Ali V. Mirsaidi


Kim Dotcom, founder of Megaupload Limited, has been in many news headlines over the past year. Megaupload—one of Dotcom’s many peer-to-peer sharing sites—was the center of controversy, as it allowed users to upload and share all sorts of files, including copyrighted material. After an organized effort by the Department of Justice and several foreign governments, Dotcom was arrested for (secondary) copyright infringement and his site was ultimately shut down. Dotcom has recently launched a new service, MEGA, which he claims will evade copyright laws entirely. Like other well-known cloud-sharing services such as Dropbox and Google Drive, MEGA allows users to upload files and to share them with select users. In an attempt to avoid liability, MEGA locally encrypts all files on the user’s computer before they are uploaded to the site. The private key and public key used to encrypt and decrypt the file are retained solely by the user; MEGA gets no part of that information. This, Dotcom argues, will shift the entirety of the copyright onus to the user. This Issue Brief analyzes the protections afforded cyberlocker services like MEGA by the DMCA, including tensions raised in actual litigation. This Issue Brief argues that, while an ex ante secondary-liability analysis is difficult due to its contextual nature, MEGA’s use of user-controlled encryption (UCE), deduplication, and distributed host servers may lend to an affirmative finding of liability.