When the Australian Financial Review blew open a new front in News Corporation’s ongoing scandals last week, it did so with the help of DocumentCloud.
That’s because the Financial Review’s investigation hinged on 14,400 emails connected to the NDS Group, of which News Corp holds a minority stake, that implicate the tech company in a plan to undercut rivals by hacking their satellite TV software. All those emails? Indexed, annotated, and hosted on DocumentCloud. Or at least they were until recently, when attorneys for NDS asked that the emails be taken down.
On Saturday, NDS — which has confirmed the authenticity of the emails through legal correspondence with The Australian Financial Review and DocumentCloud — asked that they be removed.
DocumentCloud asked Fairfax Media, publisher of the Financial Review, to indemnify it against any future legal action. Fairfax Media declined to give this assurance.
The emails are already, in Internet fashion, out there, and the Financial Review has already began rehosting some of them in .zip form on its own server.
What’s interesting about this story is it demonstrates the tricky position DocumentCloud can find itself in when acting as an intermediate layer for sensitive information. Just as Amazon opened itself up to political pressure when it hosted WikiLeaks on its cloud service, DocumentCloud could face potential legal risk for the documents it hosts.
That’s a line DocumentCloud lays this out fairly clearly in its terms of service, which includes language stating users will not use DocumentCloud “to publish or otherwise make public (collectively “publish”) documents that you do not have the legal right to distribute publicly” or “to infringe any copyright, trademark, patent, or other proprietary rights of any person.”
When I spoke to Mark Horvit, executive director of Investigative Reporters and Editors, he said the Australian Financial Review case is only the second take down notice they’ve faced since DocumentCloud became a part of IRE last year and the first time they’ve had to remove information from the site. In the other case, lawyers claimed, under the Digital Millennium Copyright Act, that hosted documents infringed on copyright. In the Australian case, the legal claim centered on the allegation that the documents contained confidential information and potential trade secrets, Horvit said.
Horvit said they followed the same procedure they always do when contacted by an attorney about removing documents, asking the news organization if, first, it can provide justification (legal or otherwise) for posting certain information, and second, if it will indemnify DocumentCloud against any legal action. Horvit said Financial Review and its parent company declined to do both, which meant the emails were taken down.
It’s important to note that, along with its hosted service, DocumentCloud releases its work as open source software. That means any news organization — or anyone else — is free to use DocumentCloud’s code to build its own hosted version, on its own secure server, with many of the same capabilities, Aron Pilhofer, DocumentCloud’s co-founder told me. Pilhofer, who is also interactive news editor at The New York Times, said that provides a little bit of breathing room for news organizations whose lawyers may be wary of exposing newspapers to risk through partnering with a third-party. “Our goal was to protect both our members, but also provide protection for newspapers,” he said.
When I asked Jeff Hermes, director of the Digital Media Law Project, about what protections news outlets and partners such as DocumentCloud have in cases like this, he told me there is some precedent that favors protecting news providers. Over email, Hermes said it’s uncertain if that also includes sites that collaborate with news outlets. (Not to mention that adding Australian law into the mix would complicate things further.)
In the U.S., the Supreme Court held in Bartnicki v. Vopper that the First Amendment protects the republication by a news outlet of illegally-obtained material on a matter of public importance, so long as the news outlet did not itself participate in the illegal activity. (In the Bartnicki case, the material at issue was an illegal recording of a conversation between a labor official and other union members about a strike which was leaked to a media defendant; the media defendant had nothing to do with making the recording.) Ever since Wikileaks burst upon the scene, it has been a matter of debate whether Bartnicki extends to online hosting services.