone, ORTMANN receivedmore than $9 million from the Mega Conspiracy.

37. ANDRUS NOMM is a citizen ofEstonia and a resident ofboth Turkey and

Estonia. NOMM is a software programmer and Head ofthe Development Software Division for

MUL. NOMMis responsible for the technical aspectsof Megaclick.com. NOMM develops new projects,tests code, and providesroutine maintenance for the site. Additionally, NOMM provides web coding assistance to various projects on other Mega Conspiracy websites. Such

projects have included testing high definition video on Megavideo.com. installing the thumbnail

screen capturesfor uploaded videos, and transferring still images across the various Mega

Conspiracy website platforms. NOMM has accessed at least one infringing copy ofa

copyrighted work from a computer associated with the Mega Conspiracy. In calendar year 2010,

NOMM received more than $100,000 from the Mega Conspiracy.

17 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 18 of 90 PageID# 263

38. BRAM VAN DER KOLK, who has also been known as BRAMOS, is a resident ofboth the Netherlands and New Zealand. VAN DER KOLK is a Dutch citizen. VAN DER

KOLK is the "Programmer-in-Charge" for MUL and MMG. VAN DER KOLK, as the director and sole shareholder ofMindpoint International Limited LLC, effectively owns 2.5% ofthe shares ofMUL. From the onset ofthe Conspiracy through to the present, VAN DER KOLK has overseen programming on the Mega Conspiracy websites, as well as the underlying network infrastructure. VAN DER KOLK is also responsible for responding to DMCA copyright infringement takedown notices sent to Mega Conspiracy sites. Lastly, VAN DER KOLK oversaw the selection offeatured videos that were posted onto Megavideo.com. and he was previously in charge ofthe rewards program. VAN DER KOLK has personally uploaded multiple infringing copies ofcopyrighted works to Internet sites associated with the Mega

Conspiracy and has searched servers controlled by the Mega Conspiracy for infringing copies ofcopyrighted works at the request ofother co-conspirators, including several ofthe defendants. In calendar year 2010, VAN DER KOLK received more than $2 million from the

Mega Conspiracy.

THIRD-PARTIES

39. Carpathia Hosting rCarpathia.com) is an Internet hosting provider that is headquartered in Dulles, Virginia, which is in the Eastern District ofVirginia. Carpathia Hosting has access to datacenters in Ashburn, Virginia; Harrisonburg, Virginia; Phoenix, Arizona; Los

Angeles, California; and Toronto, Canada. The Mega Conspiracy leases approximately

25 petabytes ofdata storage from Carpathia to store content associated with the Mega Sites.

More than 1,000 computer servers in North America are owned and operated by Carpathia

A petabyte is more than 1,000 terabytes, or one million gigabytes.

18 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 19 of 90 PageID# 264

Hosting for the benefit ofthe Mega Conspiracy; more than 525 ofthese computer servers are currently located in Ashburn, Virginia, which is in the Eastern District ofVirginia. Carpathia

Hosting continuedto provide the Mega Conspiracy with leased computers, Internet hosting, and support services as ofJanuary 19,2012.

40. Cogent Communications (Cogentco.com) is a multinational Internet hosting and bandwidth provider that is headquartered in Washington, D.C., but also has offices and facilities in the EasternDistrict of Virginia. As one of the top five global Internetserviceproviders,

Cogent Communicationsowns and operates 43 datacenters around the world. The Mega

Conspiracy leases approximately thirty-six computer servers in Washington, D.C. and France from Cogent Communications that are used for the Mega Sites. Cogent Communications continued to providethe Mega Conspiracy with leased computers, Internet bandwidth, hosting, and support services as ofJanuary 19, 2012.

41. Leaseweb (Leaseweb.com) is a multinational Internet hosting provider that is headquartered in the Netherlands. Leaseweb has eight datacenters in the Netherlands, Belgium,

Germany, and the United States, including in the Eastern District ofVirginia. More than 630 computer servers in the Netherlands are owned and hosted by Leaseweb for the benefit ofthe

Mega Conspiracy, and an additional sixty servers hosted at Leaseweb were purchased by the

Mega Conspiracyin October 2011. Leaseweb continuedto provide the Mega Conspiracy with leased computers, Internet hosting, and support services as ofJanuary 19,2012.

42. PayPal,Inc. (PavPal.com) is a U.S.-based global e-commerce business allowing payments and money transfers over the Internet; in fact, PayPal Inc. indicates that it is involved in approximately 15% ofglobal e-commerce. The Mega Conspiracy's PayPal, Inc. account has been utilized to receive payments from the Eastern District ofVirginia and elsewhere for

19 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 20 of 90 PageID# 265

premium Megaupload.com subscriptions, which have included fees of$9.99 for monthly subscriptions, $59.99 for yearly subscriptions, and $199.99for lifetime subscriptions. The same

PayPal, Inc. account has been used by the Conspiracy to pay Carpathia Hosting in the United

States and Leaseweb in the Netherlands as well as other operating expenses (including, but not limited to, direct financial rewards to uploaders ofpopular content in the Eastern District of

Virginia and elsewhere). From on or about November 25,2006, through on or about July 2011, the PayPal, Inc. account for the Mega Conspiracy has received in excess of$110,000,000 from

subscribers and other persons associated with Mega Conspiracy.

43. Moneybookers Limited (Monevbookers.com) is an United Kingdom-based global

e-commerce business allowing payments and money transfers over the Internet. The Mega

Conspiracyhas chargedvarious rates through MoneybookersLimited for premium subscriptions

on its websites, including€9.99 for monthly subscriptions,€59.99 for yearly subscriptions, or

€199.99 for lifetime subscriptions. Between August 1, 2010 and July 31, 2011, the

Moneybookers Limited accounts for the Mega Conspiracy have collected in excess of$5 million

from subscribers ofMega Sites and transferred that money to an account in Hong Kong

associated with the Mega Conspiracy.

44. AdBrite, Inc. (AdBrite.com) is an online advertising network based in San

Francisco, California. AdBrite, Inc. provides advertisements for over 100,000 Internet sites and

is believed to be amongst the top ten advertising networks on the Internet. From on or about

September2,2005 until on or about May 24,2008, AdBritepaid at least $840,000to the Mega

Conspiracy for advertising.

45. PartyGaming pic is a company based in the United Kingdom that has operated

PartvPoker.com since 2001. PartvPoker.com has more than 3 million visitors annually and is

20 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 21 of 90 PageID# 266

one ofthe largest online poker rooms. PartyGaimng's advertising contract with the members of the Mega Conspiracywas initiated on or about November 12, 2009 and has resulted in payments ofmore than $3,000,000 to the Conspiracy. This contract was still active as recently as on or aboutMarchl8,2011.

21 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 22 of 90 PageID# 267

COUNT ONE

(18 U.S.C. § 1962(d) - Conspiracy to Commit Racketeering)

THE GRAND JURY CHARGES THAT:

46. Paragraphs 1 through 45 are re-alleged and incorporated as ifset forth here in their entirety.

A. THE ENTERPRISE

47. Beginning in at least September 2005 and continuing until at least January 19,

2012, in the Eastern District ofVirginia and elsewhere, the defendants,

KIM DOTCOM,

MEGAUPLOAD LIMITED,

VESTOR LIMITED,

FINN BATATO,

JULIUS BENCKO,

SVEN ECHTERNACH,

MATHIAS ORTMANN,

ANDRUS NOMM, and

BRAMVAN DER KOLK and others known and unknown to the Grand Jury, constituted an "enterprise," as defined by

Title 18,UnitedStates Code, Section 1961(4) (hereinafter the "Enterprise"), that is, a group of individuals and entities associated in fact. The Enterprise further included all associated corporations, affiliates, subsidiaries, and entities, including, but not limited to, those indicated in paragraph 29. The Enterprise constituted an ongoing organization whose members functioned as

22 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 23 of 90 PageID# 268

a continuing unit for the common purpose ofachieving the objectives ofthe Enterprise. This

Enterprise was engaged in, and its activities affected, interstate and foreign commerce.

B. THE RACKETEERING VIOLATION

48. Beginning in at least September 2005 and continuing until January 19, 2012, in the Eastern District ofVirginia and elsewhere, the defendants,

KIM DOTCOM,

MEGAUPLOAD LIMITED,

VESTOR LIMITED,

FINN BATATO,

JULIUS BENCKO,

SVEN ECHTERNACH,

MATHIAS ORTMANN,

ANDRUS NOMM, and

BRAM VAN DER KOLK beingpersonsemployed by and associated with the Enterprise, which Enterprise engagedin, and the activities of whichaffected interstate and foreign commerce, did knowingly, willfully, and intentionally combine, conspire, confederate, and agree together and with each other, and with other persons known and unknown to the Grand Jury, to violate 18 U.S.C. § 1962(c) (hereinafter the "Racketeering Violation"), that is, to conductand participate, directly and indirectly, in the conductofthe affairsof that Enterprise througha patternof racketeering activity, as that term is defined in Title 18, United States Code, Section 1961(1) and (5), involving multiple acts indictable under:

23 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 24 of 90 PageID# 269

a. 18 U.S.C. §§ 2319(b)(1) & 2319(d)(2); 17 U.S.C. §§ 506(a)(1)(A) & 506(a)(1)(C) (criminal copyright infringement);

b. 18 U.S.C. §§ 1956(a)(l)(A)(i), 1956(a)(2)(A), 1956(h), 1956(f), and 1957 (money laundering); and

c. 18 U.S.C. § 1343 (fraud by wire).

C. PURPOSES OF THE ENTERPRISE

49. The purposes ofthe Enterprise included the following:

a. Enrichingthe membersand associates ofthe Enterprise through, among

other things, copyright infringement, money laundering, and wire fraud.

b. Promoting, enlarging, and enhancing the Enterprise and its members' and

associates' activities.

D. MEANS AND METHODS OF THE ENTERPRISE

50. Among the means and methods by which the defendants and their associates conductedand participated in the conduct ofthe affairs of the Enterprise were the following:

a. Members ofthe Enterprise and their associates criminally infringed

copyrights, aided and abetted copyright infringement, and conspired to

infringe copyrights, which affected interstate and foreign commerce;

b. Members ofthe Enterprise and their associates committed money

laundering, attempted to commit money laundering, and conspired to

commit money laundering to facilitate and expand the Enterprise's

criminal operations, which affected interstate and foreign commerce;

and

c. Members ofthe Enterprise and their associates devised a scheme to

defraud, committed wire fraud, aided and abetted wire fraud, and

24 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 25 of 90 PageID# 270

attempted to commit wire fraud, which affected interstate and foreign

commerce.

(All in violation ofTitle 18, United States Code, Section 1962(d))

25 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 26 of 90 PageID# 271

COUNT TWO

(18 U.S.C. § 371 - Conspiracy to Commit Copyright Infringement)

THE GRAND JURY CHARGES THAT:

51. The factual allegations contained in Paragraphs 1 through 45 are re-alleged and incorporated as ifset forth here in their entirety.

52. Beginningin at least September2005 and continuinguntil at least January 19,

2012, in the Eastern District ofVirginia and elsewhere, the defendants,

KIM DOTCOM,

MEGAUPLOAD LIMITED,

VESTOR LIMITED,

FINN BATATO,

JULIUS BENCKO,

SVEN ECHTERNACH,

MATHIAS ORTMANN,

ANDRUS NOMM, and

BRAMVAN DER KOLK each knowingly and intentionally combined, conspired, and agreed together and with each other, andwith otherpersons knownand unknown to the GrandJury,to: (1) willfullyinfringe, for purposes of commercial advantage and private financial gain, at least ten copies and phonorecords ofone or more copyrighted works with a total retail value ofmore than $2,500 within a 180-day period, in violationof Title 17, United States Code, Section 506(a)(1)(A) and

Title 18, UnitedStatesCode, Section2319(b)(1); and (2) willfully infringe, for purposes of commercial advantage and private financial gain, a copyrightby the distributionofa work being

26 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 27 of 90 PageID# 272

prepared for commercial distribution, by making it available on a computer network accessible to members ofthe public, when the defendants knew and should have known that the work was intended for commercial distribution, in violation ofTitle 17, United States Code, Section

506(a)(1)(C) and Title 18, United States Code, Section 2319(d)(2).

Ways, Manner, and Means ofthe Conspiracy

In furtherance ofthe Conspiracy, defendants and others known and unknown to the

Grand Jury employed, among others, the following manner and means:

53. It was part ofthe Conspiracythat the defendants and their co-conspirators operated a number ofInternet sites and associated services, including Megaupload.com.

Megavideo.com, and Megaclick.com.

54. It was furtherpart ofthe Conspiracy that membersofthe Conspiracyhad the ability to search files that were on the computersystemsthey controlled. The records kept by the

Conspiracy included, but were not limited to, the identity ofthe user who uploaded the content, the date it was uploaded, the MD5 hash value for the file, the Mega Conspiracy-createdlinks that pointedto the content, the size of the file, the namethe user providedfor the file, the apparent number of times the file had been downloaded (until August 31, 2010), and whether a copyright infringement notice had been received for any link associated with the content file.

55. It was further part ofthe Conspiracy that the content available on

Megaupload.com and Megavideo.com was provided by known and unknown members ofthe

Mega Conspiracy, including several ofthe defendants, who uploaded infringing copies of copyrighted works onto computer servers leased by the Mega Conspiracy in North America to further the reproduction and distribution of copyrighted works; in particular, copyright infringing content was reproduced and distributed by the Conspiracy using various servers in Toronto,

27 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 28 of 90 PageID# 273

Canada; Los Angeles, California; and Ashburn, Virginia (the last ofwhich is in the Eastern

District ofVirginia).

56. It was further part ofthe Conspiracy that content was also reproduced on and distributed from computer servers leased or owned by the Mega Conspiracy in France and the Netherlands.

57. It was further part ofthe Conspiracythat the Conspiracy made no significant effort to identify and block users who were using the Mega Sites or services to infringe copyrights, to preventthe uploading ofinfringing copies ofcopyrighted materials, or to identify infringing copies of copyrighted works located on computer servers controlled by the

Conspiracy.

58. It was further part ofthe Conspiracy, from at least September 2005 until July

2011, that the Conspiracy provided financial incentives for users to upload infringing copies of popular copyrighted works. The Conspiracy made payments to uploaders who were known to have uploaded infringing copies ofcopyrighted works, as well as repeat infringers.

59. It was further part ofthe Conspiracythat it designed its computer systems to automatically reproduceadditional copies ofsome works that had originally been uploaded by individual users and distributed these additional copies to multiple computer servers under the control ofthe Conspiracy around the world, includingto computer servers that were specifically designed to rapidly mass distribute files.

60. It was further part ofthe Conspiracy that members ofthe Conspiracy monitored the public actions oflaw enforcement regarding large-scale copyright infringement and took active steps to conceal the copyright-infringing activities taking place on the Mega Sites.

28 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 29 of 90 PageID# 274

61. It was further part ofthe Conspiracy that the members ofthe Conspiracy misrepresented to the Conspiracy's users and the public the nature ofthe files that were contained on the computer servers it controlled and ofthe amount oftheir network bandwidth associated with known or obvious infringement.

62. It was further part ofthe Conspiracythat members ofthe Conspiracy purposefully did not provide full and accurate search results to the public, or, in the case ofMegaupload.com. chose not to provide any search functionality at all in order to conceal the fact that the primary purpose ofthe website and service was to reproduce and distribute infringing copies of copyrighted works for commercial advantage and private financial gain.

63. It was further part ofthe Conspiracy that members ofthe Conspiracy reproduced copyrighted works directly from third-party websites, including from YouTube.com. to make them available for reproduction and distribution on Megavideo.com.. and to create the false impressionthat Megavideo.com hosted primarilyuser generated content instead ofcopyright- infringing content.

64. It was further part ofthe Conspiracythat members ofthe Conspiracy generally did not terminate the user accounts ofknown copyright infringing users, when it had the right and ability under its Terms ofService to do so.

65. It was further part ofthe Conspiracy that members ofthe Conspiracy generally did not delete infringing copies ofcopyrighted works from computer servers that they controlled, even when they were aware ofthe infringing material or the removal ofthat content was specifically requested by the copyright holder.

66. It was further part ofthe Conspiracythat members ofthe Conspiracy responded on a selective basis to requests to remove infringing content (or access thereto) from the

29 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 30 of 90 PageID# 275

computer servers they controlled, and sometimes deliberately did not remove copyrighted works

(or even links thereto) when it would result in a loss ofrevenue.

67. It was further part ofthe Conspiracy that members ofthe Conspiracytold

copyright holders and their representatives that it would remove infringing content the holders and their representatives identified from the servers the Conspiracy controlled, when the members of the Conspiracy knew they wouldnot. In particular, members ofthe Conspiracy deliberately misrepresented to copyright holders thatthey had removed copyright infringing

content from their servers, while, in fact, they only removed certain links to the content file

(which could still be illegally downloaded through numerous redundant links). Redundant links were sometimes even created by members of the Conspiracy.

68. It was furtherpart ofthe Conspiracy that membersofthe Conspiracy told

complaining rights holders and their representatives that the members of the Conspiracy had

deleted or blocked the user accounts of known andrepeat copyright infringing users, whenthey

had not.

69. It was further part ofthe Conspiracy that the computersystems operated by

members of the Conspiracy allowed the uploading of many hundreds of thousands of infringing

copiesof copyrighted files from anonymous usersand the Conspiracy has financially profited

from the distribution ofthese files.

70. It was furtherpart ofthe Conspiracy that the computersystemsoperated by

members ofthe Conspiracy have been used to distribute many hundreds ofthousands of

infringing copiesof copyrighted works to anonymous usersand the Conspiracy has financially

profited from those distributions.

30 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 31 of 90 PageID# 276

71. It was furtherpart ofthe Conspiracythat infringing copies ofmany thousands of

copyrighted works on Megaupload.com and Megavideo.com were made available to tens of

millions ofvisitors each day.

72. It was further part ofthe Conspiracy that the Conspiracy derived a direct financial benefit from infringement through the advertising that was placed on the Mega Sites and from "premium" subscriptioncharges. Between September2005 and January 5,2012, the defendants collectively have received more than $175 million from advertisingand

subscriptions.

Overt Acts

73. It was further part ofthe Conspiracy that the following acts in furtherance ofand to effect the objects ofthe above-described Conspiracy were committed in the Eastern District of

Virginia and elsewhere:

a. From at least November 24, 2006 until at least January 19,2012,

infringing copies of copyrighted materials werestored on computer servers located at Carpathia

Hosting in Ashburn, Virginia, which is in the Eastern District ofVirginia.

b. For the 180 days up to and including January 19, 2012, members ofthe

Conspiracy infringed copyrights, in the Eastern DistrictofVirginia and elsewhere, by reproducing and distributing by electronic means at least ten copies and phonorecords ofone or

more copyrighted works which had a total retail value of more than $2,500 for purposes of

commercial advantage and private financial gain.

c. For the 180 days up to and including August 31, 2010, members ofthe

Conspiracyinfringedcopyrights, in the Eastern District ofVirginia and elsewhere,by

reproducing and distributing by electronic means at least ten copies and phonorecords ofone or

31 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 32 of 90 PageID# 277

morecopyrighted works which had a total retail value of more than $2,500 for purposes of commercial advantage and private financial gain.

d. For the 180 days up to and including August 16, 2008, members ofthe

Conspiracy infringed copyrights, in the EasternDistrict of Virginiaand elsewhere, by reproducing and distributingby electronic means at least ten copies and phonorecords ofone or more copyrighted works which had a total retail value of morethan $2,500 for purposes of commercial advantage and private financial gain.

e. For the 180 days up to and including October 31, 2007, members ofthe

Conspiracy infringedcopyrights, in the Eastern District of Virginia and elsewhere,by reproducing and distributing by electronic means at least ten copiesand phonorecords of one or more copyrighted works from the Youtube.com platform which had a total retail value ofmore than $2,500 for purposes of commercial advantage and privatefinancial gain,

f. During the courseof the Conspiracy, the Mega Conspiracy has paid more than $65million to hosting providers around the world for computer leasing, hosting, bandwidth, and support services. The amounts ofsome ofthese payments are detailed in Count Three, and incorporated herein by reference. These payments involved the use ofproceeds ofcriminal copyright infringement to promote the objects ofthe conspiracy.

g. Fromat leastSeptember 2005 untilJuly2011,the MegaConspiracy offered andprovided financial incentives to itspremium subscribers to upload copies of popular works to Megaupload.com and then distribute links that provided a download ofthat file, with a single click, to anyone on the Internet. Though the "Uploader Rewards" program warned that theuploading of copyrighted files wouldresult in disqualification, the MegaConspiracy rarely, if ever, terminated the accounts of individuals whopostedcopyrighted content. In fact, the Mega

32 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 33 of 90 PageID# 278

Conspiracy affirmatively chose to financially reward specific uploaders ofinfringing copies of copyrighted content, including repeat offenders.

h. An early version ofthe "Uploader Rewards" program for

Megaupload.comfrom approximately September 2005 announced: "Today we are also introducing our ground breaking Uploader Rewards. Our new reward program pays money and cash prizes to our uploaders. This makes Megaupload the first and only site on the Internet paying you for hostingyour files. The more popularyour files the more you make." Directly addressing "file traders," the announcement continued: "You deliver popular content and successfulfiles[.] We provide a power hosting and downloadingservice. Let's team up!" In addition, the announcement stated: "You must have at least 50000 downloads within 3 months to qualify" and "You must allow us to list your files & descriptions on our Top 100 pages." The rewardsincluded "$1 USD Cash per 1000 downloadsofyour uploaded files", plus an additional bonusbetween$50 to $5,000for Top 100"Megauploaders with the most downloads"during a three-month period, to be paid through PayPal according to the following ranking:

Rankl: $5,000 USD Bonus Ranks 2-5: $1,000 USD Bonus Ranks 6-10: $500 USD Bonus Ranks 11-50: $100 USD Bonus Ranks 51-100: $50 USD Bonus

i. A later version ofthe "Uploader Rewards" program, available at least as early as November2006, offeredthe following: "For every download ofyour files, you earn 1 reward point. * You can redeem your reward points for premium services and cash[.]" The program required "a premium membership to qualify for a payment." Rewards were paid through PayPal according to the following reward point totals:

5,000 reward points: One day premium 50,000 reward points: One month premium

33 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 34 of 90 PageID# 279

100,000 reward points: One year premium 500,000 reward points: Lifetime platinum + $300 USD 1,000,000 reward points: $1,000 USD 5,000,000 reward points: $10,000 USD

j. At the time of its termination, as recently as July 2011, the "Uploader

Rewards" program offered rewards according to the following reward point totals:

10,000 reward points: One month premium membership 50,000 reward points: 6 months premium membership 100,000 reward points: One year premium + $100 USD 500,000 reward points: Lifetime platinum + $500 USD 1,000,000 reward points: $1,500 USD 5,000,000 reward points: $10,000 USD

k. In approximately April 2006, members ofthe Mega Conspiracy copied

videos directly from Youtube.com to make them available on Megavideo.com.

1. On or about April 10,2006, VAN DER KOLK sent an e-mail to

ORTMANN asking "Do we have a server available to continue downloading ofthe Youtube's

vids? ... Kim just mentioned again that this has really priority."

m. On or about April 10,2006, VAN DER KOLK sent an e-mail to

ORTMANN indicating "Hope rYoutube.com is] not implementing a fraud detection system

now... * praying *".

n. On or about April 10,2006, ORTMANN sent an e-mail to VAN DER

KOLK in reply to the "fraud detection" message indicating "Even ifthey did, the usefulness of

their non-popular videos as a jumpstart for Megavideo is limited, in my opinion."

o. On or about April 10,2006, VAN DER KOLK sent an e-mail to

ORTMANN in reply to the "jumpstart for Megavideo" message indicating that "Well we only

have 30% oftheir videos yet.. In my opinion it's nice to have everything so we can descide and

brainstorm later how we're going to benefit from it."

34 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 35 of 90 PageID# 280

p. On or aboutMay2, 2006, an e-mail was sent from the "Megaupload

Abuse Desk" to a representative ofa copyright holder falsely representing that the representative could "remove a batch offiles from our servers" by using the Abuse Tool.

q. On or about May 10,2006, a memberofthe Mega Conspiracy registered the Internet domain Megaclick.com.

r. On or about August 31,2006, VAN DER KOLK sent an e-mail to an associate entitled "lol". Attached to the message was a screenshot ofa Megaupload.com file download page for the file "Alcohol 120 1.9.5 3105complete.rar" with a description of"Alcohol

120, con crack!!!! By ChaOtiX!". The copyrighted software "Alcohol 120" is a CD/DVD burning software program sold by www.alcohol-soft.com.

s. On or about November 13, 2006, VAN DER KOLK sent an e-mail to another individual that contained 100 Megaupload.com links to infringing copies ofcopyrighted musical recordings by the artist Armin van Buuren.

t. On or about November 13, 2006, a member ofthe Mega Conspiracy registered the Internet domain Megavideo.com.

u. On or about December 3, 2006, DOTCOM distributed a Megaupload.com link to a music file entitled "05-50_cent_feat._mobb_deep-nah-c4.mp3" to ORTMANN. A copy ofthis file was still present on servers controlled by the Mega Conspiracy as of

December 20, 2011.

v. On or about February 5, 2007, VAN DER KOLK sent an e-mail to

ORTMANN entitled "reward payments". Attached to the e-mail was a text file listing the following proposed reward amounts^ the Megaupload.com username, and the content they uploaded:

35 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 36 of 90 PageID# 281

100 USD [USERNAME DELETED] 10+ Full popular DVD rips (split files), a few small porn movies, some software with keygenerators (warez) 100 USD [USERNAME DELETED] 5845 files in his account, mainly Vietnamese content 100 USD [USERNAME DELETED] Popular DVD rips 100 USD [USERNAME DELETED] Some older DVD rips + unknown (Italian serries?) rar files 1500 USD [USERNAME DELETED] known paid user (Vietnamese content)

The last individual received at least $55,000 from the Mega Conspiracy through transfers from

PayPal Inc., as part ofthe "Uploader Rewards" program.

w. On or about February 11,2007, VAN DER KOLK sent an e-mail to

ORTMANN indicating that "Kim really wants to copy Youtube one to one."

x. On or about February 13,2007, ORTMANN sent an e-mail to VAN DER

KOLK entitled "my concerns about the thumbnails table." In the e-mail, ORTMANN asked

VAN DER KOLK to create "a dummy lifetimepremium user," stating that "[t]his is very importantto prevent the loss ofsource files due to expiration or abuse reports."

y. On or about February 21, 2007, VAN DER KOLK sent an e-mail to

ORTMANN entitled "2 reward payment files." Attached to the e-mailwas a file containing

Megaupload.com users' e-mail addressesand reward paymentsfor that time period, which ranged from $100 to $500. For one user that was paid $300, VAN DER KOLK wrote, "30849 files, mainly Mp3z, some copyrighted but most of them have a very small number ofdownloads perfile." Forother users, all of which were selected forreward payments of $100 bytheMega

Conspiracy, he wrote the following: "Our oldfamous number one on MU, still some illegal files but I think he deserves a payment"; "Loads of PDF files (looks like scannedmagazines)"; "looks like Vietnamese DVD rips"; "This user was paid last time has mainly split RAR files, however more than 50% deleted through abuse reports."

36 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 37 of 90 PageID# 282

z. From on or about March 1,2007, through July 3, 2010, payments totaling approximately$13 million were transferred in and affecting interstate and foreign commerce through PayPal, Inc. by a member ofthe Mega Conspiracy to WR, the ChiefFinancial Officer ofCarpathia Hosting in Ashburn, Virginia, which is in the Eastern District ofVirginia, for computer leasing, hosting, and support services. The details ofthese payments are described more specifically in Count Three and incorporated herein by reference.

aa. From on or about March 2,2007, through July 3,2010, payments totaling at least $9 million were transferred in and affecting interstate and foreign commerce through

PayPal, Inc. by a member ofthe Mega Conspiracyto Leaseweb in the Netherlands for computer leasing, hosting, and support services. The details ofthese payments are described more specifically in Count Three and incorporated herein by reference.

bb. On or about April 15, 2007, VAN DER KOLK sent an e-mail to

ORTMANN entitled "reward batch payment." In the e-mail, VAN DER KOLK stated: "We saved more than halfofthe money. Most ofthe disqualifications were based on fraud

(automated mass downloads). The other disqualifications had very obvious copyrighted files in their account portfolio, but I was rather flexible (considering we saved quite a lot on fraud already). Total cost: 5200 USD." Attached to the e-mail was a file containing the

Megaupload.com users' e-mail addresses and selected reward payments for that time period, which ranged from $100 to $1,500.

cc. On or about May 17,2007, a representative from Google AdSense, an

Internet advertising company, sent an e-mail to DOTCOM entitled "Google AdSense Account

Status." In the e-mail, the representative stated that "[d]uring our most recent review ofyour site

[Megaupload.comQ" Google AdSense specialists found "numerous pages" with links to, among

37 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 38 of 90 PageID# 283

other things, "copyrighted content," and therefore Google AdSense "will no longer be able to work with you." The e-mail contains links to specific examples ofoffending content located on

Megaupload.com. DOTCOM and his conspiratorshave continued to operate and financially profit from the Megaupload.com website after receiving this notice.

dd. On or about July 1,2007, the Mega Conspiracy publicly launched the

Megavideo.com website.

ee. On or about August 12, 2007, VAN DER KOLK sent an e-mail to

ORTMANN regarding a particular file located on Megaupload.com. The file was a music video, entitled "soulja_boy-crank_dat_soulja_boy_(superman)-[zGalaxy_Xvid].avi." In the e-mail,

VAN DER KOLK copied information about the file from the Megaupload.com internal database, which contains, among other things, the following: file name; file extension type (e.g., .avi, jpg, etc.); file size; date; rank; the file's 32-digit identification number, also referred to as a MD5 hash; and the file's 8-digit download number for use with the Megaupload.com link

(for example, the last eight digits ofthe following: www.megaupload.com/?d=BYl 5XE3V).

ff. On or about August 14, 2007, an e-mail was sent from "Megavideo

Support" to a copyright holder (who complained that videos from his Youtube.com channel appeared to have been infringed by two users on Megavideo.com) that falsely represented that the Mega Conspiracy had blocked the two user accounts, when these two accounts were still active on January 19, 2012.

gg. On or about August 15,2007, BENCKO sent VAN DER KOLK an e-mail message indicating "the sopranos is in French :((([expletive deleted]., can u pis find me some again ?" "The Sopranos" is a copyrightedtelevision series that previously aired on the premium channel Home Box Office.

38 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 39 of 90 PageID# 284

hh. On or about August 15,2007, an e-mail was sent from "Megavideo

Support"to a copyright holder (who complained that videos from his Youtube.com channel appeared to have been infringed by a user on Megavideo.com) that falselyrepresented that the

Mega Conspiracyhad blocked the two user accounts, when these two accounts were still active on January 19,2012.

ii. On or about August 15, 2007, an e-mail was sent from "Megavideo

Support" to a copyright holder(who complained that videos from his Youtube.com channel - as well as those ofother Youtube.com users - appeared to have been infringed by a user of

Megavideo.com) that falsely represented that the Mega Conspiracy had blocked the user's account, when the account was still active on January 19,2012.

jj. On September29, 2007 and again on March 11, 2009, a member ofthe

Mega Conspiracy made transfers in and affecting interstate and foreign commerce through

PayPal, Inc. to PA, a resident ofNewport News, Virginia, which is in the Eastern District of

Virginia, as part ofthe Mega Conspiracy's "Uploader Rewards" program. Specifically, this individual received a transfer of$1,500 on each ofthese dates from the Mega Conspiracy (for a total of$3,000).

kk. On or about October 4, 2007, BENCKO sent VAN DER KOLK an e-mail message entitled "pis" requesting "can u pis get me some links to the series called 'Seinfeld' from MU?" "Seinfeld" is a copyrighted television series that remains in syndication.

11. On or about October 18, 2007, BENCKO sent an e-mail to VAN DER

KOLK indicating that "sorry to bother but ifyou would have a second to find me some links for the "Grand Archives" band id be very happy." On or about the same day, VAN DER KOLK

39 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 40 of 90 PageID# 285

responded to BENCKO with an e-mail that contained a Megaupload.com link to a Grand

Archives music album with the statement "That's all we have. Cheers mate!"

mm. On or about December 11, 2007, a credit card payment processor e-mailed

ECHTERNACH and VAN DER KOLK regarding "complaints" that the processor had received from third-parties, including one in which a third-party stated, "we have pulled over 65 full videos from Megarotic. That's $200k in content we paid for." In the e-mail,the processor stated, among other things: "you are not allowed to sell or financially benefit from the content that is infringing in copyrights on your site"; and "you are not allowed to continuewith allowing the user to upload content ifyou can have knowledge ofthe infringing ofcopyright." DOTCOM responded to the e-mail, stating "The DMCA quotes you sent me are not relevant. We are a hosting company and all we do is sell bandwidth and storage. Not content. All ofthe content on our site is available for "free download"."

nn. On or about December 12, 2007, BATATO distributed a Megaupload.com link to an infringing copy ofthe copyrighted music file "Louis Armstrong - We have all the time in the world.mp3"to DOTCOM. An infringing copy ofthis copyrighted work was still present on servers leased by the Mega Conspiracy as ofSeptember 2,2011.

oo. On or about January25, 2008, an e-mail was sent from the "Megaupload

Abuse Department" to a representative ofa copyright holder falsely representing that the

"takedown tool" would "remove" videos and/or files "from our system immediately."

pp. Starting as early as January 27, 2008, a member ofthe Mega Conspiracy made multiple transfers in and affecting interstate and foreign commerce through PayPal, Inc. to

CB, a resident ofAlexandria, Virginia, which is in the Eastern District ofVirginia, as part ofthe

Mega Conspiracy's "Uploader Rewards" program. CB received total payments from the

40 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 41 of 90 PageID# 286

Conspiracy of$500, including transfers of$100 on January 27, 2008; $300 on October 8, 2009; and $100 on February 1, 2010.

qq. Starting as early as February 11, 2008, a member ofthe Mega Conspiracy made multiple transfers in and affecting interstate and foreign commerce through PayPal, Inc. to

ND, a resident of Falls Church, Virginia, whichis in the Eastern DistrictofVirginia, as part of the Mega Conspiracy's "Uploader Rewards" program. ND received total payments from the

Conspiracy of$900, including transfers of$100 on February 11, 2008; $100 on March 3,2008;

$300 on March 15,2008; $100 on March 29, 2008; and $300 on April 15,2008.

rr. On or about May 6, 2008, an e-mail was sent from the "Megaupload

Abuse Desk" to a representative ofa copyrightholder falsely representing that Megavideo was

"one ofthe few online video communities that ma[de] it impossible to fraudulently host full- length feature movies due to a human-assisted automatic detection/deletion mechanism."

ss. On or about May 6,2008, an e-mail was sent from the "Megaupload

Abuse Desk" to a representative ofa copyright holder falsely representing that the use ofthe

Abuse Tool would provide "direct deletion rights, which will completely bypass our abuse team and take files and films offline immediately."

tt. On or about May 12,2008, an e-mail was sent from

"[email protected] On Behalf Of Megaupload Support" to a representative of a copyrightholder falselyrepresenting, "We are taking great care in expeditiously deletingany material reported to us through DMCA takedown notices."

uu. On or about June 19,2008, a representative ofvarious copyright owners sent an e-mail to [email protected], stating that a particular premium user (herein"VV") was "currently hosting at least 57 full content movies without the authorization from the

41 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 42 of 90 PageID# 287

copyright holders," and that VV "appears to be using your services to profit from our clients' intellectual property." In addition, the representative stated that "we have already sent over 85 notices ofcopyright infringement to MegaVideo.com" regarding VV, and that VV should be considered a"Repeat infringerQ."4 Despite these repeated infringement notifications, the Mega

Conspiracy's internal records reflect no deletions ofany ofVV's uploaded files; furthermore,

PayPal, Inc. records show that the Conspiracy made five payments totaling $3,400 to VV starting in mid-March 2008 and continuing into late 2009 as part ofthe Uploader Rewards program.

During the nearly six years that VV has been a registered user ofthe Mega Sites, VV has uploaded approximately 16,950 files to Megavideo.com and Megaupload.com. which generated more than 34 million views. VV's uploads included many infringing copies ofcopyrighted motion pictures, including Ocean's Thirteen, Ratatouille, and Evan Almighty. Repeat infringer

W last uploaded a file to a Mega Site on or about January 7, 2012.

vv. On or about July 1,2008, DOTCOM sent an e-mail to ORTMANN entitled "[Fwd: Illegal links]". DOTCOM instructed him: "Never delete files from private requests like this. I hope your current automated process catches such cases."

ww. On or about July 9,2008, VAN DER KOLK sent an e-mail to a third- party, entitled "funny chat-log." In the e-mail, VAN DER KOLK copied the text ofa previous online conversation between himselfand ORTMANN, in which VAN DER KOLK had stated,

"we have a funny business ... modern days pirates :)" ORTMANN responded, "we're not pirates, we're just providing shipping services to pirates :)".

4As early as February 2008, the Mega Conspiracy had received notices from copyright holders indicating that there were at least 127 URL links to content uploaded by VV that was infringing and, after receiving the June 19,2008 e-mail, the Mega Conspiracy received additional notices from copyright holders indicating that at least 107 URL links to content uploaded by VV were infringing.

42 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 43 of 90 PageID# 288

xx. On or about July 10,2008, an e-mail was sent from the

"[email protected] On Behalf Of Megaupload Support" to a representative ofa copyrightholder falsely representing that the use ofthe Abuse Tool would "take down illegal content in real time."

yy. On or about July 18,2008, DOTCOM sent an e-mail message to

ORTMANN instructing him to list "Mega Manager" as the "Number 1 dowload" out ofthe Top

100 Megaupload.com files.

zz. On or about August 4,2008, the Mega Conspiracy launched their own advertising company for the Mega Sites called Megaclick.com.

aaa. On or about August 11,2008, DOTCOM requested that the Mega

Conspiracy's contract with Leaseweb drop a standard clause requiring contract termination for violations ofLeaseweb's "Acceptable Use Policy."

bbb. On or about September 1, 2008, VAN DER KOLK uploaded an infringing copy ofthe copyrighted television program entitled

"BBC.Earth.-.The.Power.Of.The.Planet.5of5.Rare.Earth.XviD.AC3.MVGroup.org.avi"to

Megaupload.com and e-mailed the URL file to another individual. An infringing copy ofthis copyrighted work was still present on servers leased by the Mega Conspiracy as of

September 8,2011.

ccc. On or about October 3,2009, DOTCOM sent an e-mail entitled

"[Fwd: Re: Reporter hoping to speak about copyrighted content on Megavideo]" to an employee and to ORTMANN containing a series ofstatements purportedly from "[BL], Public Relations,

Mega HQ" to a reporter for Forbes.com. In DOTCOM'S original e-mail to his employee, he informs her that "I used your name in the emails below. I hope you don't mind. Please be

43 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 44 of 90 PageID# 289

careful. The larger we get the more people want to know more about Mega. Lets stay below the radar." The Forbes.com reporter had asked about KM SCHMITZ and TIM VESTOR's role in the company. DOTCOM wrote in response "I can confirm that nobody by the name ofKim

Schmitz is associated with our company." DOTCOM further tells the reporter in a separate response, "We have a policy not to disclose details about our business performance. But I can tell you (offthe record) that we are a small and humble business trying to earn enough to pay the bandwidth bill. Our site has grown to be popular but it is not easy to monetize the traffic in this economy." DOTCOM also indicates to the reporter in separate response, "The vast majority of users is uploadinghome videos, web cam captures, content they own or have the right to copy and other legitimate content."

ddd. On or about October 13, 2008, BATATO sent an e-mail to an advertiser, which included a screen capture ofthe Megaupload.com download page for the file

"MyBlueBerryNights.partl.rar". "My BlueberryNights" is a copyrightedmotion picture. The screen capture also contained an open browser window to the linking site www.mulinks.com.

eee. On or about October 14, 2008, BATATO sent an e-mail to an advertiser that contained two Megaupload.com links. One ofthe links directed to a file

"DanInRealLife.part2.rar", which was a portion ofan infringing copy ofthe copyrighted motion picture "Dan in Real Life."

fff. On or about October 25, 2008, VAN DER KOLK uploaded an infringing copy ofa copyrighted motion picture entitled"Taken 2008 DVDRipRepack [A Release Lounge

H264 By Micky22].mp4" to Megaupload.com and e-mailed the URL link for the file to another individual. An infringing copy ofthis copyrighted work was still present as ofOctober 27, 2011, on a server in the Eastern District ofVirginia controlled by the Mega Conspiracy.

44 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 45 of 90 PageID# 290

ggg. On or about October 31, 2008, DOTCOM forwarded an e-mail to

ORTMANN from a customer entitled "Sharebee.com" and stating that "Sharebee.com have uploaded over Imillion files to megaupload in 2008." ORTMANN responded to DOTCOM that

Sharebee.com was a "multifile hoster upload service." Sharebee.com allows the mass distribution offiles to a number offile hosting and distribution services, including

Megaupload.com, and creates clickable links to access that content from multiple sites.

hhh. On or about November 17,2008, DOTCOM forwarded an e-mail to

ORTMANN from a customer that indicated "I just want to start ofby saying that i love the site, but today i discovered something i would consider a flawd. I was watching a video ofMyth

Busters when i recived a message that said "You have watched 3079 minutes ofvideo today"".

ORTMANN responded to DOTCOM that this was the correct behavior ofthe service.

iii. On Or about November 23, 2008, DOTCOM forwarded an e-mail to

ORTMANN and ECHTERNACH from a non-premium customer that indicated "i guess we need to find a new hobby because watching pirated material via megavideo is now over-rated and ruined because ofthis video bandwidth limit."

jjj. On or about November 23,2008, DOTCOM received an e-mail from a

Mega Site user entitled "video problems." The e-mail described, "I've been trying to watch

Dexter episodes,but... the sound doesn't match up with the visual... I didn't choose to use your site, you seem to dominate episodes 6 and 7 ofDexter on alluc[.org, a linking site]." DOTCOM forwarded the e-mail to ORTMANN and wrote, "... on many forums people complain that our video / sound are not in sync... We need to solve this asap!" "Dexter" is a copyrighted television series on the premium cable channel Showtime.

45 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 46 of 90 PageID# 291

kkk. On or about December 5, 2008, NOMM sent VAN DER KOLK an e-mail, which included a screenshot ofNOMM's account using Megavideo.com to watch an infringing episode of the copyrighted television show "Chuck." The episode in the image, Season 2

Episode 9, initially aired on December 1, 2008, four days before the e-mail.

111. On or about January 14, 2009, BATATO sent an e-mail message to a

Megaupload.com advertiser saying "You can find your banner on the downloadpages of

Megaupload.com. Just choose a link for example from this site: www.mulinks.com..."

mmm. On or about March 3, 2009, DOTCOM sent an e-mail to a reporter indicating "Whenever a user uploads a new file it is checked against our database and ifwe already have the exact same file the upload completes instantly. This way a complete system backup into the cloud only takes a fraction ofthe time it used to take. And the longer we exist, the more files we receive, the faster we get."

nnn. On or about April 23,2009, DOTCOM sent an e-mail message to VAN

DER KOLK, ORTMANN, and BENCKO in which he complained about the deletion ofURL links in response to infringement notices from the copyright holders. In the message, DOTCOM stated that "I told you many times not to delete links that are reported in batches ofthousands from insignificant sources. I would say that those infringement reports from MEXICO of

"14,000" links would fall into that category. And the fact that we lost significant revenue because ofit justifies my reaction."

ooo. On or about April 24, 2009, DOTCOM sent an e-mail to BENCKO,

ORTMANN, and VAN DER KOLK indicating, "I remembered the steep drop ofrevenue at the same time in 2008 and thought that this might have also been caused by careless mass link deletions. This made me very mad, especially because I told you that such mass deletions should

46 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 47 of 90 PageID# 292

be prevented and sources checked much more carefully. I am sure such mass link deletions are also contributing to a drop ofrevenue ... In the future please do not delete thousands oflinks at ones from a single source unless it comes from a major organization in the US."

ppp. Starting as early as April 29, 2009, a member ofthe Mega Conspiracy made multiple transfers in and affecting interstate and foreign commerce through PayPal, liic. to

NA, a resident ofAlexandria, Virginia, which is in the Eastern District ofVirginia, as part ofthe

Mega Conspiracy's "Uploader Rewards" program. NA received total payments from the

Conspiracy of$600, including transfers of$100 on April 29, 2009; $100 on May 25, 2009; and

$400 on July 31,2009.

qqq. Starting as early as April 29,2009, a member ofthe Mega Conspiracy made multiple transfers in and affecting interstate and foreign commerce through PayPal, Inc. to

NS, a resident ofFairfax, Virginia, which is in the Eastern District ofVirginia, as part ofthe

Mega Conspiracy's "Uploader Rewards" program. NS received total payments from the

Conspiracyof $300, includingtransfers of$100 on April 29, 2009; $100 on April 26, 2010; and

$100 on May 8, 2010.

rrr. On or about May 7,2009, ORTMANN sent an e-mail in German to

DOTCOM indicatingthe top referring or linking sites to Megaupload.comby Megaupload premium users. The linking sites included: seriesvonkis.com. surfthechannel.com. sharebee.com, taringa.net. watch-movies-links.net. cinetube.es. and megauploadforum.net.

sss. On or about May 17, 2009, NOMM sent an e-mail to ORTMANN entitled

"Competitor Links Report." The e-mail indicated that the top third-party sites used to reach

Megavideo.com content were seriesvonkis.com, peliculasvonkis.com. dospuntocerovision.com. cinetube.es, and surfthechannel.com, which are all linking sites.

47 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 48 of 90 PageID# 293

ttt. On or about May 25, 2009, NOMM sent an e-mail to DOTCOM and

ORTMANN entitled "status report." NOMM wrote "I have been processing HD videos for some time now to find best ofthe best for showcase(Mathias gave specification). Even though we have lots ofHD content uploaded most seems to be problematic quality or legality wise."

uuu. On or about May 25,2009, BATATO sent an e-mail to ORTMANN that contained customers' e-mails. One ofthe customer e-mails indicated: "We watched Taken successfuly and then tried to watch the "Alphabet Killer" a day later and got the message to upgrade ifwe wanted to continue watching." "Taken" and "The Alphabet Killer" are copyrighted motion pictures.

vw. On or about June 6,2009, BATATO sent an e-mail to an advertiser indicating, "Banners will be shown on the download pages ofMegaupload. You will find some links here for example: http://mulinks.com/news.php".

www. Starting as early as July 31,2009, a member ofthe Mega Conspiracy made multiple transfers in and affecting interstate and foreign commerce tlirough PayPal, Inc. to

TT, a resident ofWoodbridge,Virginia, which is in the Eastern District ofVirginia, as part ofthe

Mega Conspiracy's "Uploader Rewards" program. TT received total payments from the

Conspiracy of$2,700, including transfers totaling $100 on July 31, 2009; $100 on August 29,

2009; $200 on September 18, 2009; $100 on September 29,2009; $200 on October 8,2009;

$200 on November 8,2009; $600 on November 24,2009; $1,000 on December 23,2009; and

$200 on February 1,2010.

xxx. Starting as early as August 9, 2009, a member ofthe Mega Conspiracy made multiple transfers in and affecting interstate and foreign commerce through PayPal, Inc. to

CW, a resident ofMoseley, Virginia, which is in the Eastern District ofVirginia, as part ofthe

48 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 49 of 90 PageID# 294

Mega Conspiracy's "Uploader Rewards" program. CW received total payments from the

Conspiracyof$2,900, including payments of $100 and $600 on August 9,2009; a payment of

$500 on October 8,2009; a transfer of$1,500 on December 23, 2009; and a payment of$200 on

June 21, 2010.

yyy. On or about August 10,2009, TT ofWoodbridge, Virginia, which is in the

Eastern District ofVirginia, sent a payment of$9.99 that traveled in interstate and foreign commerce through PayPal, Inc., and was received by the Megaupload.com PayPal, Inc. account.

zzz. On or about September 4,2009, a representative ofWarner Brothers

Entertainment, Inc. ("Warner") sent an e-mail to Megaupload.com, stating that Warner was

"unable to remove links" to copyright-infringing content on Megaupload.com using the Abuse

Tool. In the e-mail, the Warner representative requested an increase in Warner's removal limit, which is controlled by the Mega Conspiracy. On or about September 8, the representative sent a follow-up request, and on or about September 9, the representative sent another follow-up request. On or about September 10, ORTMANN sent an e-mail to DOTCOM, stating, "They are currently removing 2500 files per day - a cursory check indicates that it's legit takedowns of content that they own appearing in public forums." ORTMANN also stated, "We should comply with their request - we can afford to be cooperative at current growth levels." DOTCOM responded that the limit should be increased to 5,000 per day, but "not unlimited."

aaaa. On or about September 29,2009, CB ofAlexandria, Virginia, which is in the Eastern District ofVirginia, sent a payment of $9.99 that traveled in interstate and foreign commerce through PayPal, Inc., and was received by the Megaupload.com PayPal, Inc. account.

bbbb. On or about October 25, 2009, VAN DER KOLK instructed a Mega

Conspiracy employee through an e-mail, written in Dutch, how to alter the "featured" videos list

49 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 50 of 90 PageID# 295

on Megavideo.com and the "Top 100" list on Megaupload.com. VAN DER KOLK wrote, among other things, that the Top 100 should only contain non-copyrighted files, such as game demos, software demos, and movie trailers. VAN DER KOLK instructed the employee to track what was currently popular on the Internet and to download material from websites such as download.com. apple.com/trailers. and gamespot.com. VAN DER KOLK further instructed the employee to create fake accounts on Megaupload.com and Megavideo.com and to upload the files to those accounts, so that it would appear that the files were uploaded by active users instead ofMega Conspiracy employees.

cccc. On or about November 30,2009, BATATO sent an e-mail to an advertiser stating: "Please go to mulinks.com and copy paste One ofthose URLs to your browser. You will then See where the banner appears."

dddd. On or about January 28, 2010, in an e-mail entitled "activating old countries," a user ofa Mega Conspiracy site asked BATATO: "where can we see full movies?"

BATATO replied "You need to go to our referrer sites. Such as www.thepiratecitv.org or www.ovguide.coml".] There are the movie and series links. You cannot find them by searching on MV directly. That would cause us a lot oftrouble ;-)"

eeee. On or about February 1, 2010, BATATO sent an e-mail to an unindicted co-conspiratorwith the subject "[tradeit] - Campaignstats" stating "We can't deliver [Hong

Kong] traffic because the company is based in [Hong Kong] and we don't want to experience any trouble with license holders etc. Remember, I told you about that topic ;-)".

ffff. On or about March 15, 2010, a member ofthe Mega Conspiracy created

MegastuffLimited, a New Zealand company, that has facilitated the transfer to New Zealand of

50 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 51 of 90 PageID# 296

millions ofdollars in illicit proceeds and assets for the personal financial gain ofDOTCOM and other conspirators, as well as to facilitate additional operations ofthe Mega Conspiracy.

gggg. On or about May 8, 2010, NS ofFairfax, Virginia, which is in the Eastern

Districtof Virginia, sent a paymentof $199.99 thattraveledin interstateand foreign commerce through PayPal, Inc., and was received by the Megaupload.com PayPal, Inc. account.

hhhli. On or about June 24, 2010, members ofthe Mega Conspiracy were informed, pursuant to a criminal search warrant from the U.S. District Court for the Eastern

District ofVirginia, that thirty-nine infringing copies ofcopyrighted motion pictures were believed to be present on their leased servers at Carpathia Hosting in Ashburn, Virginia. On or about June 29,2010, after receiving a copy ofthe criminal search warrant, ORTMANN sent an e-mail entitled "Re: Search Warrant - Urgent" to DOTCOM and three representatives of

Carpathia Hosting in the Eastern District ofVirginia. In the e-mail, ORTMANN stated, "The user/payment credentials supplied in the warrant identify seven Mega user accounts", and further that "The 39 supplied MD5 hashesidentify mostly very popular files that havebeen uploaded by over 2000 differentusers so far[.]" The Mega Conspiracy has continued to store copies ofat least thirty-sixofthe thirty-ninemotion pictureson its servers after the Mega Conspiracywas informed ofthe infringing content.

iiii. On or about July 8,2010, DOTCOM sent an e-mail to ORTMANN and

ECHTERNACH entitled "attention." The e-mail contained a link to a news article entitled

"Pirate Bay and MegauploadEscape Domain Seizureby US." The article discussedhow, "[a]s part ofan initiative to crack down on Internet piracy and counterfeiting, the US Government recently took action against sites making available movies and TV shows." In the e-mail,

DOTCOM stated, "this is a serious threat to our business. Please look into this and see how we

51 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 52 of 90 PageID# 297

can protect ourselfs." DOTCOM also asked, "Should we move our domain to another country

(canada or even HK?)" ECHTERNACH responded, "In case domains are being seized from the registrar, it would be safer to choose a non-US registrar[.]"

jjjj. On or about September 5,2010, BENCKO sent an e-mail to DOTCOM,

ORTMANN, and VAN DER KOLK. Attached to the e-mail message was a screenshot of

BENCKO logged into a Megaupload.com file download page with a filename of

"Meet.Dave.2008.avi". "Meet Dave" is a copyrighted motion picture.

kkkk. On or about November 1,2010, ECHTERNACH forwarded an e-mail from a Universal Music Group ("UMG") executive to DOTCOM and ORTMANN, which discussed requirements that UMG would require ofMegaupload before they could discuss licensing for MegaBox. Included in the list ofrequirements was "proactive fingerprint filtering to ensure that there is no infringing music content hosted on its service; proactive text filtering for pre-release titles that may not appear in fingerprint databases at an early stage; terminate the accounts ofusers that repeatedly infringe copyright; limit the number ofpossible downloads from each file; process right holder take down notices faster and more efficiently."

1111. On or about November 15,2010, BATATO forwarded an e-mail to

ORTMANN entitled "member-issue" that was received by a Mega Conspiracy employee from a user. In the forward, BATATO wrote "Fanpost;-)". The e-mail from the user stated "I paid yesturday however can't work it out!!!\ I have been trying to see Robin Hod, 3th season, chapter

10, and do not succeed. Please help me solve it - or cancel my payment!" "Robin Hood" is a copyrighted television series that was originally released by the British Broadcasting

Corporation.

52 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 53 of 90 PageID# 298

mmmm. On or aboutNovember 23, 2010, membersof the Mega

Conspiracy caused a commumcation to be sent from a computer server in the Eastern District of

Virginia to a representativeofa copyright holder stating "1 file and 1 video removed from our system" in response to a takedown request that included a link to the 2010 version ofthe film "A

Nightmare on Elm Street."

nnnn. On or aboutDecember 10,2010, DOTCOM forwarded a complaint from a user that "Megakey is not working" to ORTMANN and VAN DER KOLK. In the forward,

DOTCOM writes"this doesn't work yet? we are advertising it. why is it not working?". In the user's e-mail, he complained that he installedMegakey, which provides Mega Conspiracy advertising to users in exchange for premium access to Megaupload.com and Megavideo.com. and the user was still receiving a message about the "megavideo time limit." The e-mail included apparent screenshots ofthe user's computer which shows the linking site animefreak.tv being used to attempt to watch an episode ofthe copyrighted television series "Fruits Basket" on Megavideo.com.

oooo. On or about December 22,2010, ORTMANN provided DOTCOM with a possible response to a press inquiry that discusses the Recording Industry Association of

America("RIAA")'s campaignto have paymentservices such as Mastercardto stop allowing payments to Megaupload.combecause the site is, in the words ofthe reporter citing RIAA,

"dedicated to facilitating copyright infringement." ORTMANN's proposed response includes:

"We are watching the unfolding events with interest, but as the vast majority ofour revenue is coming from advertising, the effect on our business will be limited."

pppp. On or about January 13,2011, DOTCOM sent a proposed

Megaupload.com public statement regarding piracy allegations against the website to hosting

53 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 54 of 90 PageID# 299

company executives DS and JK. On or about January 13, 2011, DS replied to DOTCOM: "It looks accurate to me. good luck." The same day, JK replied, "Using the words, '....vast majority is legitimate.' Opens youup. It's anadmission thatthere are 'bad' things on your site. I would get rid ofthat so it simply reads that it is legitimate."

qqqq. On or about January 27, 2011, ECHTERNACH forwarded an e-mail to

VAN DERKOLK andBENCKO thatan employee from the Megateam in the Philippines wrote that asked about accessto Youtube. In that e-mail,the employee admits, "Even video resource sites such as Youtube whichis our source for videoswhich we upload to Megavideo."

rrrr. On or about February 2, 2011, DOTCOM forwarded an article from

The Telegraph by e-mail to ORTMANN, which discusses the potential for courts in the

UnitedKingdom to blockaccessto "websites used exclusively for facilitating illegal downloading ofcontent."

ssss. On or about February 5, 2011, ORTMANN responded in an e-mail to

DOTCOM, copying ECHTERNACH and VAN DER KOLK, about an article that DOTCOM sent him entitled "how-to-stop-domain-names-being-seized-by-the-us-government."

ORTMANN indicates the status ofthe Mega Conspiracy's completion ofthe recommendations made in the article.

tttt. Onor aboutFebruary 10,2011, DOTCOM forwarded a complaint to

ORTMANN from a Taiwanese broadbandserviceprovider about problems its users have had downloading from Megaupload.com. In the screenshots that are in the original e-mail complaint is what appearsto be an ongoing download ofa copyrighted "The Simpsons" episode from Fox Television entitled "Treehouse ofHorror XIII." The e-mail traces the download from the provider's connectionto Cogent Communicationsto the Mega Conspiracy's servers.

54 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 55 of 90 PageID# 300

uuuu. On or about February 18, 2011, DOTCOM forwarded an e-mail inquiry entitled '"Repeat Offender' Infringement Policy" to ORTMANN. In the original e-mail, a representative ofa copyright holder indicates that Megaupload.com does not specify any "repeat offender or repeat infringer policy" in its Terms ofService. The representative points out that the "Safe Harbor" provision ofthe DMCA "requires that providers deal appropriately with repeat offenders" and asks for the termination ofrepeat offenders on Megaupload.com.

ww. On or about February 25, 2011, BATATO forwarded an e-mail to

NOMM, copying ORTMANN, entitled "embedded ads not functioning correctly," from an individual complaining that the advertising click through rate ("CTR") from playing

Megavideo.com videos directly on the linking site alluc.org has suffered because the embedded advertising from the Mega Conspiracy is not automatically playing on the external website. The individual's e-mail contains screenshots from the linking site that shows episodes ofthe BBC copyrighted television show Red Dwarfthat were available on Megavideo.com. BATATO, in the forward, stated: "Could you please check that issue? We need to help them a bit now as their

CTR and conversions went down by 50% and 95% respectively. That was expected but at least we should help them now get their campaigns running w/o problems."

wwww. On or about February 25, 2011, BATATO sent an e-mail to

NOMM and VAN DER KOLK regarding problems with getting "pre-roll" advertising for

Megavideo.com because ofa "copy right issue." His e-mail contains messages between employees of Megaclick.com and a third-party advertising service. In an early message, the

Megaclick.com employee informs BATATO that the third-party advertising service considers it illegal to monetize infringing content through advertising immediately prior to viewing the content.

55 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 56 of 90 PageID# 301

xxxx. On or about March 9, 2011, a developer for the Mega Conspiracy sent an e-mail to ORTMANN and two other individuals. In the e-mail, the developer indicated that an associate had downloaded an infringing copy ofa copyrighted musical recording entitled

"The_Matrix_-_Original_Motion_Picture_Score.rar" from Rapidshare.com. and then, using the

"Megakey music search," added the files to a Megabox account. The e-mail further indicates that the Megabox website listed the wrong artist for the album.

yyyy. On or about March 9, 2011, members ofthe Mega Conspiracy caused a communication to be sent from a computer server in the Eastern District ofVirginia to a representativeofa copyrightholder stating "2 files removed from our system" in response to a takedown request that included links to the 2009 version ofthe film "Friday the 13th" (in two parts).

zzzz. On or about March 11,2011, members ofthe Mega Conspiracy caused a communication to be sent from a computer server in the Eastern District ofVirginia to a representative ofa copyright holder stating "2 files removed from our system" in response to a takedown request that included links to copies ofepisodes ofthe copyrighted television show

"Modern Family."

aaaaa. On or about April 29, 2011, members ofthe Conspiracy infringed the copyright ofthe motion picture "The Green Hornet" by making it available on publicly accessible Internet-connected servers at Carpathia Hosting in Ashburn, Virginia, within the

Eastern District ofVirginia, and reproduced and distributed the work over the Internet without authorization. The film, which had been released in U.S. theaters on or about January 14, 2011, was not commercially distributed in the United States until on or about May 3,2011.

56 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 57 of 90 PageID# 302

bbbbb. On or about April 30, 2011, members ofthe Mega Conspiracy caused a communication to be sent from a computer server in the Eastern District ofVirginia to a representative ofa copyright holder in response to a takedown request that included a link to the film "Fast Five."

ccccc. On or about May 13,2011, members ofthe Conspiracy infringed the copyright ofthe motion picture "Thor" by making it available on publicly accessible Internet- connected servers at Carpathia Hosting in Ashburn, Virginia, within the Eastern District of

Virginia, and reproduced and distributed the work over the Internet without authorization. The film, whichhad beenreleased in U.S. theaters on or about May 6,2011, was not commercially distributed in the United States until on or about September 13, 2011.

ddddd. On or aboutMay 13,2011, an e-mailwas sent fromthe "Megaupload

Abuse Desk" to a representative ofa copyright holder falsely representing that the use ofthe

Abuse Tool would "take down material from Megavideo."

eeeee. On or about June 7, 2011, VAN DER KOLK sent an e-mail to

ORTMANNforwarding a French complaint about infringement oftheir copyrightedmotion pictures. In the forward, VANDER KOLK stated: "Theybasically wantus to audit/ filterevery upload,and are threatening with action againstus if their materialcontinues to appearon MV."

fffff. On or aboutJuly 6, 2011, DOTCOM forwarded an onlinestory from

Spiegel.tvto ORTMANN about the takedown ofthe linking site Kino.to by law enforcement in

Germany, and wrote, in German: "Possibly not fly to Germany?"

ggggg. On or about July 6, 2011, BATATO sent an e-mail to ORTMANN forwarding a stringof e-mails in Germanfrom an advertising entity saying that a customer wants

57 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 58 of 90 PageID# 303

their campaigns on a Mega Site discontinued because ofconcerns related to the Kino .to takedown.

hhhhh. On or about August 10,2011,members of the Mega Conspiracy caused a communication to be sent from a computer server in the EasternDistrictof Virginia to a representative of a copyright holderstating "6 files and 6 videos removed from our system" in response to a takedown request thatincluded linlcs to the 2010 version of the copyrighted motion picture "A Nightmare on Elm Street."

iiiii. On or about August 11, 2011, DOTCOM forwarded an e-mail to

ORTMANN from a userwho stated: "I usedto buymonthly feesto help withthe cost of you guysdoingbusiness .... I miss beingaboutto viewtv shows on you service . Mymostfavorite wasTrue blood and battle star Gallactica. I would be happy to continue to pay for the service, but somethingwouldneedsto change. I don't mind your services be boggeddownfromtime to time. I don'tmind paying, but i need to get something for the service i payfor."

jjjjj. Onor about August 12,2011,members of the Conspiracy infringed the copyright of themotion picture "BadTeacher" by making it available on publicly accessible

Internet-connected servers at Carpathia Hosting in Ashburn, Virginia, within the Eastern District ofVirginia, and reproduced and distributed the work over the Internet without authorization.

The film, whichhad been released in U.S. theaters on or about June 24,2011, was not commercially distributed in the United States until on or about October 18, 2011.

kkkkk. Onor about August 14, 2011, members of the Conspiracy infringed the copyright of themotion picture "Harry Potter andtheDeathly Hallows, Part1"bydistribution without authorization.

58 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 59 of 90 PageID# 304

11111. On or about September 16,2011, NOMM sent an analysis of

Megavideo.com to ORTMANN by e-mail. The analysis indicates: "The search function for the site should also list full lengthvideos. Currently, moviesthat do not have copyright infringements are also not being listed in the search." The analysis further indicates: "Movies shouldalso be available in Megavideo and not from thirdpartywebsites only[.]"

mmmmm. On or about September 17,2011, VAN DER KOLK sent an e-mail to ORTMANN, attaching a Google Analytics report on referrals to Megaupload.com from the linking site Taringa.net. The single page report indicates that, between August 17, 2010 and

September 16,2011, Taringa.net provided more than 72 million referrals to Megaupload.com. withthetop 10links including some copyrighted software andmusic titles. The page indicates, for example, that the linking site produced 164,214 visits to Megaupload.com for a free download ofthe copyrightedCD/DVD burning softwarepackage Nero Suite 10. Each ofthese visits generated advertising revenue forthe Mega Conspiracy. Nero Suite 10had a suggested retail price of$99.

nnnnn. Onor about October 10, 2011, JK, an executive from a hosting provider, sent an e-mailto ORTMANN entitled "Article." Thee-mail contained a linkto a newsarticle, which discussed how a Dutch court ordered a "major" website "to delete allinfringing content from its servers." The article asked: "Could file-hosting services likeMegaUpload and

RapidShare benext?" In thee-mail, JKasked ORTMANN: "Do you have any concerns that thiskind ofthing could find itsway to you"? ORTMANN responded to JK, with a copy to

DOTCOM, stating that thesitesin thearticle "provide a search index covering theirentire content base, including the infringing material."

59 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 60 of 90 PageID# 305

ooooo. On or about October 14, 2011, just approximately three months after ending the Mega Conspiracy's Uploader Rewardsprogramthat offered payments through

Paypal, Inc.andotherthings ofvalueto reward uploaders (including knownand repeat infringers), DOTCOM sent an e-mail to a PayPalrepresentative, stating:

Our legalteamin the US is currentlypreparing to sue some of our competitors and expose their criminalactivity. We like to give you a heads up and advice you not to work withsites thatareknown to payuploaders for pirated content. They aredamaging the imageand the existence ofthe file hosting industry (see whats happening with the Protect IP act). Lookat Filesei-ve.com, Videobb.com, Filesonic.com, Wupload.com, Uploadstation.com. These sites pay everyone (nomatter if the files arepirated or not) andhave NOrepeat infringer policy. And they are using PAYPAL to payinfringers.

ppppp. On or about October 18, 2011, VAN DER KOLK sent an e-mail to

ORTMANN, forwarding a complaint from the Vietnamese Entertainment Content Protection

Association. The complaint indicated that the DMCA Abuse Tool for Megaupload.com does not remove particular types of links. It also noted that a particular linking siteis a repeat infringer

"where users and adminteam are all involvedin uploadand reupload as soon as the files are removed." It also stated"To date, we have removed 24 pagesofinfringeddownload links and almost 100% are Megaupload."

qqqqq. Onor aboutNovember 10,2011, a member of the MegaConspiracy made a transfer of $185,000 to further anadvertising campaign for Megaupload.com. involving a musical recording and video.

rrrrr. Onor about November 20,2011, members of the Conspiracy infringed the copyright of a high definition version ofthemotion picture "Lord of the Rings: Fellowship of the

Ring" by distribution without authorization.

sssss. Onor about November 20,2011, members of the Conspiracy infringed the copyright ofthemotion picture "The Twilight Saga: Breaking Dawn - Part 1"bymaking it

60 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 61 of 90 PageID# 306

availableon publicly accessible Internet-connected servers at Carpathia Hosting in Ashburn,

Virginia, within the Eastern District ofVirginia, and reproduced and distributed the work over the Internet without authorization. The film, which was released in U.S. theaters on or about

November 18,2011, had not been commercially distributed as ofJanuary 5,2012.

(All in violation ofTitle 18, United States Code, Section 371)

61 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 62 of 90 PageID# 307

COUNT THREE

(18 U.S.C. § 1956(h)- Conspiracy to Commit Money Laundering)

THE GRAND JURY CHARGES THAT:

74. The factual allegations in Paragraphs 1 tlirough 45; 53 through 73; and 100 through 104are hereby re-alleged and incorporated as if set forth here in their entirety.

75. Beginning in at least September2005 and continuing until at least January 19,

2012, in the Eastern District ofVirginia and elsewhere, the defendants,

KIM DOTCOM,

MEGAUPLOAD LIMITED,

VESTOR LIMITED,

FINN BATATO,

JULIUS BENCKO,

SVEN ECHTERNACH,

MATHIAS ORTMANN,

ANDRUS NOMM, and

BRAM VAN DER KOLK eachknowingly andintentionally combined, conspired, andagreed together andwitheachother, and with other persons known and unknown to theGrand Jury, to commit offenses against the

United States in violation of Title 18, United States Code, Sections 1956 and 1957, namely:

(a) to knowingly conduct and attempt to conduct a financial transaction affecting interstate andforeign commerce, which in factinvolved the proceeds of the specified unlawful activities ofcriminal copyright infringement and wire fraud withtheintent to promote the carryingon of the specified unlawful activitiesofcriminalcopyright infringement and wire

62 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 63 of 90 PageID# 308

fraud, and that while conducting and attempting to conduct such financial transaction knew that the property involved in the financial transaction represented the proceeds ofsome form of unlawfulactivity in violation of Title 18, United States Code, Section 1956(a)(l)(A)(i);

(b) to transport, transmit, and transfer and attempt to transport, transmit, and transfer a monetary instrument and funds from a place in the United States to and through a place outsidethe United States, and to a placein the United Statesfrom or througha place outsidethe

United States, with the intent to promote the carrying on ofthe specified unlawful activities of criminal copyright infringement and wire fraud, in violation ofTitle 18, United States Code,

Section 1956(a)(2)(A); and

(c) to knowingly engageand attemptto engagein monetarytransactions in criminally derived property ofa valuegreaterthan $10,000 that is derived from the specified unlawfulactivities ofcriminal copyrightinfringementand wire fraud, in violation ofTitle 18,

United States Code, Section 1957.

Ways, Manner, and Means ofthe Conspiracy

In furtherance ofthe Conspiracy, defendants and others known and unknown to the

Grand Jury employed, among others, the following manner and means:

76. It waspartof the Conspiracy thatmembers of the Conspiracy willfully reproduced anddistributed, in the Eastern District ofVirginia andelsewhere, infringing copies andphonorecords of copyrighted works with thepurposes of commercial advantage and private financial gain; such conduct is a "specified unlawful activity" under Title 18 ofthe United States

Code, Sections 1956(c)(1), (c)(7)(A), & (c)(7)(D).

77. It wasfurther part of the Conspiracy thatmembers of the Conspiracy knowingly devised andintended to devise a scheme to defraud andto obtain money by means of materially

63 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 64 of 90 PageID# 309

false and fraudulentpretenses, representations and promises; such conduct is a "specified unlawful activity" under Title 18 of the United States Code, Sections 1956(c)(1), (c)(7)(A), &

(c)(7)(D).

78. It was furtherpart of the Conspiracy that infringing copies and phonorecords of copyrighted workswere stored on computer servers controlled by the Conspiracy located at

Carpathia Hosting in Ashburn, Virginia, which is in the Eastern Districtof Virginia; such conductoccurredat least in part in the United States,under Title 18 ofthe United States Code,

Section 1956(f)(1).

79. It was further part ofthe Conspiracy that a transaction or series oftransactions conductedby membersofthe Conspiracyinvolvedfunds or monetary instrumentsof a value exceeding $10,000, underTitle 18of the United States Code, Section 1956(f)(2).

80. It was furtherpart of the Conspiracy that members of the Conspiracy intended to promote the carrying on of criminal copyright infringement andwirefraud using multiple financial transactions affecting interstate and foreign commerce, which involved theproceeds of criminal copyright infringement and wire fraud, andthat, while conducting andattempting to conduct suchfinancial transactions, members of the Conspiracy knew thattheproperty involved in the transactions represented the proceeds of criminal copyright infringement and wirefraud.

81. It wasfurther part of the Conspiracy thatmembers of the Conspiracy intended to promote thecarrying on of criminal copyright infringement andwire fraud using multiple transfersinvolvingmonetary instrumentsand funds from places in the United States to and through places outside the United States, andto places in theUnited States from or through places outside the United States.

64 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 65 of 90 PageID# 310

82. It was furtherpart ofthe Conspiracy that members of the Conspiracy knowingly engaged in multiple monetary transactions in criminally derived property of a valuegreater than

$10,000that was derived from criminal copyrightinfringement and wire fraud.

83. It wasfurther part of the Conspiracy that multiple transfers totalingmore than

$5 million, which involved proceedsof criminal copyright infringement and wire fraudin the

Eastern District ofVirginia and elsewhere, from a Moneybookers Limited account in the United

Kingdom were made, and the transfers weredirected to a DBS(HongKong) Limited account for the Conspiracy in Hong Kong between August 1,2010 and July 31,2011;such activity provides jurisdiction under Title 18 ofthe United States Code, Section 1956(f).

84. It wasfurther part of the Conspiracy that multiple transfers totaling morethan

$66million, which involved proceeds of criminal copyright infringement andwirefraud in the

Eastern DistrictofVirginia and elsewhere, from a PayPal, Inc. account were made in and affecting interstate andforeign commerce andby a member of the Conspiracy, andthetransfers were directed to a DBS (Hong Kong) Limited account forthe Conspiracy between on or about

August 3,2007, and July 31, 2011; such activity providesjurisdiction under Title 18 ofthe

United States Code, Section 1956(f).

85. It wasfurther part of the Conspiracy that multiple transfers totaling more than

$6 million, which involved proceeds of criminal copyright infringement andwire fraud in the

Eastern District ofVirginia and elsewhere, from a PayPal, Inc. account for the Conspiracy were made inand affecting interstate and foreign commerce bya member ofthe Conspiracy, and the transfers were directed to a bankaccount in Hong Kong for the Conspiracy between on or about

August 15,2005, and July 5, 2010; such activityprovidesjurisdiction under Title 18of the

United States Code, Section 1956(f)and includedthe following:

65 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 66 of 90 PageID# 311

a. On or about August 15,2005, a transfer ofapproximately $14,750 to a HSBC Bank account for the Conspiracy;

b. On or about September 23, 2008, transfers ofapproximately $320,150 to a DBS (Hong Kong) Limited account for the Conspiracy;

c. On or about November 9,2009, transfers ofapproximately $1,077,648 to a DBS (Hong Kong) Limited account for the Conspiracy;

d. On or about December 2, 2009, transfers ofapproximately $667,443 to a DBS (Hong Kong) Limited account for the Conspiracy; and

e. On or about July 5, 2010, transfers ofapproximately $656,507 to a DBS (Hong Kong) Limited account for the Conspiracy.

86. It was further part ofthe Conspiracy that multiple transfers, which involved proceedsofcriminal copyrightinfringement and wire fraud in the Eastern District of Virginia and elsewhere, from a DBS (Hong Kong) Limited bank account for the Conspiracy were made by a member ofthe Conspiracy, and the transfers were directed to a ABN AMRO BANK NV account for Leaseweb in the Netherlands; such activity provides jurisdiction under Title 18 ofthe

United States Code, Section 1956(f) and included the following:

a. On or about May 5, 2009, a transfer ofapproximately $733,000; and

b. On or about December 16,2009, a transferof approximately $800,000.

87. It was further part ofthe Conspiracy that multiple transfers, which involved proceeds of criminal copyright infringement andwire fraud in the Eastern District of Virginia and elsewhere, from a DBS (HongKong)Limited bank accountfor the Conspiracy weremade in and affectinginterstateand foreign commerce by a memberofthe Conspiracy, and the transfers were directed to a PNCBankNA accountfor Carpathia Hostingin Richmond, Virginia, which is in the Eastern District ofVirginia, including the following:

a. On or about December20,2010, a transfer ofapproximately $720,000;

b. On or about March 31,2011, a transfer ofapproximately $1,060,274;

66 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 67 of 90 PageID# 312

c. On or about May 5,2011, a transfer ofapproximately $950,000;

d. On or about June 2,2011, a transfer ofapproximately $950,000; and

e. On or about July 5,2011, a transfer ofapproximately $950,000.

88. It was further part ofthe Conspiracy that multiple transfers, which involved proceeds of criminal copyright infringement and wirefraud in the EasternDistrict of Virginia and elsewhere, from a DBS (Hong Kong) Limitedbank account for the Conspiracywere made in and affecting interstate and foreign commerceby a member ofthe Conspiracy, and the transfers weredirected to a Suntrust Bankaccount for Cogent Communications in Atlanta, Georgia, including the following:

a. On or about February 25, 2009, a transfer ofapproximately $625,000;

b. On or about March 27,2009, a transfer ofapproximately$875,000;

c. On or about April 27,2009, a transfer ofapproximately$875,000;

d. On or about May 27,2009, a transfer ofapproximately $1,000,000;

e. On or about June 29,2009, a transfer ofapproximately $1,000,000;

f. On or about July 27,2009, a transfer ofapproximately$1,000,000;

g. On or aboutAugust28, 2009, a transferof approximately $1,000,000;

h. On or aboutSeptember 28,2009, a transferof approximately $1,000,000;

i. On or about October 28, 2009, a transferof approximately $1,000,000;

j. Onor about November 25,2009, a transfer of approximately $1,000,000;

k. Onor about January 25,2010, a transfer of approximately $1,000,000;

1. On or about February 26, 2010, a transfer ofapproximately $1,000,000;

m. On or about March 29,2010, a transfer ofapproximately $1,000,000;

n. On or about April 27, 2010, a transfer ofapproximately $1,000,000;

67 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 68 of 90 PageID# 313

o. On or about May 27, 2010, a transfer ofapproximately $1,000,000;

p. On or about June 28, 2010, a transfer ofapproximately $1,000,000;

q. On or about July 23, 2010, a transfer ofapproximately $1,450,000;

r. On or about August 27,2010, a transfer ofapproximately $1,000,000;

s. On or about September 24,2010, a transfer ofapproximately $1,000,000;

t. On or about October 28, 2010, a transfer ofapproximately $1,000,000;

u. On or about November 29, 2010, a transfer ofapproximately $1,000,000;

v. On or about December 28, 2010, a transfer ofapproximately $1,667,500;

w. On or about January 26,2011, a transfer ofapproximately $1,475,000;

x. On or about February 28, 2011, a transfer ofapproximately $1,100,000;

y. On or about March 29, 2011, a transfer ofapproximately $682,600;

z. On or about April 26, 2011, a transfer ofapproximately $1,000,000;

aa. On or about May 27,2011, a transfer ofapproximately $1,000,000;

bb. On or about June 2, 2011, a transfer ofapproximately $93,600;

cc. On or about June 28, 2011, a transfer ofapproximately $1,093,600; and

dd. On or about July 26, 2011, a transfer ofapproximately $1,093,600.

89. It was further part ofthe Conspiracy that multiple transfers, which involved proceeds ofcriminalcopyrightinfringement and wire fraud in the Eastern District of Virginia and elsewhere, from the PayPal, Inc. account for the Conspiracy in Hong Kong were made in and affectinginterstateand foreign commerce by a member ofthe Conspiracyto the benefitof

Carpathia Hostingin Ashburn, Virginia, whichis in the Eastern Districtof Virginia, including the following:

68 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 69 of 90 PageID# 314

a. On or about October 7,2008, transfers totaling approximately $90,000 to WR, the ChiefFinancial Officer ofCarpathia Hosting;

b. On or about May 30,2010, transfers totaling approximately $688,852 to WR, the ChiefFinancial Officer ofCarpathia Hosting; and

c. On or about July 2, 2010, transfers totaling approximately $688,852 to WR, the ChiefFinancial Officer ofCarpathia Hosting.

90. It was further part ofthe Conspiracy that multiple transfers, which involved proceedsof criminalcopyrightinfringementand wire fraud in the Eastern District ofVirginia and elsewhere, from the PayPal, Inc. account for the Conspiracywere made in and affecting interstate and foreign commerce by a member ofthe Conspiracy to the benefit ofindividuals in the Eastern District ofVirginia in order to promote criminal copyright infringement and wire fraud, including the following:

a. On September 29,2007, and March 11, 2009, a member(s) ofthe Conspiracy made transfers of$1,500 (totaling $3,000) to PA, a resident of Newport News, Virginia, which is in the Eastern District of Virginia;

b. Starting as early as January 27, 2008, multiple transfers to CB, a resident ofAlexandria, Virginia, which is in the EasternDistrictof Virginia. A member(s) of the Conspiracy transferred a total of$500to CB, including transfers of$100 on January 27,2008; $300 on October 8,2009; and $100 on February 1,2010;

c. Starting as early as February 11,2008, multiple transfers to ND, a resident of Falls Church,Virginia, which is in the Eastern District of Virginia. A member(s) of the Conspiracy transferred a totalof $900 to ND, including transfers of$100 on February 11, 2008; $100 on March 3,2008; $300 on March 15,2008; $100 on March29,2008; and $300 on April 15,2008;

d. Starting as early as April 29, 2009, multiple transfers to NA, a resident of Alexandria, Virginia, which is in the Eastern District ofVirginia. A member(s) of the Conspiracy transferred a totalof $600to NA, including transfers of$100 on April 29, 2009; $100 on May 25, 2009; and $400 on July 31, 2009;

e. Starting as early as April 29, 2009, multiple transfers to NS, a resident of Fairfax, Virginia, which is in the Eastern District ofVirginia. A member(s)ofthe Conspiracytransferred a total of$300 to NS, including

69 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 70 of 90 PageID# 315

transfers of$100 on April 29, 2009; $100 on April 26, 2010; and $100 on May 8, 2010;

f. Starting as early as July 31,2009, multiple transfers to TT, a resident of Woodbridge, Virginia, which is in the Eastem Districtof Virginia. A member(s) of the Conspiracy transferred a total of $2,700 to TT, including transfers of$100 on July 31, 2009; $100 on August 9,2009; $100 on September 2,2009; $200 on September 18,2009; $200on October 8, 2009; $200 on November 8, 2009; $600 on November 24,2009; $1,000 on December 23, 2009; and $200 on February 1, 2010; and

g. Starting as early as August 9, 2009, multiple transfers to CW, a resident of Moseley, Virginia, which is in the EasternDistrict of Virginia. A member(s)of the Conspiracytransferred a total of$2,900to CW, including transfers of $100and $600 on August 9,2009; a payment of $500 on October 8,2009; a transferof $1,500on December 23, 2009; and a payment of$200 on June 21, 2010.

91. It was further part ofthe Conspiracy that multiple transfers, which involved proceeds of copyright infringement andwire fraud in the EastemDistrict of Virginia and elsewhere, were made by the Conspiracy for yacht rentals in the Mediterranean Sea, for the purpose ofpromoting criminal copyright infringement andwire fraud, including thefollowing:

a. Onor about April 8,2011, VESTOR LIMITED transferred approximately $616,000 to NBS for yacht rental;

b. On or about April 18, 2011, VESTOR LIMITED transferred approximately $3,606,000 to ECL for yacht rental;

c. On or about May 27,2011, MEGAUPLOAD LIMITED transferred approximately $212,000 to ECL for yacht rental; d. Onor about June 22,2011, VESTOR LIMITED transferred approximately $1,127,000 to NBS for yacht rental; and

e. Onor about June 24,2011, VESTOR LIMITED transferred approximately $2,394,000 to SYM for yacht rental.

92. It was further part ofthe Conspiracythat on or about November 10,2011, a member oftheConspiracy made transfers of $185,000, forthepurpose of promoting criminal

70 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 71 of 90 PageID# 316

Megaupload.com.

(All in violation of Title 18,United States Code, Section 1956(h))

71 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 72 of 90 PageID# 317

COUNT FOUR

(18 U.S.C. §§ 2, 2319; 17 U.S.C. § 506 - Criminal CopyrightInfringement by Distributing a CopyrightedWork Being Prepared For Commercial Distribution on a Computer Network & Aiding and Abetting Criminal Copyright Infringement)

THE GRAND JURY CHARGES THAT:

93. On or about October25,2008, in the EasternDistrict ofVirginiaand elsewhere, the defendants,

KIM DOTCOM,

MEGAUPLOAD LIMITED,

VESTOR LIMITED,

FINN BATATO,

JULIUS BENCKO,

SVEN ECHTERNACH,

MATHIAS ORTMANN,

ANDRUS NOMM, and

BRAMVAN DER KOLK didwillfully, and for purposes ofcommercial advantage and private financial gain, infringe a copyright by distributing a workbeingprepared for commercial distribution in the United States, to wit,the copyrighted motion picture "Taken" (which would not be commercially distributed until on or aboutJanuary 30,2009) by making it available on a computer network accessible to membersofthe public, when defendants knew, and should have known,that the work was intended for commercial distribution.

(All in violation ofTitle 17, United States Code, Section 506(a)(1)(C) and Title 18, United States Code, Sections 2 & 2319(d)(2))

72 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 73 of 90 PageID# 318

COUNT FIVE

(18 U.S.C. §§ 2,2319; 17 U.S.C. § 506 - Criminal Copyright Infringement By Electronic Means & Aiding and Abetting Criminal Copyright Infringement)

THE GRAND JURY CHARGES THAT:

94. For the 180 days up to and including January 19, 2012, in the Eastern District of

Virginia and elsewhere, the defendants,

KIM DOTCOM,

MEGAUPLOAD LIMITED,

VESTOR LIMITED,

FINN BATATO,

JULIUS BENCKO,

SVEN ECHTERNACH,

MATHIAS ORTMANN,

ANDRUS NOMM, and

BRAM VAN DER KOLK didwillfully, andfor purposes of commercial advantage andprivate financial gain, infringe copyrights in certain motion pictures, television programs, musical recordings, electronic books, images, video games, andother computer software, byreproducing anddistributing over the

Internet, during a 180-day period, at least ten copies and phonorecords of one or more copyrighted works which had a total retail value ofmore than $2,500.

(All in violation ofTitle 17, United States Code, Section 506(a)(1)(A) and Title 18, United States Code, Section 2319(b)(1))

73 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 74 of 90 PageID# 319

COUNT SIX

(18 U.S.C. §§ 2, 2319; 17 U.S.C. § 506 - Criminal Copyright Infringement By Electronic Means & Aiding and Abetting Criminal Copyright Infringement)

THE GRAND JURY CHARGES THAT:

95. For the 180 days up to and including August 31, 2010, in the Eastern District of

Virginia and elsewhere, the defendants,

KIM DOTCOM,

MEGAUPLOAD LIMITED,

VESTOR LIMITED,

FINN BATATO,

JULIUS BENCKO,

SVEN ECHTERNACH,

MATHIAS ORTMANN,

ANDRUS NOMM, and

BRAMVAN DER KOLK did willfully, and for purposes of commercial advantageand private financial gain, infringe copyrights in certain motion pictures, television programs, musical recordings, electronic books, images, video games, and other computer software, by reproducing and distributing over the

Internet, during a 180-dayperiod, at least ten copies and phonorecords ofone or more copyrighted works which had a total retail value ofmore than $2,500.

(All in violation ofTitle 17, United States Code, Section 506(a)(1)(A) and Title 18, United States Code, Section 2319(b)(1))

74 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 75 of 90 PageID# 320

COUNT SEVEN

(18 U.S.C. §§ 2, 2319; 17 U.S.C. § 506 - Criminal Copyright Infringement By Electronic Means & Aiding and Abetting Criminal Copyright Infringement)

THE GRAND JURY CHARGES THAT:

96. For the 180 days up to and including August 16, 2008, in the Eastern District of

Virginia and elsewhere, the defendants,

KIM DOTCOM,

MEGAUPLOAD LIMITED,

VESTOR LIMITED,

FINN BATATO,

JULIUS BENCKO,

SVEN ECHTERNACH,

MATHIAS ORTMANN,

ANDRUS NOMM, and

BRAM VAN DER KOLK did willfully, and for purposes ofcommercial advantage and private financial gain, infringe copyrights in certain motion pictures, television programs, musical recordings, electronic books, images, video games, and other computer software, byreproducing and distributing over the

Internet, during a 180-day period, at least ten copies and phonorecordsof one or more copyrighted works which had a total retail value ofmore than $2,500.

(All in violation of Title 17, UnitedStates Code, Section506(a)(1)(A) and Title 18,UnitedStates Code, Section 2319(b)(1))

75 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 76 of 90 PageID# 321

COUNT EIGHT

(18 U.S.C. §§ 2, 2319; 17 U.S.C. § 506 - Criminal Copyright Infringement By Electronic Means & Aiding and Abetting Criminal Copyright Infringement)

THE GRAND JURY CHARGES THAT:

97. For the 180 days up to and including October 31, 2007, in the Eastern District of

Virginia and elsewhere, the defendants,

KIM DOTCOM,

MEGAUPLOAD LIMITED,

VESTOR LIMITED,

FINN BATATO,

JULIUS BENCKO,

SVEN ECHTERNACH,

MATHIAS ORTMANN,

ANDRUS NOMM, and

BRAM VAN DER KOLK did willfully, and for purposes of commercial advantage and private financial gain, infringe copyrights from theYoutube.com platform, by reproducing anddistributing byelectronic means, during a 180-day period, at least tencopies and phonorecords of one or more copyrighted works which had a total retail value ofmore than $2,500.

(All in violation of Title 17,United StatesCode, Section506(a)(1)(A) and Title 18,United States Code, Section 2319(b)(1))

76 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 77 of 90 PageID# 322

COUNTS NINE THROUGH THIRTEEN

(18 U.S.C. §§2 and 1343- Fraud by Wire & Aiding and Abetting Fraud by Wire)

THE GRAND JURY CHARGES THAT:

98. The factual allegations in paragraphs 1 through 45 and 53 through 73 are re alleged and incorporated as ifset forth here in their entirety.

99. Beginning in at least September 2005 and continuing until January 19,2012, in the Eastern District ofVirginia and elsewhere, the defendants,

KIM DOTCOM,

MEGAUPLOAD LIMITED,

VESTOR LIMITED,

FINN BATATO,

JULIUS BENCKO,

SVEN ECHTERNACH,

MATHIAS ORTMANN,

ANDRUS NOMM, and

BRAM VAN DER KOLK knowingly devised and intendedto devise a scheme to defraudand to obtainmoney by means of materially false and fraudulent pretenses, representations and promises.

100. It was partof the scheme thatthedefendants and others would mislead copyright holders into believing that their notifications of infringing copies of copyrighted workswould result in the removal ofthe file or that access to the file would be disabled, when in fact, at best, only the link(s) identified by the copyright holder would be disabled.

77 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 78 of 90 PageID# 323

101. The scheme allowed infringing copies ofcopyrighted works to remain on the servers controlled by the MegaConspiracy and accessible to members of the public (as longas at least one link remained unknown to the copyright holderprovidingthe notification), and would further allow newlinks to the infringing copyto be created (eventhough the infringing copyhad already been identified as infringing by the copyright holder).

102. It wasfurther part of the scheme thatthe defendants and others wouldrepresent to copyright holders and others that repeat copyright infringers would have their user access terminated pursuant to terms of service announced bythe Mega Conspiracy, when, in fact, repeat infringers were allowed to continue theirinfringement andat times evenrewarded financially for it.

103. It was further partof the scheme that the Mega Conspiracy obtained advertising revenue as a resultof the continuedavailability of files knownto be infringing when members of the public were able to view and download them, and provided additional incentive for users to purchase premium subscriptions dueto continuous access to infringing copies of copyrighted works.

104. It was further part ofthe scheme to defraud that the defendants and others misrepresented theMega Conspiracy's Abuse Tool andnotice-and-takedown procedure in various e-mails to copyright holders and others as follows:

a. That notification through the Abuse Tool would "remove a batch offiles

from [Mega's] servers;"

b. That the takedown process enabled the copyright holders to "take down

illegal content in real time;"

78 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 79 of 90 PageID# 324

c. That the Mega Conspiracy would be "talcing great care in expeditiously

deleting any material reported to [them] through DMCA takedown

notices;"

d. That the "takedown tool" would "remove" videos and/or files "from our

system immediately;"

e. That the Abuse Tool grantedcopyrightholders "direct deletion rights,"

which allowed the rights holders to "take files and films offline

immediately."

f. That Megavideo was "one ofthe few online video communities that

ma[de] it impossible to fraudulently host full-length feature movies due to

a human-assisted automatic detection/deletion mechanism."

g. That identifying a URL link to infringing material though the Abuse Tool

would "take down material from Megavideo."

105. On or about the dates listed below, in the Eastem District ofVirginia and elsewhere, the defendants,

KIM DOTCOM,

MEGAUPLOAD LIMITED,

VESTOR LIMITED,

FINN BATATO,

JULIUS BENCKO,

SVEN ECHTERNACH,

MATHIAS ORTMANN,

ANDRUS NOMM, and

79 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 80 of 90 PageID# 325

BRAM VAN DER KOLK for the purpose ofexecuting the aforesaid scheme and aitifice to defraud and to obtain money and propeity by means ofmaterially false and fraudulent pretenses, representation and promises, knowingly transmitted and caused to be transmitted, in interstate and foreign commerce, the following described wire communications, including writings, signs, and signals:

COUNT APPROXIMATE DATE DESCRIPTION

Nine November 23,2010 A communication from a computer server in the Eastern District ofVirginia to a representative ofa copyright holder stating "1 file and 1 video removed from our system" in response to a takedown request that included a link to the 2010 version ofthe film "A Nightmare on Elm Street."

Ten March 9,2011 A communication from a computer server in the Eastern District ofVirginia to a representative ofa copyright holder stating "2 files removed from our system" in response to a takedown request that includedlinks to the 2009 version ofthe film "Friday the 13th" (in two parts).

Eleven March 11, 2011 A communication from a computer server in the Eastern District ofVirginia to a representative ofa copyright holder stating "2 files removed from our system" in response to a takedown request that included links to episodes ofthe television show "Modem Family."

Twelve April 30, 2011 A communication from a computer server in the Eastern District ofVirginia to a representative ofa copyright holder in response to a takedown request that included a link to the film "Fast Five."

Thirteen August 10, 2011 A communication from a computer server in the Eastern District ofVirginia to a representative ofa copyright holder stating "6 files and 6 videos removed from our system" in response to a takedown request that included links to the 2010 version ofthe film "A Nightmare on Elm Street."

80 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 81 of 90 PageID# 326

NOTICE OF FORFEITURE

(18 U.S.C. § 981(a)(1)(C); 18 U.S.C. § 982(a)(1); 18 U.S.C. § 1963; 18U.S.C. § 2323; 21 U.S.C. § 853; 28 U.S.C. § 2461(c))

106. The allegations contained in Counts One through Fourteen ofthis Indictment are herebyrealleged and incorporated by reference for the purpose ofalleging forfeiture.

THE GRAND JURY HEREBY FINDS THAT:

107. There is probable cause that the property described in this NOTICE OF

FORFEITURE is subject to forfeiture pursuant to the statutes described herein.

NOTICE AS TO COUNTS ONE THROUGH FOURTEEN AS TO ALL DEFENDANTS

108. Pursuant to Federal Rule ofCriminal Procedure 32.2(a), the United States of

America gives notice to all defendants that, in the event of a conviction by anydefendant of any ofthe offenses charged in Counts One through Fourteen ofthis Indictment, the United States intends to forfeit the property ofthat defendant as is further described in this NOTICE OF

FORFEITURE.

109. Pursuant to 18 U.S.C. § 1963, each defendant who is convicted ofan offense in violation of 18 U.S.C. § 1962, shall forfeit to the United States ofAmerica:

a. any interest that defendant has acquired or maintained in violation of Section 1962;

b. any interest in, security of, claim against, orproperty or contractual right of anykindaffording a source of influence over,anyenterprise which the defendant, his co-conspirators, his associates, and otherpersons knownor unknownto the grandjury have established, operated, controlled, conducted, or participated in the conduct of, in violation of Section 1962; and

c. any property constituting, or derived from, any proceeds which the defendant obtained, directly or indirectly, from racketeering activity or unlawful debt collection in violation of 1962.

81 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 82 of 90 PageID# 327

110. Pursuant to 18 U.S.C. § 981(a)(1)(C) and 28 U.S.C. § 2461(c), each defendant who is convicted ofconspiracy to commit copyright infringement, in violation of 18 U.S.C.

§§ 371 and 2319, shall forfeit to the United States of America any property, real or personal, which constitutes or is derived from proceeds traceable to the conspiracy.

111. Pursuantto 18 U.S.C. § 982(a)(1), each defendant who is convictedof conspiracy to laundermonetary instruments, in violation of 18 U.S.C. § 1956(h), shall forfeit to the United

Statesof America any property, real or personal, involvedin such offense, and any property traceable to such property.

112. Pursuant to 18 U.S.C. § 2323, each defendant who is convicted ofcriminal copyrightinfringement, in violation of 18 U.S.C. § 2319 and 17 U.S.C. § 506, shall forfeit to the

United States ofAmerica:

a. any article, the making or trafficking ofwhich is, prohibited under 18 U.S.C. § 2319 or 17 U.S.C. § 506;

b. anyproperty used, or intended to be used, in any manner or partto commit or facilitate the commissionofa violation of 18 U.S.C. § 2319 or 17 U.S.C. § 506; and

c. any property constitutingor derivedfrom any proceeds obtaineddirectly or indirectly as the result ofthe commission ofa violation of 18 U.S.C. §2319 or 17 U.S.C. §506.

113. Pursuant to 18 U.S.C. § 981(a)(1)(C) and 28 U.S.C. § 2461(c), each defendant who is convicted ofwire fraud, in violation of 18 U.S.C. § 1343, shall forfeit to the United States ofAmericaany property, real or personal, which constitutes or is derived from proceeds traceable to the wire fraud scheme.

82 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 83 of 90 PageID# 328

MONEY JUDGMENT

114. The United Statesof Americagivesnoticeto all defendants, that upon conviction of any defendant, a moneyjudgmentmaybe imposed on that defendant equal to thetotal value ofthe property subject to forfeiture, which is at least $175,000,000.

PROPERTY SUBJECT TO FORFEITURE

115. TheUnited States of America gives notice to all defendants, thatthe property to be forfeited includes, but is not limited to, the following:

1. $175,000,000 in United States dollars; 2. Bank ofNew Zealand, Account No. XX-XXXX-XXXX200-04, in the name of CleaverRichards TrustAccountfor MegastuffLimited; 3. Kiwibank, Account No. XX-XXXX-XXXX922-00, in the name of MegastuffLimited Nominee Account No. 1; 4. Hongkong and Shanghai Banking Corporation Limitedin Auckland, New Zealand, Account No. XXXXXXXXXXXX2088, in the name ofBRAM VAN DER KOLK; 5. Citibank, Account No. XXXXXX3053, in the nameof Megacard, Inc.; 6. Citibank, Account No.XXXXXX3066, in thename of Megasite, Inc.; 7. Stadtsparkasse Mtinchen, Account No. XXXX4734, in the name of FINN BATATO; 8. Commerzbank, Account No. XXXXXXXX4800, in the name of SVEN ECHTERNACH; 9. Deutsche BankAG,Account No. XXXXXXXXXXXXXXXX6600, in the name ofMATHIAS ORTMANN; 10. Computershare InvestorServices Limited, HolderNo. XXXX4385, in the nameof KIM DOTCOM (New Zealand Government Bonds); 11. Development BankofSingapore, AccountNo. XXXXXX0320, in the name ofMEGAUPLOAD LTD.; 12. Development Bank ofSingapore - Vickers Securities, Account No. XX1901, in the name ofMEGAUPLOAD LTD.; 13. Development Bank ofSingapore-Vickers Securities, Account No. XXX089-4, in the name ofMegamedia Ltd.;

83 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 84 of 90 PageID# 329

14. Hang Seng Bank Ltd., Account No. XXXXXX78-833, in the name of Megamedia Ltd.; 15. Hang Seng Bank, Account No. XXXXXXXX8001, in the name of Megamedia Ltd.; 16. Hang Seng Bank, Account No. XXX-XXXX48-382, in the name of Megamedia Ltd.; 17. Development Bank ofSingapore, Account No. XXXXX5252, in the name ofMegamusic Limited; 18. Development Bank ofSingapore, Account No. XXXXX0060, in the name ofMEGAUPLOAD LTD.; 19. Hang Seng Bank, Account No. XXX-XXXX75-883, in the name of MEGAUPLOAD LTD.; 20. Westpac Bank, Account No. XX-XXXX-XXXX847-02, in the name of Simpson Grierson Trust Account, holder KIM DOTCOM. 21. Hongkong and Shanghai Banking Corporation Limited, Account Nos. XXX-XXXXX6-220/XXXX6-201/XXXXX6-838, in the name of MEGAUPLOAD LTD.; 22. Hongkong and Shanghai Banking Corporation Limited, Account No. XXXXXXXX5833, in the name ofFINN BATATO; 23. Hongkong and Shanghai Banking Corporation Limited, Account No. XXX-XXXXX5-833, in the name ofan individual with the initials BVL; 24. Hongkong and Shanghai Banking Corporation Limited, Account No. XXXXXXXX8833, in the name ofANDRUS NOMM; 25. Hongkong and ShanghaiBanking Corporation Limited, Account No. XXXXXXXX3833, in the name ofBRAM VAN DER KOLK; 26. Hang Seng Bank Ltd., Account No. XXX-XXXX52-888, in the name of KIM TIM JIM VESTOR; 27. Hongkong and Shanghai Banking Corporation, Account No. XXXXXXXX7833, in the name ofSVEN ECHTERNACH; 28. Development Bank ofSingapore,Account No. XXXXXX6160, in the name ofVESTOR LIMITED; 29. Citibank (Hong Kong) Limited, Account No. XXXX8921, in the name of KIM TIM JIM VESTOR; 30. Hongkong and Shanghai Banking Corporation Limited, Account No. XXXXXXXX4833, in the name ofMATHIAS ORTMANN; 31. Hongkong and Shanghai Banking Corporation Limited, Account No. XXXXXXXX6888, in the name ofan individual with the initials JPLL;

84 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 85 of 90 PageID# 330

32. Hongkong and Shanghai Banking Corporation Limited, Account No. XXXXXXXX9833, in the name ofJULIUS BENCKO; 33. Hongkong and Shanghai Banking Corporation Limited, Account No. XXXXXXXX2838, in the name ofRNK Media Company; 34. Development Bank ofSingapore Hong Kong, Account No. XXXXXX6930, in the name ofA Limited; 35. Development Bank of Singapore, Account No. XXXXX1690, in the name ofA Limited; 36. Citibank (Hong Kong) Limited, Account No. XXXX6237, in the name of KIM TIM JIM VESTOR; 37. Development Bank of Singapore, Account No. XXXXXX9970, in the name ofKIM DOTCOM/KIM VESTOR; 38. Citibank (Hong Kong) Limited, Account No. XXXX8942, in the name of KIM TIM JIM VESTOR; 39. Hongkong and Shanghai Banking Corporation Limited, Account No. XXX-XXXX16-888, in the name ofKIM TIM JIM VESTOR; 40. Industrial and Commercial BankofChina(Asia) Limited (ICBC), Account No. XXXXXXXX8434, in the name ofMATHIAS ORTMANN; 41. Development Bank ofSingapore, Account No. XXXXXX4440, in the name ofMegapay Ltd.; 42. Development Bank of Singapore, Account No. XXX-XXX- XXXXXX8760, in the name ofMegastuffLtd.; 43. Hongkong and Shanghai Banking Corporation Limited, Account No. XXXXXXXX6838, in the name ofMEGAUPLOAD LTD.; 44. Development Bank of Singapore, Account No. XXX-XXX- XXXXXX8870, in the name ofN-l Limited; 45. Development Bank ofSingapore, Account No. XXX-XXX- XXXXXX1980, in the name ofN-l Limited; 46. Citibank (Hong Kong) Limited, Account No. XXXXX 0741, in the name ofKIM TIM JIM VESTOR; 47. Citibank (Hong Kong) Limited, AccountNo. XXXXX0768, in the name ofKIM TIM JIM VESTOR; 48. Citibank (Hong Kong) Limited, Account No. XXXXX1055, in the name ofKIM TIM JIM VESTOR; 49. Citibank (Hong Kong) Limited, Account No. XXXXX9938, in the name ofKIM TIM JIM VESTOR;

85 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 86 of 90 PageID# 331

50. Citibank (Hong Kong) Limited, Account No. XXXXX8948, in the name ofKIM TIM JIM VESTOR; 51. Hongkong and Shanghai Banking Corporation, Account No. XXXXXXXX0833, in the name ofan individual with the initials LRV; 52. Hongkong and Shanghai Banking Corporation, Account No. XXX- XXXXX04-888, in the name ofan individual with the initials WT; 53. Bank ofthe Philippine Islands, Account No. XXXXXX0069, in the name ofMegateam Limited; 54. Bank ofthe Philippine Islands, Account No. XXXXXX0264, in the name ofMegateam Limited; 55. Bank ofthe Philippine Islands, Account No. XXXXXX3627, in the name ofKIM SCHMITZ; 56. Bank ofthe Philippine Islands, Account No. XXXXXX7676, in the name ofKIM SCHMITZ; 57. Rabobank Nederland, Account No. NLXXXXXXXXXXXX7300, in the name ofBramos BV; 58. Hongkong and Shanghai Banking Corporation Australia, Account No. XXXXXXXX0087, in the name ofMATHIAS ORTMANN; 59. Ceskoslovenska Obchodna Banka Slovakia, Account No. XXXXXXXX9833, in the name ofJULIUS BENCKO; 60. Paypal Inc., account [email protected]; 61. Paypal Inc., account belonging to KIM DOTCOM ([email protected]); 62. Paypal Inc., accounts belonging to SVEN ECHTERNACH ([email protected], [email protected], and [email protected]); 63. Paypal Inc., account belonging to BRAM VAN DER KOLK ([email protected]); 64. Moneybookers Limited, account belonging to [email protected]; 65. Moneybookers Limited, account belonging to [email protected]; 66. 2010 Maserati GranCabrio, VIN ZAMKM45B000051328, License Plate No. "M-FB 212" or "DH-GC 470", registered to FINN BATATO; 67. 2009 Mercedes-Benz E500 Coupe, VIN WDD20737225019582, License Plate No. "FEG690":

86 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 87 of 90 PageID# 332

68. 2005 Mercedes-Benz CLK DTM, VIN WDB2093422F165517, License Plate No. "GOOD"; 69. 2004 Mercedes-Benz CLK DTM AMG 5.5L Kompressor, VIN WDB2093422F166073, License Plate No. "EVIL"; 70. 2010 Mercedes-Benz S65 AMG L, VIN WDD2211792A324354, License Plate No. "CEO"; 71. 2008 Rolls-Royce Phantom Drop Head Coupe, VIN SCA2D68096UH07049; License Plate No. "GOD"; 72. 2010 Mercedes-Benz E63 AMG, VIN WDD2120772A103834, License Plate No. "STONED"; 73. 2010 Mini Cooper S Coupe, VIN WMWZG32000TZ03651, License Plate No. "V"; 74. 2010 Mercedes-Benz ML63 AMG, VIN WDC1641772A608055, License Plate No. "GUILTY"; 75. 2007 Mercedes-Benz CL65 AMG, VIN WDD2163792A025130, License Plate No. "KIMCOM"; 76. 2009 Mercedes-Benz ML63 AMG, VIN WDC1641772A542449, License Plate No. "MAFIA"; 77. 2010 Toyota Vellfire, VIN 7AT0H65MX11041670, License Plate Nos. "WOW" or "7"; 78. 2011 Mercedes-Benz G55 AMG, VIN WDB4632702X193395, License Plate No "GDS672"; 79. 2011 Toyota Hilux, VIN MR0FZ29G001599926, License Plate * No. "FSN455"; 80. Harley Davidson Motorcycle, VIN 1HD1HPH3XBC803936, License Plate No. "36YED"; 81. 2010 Mercedes-Benz CL63 AMG, VIN WDD2163742A026653, License Plate No. "HACKER"; 82. 2005 Mercedes-Benz A170, VIN WDD1690322J184595, License Plate No. "FUR252"; 83. 2005 Mercedes-Benz ML500, VIN WDC1641752A026107, License Plate N0.DFF8I6; 84. Fiberglass sculpture, imported from the United Kingdom with Entry No. 83023712;

85. 1957 Cadillac El Dorado, VIN 5770137596;

86. 2010 Sea-Doo GTX Jet Ski, VIN YDV03103E010;

87 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 88 of 90 PageID# 333

87. 1959 Cadillac Series 62 Convertible, VIN 59F115669; 88. Von Dutch Kustom Motor Bike, VIN 1H9S14955BB451257; 89. 2006 Mercedes-Benz CLK DTM, VIN WDB2094421T067269; 90. 2010 Mini Cooper S Coupe, VIN WMWZG32000TZ03648 License Plate No. "T"; 91. 1989 Lamborghini LM002, VIN ZA9LU45AXKLA12158, License Plate No. "FRP358"; 92. 2011 Mercedes-Benz ML63, VIN 4JGBB7HB0BA666219; 93. Samsung 820DXN 82" LCD TV; 94. Samsung 820DXN 82" LCD TV; 95. Samsung 820DXN 82" LCD TV; 96. Devon Works LLC, Tread #1 time piece; 97. Artwork, In High Spirits, OlafMueller photos from The Cat Street Gallery; 98. Sharp 108" LCD Display TV; 99. Sharp 108" LCD Display TV; 100. Sony PMW-F3K Camera S/N 0200231; 101. Sony PMW-F3K Camera S/N 0200561; 102. Artwork, Predator Statue;

103. Artwork, Christian Colin; 104. Artwork, Anonymous Hooded Sculpture; 105. 2009 Mercedes-Benz ML350 CDI4MATIC Off-Roader; 106. Sharp LC-65XS1M 65" LCD TV; 107. Sharp LC-65XS1M 65" LCD TV; 108. TVLogic 56" LUM56W TV; 109. Sixty (60) Dell R710 computer servers; 110. The following domain names: Megastuff.co; Megaworld.com; Megaclicks.co; Megastuff.info; Megaclicks.org; Megaworld.mobi; Megastuff.org; Megaclick.us; Mageclick.com; HDmegaporn.com; Megavkdeo.com; Megaupload.com; Megaupload.org; Megarotic.com; Megaclick.com; Megavideo.com; Megavideoclips.com; Megaporn.com; 111. HSBC Australia, Account No. XXXXXXXX0087, in the name of MATHIAS ORTMAN;

88 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 89 of 90 PageID# 334

112. HSBC Australia, Account No. XXXXXXXX7118, in the name of MATHIAS ORTMAN; 113. The property at 5G The Prom, Coatesville, Auckland 0793, New Zealand, being all that parcel ofland on Certificate ofTitle Number 341889, Auckland Registry; 114. The property at 5H The Prom, Coatesville, Auckland 0793, New Zealand, being all that parcel ofland on Certificate ofTitle Number 341890 on Deposited Plan 385357,Auckland Registry; 115. Seadoo jet ski, serial number YDV00375L910; 116. Seadoo jet ski, serial number YDV00385L910; 117. Seadoo jet ski, serial number YDV03091E010; 118. 2011 Mercedes-Benz G55 AMG, VIN WDB4632702X191902, License . Plate No. "POLICE"; 119. Diamond ring, with 18ct white gold band; 120. Diamond-encrusted 18ct white gold crucifix, with stones; 121. Diamond-encrusted white gold bracelet, with blue and white stones; 122. Louis Vuitton Tambour Bijou watch, white; 123. Louis Vuitton Tambour Bijou watch, black; 124. Diamond-encrusted sapphire ring; 125. Hublot King Power watch, serial number 848929 03/500; 126. Hublot King Power watch, serial number 818517 58/500; 127. Breitiing watch, yellow face, serial number FCCIDOPFE56X21YE76321; 128. Breitiingwatch, whiteface, serial number FCCIDOPFE56X21YA73322; 129. Bell & Ross BR01-92S watch, blue face, serial number BLU-406/500; 130. Bell & Ross BR01-92S watch, yellow face, serial number YLW-272/500; 131. Rolex OysterPerpetual watch, black face, with inscription: "Winner Rolex 24 AD Daytona 1992"; 132. Rolex OysterPerpetual watch, whiteface, with inscription: "Winner Rolex 24 AD Daytona 1992"; and 133. Chanel diamond-encrusted watch, black face, serial number SD54809.

89 Case 1:12-cr-00003-LO Document 34 Filed 02/16/12 Page 90 of 90 PageID# 335

SUBSTITUTE ASSETS

116. If any ofthe property describedabove, as a result of any act or omission of the defendants,

a. cannot be located upon the exercise ofdue diligence; b. has been transferred or sold to, or deposited with, a third party; c. has been placed beyond the jurisdiction ofthe court; d. has been substantially diminished in value; or e. has been commingled with other property which cannot be divided without difficulty, the United States ofAmerica shall be entitled to and intends to seek forfeiture of substitute property pursuant to 18 U.S.C. § 1963(m)and 21 U.S.C. § 853(p), as incorporated by 18 U.S.C.

§§ 982(b)(1) and 2323(b)(2), and 28 U.S.C. § 2461(c).

(Pursuant to 18 U.S.C. §§ 981, 982, 1963 &2323; 21 U.S.C. § 853; 28 U.S.C. § 2461)

NEIL H. MACBRIDE A TRUE BILL: UNITED STATES ATTORNEY Pursuant to the E-Govemmcnl Act, the original af thispage haa been filed under seal iu the Clerk's Office.

JAY V. PRABHU Foreperson ofthe Grand Jury CHIEF, CYBERCRIME UNIT ASSISTANT UNITED STATES ATTORNEY

RYAN K. DICKEY ASSISTANT UNITED STATES ATTORNEY

LANNY A. BREUER ASSISTANT ATTORNEY GENERAL U.S. Department ofJustice Criminal Division

GLENN C. ALEXANDER TRIAL ATTORNEY U.S. Department ofJustice Computer Crime & Intellectual Property Section