Music in the Cloud – Legal Issues in Cloud Computing in relation to Music

Written by Segun Aluko*


  • Introduction


A New York Times article reported that last year (2013), the music industry shrank to 40 percent of its size in 1999 according to inflation-adjusted revenue data from the Recording Industry Association of America (RIAA)[1].  The widely acclaimed reason behind the dearth of sales in the music industry has been attributed to technology. The industry has had its own share of disruption as a result of technological advancement, whether it is vinyl, radio cassette, Compact Disc or as it is now, the internet. At different stages of this evolution, the content creators whether through the RIAA in the music industry or its sister in the audio visual industry, the Motion Picture Association of America (MPAA), have continued to wage wars against the technology, towards protecting, as they seem best, the interests of their members. Rather than fight these days, it seems that the better approach is to embrace the technology. The latest of these technological advancements is cloud computing. This article will discuss shortly the concept and technology of cloud computing, the use of the technology for accessing and using digital music and some legal issues that may arise which include infringement/piracy, user’s privacy and system security, and transfer of music files.

  •  Why the Cloud?


Many authors have attempted the definition of cloud computing[2]. For the purpose of this article, I will adopt David M. Given’s definition[3] that cloud computing is a hosted service providing scalable access by a computer user to personal computer files remotely stored on one or more host servers. This definition is apt for the purpose of this article because it explains how users access music files on online services through the cloud.


The advent of internet brought with it a lot of disruptions in the music industry particularly through the peer-to-peer file sharing networks. Napster, Limewire and other peer-to-peer websites perpetrated copyright infringement and college students and other users patronized these sites while music piracy thrived. Even though the music industry had good and successful fights by ending the reign of Napster,[4] Grokster[5], and[6] for wide infringing uses of music, some of these sites still thrive today. Apple, Inc. introduced what seemed to be the answer to the turmoil by offering users a song for 99c on its iTunes store. This became a monumental move that earned the erstwhile CEO so many accolades in the industry. The players in the music industry, as a result of that move, have often required digital music lockers to obtain license for providing users remote access to their music files anywhere and anytime through their devices.


Recent dispute arose between the music industry and Amazon when it introduced its Amazon Cloud Player. The Amazon Cloud Player in fact operates like any other digital music locker. A user may purchase music from the which is then downloaded to their Amazon Cloud Player, or upload music which they already own from their computer to the Amazon Cloud Player, which they may access at any time through any device inasmuch as they have the Amazon Cloud Player application or the web application. One difference between the Amazon Cloud Player and the peer-to-peer networks is that users may only access music files purchased or uploaded from their computers and cannot access music files of other users. Amazon denied that it needed to obtain license to operate the Amazon Cloud Player but may consider obtaining one with respect to deduplication whereby it is able to replace multiple copies of the same music track uploaded by different customers with a single server copy that could be used by all customers with the same track[7]. It is not clear if Amazon like Google with its Google Music service in fact obtain any license to operate their music cloud storage service.


In the wake of these disputes, many other digital music lockers which provide slightly different services in the form of music streaming and online purchases have sprung up including Spotify, Pandora and Rhapsody, among others, which allow users to stream for free (but supported by ads) music, and with payment of a nominal fee each month, stream music without any ads. There is no doubt that these online music service providers must have obtained license for this. It seems that there will not be any issues respecting infringement by users since users cannot upload to the lockers; so the purely music streaming model is not the concern of this article.


Basically, the digital music cloud storage service is no different from other cloud storage services like Microsoft SkyDrive, or with respect to music, the Windows Media Player. The rationale behind these services is that users already own these music files either in a physical form and in this case, it will be CDs given the ability to rip its content and convert it into digital files stored on the digital lockers. The cloud service therefore makes it easier for users to access their music on the go by ensuring portability of their music files from one device to the other. But in doing this, there are many issues that have arisen and are still prevalent which this article will now address.


  1. Copyright Infringement


The United States Copyright Act, section 106[8] provides the exclusive rights of the owner of copyright to do and authorize reproduction, distribution, public performance, making a derivative work out of and public display of their work. In relation to the digital music lockers, the exclusive rights of copyright owner which are likely to be infringed will be reproduction and public performance right. Distribution will not be an issue here given the fact that these digital lockers which sell music on their platforms must have obtained authorization to do so. The making of derivative work from music is not in issue either. Infringement as it relates to music cloud services may be direct infringement or indirect infringement which is sub-categorized as contributory infringement, vicarious infringement and inducement.


  • Direct Infringement


The case[9] addressed the legality of music cloud storage for the first time, which in this case excludes the peer-to-peer sharing sites. allowed its users to upload songs on their computers to the digital locker which are thereafter streamed to the users. In ripping the user’s CDs after it is inserted into the computer, utilized a fingerprint solution which calculated and compared the music file to the fingerprints of thousands of ripped CDs that had already loaded to its servers. This allowed verify that the particular user in fact owned the original CD to be ripped and uploaded to its locker. Users did not actually upload their music because if upon verification by that the user in fact had the particular CD, it just used the ripped copy it already had[10]. The Court held that the streaming by infringed copyright holder’s performance right. That case later settled for $53.4 million.


In the latter case widely known as the Cablevision case[11], the 2nd Circuit determined that Cablevision’s “remote storage” DVR did not infringe the plaintiff’s public performance right. Cablevision created a remote storage DVR which allows its subscribers to record shows as they would have done on a traditional DVR, but instead of storing the recorded shows on a physical DVR, it stored them in Cablevision’s remote server room to be accessed by users. Cablevision likened its service to users owning a long range remote control and argued that all recordings were done at the discretion of users and separate copies of content were kept for each subscriber.


The Cablevision decision of course opened the gate for digital music lockers like Amazon Cloud Player, Google Music and recent music players like Beats (which has now been acquired by Apple, Inc.)[12] to launch their respective music cloud services. The issue here is whether these music cloud storage services infringe the reproduction and public performance rights of copyright holders. Depending on the service, once a music file is uploaded to the service, it automatically makes a copy that is then streamed to the users. In other cases, also depending on the type of service, music file may also be downloaded on a user’s device while streaming the music. Does this violate the reproduction right of the copyright holder?


On the service provider’s part, this may not be an infringement since the service provider did not in fact reproduce the music files. The service provider basically provides the services which the users may then use to store their music file for later access. The service provider will likely rely on the Sony Betamax case[13]. In that case, Sony manufactured the VCR called Betamax which allowed users to record television shows for later viewing, the process of which is called “time shifting”. The court in its decision noted that while users are likely to use the VCR to perpetrate copyright infringement, the VCR itself is not an infringement. The court held for Sony on the fair use defense showing that the VCR is capable of many non-infringement uses which therefore trumps any possible infringing use. In a later decision of the 9th Circuit in RIAA v. Diamond[14] based on the Audio Home Recording Act of 1994, the Court held that the defendant’s “Rio” device is not a digital audio recording device and therefore not capable of copyright infringement.


In distinguishing Sony v. Universal City Studios, Cablevision and Rio from UMG v., we must note that while in the latter case, the service provider or manufacturer of the service or device in issue played a passive role in how users access the already legally obtained copyright work on their services or devices, the opposite was the case in where the defendant played an active role with its “beam-it services”. Apart from Sony where the fair use defense (which canvassed unsuccessfully) was upheld, Cablevision and Rio were based on the argument that there was no infringement.


If there was no infringement of copyright holder’s reproduction right, how about infringement of the holder’s public performance right. The concept of public performance is performance to the public. EMI argued in that the streaming of its music was a broadcast which violates its public performance right. The services of the digital lockers appear not to be different from a remote access DVR. Ordinarily, the users own the music files which they ripped from their CDs and upload to the digital lockers as their stored music on the assumption that those music files were obtained legally. What the digital music locker does for the users is to enable the users to access the music and play it back at any time. It is unlike a streaming service which the users do not have control over, which will amount to a broadcast. On that basis, service providers of digital music lockers are likely to successful argue that their service does not infringe copyright holder’s public performance right.


  • Indirect Infringement


While the music cloud service provider may argue that it is not directly infringing the copyright music, the copyright holder may be able to argue that the digital locker service is an indirect infringement in either of (i) contributory infringement, (ii) vicarious infringement or (iii) inducement. Contributory infringement occurs where there is a direct infringement by a third party and the service provider knows of and materially aids the infringement[15]. The Court found contributory infringement on the part of in spite of its argument that its services are capable of substantial non-infringing uses as held in Sony. More so, was aware of infringing uses of its platform without taking much action even after takedown notices under the DMCA[16] were issued to it by EMI.


Vicarious infringement will arise if the service provider has the right and ability to control the infringer’s act and receives a direct financial benefit from the infringement. Unlike contributory infringement, the service provider need not have knowledge of the infringement[17]. Inducement arises where the service provider is seen as inducing users to actually engage in infringement as seen with the peer-to-peer file sharing platforms[18].


So for the service provider to be liable for indirect infringement it must be aware that its platform is being used to perpetrate infringement and that it is gaining an economic advantage. Nonetheless, it might be able to argue the “safe harbor” defense under DMCA by taking down the infringing music from its platform upon receiving notice from the copyright holder. Other defense available to the service provider will be the fair use defense[19].


  • User Privacy/System Security


Another issue likely to come up in accessing music files from the cloud is the user privacy and system security. Users are usually required to share certain personal and security information, including credit card information, social security number, and billing address online which could be subject to loss, system shutdown and cyber-attack. As a result, user’s personal and security information are likely to be compromised. A case in point is the recent hack into iCloud accounts of some celebrities and the release of their private pictures over the internet[20]. Also recently, Sony Pictures Entertainment’s servers were hacked by some group with links to North Korea over the release of a satire comedy entitled “The Interview” that portrayed the assassination of the North Korean leader. As a result, several personal information of executives and employees of Sony Pictures, including their social security numbers, addresses, salaries and other information were leaked on the internet. News reports show that a number of employee litigation is likely to arise out of this incident[21].


Service providers are likely to anticipate and cover this issue under their End User License Agreement, Service Level Agreements or Software License Agreements. Other mechanisms include the service providers’ Term of Use Policy and Privacy Policy which will disclose to users the possibility of being victims of cyber-attack and their devices being contaminated with viruses and malware. Users are therefore required to consent to these agreements before using the services.


  • Transfer of Music Files


Another issue that may arise is the ability of users to transfer their music files uploaded to or purchased from the digital music locker either inter vivos (i.e. during the user’s life) or by will upon the user’s death. Currently, there are no particular laws in place except for the Virginia law passed in 2013 which addresses aspects of the issues thus making it easier for family members to see the content in case of death of a minor. The State of Delaware also recently passed a law that seeks to ease access to content[22]. The Uniform Law Commission[23] is currently working on a law, called the Uniform Fiduciary Access to Digital Assets Act[24] that will guide easier access to content while also honoring a user’s privacy wishes.


For the most part, access to content by family members upon death of the user may be subject to the User Privacy Policy of the service provider. For example, Google’s Inactive Account Manager[25] allows users to designate up to 10 people to receive content from sources like user’s mail, documents and blogs. The user may also choose to have content deleted.


There have been arguments from different quarters on whether a sale of digital music should be considered a “sale” or “license”. Music copyright holders would like the music recording companies and users to regard such sale of digital music as a license for many reasons. From the user’s perspective, a good reason for this will be to avoid the first sale doctrine argument.[26] From the recording companies’ perspective, on the other hand, a good reason will be to get a higher royalty split since a synch or master use license for TV commercial or a movie is shared 50/50[27]. From the Terms of Use[28] reviewed, it appears that users may only do whatsoever they want with the music they stored on the music lockers, which will include downloading and transferring the music files to third parties. However for purchased music files, users only have a non-exclusive, non-assignable and non-transferable license to access and listen to the music files through any devices.


Some authors[29] have argued that common law doctrine of copyright exhaustion should be applied to digital works including music purchased from music lockers so as to allow users to easily assign their interest in it. They argued in their article that following Congress’ enactment of Section 117 of the Copyright Act, which provides the right of copy owners to use and redistribute copies of computer programs, and the establishment of the National Commission on New Technology Uses of Copyrighted Works (CONTU)[30], same rationale that motivated Congress to clarify the application of the exhaustion principle to computer programs should apply to all digitally encoded works[31]. The benefit of applying the exhaustion principle to digital works, the authors argued, will increase access, enable preservation and privacy, promote transactional clarity, spur innovation and encourage platform competition, which are all appropriate considerations that can provide courts with helpful criteria in balancing the equities between copy owners and copyright holders in particular[32].



* Segun Aluko is licensed to practice in Nigeria and California. He currently works with the Entertainment, Technology and Advertising Practice of Sheppard Mullin Richter & Hampton, LLP out of the firm’s Century City office where he advises and counsels clients on motion picture, documentary and television production, financing, licensing and distribution transactions.

[1] Jeff Sommer, The Harmony They Want to Hear, NY Times (May 17, 2014), accessed on 12/15/2014 at 5:50 pm.

[2] See Vineeth Narayanan, Harnessing the Cloud: International Law Implications of Cloud-Computing, 12 Chi. J. Int’l L. 783 (2012) wherein the author described Cloud Computing as follows: “The cloud-computing service is a system by which individuals can access computing power remotely by storing data on centralized servers, as if in a cloud. See also Daniel J. Gervais & Daniel J. Hyndman, Cloud Control: Copyright, Global Memes and Privacy, 10 J. On Telecomm. & High Tech. L. 53 (2012) wherein Cloud Computing is defined as “a global technological infrastructure in which the user of a computer accesses and uses software and data located outside of the user’s personal computer or other digital device.”

[3] David M. Given, Music in the Cloud – A Business and Legal Primer, 30-SPG Ent. & Sports Law. 1 (2012).

[4] See A&M Records, Inc. v. Napster, Inc., 239 F. 3d 1004 (2001).

[5] MGM Studios, Inc. v. Grokster, Ltd. 545 U.S 913 (2005).

[6] See UMG Recordings, Inc. v., Inc., 92 F. Supp. 2d 349 (2000).

[7] See Cullen Kiker, Amazon Cloud Player: The Latest Front in the Copyright Cold War, 17 J. Tech. L. &Pol’y 235 (2012)

[8] 17 USC § 106

[9] UMG Recordings, Inc. v., Inc. (supra)

[10] Timothy B. Lee, Are Google Music and Amazon’s Cloud Player illegal? Ars technica, CNN Tech (2011) accessed on 12/16/2014 at 3:18 pm

[11] Cartoon Network v. CSC Holdings, Inc. 536 F. 3d 121 (2d Cir 2008)

[12] At the time Amazon launched its Cloud Player and Google, its Music Beta service (now Google Music), Apple, Inc. was in fact negotiating with the recording labels a licensing deal for its iCloud service. See Timothy B. Lee, id.

[13] See Sony Corporation of America v. Universal City Studios, Inc. 464 U.S. 417 (1984)

[14] See RIAA v. Diamond Multimedia System, Inc. 180 F. 3d 1072 (1999)

[15] See David M. Given, id at 15

[16] Digital Millennium Copyright Act, 17 USC §512 (c). Under the DMCA, liability for copyright infringement by an online service provider (“OSP”) is limited if: (i) a third party initiates or requests transmission of copyright material, (ii) the service provider does not select the material, (iii) the service provider does not select recipients of the material, (iv) the provider does not retain copies of the material, and (v) the service provider transmits material through its system without modification of its content.

[17] Id, at 15

[18] See MGM Studios v. Grosker, Ltd, 545 U.S. 913 (2005) where the court held that “one who distributes a device with the object of promoting its use to infringe copyright, as shown by clear expression or other affirmative steps taken to foster infringement, is liable for the resulting acts of infringement by third parties.”

[19] 17 USC §107 – Fair Use Defense consists of the following four factors: (i) the purpose of the use; (ii) the nature of the work; (iii) the amount and substantiality of the portion used, and (iv) the impact of the use on the actual or potential market. See also Campbell v. Acuff-Rose Music, Inc., 510 U.S. 569 (1994). See also Sony v. Universal City Studios (supra)

[20] Alan Duke, FBI, Apple investigate nude photo leak targeting Jennifer Lawrence, others (2014) accessed on 12/19/2014 at 10:29 am.

[21] Tom Huddleston, Jr. Ex-Sony Pictures employees file lawsuit over hack, exposed personal info  (2014) accessed on 12/19/2014 at 10:35 am. See also Ted Johnson, Sony Hit With Class Action Lawsuit by Ex-Employees, (2014) accessed on 12/19/2014 at 10:37 am.

[22] Thomas J. Fitzgerald, How to Digitally Avoid Taking It to the Grave, (2014)  accessed on 12/19/2014 at 11:02 am.

[23] The National Conference of Commissioners on Uniform State Laws –

[24] Thomas J. Fitzgerald, id

[25] id

[26] Cullen Kiker, id at 267. Under the first sale doctrine, once a legal copy of an expression is sold, the copyright holder, with limited exceptions, cannot control how the copy is later used.

[27] See Joel Rose, Download Sales: Will Money Stay With Labels Or Go To Musicians? (2011), accessed on 12/19/2014 at 11:23 am.

[28] See Amazon Music Terms of Use, last updated June 11, 2014 accessed on 12/19/2014 at 12:28 pm. Section 3.1 (Rights Granted) – “You may use the Services only for your personal, non-commercial purposes, subject to the Agreement. You may not use the Services to store, transfer or distribute content of or on behalf of third parties, to operate your own content application or service, to resell any part of the Services or for any form of unlawful file sharing. We grant you a non-exclusive, non-transferable right to use Purchased Music, Prime Music Content, Matched Music and any additional Music Content we provide you access to through the Music Library Service only for your personal, non-commercial purposes, subject to the Agreement. Except as set forth in the preceding sentence, you may not redistribute, transmit, assign, sell, broadcast, rent, share, lend, modify, adapt, edit, license or otherwise transfer or use Purchased Music. We do not grant you any synchronization, public performance, public display, promotional use, commercial sale, resale, reproduction or distribution rights for Music Content you purchase or access through the Services. You must comply with all applicable copyright and other laws and with the terms of any licenses or agreements to which you are bound in your use of the Services and Music Content you purchase or access through them”. See also Google Play Terms of Service April 8 2014, accessed on 12/19/2014 at 12:30 pm. For example, Section 6 (Sale, Distribution or Assignment to Third Parties) provide thus: “Sale, Distribution or Assignment to Third Parties. You may not sell, rent, lease, redistribute, broadcast, transmit, communicate, modify, sublicense or transfer or assign any Content or your rights to Content to any third party without authorization, including with regard to any downloads of Content that you may obtain through Google Play. Use of any tool or feature provided as an authorized part of Google Play (for example, “Social Recommendations”) shall not violate this provision so long as you use the tool as specifically permitted and only in the exact manner specified and enabled by Google.” Section 7 (Music on Google Play) – “Use of Music Locker Services. By storing Music Products and Stored Content in Music Storage, you are storing a unique copy of such content and requesting Google to retain it on your behalf and to make it accessible to you through your Google account. By using the Music Locker Services, you are requesting that Google make all of the necessary functions and features of the Music Locker Services available to you in order to facilitate your use of Music Products and Stored Content. Additionally, by accessing or using Music Products and Stored Content through the Music Software, you are initiating and performing the corresponding functions on Google’s servers, together with any related steps necessary to achieve them, through the Music Locker Services. You understand that Google, in performing the required technical steps at your direction to provide you with the Music Locker Services, may (a) transmit Music Products and Stored Content over various networks and in various media and (b) make such changes to Music Products and Stored Content as are necessary to conform and adapt it to the technical requirements of connecting networks, devices, services or media. You confirm and warrant to Google that you have the necessary rights to store in Music Storage any Stored Content that you direct Google to upload or store in Music Storage, and to instruct Google to perform the actions described in this section.”

[29] See Aaron Perzanowski and Jason Schultz, Digital Exhaustion 58 UCLA L. Rev. 889 (2014) at 920 – 921, 935, 937 – 944

[30] CONTU is a panel of experts established by Congress in 1979 and charged with studying the relationship between new technologies and copyright protection and recommending changes to existing laws.

[31] Aaron Perzanowski and Jason Schultz, id at 935.

[32] Id, at 937.