Category Archives: Section 8.6

S 08.6

Comments are closed.

Remedies for Security Violations by Third Parties. Remedies for security violations by a third party are as follows:

Also posted in Article 8, Settlement | Comments closed

S 08.6.1

Comments are closed.

(a) Compliance with Security Implementation Plan. If, due to a security failure, a third party violates Google’s, a Fully Participating Library’s or a Host Site’s security and obtains Third-Party Unauthorized Access, and such Third-Party Unauthorized Access does not result from the failure of Google, such Fully Participating Library, or such Host Site, as applicable, to comply with its then-in-effect Security Implementation Plan, then neither Google, nor the Fully Participating Library, nor the Host Site, as applicable, will be responsible for any damages to a Rightsholder or the Registry; provided, however, that if such then-in-effect Security Implementation Plan was not yet approved by the Registry and such access is a proximate result of an element of such then-in-effect Security Implementation Plan that is determined not to meet the requirements of the Security Standard, then the provisions of Section 8.6(b) (Breach of Security Implementation Plan) shall apply and not the provisions of this Section 8.6(a) (Compliance with Security Implementation Plan); provided, further, that a Fully Participating Library is not considered to be a third party when accessing its own LDC, a Host Site is not considered to be a third party when accessing the Research Corpus and a Hosting Fully Participating Library is not considered to be a third party when hosting an LDC of a Requesting Fully Participating Library. Google, the Fully Participating Library and the Host Site will reasonably assist the Registry in seeking remedies against the third party; provided, further, that, in no event shall Google, the Fully Participating Library or the Host Site be required to disclose confidential or personally identifiable information except as compelled by law or valid legal process. Conduct by Google, a Fully Participating Library or a Host Site in compliance with a Security Implementation Plan approved by the Registry will not in any event be deemed to be or constitute negligence, recklessness or intentional misconduct.

Also posted in Article 8, Section 8.6(a), Settlement | Comments closed

S 08.6.2

Comments are closed.

(b) Breach of Security Implementation Plan. If Google, a Fully Participating Library or a Host Site has breached its then-in-effect Security Implementation Plan and a third party violates Google’s, such Fully Participating Library’s or such Host Site’s security and obtains Third-Party Unauthorized Access as a proximate result of such breach, or if Google, a Fully Participating Library or a Host Site had complied with its then-in-effect Security Implementation Plan but its then-in-effect Security Implementation Plan was not yet approved by the Registry and the access was a proximate result of an element of such then-in-effect Security Implementation Plan that is determined not to meet the requirements of the Security Standard, then the Registry and/or affected Rightsholders, in accordance with Section 8.3(d) (Consolidation of Claims), and each breaching party will negotiate or arbitrate (pursuant to Article IX (Dispute Resolution)) an appropriate monetary remedy, if any, which will attempt to approximate actual damages for such breach of the Security Implementation Plan, provided that a Fully Participating Library is not considered to be a third party when accessing its own LDC, a Host Site is not considered to be a third party when accessing the Research Corpus and a Hosting Fully Participating Library is not considered to be a third party when hosting an LDC of a Requesting Fully Participating Library. Such damages may be in the range beginning with zero and up to the statutory damages available to the affected Rightsholders under Section 504 of the Copyright Act. Aggregate damages recoverable by Rightsholders for all claims resulting from a single incident of such breach (i.e., all breaches resulting from the same root cause) described in this Section 8.6(b) (Breach of Security Implementation Plan) shall be, subject to Section 8.7 (Adjustments to Liability Ranges and Caps), in the case of Google, fifteen million United States dollars (U.S. $15 million) if the breaching conduct was negligent, twenty million United States dollars (U.S. $20 million) if the breaching conduct was reckless and twenty-five million United States dollars (U.S. $25 million) if the breaching conduct was willful or intentional misconduct, and, in the case of a Fully Participating Library, two million United States dollars (U.S. $2 million) if the breaching conduct was negligent, three million United States dollars (U.S. $3 million) if the breaching conduct was reckless and five million United States dollars (U.S. $5 million) if the breaching conduct was intentional or willful misconduct.

Also posted in Article 8, Section 8.6(b), Settlement | Comments closed

S 08.6.3

Comments are closed.

(c) No Multiple Damages. If the Registry and/or affected Rightsholders recover damages from a third party who has obtained Third-Party Unauthorized Access to one or more Books or Inserts, then any amounts recoverable by the Registry and/or such Rightsholders against Google, a Fully Participating Library or a Host Site under this Section 8.6 (Remedies for Security Violations by Third Parties) for any claim arising out of such Unauthorized Access shall be reduced by the amount of such damages.

Also posted in Article 8, Section 8.6(c), Settlement | Comments closed