By G. Wayne Moore, BSc, MBA, FASE
In the past 45 days, three separate lawsuits have been filed in federal courts by Philips North America, LLC, against three different companies involved in the aftermarket medical imaging device service and sales space. Although each suit contains multiple claims, one claim in each cites the alleged violation of certain provisions of the Digital Millennium Copyright Act (DMCA).
As a service provider, I have keen interest in all DMCA-related cases because, on the heels of the DMCA, Congress also passed the Computer Maintenance Competition Assurance Act (CMCAA), which allows protection of certain independent service organizations’ (ISOs’) maintenance activities under a specific and narrowly defined set of circumstances. I believe the line between violation of DMCA and compliance with CMCAA has a similar metaphorical feel as the FDA’s current line between servicing and remanufacturing—specifically, there is room for interpretation.
Just a bit of background on the DMCA. In 1998, Congress passed the DMCA to provide adequate legal protection and remedies against the circumvention of technological measures employed by copyright owners to protect unauthorized use of their works and their rights in such works. The DMCA implements the World Intellectual Property Organization Copyright Treaty.
Here’s how a corporate attorney explained it to me: Specifically, the DMCA prohibits three types of activity: (1) circumvention of technological measures; (2) trafficking in technology that circumvents technological measures that effectively control access to a work protected by copyright law; and (3) trafficking in technology that circumvents technological measures that protect a right of a copyright owner. 17 U.S.C. §§ 1201(a)(1), 1201(a)(2) and 1201(b)(1).
The difference between the two anti-trafficking prohibitions is that the first covers trafficking of a product that circumvents a measure to prevent access to a work and the second covers trafficking of a product that circumvents a measure to prevent copying (or another right granted by copyright law) of a work. Circumvention is defined to include reverse engineering, descrambling, decrypting, and other such actions taken without the authorization of the copyright owner.
A technological measure effectively controls access if the measure generally requires the application of information or a process or a treatment with the authority of the copyright owner to gain access. Note that ‘effectively does not mean that the protection must be strong or difficult to bypass.”
Cutting Through the Jargon
Recognizing the ambiguity of the language in the DMCA Congress passed the CMCAA, Title III of the DMCA, as codified in Section 117(c), to address the concern that case law and statutory interpretation could destroy the ISO computer maintenance industry. For example, Section 117(c) exempts an ISO from copyright infringement when it copies a computer program while satisfying the following four requirements:
- The copy is made “solely by virtue of the activation of a machine” that contains an authorized copy of the program.
- The copy is made “for the purposes only of maintenance or repair of the machine.”
- The new copy is “not used in any other manner” and is destroyed immediately after the maintenance or repair is completed.
- With respect to any computer program or part of the program that is not “necessary for [the] machine to be activated,” the program “is not accessed or used other than to make a new copy by virtue of the activation of the machine.”
So, keeping in mind that I am not an attorney and the following is just my opinion, my reading of the DMCA indicates that provided an ISO or an HTM satisfies the four requirements set forth above and is acting as an agent of the customer, a potential claim under the DMCA for circumvention of software to obtain keys for a password-protection system could potentially be precluded.
I do note that this layman’s opinion applies only to programs needed to boot up the medical imaging system to make the determination that it is functioning in accordance with original OEM specifications. In that light, accessing other software programs may not be exempt from copyright infringement under the DMCA.
I don’t envy anyone either being sued or doing the suing, but these legal actions could prove to be insightful given the amount of attention in the medical device space over the last three or more years of the FDA Service Docket and the potential these cases may have on future FDA involvement with both third-party ISOs as well as other non-OEM service providers.
If you wish to follow the progress of these lawsuits, the case numbers are Case 9:19-cv-81263-RS, Case 2:19-cv-01745-MLP, and Case 8:19-cv-01765-JVS-JDE. Perhaps clarity on this complex legal issue will at last be provided to all parties concerned.
G. Wayne Moore is CEO of Acertara Acoustic Laboratories. Questions and comments can be directed to 24×7 Magazine chief editor Keri Forsythe-Stephens at firstname.lastname@example.org.
- 626 Holdings (Case 9:19-cv-81263-RS), Summit Imaging (Case 2:19-cv-01745-MLP), and KPI Healthcare (Case 8:19-cv-01765-JVS-JDE)
- The Digital Millennium Copyright Act of 1998, US Copyright Office, Oct. 28, 1998, Pub. L. No. 105-304, 112 Stat. 2860
- Computer Maintenance Competition Assurance Act (CMCAA), Pub. L. 105-304, 112 Stat. 2860, 2886-2887 (1998)