Association of Test Publishers Security Committee Collaborative Website Enforcement Program Information Package Many organizations in the testing industry are faced with the issue of rogue websites selling their intellectual property (IP) - their exams. Is this an issue you’ve encountered? The ATPSC Enforcement Subcommittee is focused on addressing the issue of infringing websites selling an organization’s IP. The Collaborative Website Enforcement (CWE) program is aimed at shutting down infringing websites. We provide resources and coordinate with multiple organizations to synchronize sending Digital Millennium Copyright Act (DMCA) “take-down” notices to select Internet Service Providers (ISPs) regarding rogue websites. Because organizations have limited budgets and resources, we plan to:  Conduct brief informational sessions on the CWE initiative;  Share DMCA templates, enforcement approaches, and campaign schedules;  Provide a list of target infringing websites and host provider name and contact info;  Schedule target dates for the coordinated sending of “take-down” notices; and  Execute website enforcement campaigns (multiple campaigns; conducted quarterly). The informational session will provide an overview of the processes that you’ll need to take. If you’re not familiar with the process or want to learn more, please plan to attend an information session. For those who have already participated or are interested in joining, this information package contains some key resources:  Appendix 1 - List of target websites and the ISPs that host the websites;  Appendix 2 - sample DMCA notice;  Appendix 3 – Process Overview; and  Appendix 4 – FAQs (answers to common questions). Although every program may not have the resources to send DMCA letters to all ISPs or regarding all the target websites, we encourage you to participate to whatever extent possible. If your organization engages an outside attorney or a third-party provider to send DMCA notices, please consider instructing your provider to synchronize sending the notices on the target date. Key Dates The first information session will be held on October 16th. The target date for the next coordinated take-down notice campaign is: November 8th. In the best of circumstances, each ISP will honor your request to either remove the offending materials or shut down these sites altogether. If the ISP refuses, you would not be obligated in any way to pursue legal action or otherwise continue your participation. But should that occur, we would welcome you to join us in entering a collective dialogue with the ISP regarding ways to address this troubling problem. As you may be aware, websites occasionally change Host ISPs. In our quest to provide you with the most up-to-date information, we will send a follow-up email to notify you if a website(s) changes host providers. The following are the Enforcement Subcommittee members: Cathy Donath, Co-Chair The Donath Group Greg Stephens, Co-Chair Microsoft Brent Hill Cisco Amanda Hoberg Pearson VUE Ben Mannes American Board of Internal Medicine Layne Pethick Association of American Medical Colleges G. Matt Rice Linux Professional Institute Jennifer Ancona Semko Baker & McKenzie LLP Christie Zervos Caveon Please plan to join us as we work together to achieve success through our collaborative efforts! Let us know if your organization will plan to participate in the next website enforcement campaign. Thank you! The Enforcement Subcommittee To learn more about ATP, go to www.testpublishers.org. The ATPSC Enforcement Subcommittee published a report on the 2012 CWE Program. The report will be available at the ATP website to members/non-members by October 16th. Appendix 1 - Target Websites and Host Providers Below is a list of the selection of target infringing websites for this campaign with website host providers (ISPs) and the contact information. It appears that these sites are offering exam materials that may be infringing your organization’s intellectual property. Host ISP Name and Contact Information Amazon.com, Inc. Websites Hosted ucertify.com [email protected] Colostore 746 Arnold Street South Bend, Indiana 46619 certkiller.com cramguides.com examsheets.com FastDomain, Inc. 1958 South 950 East Provo, UT 84606 braindumps.com CramBible.com Email: Terms of Service Compliance Dept. ([email protected]) InMotion Hosting, Inc. General Counsel 6100 Center Drive, Suite 1190 Los Angeles, CA 90045 selftestengine.com certsking.com ExamBible.com Email: [email protected] InternetNamesForBusiness.com CheatYourExams.com CertifySky.com Email: [email protected] LeaseWeb USA, Inc. 9480 Innovation Drive / Suite 1 Manassas, VA 20110 exampdf.com testpassport.com killtest.com [email protected] Dora Lira SoftLayer Technologies 4849 Alpha Road Dallas, TX 75244 Email: [email protected] braindumpgalaxy.com sure-braindumps.com Note: formerly The Planet Appendix 2 DMCA Template A sample DMCA template notice is provided for your reference. This template has yellow highlighted portions. These represent specific information that would be tailored by your organization to your specific situation. Some organizations may send their own DMCA notice or adapt or modify this sample notice as you see fit. If you have not registered your exams with the U.S. Copyright office, you may simply delete the reference to copyright registration numbers, as noted in the template below. Sample DMCA Letter: (Host ISP). Date Via U.S. Mail and E-Mail Host ISP Address RE: Notice of Copyright Infringement (Website Names) Dear Sir or Madam: I am writing on behalf of [insert organization] to identify copyright infringement concerns regarding the websites identified above. Specifically, we have determined that these websites are offering for sale live test items currently used by [organization] in connection with our [type of exam: e.g., software engineer] exams. These exams, and the individual test items that comprise them, are not only protected by copyright law, but their public exposure by the infringing websites jeopardizes the security and integrity of our exam(s). Pursuant to the Digital Millennium Copyright Act (“DMCA”), I have provided relevant information regarding the infringing sites and infringed content below. I am authorized to act on behalf of [insert organization] with respect to these matters. 1. Copyrighted Works. The copyrighted works at issue are the following [list all exams covered by this letter, showing all those covered by a Secure Test Copyright first]:  [insert description]. This exam is protected by U.S. Copyright Office Registration No. [insert] registered, delete this sentence] [Note: If any test is not  [insert description]. This exam is protected by U.S. Copyright Office Registration No [insert]  [insert description]. This exam is protected by U.S. Copyright Office Registration No [insert] [If there are registered Secure Tests included in this list, add the following language: The US Registrar of Copyrights has a special procedure for registration of secured tests, whereby the actual copy of the test is not kept for public review by the Registrar of Copyrights. As you can well understand, if such tests are carefully and specially protected by the Registrar, then it should be apparent that these tests should be given the same protection under the DMCA.] 2. Infringing Materials/Website. The infringing materials all are found on the [insert] website, which upon information and belief, we understand to be registered and hosted by your organization, and located at [insert website]. Similarly, the same infringing materials are found on the [insert] website, which is also believed to be registered and hosted by your organization, and located at [insert website]. We have reason to believe that the operators of the [insert] website are the same operators of the [insert] website. These sites offer for sale what [name of organization] believes to be verbatim, content identical, technically indistinguishable or substantially similar copies of the copyrighted exams listed above, commercially available for downloading by site visitors for a fee. These websites are in no way affiliated with or endorsed by [organization], nor have these sites secured written permission or authority to post [organization’s] copyrighted works. The materials posted on the site are therefore unauthorized, illegal reproductions of [organization’s] copyrighted exams. [Organization] has formed a good faith belief that the use of the copyrighted materials described above is not authorized by the copyright owners, their agents, or the law. [Organization] further believes that such use is not covered by any form of Fair Use, inasmuch as the use is unquestionably commercial and the amount of content being infringed is well beyond any reasonable fair use. I declare, under penalty of perjury, that the information in this notification is accurate and that I am authorized to act on behalf of [organization], the owner of the copyrights at issue. In light of the above-described unlawful and infringing content, [organization] requests the immediate suspension of (website). In the alternative, we request the immediate removal of the copyrighted material from these sites, as well as the removal of all information on the websites referring or relating to such material. We also caution you that you have an obligation to ensure that this same infringing content is not simply re-posted on a new URL by the same individual(s) in an attempt to circumvent your initial take down. [Organization] will be monitoring to make sure such action does not take place. [Organization] appreciates your prompt attention to this serious matter. I would appreciate a written response from you as to the specific steps you have taken in response to my letter by __________ which can be delivered to me at [e-mail address]. If you have any questions regarding this matter, please contact me at [phone or e-mail]. Sincerely, [signature block] cc: Alan J. Thiemann, Esq. Association of Test Publishers Note: ATP’s attorney is Alan Thiemann; email address: [Alan Thiemann ([email protected])] Appendix 3 Process Overview The following is an overview of the proposed process steps. Of course, the activities may vary depending on your organization’s requirements. 1. Check Websites - determine if the website is advertising your exams 2. Purchase the exam(s) – confirm whether a website is selling your IP The objective is to uncover whether the materials include actual test items to indicate “substantial similarity.” You may select to purchase one exam from a specific website to validate infringement; it is not necessary to purchase different exams – you are only required to form a “good faith belief” that the content is infringing. If you do decide to purchase an exam(s), you may want to do so anonymously to mask the identity of the test sponsor or vendor. Experience has shown that the infringing site may refuse to “sell” the exam if it suspects that you are not an individual candidate. Some approaches to consider when planning to purchase exams include: a) use of a credit card (whether corporate or individual, as a means to keep from identifying to the seller who is attempting to buy the exam); b) gift cards that usually do not reflect any owner’s name; or c) use of a private investigation firm to make the purchases. 3. Compare and Validate – determine if the exam(s) contain actual test items or substantial similar items After obtaining a copy of your exam, you will need to determine how much infringement exists so you can develop a “good faith belief” that materials are infringing and that there is a breach. You do not have to do 100% analysis of every item or every test. The goal is to determine whether the site is offering/selling real test questions or, alternatively, how close the purchased items are to your actual items. A key factor is whether the subject items are “substantially similar” to your IP. 4. Prepare DMCA Notice – prepare notice to specific ISP to identify infringement concerns regarding specific websites Refer to the sample DMCA notice provided in this package as reference. Prepare the appropriate notice that meets your organization’s requirements. 5. Send DMCA notice Each organization will work with its internal/external resources to send the notices to the ISPs. We request that they be scheduled to be sent on the specified target date, or as close to that date as possible. 6. Check to Verify Content Removed The ISPs are typically very responsive. You’ll want to visit the websites for a few days following your letter to verify that the content you identified was removed. Send a follow up notice, if needed. 7. Notify Us - Please track the information to provide back to the Enforcement Subcommittee as this will be of value as we plan the next campaign. APPENDIX 4 FREQUENTLY ASKED QUESTIONS 1. Do I need to purchase every exam offered for sale by the web site in order to confirm that infringement is occurring? This will depend upon the facts and circumstances of your situation. You should not send a DMCA take-down notice unless you have a good faith belief that your protected content is being infringed. In some circumstances, it will be necessary to purchase the advertised exam(s) in order to confirm that this is the case. In other cases, you may have sufficient information to justify a good faith belief that infringement is occurring without purchasing one or more exams (e.g., web site explicitly states that its materials are “real” test questions; your trademarked name or logo is being cited; prior experience with same site operator, etc.). You should conduct whatever analysis you and your legal team deem appropriate in order to satisfy this good faith obligation. You may also be able to infer infringement of all exams advertised on a site by confirming that one test is infringing. 2. Do the pirated exam questions have to be identical to my program’s real test questions? No, questions need not be identical in order to be infringing. The test under U.S. Copyright law is whether the infringing items are “substantially similar” to the protected content. When evaluating “substantial similarity” you should take into account the question stem, answer choices, and answer format. 3. What if I have not registered my exams with the U.S. Copyright Office? Can I still send a DMCA notice? Yes. Registration with the U.S. Copyright Office is not required to trigger the protection of the U.S. copyright laws (although most jurisdictions do require registration prior to taking some other actions, such as filing a copyright infringement lawsuit). But so long as your program is the lawful copyright owner of the content at issue, its authorized representative can send a take-down notice. 4. What if the web site is using my organization’s logo or name? This may constitute trademark infringement. You may have the right to have your logo/name removed from the site and should seek advice from your legal counsel. Currently, the focus of the Enforcement Subcommittee’s take-down initiative is limited to copyright infringement; however, as indicated above, the use of your logo or name may be sufficient to form a good faith belief that your content is being infringed. 5. Does the take-down notice have to list all of the exams being infringed by the web site? You should list or describe the protected work that you want removed from the site. You may accomplish this by, for example, listing individual exams or simply requesting that all content related to your company be removed.