Synopsys, Inc. v. Ubiquiti Networks, Inc. et al
Filing
123
ORDER by Judge Laurel Beeler adjudicating 109 Discovery Letter Brief.As set forth in the attached order, the court holds that Ubiquiti's Taiwanese computers are not per se outside the scope of relevant discovery merely because they are located outside the United States.As the court previously advised the parties, discovery, including any forensic inspections of the computers, must comply with the standard discovery factors, including proportionality, burden, and the defen dants' legitimate interests in maintaining the integrity of their systems and the confidentiality of their data. If the parties have not yet reached an agreement, they must meet and confer regarding an appropriate inspection protocol. (lblc1S, COURT STAFF) (Filed on 1/29/2018)
1
2
3
4
5
6
7
8
UNITED STATES DISTRICT COURT
9
NORTHERN DISTRICT OF CALIFORNIA
10
San Francisco Division
United States District Court
Northern District of California
11
SYNOPSYS, INC.,
Plaintiff,
12
13
14
15
Case No. 17-cv-00561-WHO (LB)
v.
UBIQUITI NETWORKS, INC., et al.,
Defendants.
ORDER THAT TAIWANESE
COMPUTERS ARE NOT PER SE
OUTSIDE THE SCOPE OF
DISCOVERY
Re: ECF Nos. 99, 105, 109, 110
16
17
INTRODUCTION
18
This lawsuit centers on allegations by plaintiff Synopsys, Inc. (“Synopsys”), a software
19
company, that the defendants (collectively, “Ubiquiti”) “pirated” its software by installing it on
20
Ubiquiti’s computers and then using counterfeit license keys to run the software without obtaining
21
a valid license. Among other claims, Synopsys alleges that Ubiquiti (1) circumvented
22
technological measures that control access to copyrighted software, in violation of the Digital
23
Millennium Copyright Act (“DMCA”), 17 U.S.C. § 1201(a)(1), and (2) committed fraud in
24
representing to Synopsys that it was interested in entering into a license agreement to obtain
25
Synopsys software when it in fact was planning to use counterfeit license keys. Synopsys issued
26
discovery requests to “forensically inspect” Ubiquiti’s computers for evidence to support its
27
claims. Ubiquiti objects to Synopsys’s requests.
28
ORDER – No. 17-cv-00561-WHO (LB)
The parties’ discovery dispute involves two issues: (1) relevance and (2) burden. The parties’
1
briefs focus almost entirely on relevance. Ubiquiti’s main argument is that all but two of the
3
computers at issue are located outside the United States, the DMCA and U.S. copyright law do not
4
impose liability for activity that occurred outside the United States, and hence the computers
5
outside the United States are not relevant to Synopsys’s claims and should be excluded from
6
discovery. Synopsys disagrees with Ubiquiti’s factual and legal contentions. As for burden, the
7
court previously instructed the parties to meet and confer on the specifics of an appropriate
8
inspection protocol and, if they were unable to agree on a solution, to submit a joint letter brief
9
with their respective positions on how inspection would work, exactly what would be inspected,
10
and what burdens that inspection might impose.1 The parties have not reached an agreement or
11
United States District Court
Northern District of California
2
submitted a joint letter brief with this information.2
12
The court held a hearing on January 25, 2018. Because the parties did not raise burden
13
arguments before the hearing, this order does not address burden issues and addresses only the
14
parties’ relevance arguments. The court holds that Ubiquiti computers are not per se outside the
15
scope of relevant discovery merely because they are located outside the United States.
16
17
18
19
20
STATEMENT
1. Synopsys Claims That Its Data Shows That Ubiquiti Circumvented Its Software’s
License-Key-Protection System Approximately 39,000 Times
Synopsys is a world leader in semiconductor design software.3 Ubiquiti develops networking
technology and, among other things, designs semiconductor chips for use in its products.4
21
22
Synopsys alleges that Ubiquiti downloaded Synopsys electronic design automation (“EDA”)
software onto Ubiquiti computers.5 Synopsys alleges that its software will not run without a
23
24
See Order – ECF No. 104 at 2, 5–6. Citations refer to material in the Electronic Case File (“ECF”);
pinpoint citations are to the ECF-generated page numbers at the top of documents.
1
25
2
See Letters – ECF Nos. 111, 114, 117–119.
3
Joint Case Mgmt. Statement – ECF No. 98 at 2.
27
4
Id.
28
5
Id. at 3.
26
ORDER – No. 17-cv-00561-WHO (LB)
2
1
license key and that Ubiquiti has been using counterfeit license keys since at least February 2014
2
to access and run Synopsys software on its computers without obtaining a valid license.6
This software has a built-in feature: according to Synopsys, its software transmits basic
3
4
information about computers that use counterfeit license keys, such as the computers’ MAC
5
addresses, IP addresses, and server host names, back to Synopsys.7 The parties refer to this
6
transmission as “call-home” or “phone-home” data. Synopsys claims that call-home data here
7
shows that Ubiquiti used counterfeit license keys over 39,000 times to access Synopsys software.8
8
9
10
United States District Court
Northern District of California
11
12
2. Ubiquiti Installed Synopsys Software on Taiwanese Computer Servers, and U.S.
Employees Remotely Connected to Those Servers to Run Synopsys Software
Ubiquiti acknowledges that it installed Synopsys software on a “storage array” in Taiwan that
is accessed through three computer servers located in Taiwan.9 Ubiquiti employees can access and
run the software by using their local laptops or desktops and remotely connecting to the servers.10
13
Ubiquiti also acknowledges that when its employees remotely access its servers to run
14
Synopsys software, Synopsys’s call-home data reports the MAC address and host name of the
15
server (or virtual machines running on the server), not the MAC address or host name of the
16
employee’s local computer.11 Similarly, the call-home data reports the user name of the account
17
profile on the server that the employee uses to remotely log on, not the user name of the account
18
profile the employee has on his local computer.12 Additionally, Synopsys asserts that the call-
19
home data reports the IP address and the country location of the server, not the IP address or the
20
country location of the end user.13
21
22
6
Id. Ubiquiti disputes that a license key is necessary to run Synopsys software. Id.
23
7
Joint Letter Br. – ECF No. 99 at 2.
8
Joint Case Mgmt. Statement – ECF No. 98 at 3; Joint Letter Br. – ECF No. 99 at 4.
9
Tsai Decl. – ECF No. 105-5 at 4 (¶ 12).
24
25
26
10
Id. at 4–5 (¶ 13). Synopsys alleges that Ubiquiti installed Synopsys software on other computers in
addition to these three servers as well. Jan. 25, 2018 Hr’g.
11
See Nazarian Decl. – ECF No. 105-1 at 4 (¶¶ 9–11); Tsai Decl. – ECF No. 105-5 at 3–5 (¶¶ 7–13).
27
12
See Tsai Decl. – ECF No. 105-5 at 5–6 (¶ 17).
28
13
Jan. 25, 2018 Hr’g.
ORDER – No. 17-cv-00561-WHO (LB)
3
1
2
3
4
5
6
7
8
9
10
United States District Court
Northern District of California
11
12
13
14
15
16
Ubiquiti maintains that of the approximately 39,000 alleged circumventions identified in
17
18
Synopsys’s call-home data, only 626 correspond to an IP address originating in the United
19
States.14 The remaining 38,000 or so call-home entries show an IP address in Taiwan.15 Synopsys
20
does not dispute these statistics. Ubiquiti then argues that these IP addresses show that “all but 626
21
of the alleged acts of circumvention took place entirely outside the United States[.]”16 Synopsys
22
disputes this characterization and argues that if an end user located in the United States remotely
23
connects to a server in Taiwan and then accesses Synopsys software installed on the server, the
24
call-home data would report an IP address originating in Taiwan (the server’s IP address), despite
25
26
14
Ubiquiti Br. – ECF No. 105 at 3–4; Taylor Decl. – ECF No. 105-2 at 3 (¶ 6).
27
15
Ubiquiti Br. – ECF No. 105 at 4; Taylor Decl. – ECF No. 105-2 at 3 (¶ 6).
28
16
Ubiquiti Br. – ECF No. 105 at 2.
ORDER – No. 17-cv-00561-WHO (LB)
4
1
the fact that the end user is located in the United States.17 It is undisputed that at least one U.S.-
2
based Ubiquiti employee, Ching-Han Tsai (who has also been named as an individual defendant),
3
used Synopsys software and that he did so on at least some occasions by logging in remotely from
4
the United States to Ubiquiti servers in Taiwan.18 According to Synopsys, on at least some of
5
these occasions, the call-home data reported a Taiwanese IP address, not a U.S. IP address.19
6
7
ANALYSIS
It is important to recall exactly what is before the court. This is a discovery motion. It is not a
8
9
dispositive motion on the merits of Synopsys’s claims. Synopsys is not limited to admissible
evidence and need not prove its claims at this juncture. It must only show that, given its claims,
11
United States District Court
Northern District of California
10
the discovery it requests is (1) relevant and (2) proportional to the needs of this case. See Fed. R.
12
Civ. P. 26(b)(1). “Information . . . need not be admissible in evidence to be discoverable.” Id. In
13
deciding whether the plaintiff has made that showing, the court can consider even inadmissible
14
evidence. Cf. Fed. R. Evid. 104. See generally, e.g., Goes Int’l, AB v. Dodur, Ltd., No. 14-cv-
15
05666-LB, 2016 WL 427369, at *2 (N.D. Cal. Feb. 4, 2016).
16
The parties have not presented specifics as to exactly what a forensic inspection would cover,
17
and hence the court does not rule on the relevance (much less on the proportionality or burden) of
18
any particular forensic artifact that may be on Ubiquiti’s computers. The court is not issuing a
19
blanket approval of a forensic inspection. But nor may Ubiquiti assert a blanket claim that its
20
Taiwanese computers are not relevant to Synopsys’s claims. As discussed below, Ubiquiti’s
21
Taiwanese computers and the forensic artifacts on them may be relevant to the case.
22
23
24
25
26
17
Jan. 25, 2018 Hr’g.
27
18
Tsai Decl. – ECF No. 105-5 at 5 (¶¶ 14, 16).
28
19
Jan. 25, 2018 Hr’g.
ORDER – No. 17-cv-00561-WHO (LB)
5
1
1. Ubiquiti’s Taiwanese Computers May Be Relevant to Synopsys’s DMCA Claims
Among other things, the DMCA provides that “[n]o person shall circumvent a technological
3
measure that effectively controls access to a work protected under this title” (i.e., a copyrighted
4
work). 17 U.S.C. § 1201(a)(1)(A).20 At least for the purposes of this discovery motion, the parties
5
do not dispute that (1) Synopsys’s software is a copyrighted work, (2) Synopsys’s license-key
6
system is a technological measure that controls access to its software, and (3) the use of
7
counterfeit license keys to access and run Synopsys software would be circumventing a
8
technological measure that controls access to a copyrighted work. Instead, the central dispute
9
between the parties is this: when an end user connects to a remote server and, through that remote
10
server, circumvents a technological measure that controls access to a copyrighted work, where is
11
United States District Court
Northern District of California
2
that circumvention deemed to have taken place, and how (if at all) does that affect whether the
12
circumvention gives rise to DMCA liability?
Ubiquiti asserts that the DMCA does not cover circumventions that take place entirely outside
13
14
the United States, citing Subafilms, Ltd. v. MGM-Pathe Communications Co., 24 F.3d 1088 (9th
15
Cir. 1994) (en banc). There, the Ninth Circuit held that “United States copyright laws do not reach
16
acts of infringement that take place entirely abroad.” Id. at 1098. Synopsys does not seriously
17
contest that proposition.21 Ubiquiti also asserts that the DMCA does not cover circumventions that
18
are “initiated” in the United States but are “completed” in a foreign country. Synopsys disputes
19
that proposition.
The parties have not identified (and the court is not aware of) any case that has addressed the
20
21
question of cross-border circumventions under the DMCA. The parties have therefore drawn
22
“[T]o ‘circumvent a technological measure’ means to descramble a scrambled work, to decrypt an
encrypted work, or otherwise to avoid, bypass, remove, deactivate, or impair a technological measure,
without the authority of the copyright owner,” and “a technological measure ‘effectively controls
access to a work’ if the measure, in the ordinary course of its operation, requires the application of
information, or a process or a treatment, with the authority of the copyright owner, to gain access to
the work.” 17 U.S.C. § 1201(a)(3).
20
23
24
25
26
27
28
21
Synopsys notes in passing that traditional copyright law might not apply to a DMCA
extraterritoriality analysis, Synopsys Opp’n – ECF No. 109 at 12 n.8, but its primary argument is that
“[a]ssuming arguendo for the purposes of this motion that traditional copyright jurisprudence provides
the appropriate rubric for analysis of extraterritoriality of the DMCA, Defendants’ argument fails on
its own terms,” id. at 12.
ORDER – No. 17-cv-00561-WHO (LB)
6
1
analogies to, and have cited cases addressing, cross-border violations of the exclusive rights
2
granted under the general Copyright Act of 1976. As a threshold matter, it is not clear that cases
3
addressing violations of the general Copyright Act control how a court should address violations
4
of the DMCA. See generally MDY Indus., LLC v. Blizzard Entm’t, Inc., 629 F.3d 928, 944–45 (9th
5
Cir. 2016) (“[17 U.S.C.] § 1201(a) prohibits the circumvention of any technological measure that
6
effectively controls access to a protected work and grants copyright owners the right to enforce
7
that prohibition. . . . Historically speaking, preventing ‘access’ to a protected work in itself has not
8
been a right of a copyright owner arising from the Copyright Act. . . . Accordingly, we read this
9
term as extending a new form of protection[.]”).22 But even assuming that cases addressing
violations of the general Copyright Act provide guidance for assessing violations of the DMCA,
11
United States District Court
Northern District of California
10
Synopsys can make a plausible argument under those cases that Ubiquiti’s alleged activities are
12
sufficiently related to the United States to give rise to DMCA liability.
13
The parties dispute exactly how Ubiquiti allegedly circumvented Synopsys’s license-key-
14
protection system. Synopsys maintains that Ubiquiti had to pass a license-key check every time it
15
wanted to access and run Synopsys software.23 The parties have not provided more detail as to
16
what exactly Ubiquiti might have done (and may not know at this juncture). It thus may be helpful
17
to consider a hypothetical set of facts for the purpose of addressing Ubiquiti’s legal arguments.
18
22
19
20
21
22
23
24
25
26
27
28
For example, one case cited by the parties, Allarcom Pay Television, Ltd. v. General Instrument
Corp., 69 F.3d 381 (9th Cir. 1993), addressed a defendant located in the United States that allegedly
broadcast copyrighted television programs via satellite to viewers in Canada. See id. at 387. The Ninth
Circuit held there that “the potential infringement was only completed in Canada once the signal was
received and viewed. Accordingly, U.S. copyright law did not apply[.]” Id. But the right at issue in that
case was the performance of a copyrighted work, which is not a violation of the Copyright Act unless
the performance is public. See 17 U.S.C. § 106 (“Subject to sections 107 through 122, the owner of
copyright under this title has the exclusive rights to do and to authorize any of the following: . . . in the
case of . . . motion pictures and other audiovisual works, to perform the copyrighted work publicly[.]”)
(emphasis added). “To perform or display a work ‘publicly’ means,” among other things, “to transmit
or otherwise communicate a performance or display of the work . . . to the public,” and “[t]o ‘transmit’
a performance or display is to communicate it by any device or process whereby images or sounds are
received beyond the place from which they are sent.” 17 U.S.C. § 101. Consequently, the potential
copyright infringement in that case arising from the broadcast of television signals (in the United
States) was “completed” only when the signal was transmitted and received by the public (in Canada).
But it is not a given that the reasoning of that case can be extended to an act of circumvention as
defined in the DMCA, which has no analogous “publicly,” “transmit,” or “received” requirement. See
17 U.S.C. § 1201(a)(1).
23
Jan. 25, 2018 Hr’g.
ORDER – No. 17-cv-00561-WHO (LB)
7
Suppose that to circumvent Synopsys’s license-key-protection system, Ubiquiti downloaded a
1
2
“key generator” program from a “hacker website” onto a Taiwanese computer server.24 Then,
3
when Ubiquiti employees located in the United States (like Mr. Tsai) wanted to use Synopsys
4
software, they logged onto that remote server and ran the key-generator program, which generated
5
counterfeit license keys that the employees then used to access the software. In this hypothetical,
6
the counterfeit-license-key generator and the use of a counterfeit key to access Synopsys’s
7
software run from a remote server in Taiwan, but they run only when an end user in the United
8
States inputs computer commands from his local computer (by typing on his keyboard or moving
9
his mouse), and those commands then are transmitted to the remote server and instruct the server
10
to run the key generator and access Synopsys software.
United States District Court
Northern District of California
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
See Second Amend. Compl. – ECF No. 73 at 7 (¶ 28) (“Since at least February 2014, Tsai, Ubiquiti,
and UNIL have been secretly using counterfeit keys obtained and/or created with tools obtained
through hacker websites to circumvent the Synopsys License Key system and access and use
Synopsys’ EDA software . . . without a valid license.”).
24
27
28
ORDER – No. 17-cv-00561-WHO (LB)
8
1
As noted above, the parties have not identified any cases where a court has addressed whether
a remote act of circumvention, like the one in the hypothetical above, is an act by the remote
3
server in Taiwan outside of the United States, or an act by the end user within the United States.
4
At least one court has addressed the analogous situation, however, of whether a remote act of
5
copying (as opposed to circumvention) is an act by the remote server or by the end user. In
6
Cartoon Network LP, LLLP v. CSC Holdings, Inc., 536 F.3d 121 (2d Cir. 2008), the Second
7
Circuit examined a system involving a remote server for digital video recorders (“DVRs”),
8
analogous to the remote servers at issue here. The system there allowed end users to record
9
television programs by pressing a button on their remote controls. See id. at 125. A signal then
10
was sent from the end user’s remote control in the user’s home to the cable company’s server in
11
United States District Court
Northern District of California
2
the company’s central facility. See id. The server then made a copy of the television program and
12
saved it on a hard drive that the cable company maintained at a remote location. See id. at 124.
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
ORDER – No. 17-cv-00561-WHO (LB)
9
1
The question that the Cartoon Network court confronted was “who made this copy”: the end
2
user or the remote server? Id. at 130 (emphasis in original). The court answered by holding that
3
“copies produced by the [remote storage]-DVR system are ‘made’ by the RS-DVR customer,” not
4
the remote server, id. at 133, because “the person who actually presses the button to make the
5
recording, supplies the necessary element of volition,” id. at 131.25
By analogy, just as an end user who presses a button and thereby inputs the command to
6
record a television program is making a copy of the program under the Copyright Act (even if that
8
television program is saved on a remote server), an end user who inputs commands to use a
9
counterfeit license key to bypass a software-protection system may be engaging in an act of
10
circumvention under the DMCA (even if that counterfeit key and software are installed on a
11
United States District Court
Northern District of California
7
remote server). If that end user is located in the United States, his circumvention might give rise to
12
DMCA liability despite its cross-border nature. See generally Automattic Inc. v. Steiner, 82 F.
13
Supp. 3d 1011, 1028 (N.D. Cal. 2015) (holding in the context of a different DMCA provision that
14
“the application of the [DMCA] is not extraterritorial” when “key elements of the cause of action
15
were performed in [the United States]”).26
Ubiquiti, for its part, proposes an alternative hypothetical where, instead of using a license-
16
17
key-generator program, some person or persons outside the United States “hacked” the Synopsys
18
software to remove the license-key-protection system entirely, so that after that one act of
19
25
20
21
22
23
24
25
26
27
28
The Ninth Circuit cited Cartoon Network with approval in Fox Broadcasting Company, Inc. v. Dish
Network L.L.C., 747 F.3d 1060 (9th Cir. 2014), another copyright case involving DVRs. Unlike the
DVRs in Cartoon Network, the DVRs in Fox made copies of television programs on local hard drives
in set-top boxes in the users’ homes, not on remote hard drives on a central server, see id. at 1065, and
hence the issue of remote connections was not present in that case in the same way it was in Cartoon
Network. Regarding the underlying question of “who made the copies,” however, the Ninth Circuit
cited Cartoon Network and held that because the DVR system “creates the copy only in response to the
user’s command. . . . the district court did not err in concluding that the user, not [the DVR system],
makes the copy.” Id. at 1067; accord Perfect 10, Inc. v. Giganews, Inc., 847 F.3d 657, 670 (9th Cir.
2017) (“Operating a system used to make copies at the user’s command does not mean that the system
operator, rather than the user, caused copies to made.”) (internal brackets omitted) (quoting Fox, 747
F.3d at 1067).
26
Whether the remote server, in addition to the end user, also is engaging in circumvention is a
question the court need not answer here. Additionally, the court need not answer whether the owner of
the remote server, by allowing users to connect and run key-generator programs on its server, might be
violating other DMCA provisions, such as the DMCA’s prohibition on trafficking in services that are
primarily designed or produced for the purpose of circumvention, 17 U.S.C. §§ 1201(a)(2), 1201(b)(1).
ORDER – No. 17-cv-00561-WHO (LB)
10
1
circumvention, the software never again checked any license keys.27 Ubiquiti users located in the
2
United States then ran Synopsys software only after this hacking was completed, so those U.S.
3
users were never prompted for a license key and never generated a counterfeit license key
4
themselves. Ubiquiti argues that in that case, no DMCA liability would attach because in this
5
second hypothetical (unlike the first), the act of circumvention took place entirely outside the
6
United States, and the U.S. users’ subsequent access to the Synopsys software, separate and apart
7
from the acts of circumvention, does not violate the DMCA.28
The court need not decide at this juncture whether Ubiquiti would have no DMCA liability in
8
9
that particular fact scenario. In the context of the current discovery dispute, it is enough to say that
there are at least some fact scenarios (such as the first hypothetical) in which Ubiquiti may have
11
United States District Court
Northern District of California
10
potential DMCA liability, and hence discovery is necessary to determine what the actual facts are.
12
Certainly, the factual record is too embryonic to rule that Ubiquiti’s Taiwanese computers cannot
13
be relevant to a valid DMCA claim as a matter of law. Cf. Goes, 2016 WL 427369, at *2. What
14
exactly Ubiquiti did and did not do vis-à-vis Synopsys’s license-key-protection system may
15
matter, and discovery into Ubiquiti’s Taiwanese computers is thus relevant to determine exactly
16
what Ubiquiti did and did not do.
17
18
2. The “Server Test” That Ubiquiti Cites Is Inapposite
Ubiquiti argues that in Perfect 10, Inc. v. Amazon.com, Inc., 508 F.3d 1146 (9th Cir. 2007), the
19
20
Ninth Circuit established a “server test,” and that under this test, “it is clear that the site of the
21
violative act (the alleged use of ‘counterfeit’ license keys to circumvent Synopsys’ license-key
22
system) are the servers that actually hosted Synopsys software — because that is the only place
23
where the act could be completed — and not an employee computer that remotely initiated the act
24
25
27
26
Jan. 25, 2018 Hr’g.
See Ubiquiti Reply Br. – ECF No. 110 at 4 & n.3 (arguing that “the act of accessing a copyrighted
work after a technological measure has been circumvented, as opposed to the circumvention itself,”
does not violate 17 U.S.C. § 1201(a)(1)) (emphasis in original) (citing MGE UPS Sys., Inc. v. GE
Consumer & Indus., Inc., 622 F.3d 361, 366 (5th Cir. 2010)).
28
27
28
ORDER – No. 17-cv-00561-WHO (LB)
11
or where the displayed results could be viewed.”29 The “server test” in Perfect 10, however, does
2
not address the question of distinguishing between end users and remote servers. Rather, the
3
situation in Perfect 10 involved connections between three parties — end users, third-party servers
4
hosting copyrighted material, and search engines that did not themselves host copyrighted material
5
but that linked end users to the third-party servers that did host copyrighted material — and the
6
“server test” was a test to distinguish between the hosting third-party servers and the non-hosting
7
search engines. The test did not address activities by end users and therefore is inapposite here.
8
The plaintiff in Perfect 10 was a copyright holder of photographic images that brought a
9
copyright-infringement claim against the internet search engine Google, alleging (among other
10
things) that copies of its photographs appeared in Google search results, see id. at 1155–56, and
11
United States District Court
Northern District of California
1
that Google was thereby violating its exclusive right to publicly display and distribute its
12
photographs, see id. at 1159. Google responded that while the photographs in question appeared
13
on users’ screens in Google search results, the photographs actually were being transmitted
14
directly from third-party servers to end users, without ever going through Google, and hence
15
Google was not the party that was displaying or distributing the images. See id. at 1156 (“Google
16
. . . does not communicate the images to the user; Google simply provides [computer] instructions
17
directing a user’s browser to access a third-party website. . . . Thus, the user’s window appears to
18
be filled with a single integrated presentation of the full-size image, but it is actually an image
19
from a third-party website framed by information from Google’s website.”).
The district court and the Ninth Circuit applied a “server test” to determine which party — the
20
21
remote server or Google (not the remote server or the end user) — was violating the plaintiff’s
22
copyright. Id. at 1159. The courts held that under the “server test,” only a server that actually
23
stored the photographs as electronic information and “serves that electronic information directly to
24
the user (‘i.e., physically sending ones and zeroes over the Internet to the user’s browser’)” could
25
infringe the copyright holder’s rights, whereas a search engine like Google “that does not store and
26
27
28
29
Ubiquiti Br. – ECF No. 105 at 10 (emphasis in original).
ORDER – No. 17-cv-00561-WHO (LB)
12
1
serve the electronic information to a user” did not infringe on the copyright owner’s rights. Id. at
2
1159 (citations and internal brackets omitted).
3
4
5
6
7
8
9
10
United States District Court
Northern District of California
11
12
13
14
15
16
17
18
Contrary to Ubiquiti’s claims, nothing in the “server test” holds that when an end user initiates
19
a copyright violation through the use of a remote server, the violation occurs only at the site of the
20
server and does not, as a matter of law, occur at the site of the end user. Consequently, the “server
21
test” does not address the legal questions presented here, and nothing in the test alters the
22
conclusion that Ubiquiti’s Taiwanese servers may be relevant to Synopsys’s DMCA claims, as
23
discussed above.30
24
25
26
27
28
Elsewhere in the Perfect 10 opinion — outside of the context of the “server test” — the Ninth
Circuit considered whether end users might be engaging in a separate act of copyright infringement if
they downloaded the images and saved copies of them on their computers. It noted, however, that there
was no evidence in the record to support this claim. Id. at 1169. The Ninth Circuit also considered —
again, outside the context of the “server test” — whether end users’ web browsers made “cache”
copies of the images and whether that might constitute a separate act of copyright infringement by the
end users, but then held that caching constituted a fair use. Id. at 1169–70. These discussions of
30
ORDER – No. 17-cv-00561-WHO (LB)
13
1
3. Ubiquiti’s Taiwanese Computers May Be Relevant to Synopsys’s Other Claims
2
In addition to DMCA claims, Synopsys brings other claims, including claims for fraud.
3
Among other things, Synopsys alleges that Ubiquiti represented that it wanted to legitimately
4
license Synopsys software, that Ubiquiti made these representations to induce Synopsys to provide
5
Ubiquiti with copies of its software and temporary license-key files31 and to induce Synopsys to
6
show Ubiquiti how to configure license-key files,32 and that these representations were false when
7
they were made.33 Ubiquiti’s Taiwanese computers may be relevant to these claims. For example,
8
if there were forensic evidence on Ubiquiti’s computers that Ubiquiti had already obtained
9
counterfeit license keys or key generators when it made those representations to Synopsys, that
evidence would be relevant to Ubiquiti’s knowledge of the falsity of its representations at the time
11
United States District Court
Northern District of California
10
that they were made, and hence relevant to Synopsys’s fraud claims.
12
13
CONCLUSION
In sum, the court holds that Ubiquiti may not per se exclude its Taiwanese computers from the
14
15
scope of discovery merely because they are located outside the United States.
This order should not be interpreted, however, as a blanket approval of any and all forensic
16
17
inspections of Ubiquiti’s computers. As the court previously advised the parties,34 discovery,
18
including any forensic inspections, must comply with the standard discovery factors, including
19
proportionality, burden, and the defendants’ legitimate interests in maintaining the integrity of
20
their systems and the confidentiality of their data. If the parties have not yet reached an agreement,
21
they must meet and confer regarding an appropriate inspection protocol. If the parties cannot agree
22
on a solution, they may raise issues in a joint discovery-dispute letter brief that complies with the
23
24
25
possible separate acts of copyright violation by end users were not related to the “server test” that
Ubiquiti cites here.
31
See, e.g., Second Amend. Compl. – ECF No. 73 at 10–14 (¶¶ 41–45, 49–52).
32
See, e.g., id. at 12 (¶¶ 46–47).
27
33
See, e.g., id. at 10–14 (¶¶ 42, 47, 51).
28
34
Order – ECF No. 104 at 5–6.
26
ORDER – No. 17-cv-00561-WHO (LB)
14
1
undersigned’s standing order.35 If the parties request an additional hearing, the parties must submit
2
their joint letter brief no later than one full week before the hearing date. The court generally holds
3
hearings on Thursdays at 9:30 a.m.
4
5
IT IS SO ORDERED.
6
Dated: January 29, 2018
______________________________________
LAUREL BEELER
United States Magistrate Judge
7
8
9
10
United States District Court
Northern District of California
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
35
Standing Order – ECF No. 104-1.
ORDER – No. 17-cv-00561-WHO (LB)
15
Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.
Why Is My Information Online?