Mandatory Deposit of Electronic-Only Books
| Published date | 29 June 2020 |
| Citation | 85 FR 38806 |
| Record Number | 2020-12969 |
| Section | Proposed rules |
| Court | Copyright Office,Library Of Congress |
Federal Register, Volume 85 Issue 125 (Monday, June 29, 2020)
[Federal Register Volume 85, Number 125 (Monday, June 29, 2020)]
[Proposed Rules]
[Pages 38806-38816]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-12969]
=======================================================================
-----------------------------------------------------------------------
LIBRARY OF CONGRESS
Copyright Office
37 CFR Part 202
[Docket No. 2016-03]
Mandatory Deposit of Electronic-Only Books
AGENCY: U.S. Copyright Office, Library of Congress.
ACTION: Notice of proposed rulemaking.
-----------------------------------------------------------------------
SUMMARY: The Copyright Office is issuing a revised proposed rule to
make electronic-only books published in the United States subject to
the Copyright Act's mandatory deposit provisions if they are
affirmatively demanded by the Office. In response to comments received
in response to the Office's April 16, 2018 Notice of Proposed
Rulemaking, the revised proposed rule makes additional clarifying edits
to the definition of an ``electronic-only book'' and adjusts the
requirements related to employment of technological protection
measures. This document also updates the public on developments
subsequently announced by the Library of Congress related to certain
questions raised in public comments with respect to its digital
collection strategy and information technology security matters.
DATES: Written comments must be received no later than 11:59 p.m.
Eastern Time on July 29, 2020.
ADDRESSES: For reasons of government efficiency, the Copyright Office
is using the regulations.gov system for the submission and posting of
public comments in this proceeding. All comments are to be submitted
electronically through regulations.gov. Specific instructions for
submitting comments are available on the Copyright Office website at
https://www.copyright.gov/rulemaking/ebookdeposit. If electronic
submission of comments is not feasible due to lack of access to a
computer and/or the internet, please contact the Office using the
contact information below for special instructions.
FOR FURTHER INFORMATION CONTACT: Regan A. Smith, General Counsel and
Associate Register of Copyrights, [email protected]; Kevin R. Amer,
Deputy General Counsel, [email protected]; or Mark T. Gray, Attorney-
Advisor, [email protected]. They can be reached by telephone at 202-
707-3000.
SUPPLEMENTARY INFORMATION:
I. Background
A. Mandatory Deposit Under the Copyright Act Generally
Section 407 of title 17 requires that the owner of the copyright or
the exclusive right of publication in a work published in the United
States, within three months of publication, deposit ``two complete
copies of the best edition'' with the Copyright Office ``for the use or
disposition of the Library of Congress.'' \1\ The ``best edition'' is
defined as ``the edition, published in the
[[Page 38807]]
United States at any time before the date of deposit, that the Library
of Congress determines to be most suitable for its purposes.'' \2\
These requirements are governed by section 202.19 and Appendix B of
part 202 of the Office's regulations, which set forth rules and
criteria, respectively, for the different types of works subject to the
mandatory deposit requirement.
---------------------------------------------------------------------------
\1\ 17 U.S.C. 407(a), (b); see generally 37 CFR 202.19.
\2\ 17 U.S.C. 101; see also 17 U.S.C. 407(b).
---------------------------------------------------------------------------
Under the statute, the Register of Copyrights may issue a written
demand for works at any time after they have been published in the
United States, and failure to deposit after a demand may subject the
recipient to monetary liability.\3\ Compliance with this section is
separate from the copyright registration process, but the Copyright Act
provides that deposits made under section 407 may be used to satisfy
the registration deposit provisions under section 408, if all other
registration conditions are met.\4\
---------------------------------------------------------------------------
\3\ 17 U.S.C. 407(d).
\4\ Id. at 408(b). Although section 408 states that copies
deposited pursuant to the mandatory deposit provision in section 407
may be used to satisfy the registration deposit requirement in
section 408, in practice the Office treats copies of works submitted
for registration as satisfying the mandatory deposit requirement
(assuming the deposit requirements are the same), and not vice
versa. 37 CFR 202.19(f)(1), 202.20(e); see 43 FR 763, 768 (Jan. 4,
1978).
---------------------------------------------------------------------------
Certain categories of works are not subject to mandatory deposit.
As set out in the statute, unpublished works and foreign works that
have not been published in any form in the United States do not have to
be deposited. In addition, under section 407(c), the Register can, by
regulation, exempt any categories of material from section 407's
mandatory deposit requirements or demand only one copy to provide a
``satisfactory archival record of a work.'' Under this authority, the
Register has excluded numerous categories of works from the mandatory
deposit requirement, such as greeting cards, architectural blueprints,
and three-dimensional sculptural works.\5\
---------------------------------------------------------------------------
\5\ See 37 CFR 202.19(c).
---------------------------------------------------------------------------
B. Regulations Regarding Mandatory Deposit of Electronic-Only Materials
In 2010, the Office issued an interim rule (the ``2010 Interim
Rule'') codifying its established practice of excluding from mandatory
deposit requirements all ``[e]lectronic works published in the United
States and available only online.'' \6\ The 2010 Interim Rule referred
to such works as ``electronic-only.'' In generally excluding
electronic-only works from the mandatory deposit requirement, the
Office also, however, adopted an exception to this exemption, requiring
the deposit of electronic-only serials if affirmatively demanded by the
Office.\7\ An electronic-only serial is ``an electronic work published
in the United States and available only online, issued or intended to
be issued on an established schedule in successive parts bearing
numerical or chronological designations, without subsequent
alterations, and intended to be continued indefinitely.'' \8\ This
category includes ``periodicals, newspapers, annuals, and the journals,
proceedings, transactions, and other publications of societies.'' \9\
The 2010 Interim Rule stated that any additional categories of
electronic-only works would first be ``identified as being subject to
demand'' through a rulemaking with notice and comment before the Office
issues any actual demands for such works.\10\ The present proposed rule
is one such rulemaking.
---------------------------------------------------------------------------
\6\ Mandatory Deposit of Published Electronic Works Available
Only Online, 75 FR 3863, 3869 (Jan. 25, 2010) (``2010 Interim
Rule''); 37 CFR 202.19(c)(5).
\7\ 2010 Interim Rule at 3865-66. ``Electronic works'' are
themselves defined as ``works fixed and published solely in an
electronic format.'' 37 CFR 202.24(c)(3).
\8\ 37 CFR 202.19(b)(4).
\9\ Id.
\10\ 2010 Interim Rule at 3866.
---------------------------------------------------------------------------
C. 2016 Notice of Inquiry Regarding Expansion of Demand-Based Deposit
In 2016, the Office issued a notice of inquiry (``NOI'') that
proposed to finalize the 2010 interim rule and to add a new category of
online works--electronic-only books--to the demand-based mandatory
deposit scheme.\11\ The Office sought comments on four topics: (1) The
efficacy of the interim rule, including whether it adequately serves
the needs of the Library and other affected parties and whether it
could serve as a good framework for adding additional categories of
electronic works to the mandatory deposit system; (2) the Library's
access policy as applied to both electronic-only serials and,
potentially, to electronic-only books; (3) ``information technology,
security, and/or other requirements'' that should apply to the receipt
and storage of, and access to, electronic-only books; and (4) how the
``best edition'' requirements should be applied to the mandatory
deposit of electronic-only books. The Office received fifteen comments
on the proposed changes. While some of the comments praised the efforts
to collect more works in the identified categories, others expressed
reservations.
---------------------------------------------------------------------------
\11\ Mandatory Deposit of Electronic Books and Sound Recordings
Available Only Online, 81 FR 30505, 30506-08 (May 17, 2016) (``2016
NOI''). The NOI also included online sound recordings as a potential
additional category of works to subject to mandatory deposit, but
the Office has decided to postpone further consideration of this
issue until after the conclusion of this rulemaking.
---------------------------------------------------------------------------
D. 2018 Proposed Rule Regarding Electronic-Only Book Deposit
In April 2018, the Office issued a notice of proposed rulemaking
(``2018 NPRM'') seeking public comment on a proposal to finalize the
interim rule and to extend the demand-based mandatory deposit
requirements to electronic-only books.\12\ The 2018 NPRM proposed that
the term ``electronic-only book'' be ``defined broadly as an electronic
literary work published in one volume or a finite number of volumes
published in the United States and available only online,'' with some
exclusions for specific types of works such as serials, audiobooks,
websites, blogs, and emails.\13\ To clarify how the rule would apply in
the context of books available for print-on-demand, the definition
provided that a work would be deemed available only online ``even if
physical copies or phonorecords have been made on demand for individual
consumers, so long as the work is otherwise available only online.''
\14\
---------------------------------------------------------------------------
\12\ Mandatory Deposit of Electronic-Only Books, 83 FR 16269
(Apr. 16, 2018) (``2018 NPRM'').
\13\ Id. at 16272.
\14\ Id. at 16272-73.
---------------------------------------------------------------------------
The 2018 NPRM also addressed questions raised by commenters
regarding Library access policies and information technology
requirements. The Office proposed to modify existing regulations to
apply the same access policies to deposited electronic-only books as
those applicable to electronic deposits of newspapers: Access would be
provided only to authorized users on Library of Congress premises and
off-site to Library staff as part of their assigned duties via a secure
connection.\15\ In response to comments expressing concern about the
adequacy of the Library's technology security infrastructure, the 2018
NPRM provided information on the recent steps taken by the Library to
address its information technology needs, including the appointment of
a permanent Chief Information Officer, the implementation of security
standards, and the use of comprehensive security testing for all
Library systems.\16\
---------------------------------------------------------------------------
\15\ Id. at 16270 (citing 37 CFR 202.18).
\16\ 2018 NPRM at 16273-74.
---------------------------------------------------------------------------
Finally, the proposed rule established ``best edition''
requirements for electronic-only books, adopting provisions from the
Library's Recommended Formats Statement with some clarifying language
regarding the
[[Page 38808]]
``completeness'' of a work.\17\ These provisions also included a
requirement that depositors remove technological measures that control
access to or use of the work, as is currently required for electronic-
only serials.\18\
---------------------------------------------------------------------------
\17\ Id. at 16274-75.
\18\ Id. at 16275.
---------------------------------------------------------------------------
II. Discussion
The Office received nine comments in response to the 2018 NPRM.
Commenters generally expressed agreement with the broad goal of
supporting the Library's acquisition and preservation of digital
materials for the benefit of the American public. The Library Copyright
Alliance supported the proposed rule ``because of the critical role of
deposit in building the Library's collection and ensuring long-term
preservation'' of digital materials.\19\ Authors Guild similarly noted
that the Library ``cannot fulfill [its] mission today without
collecting books that are published only in electronic form,'' \20\ and
the Association of American Publishers stated ``[p]ublishers have long
supported the special privilege of the Library to collect works''
through mandatory deposit.\21\ Authors Alliance supported the rule
because, in its view, mandatory deposit ``serve[s] the long-term
interests of authors by ensuring that their creative and intellectual
legacies are preserved.'' \22\
---------------------------------------------------------------------------
\19\ Library Copyright Alliance Comment at 2; see also
University of Michigan Copyright Office Comment at 1-2 (``strongly
support[ing]'' the proposed rule because it ``provide a means for
the Library of Congress to acquire [electronic-only books], preserve
them, and provide limited access to them'').
\20\ Authors Guild Comment at 2.
\21\ American Association of Publishers (``AAP'') Comment at 3-
4; see also Copyright Alliance Comment at 2 (noting ``the value of
the Library's ongoing efforts to preserve culturally significant
works'').
\22\ Authors Alliance Comment at 2.
---------------------------------------------------------------------------
At the same time, the comments revealed significant concern over
several aspects of the proposed rule. A number of commenters requested
clarification of the rule's intended scope, pointing to ambiguity in
the definition of the term ``electronic-only book'' and uncertainty as
to the collections policies that would govern acquisition
decisions.\23\ Commenters also raised questions regarding the security
of digital materials deposited pursuant to the rule. Some commenters
urged the Office to provide additional assurances as to the adequacy of
the Library's digital security practices,\24\ while others objected to
the proposed requirement that deposited materials be free of
technological protection measures.\25\
---------------------------------------------------------------------------
\23\ Authors Guild Comment at 3-4 (raising questions about the
Library's collections policies and recommending changes to
definition of ``electronic-only book''); National Writers Union
(``NWU'') Comment at 3-4 (expressing uncertainty about what material
would be demanded based on Library collections policies); Copyright
Alliance Comment at 3 (raising questions about Library's collections
strategy).
\24\ Copyright Alliance Comment at 4 (requesting the Library
``demonstrat[e] the adequacy of the Library's IT system'' before
finalizing the rule); Authors Guild Comment at 3 (seeking additional
specifics about the ``security measures for e-books'' and requesting
more information about Library's creation of a secure e-book
repository); AAP Comment at 2-3 (seeking additional information
about ``the state of the Library's technology capabilities,
protocols, and security measures'').
\25\ Copyright Alliance Comment at 4-5 (stating that
technological protection measures serve as ``important safeguards''
for digital material); Authors Guild Comment at 5-6 (expressing
concern that requiring removal of technological protection measures
may ``essentially require the publisher to create a new edition''
where no such version is sold in the market).
---------------------------------------------------------------------------
The Office has carefully considered these comments and finds that
they have helpfully identified several areas that would benefit from
further discussion or explanation. In response to certain issues raised
by commenters, the Office has made revisions to the proposed regulatory
text. In addition, to further demonstrate the basis for the proposed
rule, the Office is providing additional information in response to
commenters' questions regarding Library collections and security
policies, including to share relevant developments that occurred after
the close of the initial comment period.\26\ The Office addresses each
of these issues below and welcomes additional public comment. In light
of the existing rulemaking record and, as noted below, the progress the
Library has reported to the Office in response to the 2018 NPRM, the
Office anticipates being able to reasonably move forward with
finalization of the proposed rule after this round of comments.
---------------------------------------------------------------------------
\26\ The Library Copyright Alliance suggested the Library's
access policies were overly restrictive and should allow for more
than two users at a time to view the same resource. Library
Copyright Alliance Comment at 4. For the reasons stated in the 2018
NPRM, the Office believes the Library's access policies strike an
appropriate balance between protecting against infringement and
facilitating lawful uses by Library patrons. See 2018 NPRM at 16723.
---------------------------------------------------------------------------
A. Scope of Material Subject to Deposit
1. Definition of ``Electronic-Only Book''
The 2018 proposed rule defined an ``electronic-only book'' as ``an
electronic literary work published in one volume or a finite number of
volumes published in the United States and available only online.''
\27\ It specifically excluded ``literary works distributed solely in
phonorecords (e.g., audiobooks), serials (as defined in Sec.
202.3(b)(1)(v)), computer programs, websites, blogs, and emails.'' \28\
A number of comments raised questions about the scope of materials that
would be subject to mandatory deposit under this definition.
---------------------------------------------------------------------------
\27\ 2018 NPRM at 16275.
\28\ Id.
---------------------------------------------------------------------------
First, the National Writers Union (NWU) found certain terminology
in the proposed rule ambiguous. It noted that ``[t]he term `volume,' as
applied to digital data, is normally used to describe a physical or
virtual drive, storage device, partition, or filesystem, which can
contain any number of related or unrelated files.'' \29\ NWU therefore
believed the rule was unclear as to ``which digital files or groups of
files the Copyright Office considers or will deem to constitute
`volumes.' '' \30\ Additionally, NWU expressed confusion over the
exclusion of ``websites'' and ``email'' from the definition, noting
that ``[m]ost works distributed in electronic formats are distributed
either as files downloadable from the World Wide Web--i.e., as part of
websites--or by email.'' \31\ Based on this interpretation, NWU reads
the proposed rule to exclude, for example, all e-book files released
for the Amazon Kindle because those files ``can be downloaded . . .
through the Amazon.com website'' and thus are ``part of websites.''
\32\
---------------------------------------------------------------------------
\29\ NWU Comment at 3.
\30\ Id.
\31\ Id. at 4.
\32\ Id. at 4.
---------------------------------------------------------------------------
After consideration of NWU's comments, the Office does not agree
that the cited provisions are likely to cause confusion. When read in
context, the term ``volume'' cannot plausibly be understood to describe
a physical or digital drive that stores data. Rather, the regulatory
text makes clear that the term carries its ordinary meaning as a unit
in which a ``literary work'' is published.\33\ The language simply
indicates that, for purposes of defining an ``electronic-only book,''
it is immaterial whether a work is published in one file or is broken
into multiple files. Nor does the Office find NWU's interpretation of
``websites'' to be a reasonable reading. The fact that copies of a work
are distributed via a website does not mean the work is part of the
website. Moreover, excluding
[[Page 38809]]
such books would be at odds with both the purpose of the rule and
Copyright Office practice. As the NOI explained, this proceeding is
intended to facilitate collection of ``electronic books that have been
published solely through online channels,'' \34\ which certainly would
include books distributed through major platforms such as Amazon.
Further, the Compendium of U.S. Copyright Office Practices provides
that a ``work that is perceptible to the user only by downloading or
separately purchasing that particular work is not considered part of
the website for registration purposes and must be registered
separately.'' \35\
---------------------------------------------------------------------------
\33\ The existing interim rule for electronic serials uses the
terms ``issues'' and ``volumes'' in reference to units of a literary
work, and depositors have not expressed confusion in applying these
terms. See 37 CFR 202 app. B.IX.A.2.b. (requiring submission of
available metadata for ``volume(s)'' and ``issue dates(s)''); 2010
Interim Rule at 3867 (``[I]t is expected that each issue of a
demanded serial will be deposited with the Copyright Office
thereafter as is the current practice.'').
\34\ 81 FR at 30508.
\35\ U.S. Copyright Office, Compendium of U.S. Copyright Office
Practices sec. 1002.2 (3d ed. 2017).
---------------------------------------------------------------------------
Second, the Authors Guild noted that the proposed regulatory
language did not address the length of works subject to the rule even
though ``books are generally defined as longer literary works.'' \36\
It recommended modifying the rule to clarify that ``very short works,
such as a single poem or a string of tweets,'' are not covered.\37\
---------------------------------------------------------------------------
\36\ Authors Guild Comment at 4.
\37\ Id.
---------------------------------------------------------------------------
Although the 2018 NPRM noted that the Library ``does not intend to
obtain blog posts, social media posts, and general web pages'' through
this rule,\38\ the Office agrees that that limitation could be made
clearer in the regulatory text itself. The Office therefore proposes
revising the definitional language to expressly exclude ``short online
literary works such as social media posts.'' The Office considered the
possibility of adopting a longer and more detailed list of exclusions
but ultimately concluded that such an approach would be infeasible
given the speed at which new online services emerge. Moreover, any
attempt to further limit the subclasses of literary works subject to
the rule could result in the exclusion of certain works that fall
within the rule's intended scope. For example, excluding ``poems''
would not be advisable, as some poems are long enough to constitute a
book (e.g., Paradise Lost). As noted in the 2018 NPRM, the Office
recognizes that the traditional definition of a physical book ``does
not translate neatly to the digital environment'' and that
distinguishing ``electronic-only books'' from other types of online
literary works may be difficult in certain cases at the margins.\39\
Nevertheless, the Office continues to believe that the overall
definitional approach set forth in the 2018 NPRM strikes an appropriate
balance between ensuring that the Library retains sufficient
flexibility in its acquisition decisions, and making clear that rule's
intended focus is on ``textual works that are marketed or presented as
`electronic books' and other monographic works such as organizational
reports and long-form essays''--and not on blogs, social media posts,
websites, and the like.\40\ The additional language proposed here
further clarifies this distinction.
---------------------------------------------------------------------------
\38\ 2018 NPRM at 16272.
\39\ Id.
\40\ Id. To the extent that numerous short online posts, blogs,
and social media posts are collected and published in a single
monograph, such a collection would be subject to this rule, because
it would be presented as an ``electronic book'' and would be
copyrightable as a collective work.
---------------------------------------------------------------------------
Third, the Authors Guild suggested that the proposed definition is
underinclusive because the phrase ``available only online'' might not
encompass electronic books distributed offline, such as books preloaded
onto e-readers or tablets.\41\ The Authors Guild proposed instead that
references to a work being ``available only online'' be replaced with
``available in electronic form.'' \42\ The Office agrees that works of
this type should be covered by the rule, but the language proposed by
the Authors Guild potentially could sweep in electronic works that are
also published in physical form. The Office believes that a more
targeted solution is to address this situation in the section of the
rule defining when a work is considered to be available only online.
The revised proposed rule adds language to that definition providing
that a work shall be deemed to be available only online ``even if
copies have been loaded onto electronic devices, such as tablets or e-
readers, in advance of sale to individual consumers, so long as the
work is otherwise available only online.''
---------------------------------------------------------------------------
\41\ Authors Guild Comment at 4.
\42\ Id.
---------------------------------------------------------------------------
Fourth, AAP raised questions about the rule's requirement that
``[a]ll updates, supplements, releases, and supersessions'' of the work
be deposited in a timely manner. AAP requested that the Office define
the terms ``updates, supplements, releases, and supersessions'' and
sought clarification as how the Office would treat books available in
print whose digital editions contain additional content or
revisions.\43\ After consideration, the Office does not believe
modification of the regulatory text is necessary. The language
regarding updates and similar material is analogous to a longstanding
requirement in the best edition regulations for printed textual matter,
which require ``the regular and timely receipt of all appropriate
looseleaf updates, supplements, and releases.'' \44\ The deposit
requirement for updates to electronic-only books will be administered
in the same manner that publishers are accustomed to for printed
material. Nor is revision required to accommodate books available in
print with additional content in a digital version. Where a work is
available in both digital and print editions, the work is not
``available only online,'' and thus is not subject to the rule. To the
extent the digital version contains supplementary material that is not
published in the physical version, the electronically enhanced version
would be subject to demand if it constitutes a separate ``work'' under
the Copyright Act and is not otherwise excluded from the rule.
---------------------------------------------------------------------------
\43\ AAP Comment at 7 (inquiring as to the ``degree of variation
from the print version [that] suffices to make an electronic-only
book subject to the requirement'').
\44\ 37 CFR 202 app. B.I.A.8.
---------------------------------------------------------------------------
Fifth, the Office has determined that the rule should be revised to
further clarify when print-on-demand books are to be deemed ``available
only online.'' The original proposed rule provided that ``[a] work
shall be deemed to be available only online even if physical copies
have been made on demand for individual consumers, so long as the work
is otherwise available only online.'' \45\ The Office proposed that
definition to address commenters' concern that, in the case of books
made available for printing by individual consumers, ``it [would] be
difficult for publishers to determine whether such works are subject to
the general exemption for electronic-only works (and the demand-based
mandatory deposit scheme proposed here), or whether they are subject to
affirmative mandatory deposit requirements.'' \46\ The 2018 NPRM thus
contemplated that a work would qualify as an e-book under the rule even
if copies were ``printed privately, in consumers' homes, or at kiosks
at brick-and-mortar bookstores.'' \47\
---------------------------------------------------------------------------
\45\ 2018 NPRM at 16275.
\46\ Id. at 16272-73.
\47\ Id. at 16273.
---------------------------------------------------------------------------
That situation, however, is distinguishable from a business model
in which an author, publisher, or distributor prints copies in response
to purchases by individual consumers. For example, a physical or online
retailer might place orders for printed copies of a particular title
only as individual requests for that title are received from customers,
as opposed to ordering multiple copies from the publisher in advance of
any customer purchases. These books are outside the scope of
[[Page 38810]]
this rule, and instead remain subject to the general mandatory deposit
obligation under section 407. In circumstances where a retailer
provides a physical copy for sale, it is immaterial to the purchaser--
and likely unknown to acquisition specialists at the Copyright Office--
whether the retailer has multiple copies on hand or obtains them
individually to fulfill purchases as they occur. To make this
distinction clear, the Office has amended the proposed rule to more
precisely refer to books made available for on-demand printing by
individual consumers, as distinguished from on-demand activities
performed by distributors, publishers, retailers, or others in the
supply chain. The revised language provides: ``A work shall be deemed
to be available only online even if copies have been made available to
individual consumers to print on demand, so long as the work is
otherwise available only online.'' \48\
---------------------------------------------------------------------------
\48\ On a related issue, one commenter inquired whether a
copyright owner could comply with a demand from the Office under
this rule by providing a print version of an electronic-only book.
AAP Comment at 7. Because this rule is crafted ``as a way to fulfill
the Library's digital collections,'' 2018 NPRM at 16271, the rule
does not contemplate deposit of a print version of an electronic-
only book. As with any deposit demand under section 407, however,
copyright owners may request special relief from the deposit
requirement to provide a different format, such as a print version.
Such a decision would be made by the Register after consultation
with other appropriate officials from the Library of Congress. See
37 CFR 202.19(e)(2).
---------------------------------------------------------------------------
2. The Library's Collections Policies
In discussing the scope of materials subject to deposit under this
rule, a number of commenters sought additional information about the
Library of Congress's specific collections policies. As the AAP put it,
``[i]n providing for the transfer of said copies through mandatory
deposit, Congress made clear that the Library must make demands under
Section 407 with a purpose.'' \49\ The NWU stated that it ``remain[ed]
puzzled as to what works the Copyright Office intends to demand be
deposited'' under the proposed rule,\50\ and the Authors Guild desired
to see a ``comprehensive collection strategy'' from the Library before
finalization of a rule.\51\ The Copyright Alliance expressed concern
that there was a ``lack of a clear and cohesive digital collections
strategy within the Library of Congress'' and requested the opportunity
to give input into that strategy.\52\ And with respect to collection
and preservation of digital materials specifically, the Authors' Guild
explained, ``[i]t is our understanding that the Library has not yet
created and adopted a comprehensive strategy for safely storing books
published in electronic form, despite the fact that e-books and
electronic audio books have been a significant and growing percentage
of books published for over a decade.'' \53\
---------------------------------------------------------------------------
\49\ AAP Comment at 4 (citing H.R. Rep. No. 1476, 94th Cong., 2d
Sess. 151 (1976)).
\50\ NWU Comment at 3.
\51\ Authors Guild Comment at 3.
\52\ Copyright Alliance Comment at 3.
\53\ Authors Guild Comment at 2.
---------------------------------------------------------------------------
As the 2018 NPRM indicates, the Copyright Office consults with the
Library and relies on those discussions along with the Library's public
statements in considering and responding to commenters' concerns in
this area.\54\ According to the Library, the criteria used to determine
what electronic materials to acquire ``do not greatly differ from those
used for other formats.'' \55\ The Library prepares subject-specific
Collections Policy Statements (e.g., Education, Chemical Sciences,
Medicine, Theater) and makes them available on its website.\56\ These
policies detail what kinds of works the Library seeks to collect and at
what level of comprehensiveness. For example, the Political Science
statement notes that the Library seeks to ``collect[ ] all the
important current reference works'' in the field, regardless of
language, while it collects foreign textbooks ``on a highly selective
basis.'' \57\ The Library also maintains supplementary guidelines to
assist in applying these standards to electronic works.\58\ For
example, the guidelines note that criteria weighing in favor of
acquisition include the at-risk nature of a work or its availability
only in digital format.\59\ In general, however, the Office understands
that Library acquisition decisions involving electronic materials are
governed by the relevant Collections Policy Statement, as is true for
works in physical format.\60\ As the Library's Collection Development
Office has explained, this policy reflects the Library's effort to
develop ``one interdependent collection that contains both its
traditional physical holdings and materials in digital formats.'' \61\
---------------------------------------------------------------------------
\54\ See 2018 NPRM at 16271, 16273 (noting consultations with
and public statements by the Library).
\55\ Library of Congress, Library of Congress Collections Policy
Statements Supplementary Guidelines: Electronic Resources 2 (Aug.
2016), https://www.loc.gov/acq/devpol/electronicresources.pdf.
\56\ See Collections Policy Statements and Supplementary
Guidelines, Library of Congress, https://www.loc.gov/acq/devpol/cpsstate.html.
\57\ Library of Congress, Library of Congress Collections Policy
Statements: Political Science 2-3 (Nov. 2017), https://www.loc.gov/acq/devpol/polisci.pdf.
\58\ Library of Congress, Library of Congress Collections Policy
Statements Supplementary Guidelines: Electronic Resources 2 (Aug.
2016), https://www.loc.gov/acq/devpol/electronicresources.pdf.
\59\ Id.
\60\ See, e.g., Library of Congress, Library of Congress
Collections Policy Statements: Political Science 2 (Nov. 2017),
https://www.loc.gov/acq/devpol/polisci.pdf (``[c]omparable
electronic materials are collected at the same levels'' as physical
materials).
\61\ Library of Congress Collection Development Office,
Collecting Digital Content at the Library of Congress at 3 (Feb.
2017), https://www.loc.gov/acq/devpol/CollectingDigitalContent.pdf.
---------------------------------------------------------------------------
With respect to commenters' concerns about the Library's digital
strategy,\62\ the Library has provided further public information
following the close of the comment period, most notably in its five-
year strategic plan and in a formal digital strategy document that
supports the strategic plan. The 2019-2023 strategic plan, Enriching
the User Experience, notes that ``being digitally enabled is paramount
to [the Library of Congress's] success.'' \63\ Describing digital
efforts as an ``ongoing process,'' the plan states that in the next
five years the Library will streamline its operational capabilities and
undertake efforts to identify gaps in expertise and recruit new talent
to fill those gaps.\64\ The Library's digital strategy, published in
April 2019, describes a five-year plan for expanding its digital
collections and providing access to that material, in connection with
the Library's broad goals of ``throwing open the treasure chest,
connecting, and investing in our future.'' \65\ It notes that the
Library intends to ``exponentially'' expand its digital collections,
provide ``maximum authorized access'' to material in the collection
depending on the type of patron, and use ``verifiable chain of
custody'' to ensure the authenticity of digital material and prevent
digital deterioration.\66\
---------------------------------------------------------------------------
\62\ Authors Guild Comment at 2; Copyright Alliance Comment at
3.
\63\ Library of Congress, Enriching the Library Experience: The
FY2019-2023 Strategic Plan of the Library of Congress at 13, https://www.loc.gov/static/portals/strategic-plan/documents/LOC_Strat_Plan_2018.pdf.
\64\ Id. at 13, 23.
\65\ Library of Congress, Digital Strategy at 2 (Apr. 26, 2019),
https://www.loc.gov/static/portals/digital-strategy/documents/Library-of-Congress-Digital-Strategy-v1.1.2.pdf.
\66\ Id. at 3-4, 10 (digital acquisitions will be expanding ``as
outlined in Collecting Digital Content at the Library of
Congress''); see also Library of Congress Collection Development
Office, Collecting Digital Content at the Library of Congress at 3-6
(Feb. 2017), https://www.loc.gov/acq/devpol/CollectingDigitalContent.pdf (describing Library's plans to expand
digital collections through avenues such as copyright deposit,
purchase, and exchange).
---------------------------------------------------------------------------
The Library also has worked to implement the recommendation made in
an April 2015 report by its Inspector
[[Page 38811]]
General (``OIG'') on these issues.\67\ In March 2018, the OIG noted
that the Library had made progress toward creating ``an overarching,
transformative eCollections Strategy for collecting electronic works''
by aligning all electronic collection under a single Digital Collecting
Plan.\68\ A subsequent OIG report noted that the Library has provided
evidence of its efforts toward closing this recommendation, including
``current Library of Congress Collections Policy Statements, which
include digital content and proof that digital collecting is part of
overarching Library collections strategies.'' \69\ The report further
noted that the Library and OIG met in September 2019 to discuss next
steps to achieve closure of the remaining e-deposit and e-collections
recommendations.\70\
---------------------------------------------------------------------------
\67\ See Library of Congress Office of the Inspector General,
The Library Needs to Determine an eDeposit and eCollections Strategy
at 12 (Apr. 24, 2015), https://www.loc.gov/static/portals/about/documents/edeposit-and-ecollections-strategy-april-2015.pdf.
\68\ Library of Congress Office of the Inspector General,
Semiannual Report to Congress at 38 (Mar. 30, 2018), https://www.loc.gov/static/portals/about/office-of-the-inspector-general/annual-reports/documents/March2018-semi-annual-report-to-congress.pdf.
\69\ Library of Congress Office of the Inspector General,
Semiannual Report to Congress at 30 (Sept. 30, 2019), https://www.loc.gov/static/portals/about/office-of-the-inspector-general/annual-reports/documents/September-2019-OIG-Semiannual-Report-to-Congress.pdf.
\70\ Id.
---------------------------------------------------------------------------
The Office interprets this additional information to further
clarify that the Library's plans to increase its digital collection do
not reflect a shift in the content-based considerations underlying its
collections policies. Rather, the Office understands that the Library's
digital collections policies are substantively the same as its policies
for physical works, and so an expansion of the mandatory deposit rule
to electronic-only books would not significantly change the nature of
the Library's collections activity.
B. Technological Protection Measures
The 2018 proposed rule provided that ``technological measures that
control access to or use of the work should be removed.'' \71\ In
support of that requirement, the 2018 NPRM noted that while
technological protection measures (``TPM''s) ``provide significant
security assurances, . . . encumbering deposited copies with such
protections would conflict with the Library's purposes of preserving
the works.'' \72\ This requirement was adopted for electronic serials
in the 2010 interim rule \73\ and, to the Office's knowledge, has
functioned without issue for those deposits.
---------------------------------------------------------------------------
\71\ 2018 NPRM at 16275.
\72\ Id.
\73\ 2010 Interim Rule at 3870.
---------------------------------------------------------------------------
Some commenters objected to extending this requirement to
electronic-only books. For example, the Authors Guild expressed concern
that in some instances, the only published edition of a book may be one
employing technological protection measures, and that requiring removal
would force some publishers to ``transfer the files to new formats or
use hacking codes to remove the controls.'' \74\ This would ``not only
put[ ] the author's work at risk of piracy, but [would] put[ ] an
unnecessary burden on publishers, especially on authors who
independently publish and small publishers.'' \75\ The Copyright
Alliance pointed to this requirement as heightening concerns about the
Library's IT security system, arguing that the possession of
unencrypted digital works greatly increases the potential harm if the
Library's storage system were ever breached.\76\
---------------------------------------------------------------------------
\74\ Authors Guild Comment at 5.
\75\ Id.
\76\ Copyright Alliance Comment at 4-5.
---------------------------------------------------------------------------
For the reasons noted in the 2018 NPRM, the Library generally
prefers TPM-free editions of works to simplify and further its
preservation efforts.\77\ At the same time, the 2018 NPRM noted that
the statutory deposit requirement is limited to the best published
edition and ``does not require the publisher or producer to create a
special preservation copy simply for the benefit of the Library of
Congress.'' \78\ To appropriately balance these considerations, and to
respond to commenters' concerns, the revised proposed rule removes the
requirement that TPMs be removed from deposit copies, but updates the
Best Edition regulations in Appendix B to Part 202 to reflect the
Library's preference for a TPM-free edition, if such a version has been
published. That is, where a publisher has published both TPM-protected
and non-TPM-protected versions of an e-book, the best edition for
purposes of this rule is the latter. In accordance with the general
approach of Appendix B to provide alternate options in descending
orders of preference, where an electronic-only book is not published
TPM-free, the proposed rule would next accept a copy for which the
owner has elected to remove such technological measures.
---------------------------------------------------------------------------
\77\ The University of Michigan Copyright Office wrote in
support of this proposed requirement because, in its experience,
``such technological measures seriously impede long-term
preservation.'' University of Michigan Copyright Office Comment at
3.
\78\ 2018 NPRM at 16274-75.
---------------------------------------------------------------------------
It is important to note, however, that under section 202.24, the
Office's regulations already provide that deposits ``must be able to be
accessed and reviewed by the Copyright Office, Library of Congress, and
the Library's authorized users on an ongoing basis.'' \79\ Such
language is consistent with section 407 of the Copyright Act, which
obligates deposit of materials for ``use or disposition of the Library
of Congress'' in its collections.\80\ So as a floor, the proposed rule
clarifies that deposits must be otherwise provided in a manner that
meets the requirements of current section 202.24(a)(4). In sum,
depositors must take reasonable steps to ensure that the Library is
able to access the work to the extent necessary for preservation and
other lawful uses.\81\ In the case of a TPM-protected work, such
efforts might include providing the same access codes that are
available to purchasing consumers. And as explained in the NPRM, ``in
the unlikely event that the Library seeks to acquire a work that is
only published in a proprietary format that cannot be viewed by the
Library, the Office will work with the publisher to identify a means to
access the work.'' \82\
---------------------------------------------------------------------------
\79\ 37 CFR 202.24(a)(4).
\80\ As commenters noted, in 1998, Congress specifically
protected the use of technological protection measures by copyright
owners by establishing a separate remedy against circumvention of
such measures under section 1201 of title 17. See Copyright Alliance
Comment at 5 (raising concerns about removal of technology
protection measures, ``which Congress considered critical enough to
secure with independent legal protection''). But there is no
indication that there was any congressional intent to abrogate the
Library's preexisting entitlement to usable deposits in section 407.
See 17 U.S.C. 407(b) (``The required copies . . . shall be deposited
. . . for the use or disposition of the Library of Congress.'').
\81\ Cf. 37 CFR 202.20(b)(2)(iii)(D) (noting that correspondence
may be necessary for digital deposits ``if the Copyright Office
cannot access, view, or examine the content of any particular
digital file that has been submitted for the registration of a
work'').
\82\ 2018 NPRM at 16274.
---------------------------------------------------------------------------
C. Library of Congress IT Security
Several comments were directed not at the specific regulatory text
in the proposed rule but instead at the Library's IT security practices
and the ability of the Library to secure electronic deposits from
digital theft. The 2018 NPRM briefly discussed the Library's work in
this area,\83\ but in light of the level of concern expressed by
commenters, and because of important developments that have occurred
since the close of the prior comment period, the Office is providing
additional
[[Page 38812]]
information shared by the Library that speaks to these issues.
---------------------------------------------------------------------------
\83\ Id. at 16273-74.
---------------------------------------------------------------------------
Many commenters from organizations representing copyright owners
were reluctant to support the proposed rule without additional
assurances regarding the Library's security capabilities. The Authors
Guild stated that it was ``premature'' to finalize a rule until the
Library could ``ensure[ ]'' the security of e-books, and requested that
a full security plan be explained and ``vetted with publishers.'' \84\
The Copyright Alliance requested that the Library ``demonstrat[e] the
adequacy of the Library's IT system'' before finalizing a rule, lest
the Office ``put[ ] the cart before the horse'' in demanding ``blind
faith'' from copyright owners that the Library will protect
deposits.\85\ And AAP said it would be ``premature'' and ``nothing
short of reckless'' to issue a final rule before implementation of the
recommendations of the Government Accountability Office (``GAO'') in
its 2015 report on the Library's IT management.\86\
---------------------------------------------------------------------------
\84\ Authors Guild Comment at 2-3.
\85\ Copyright Alliance Comment at 4.
\86\ AAP Comment at 3, 5; see Government Accountability Office,
Strong Leadership Needed to Address Serious Information Technology
Management Weaknesses (Mar. 31, 2015), https://www.gao.gov/assets/670/669367.pdf.
---------------------------------------------------------------------------
The Copyright Office appreciates concerns about the security of
digital deposits and agrees that the Office and Library occupy a
position of public trust with respect to copyright deposits. It is
incumbent on both organizations to operate in accordance with that
trust. As the Library has stated in its digital strategy, ``[p]romoting
creativity and building cultural heritage collections entails
protecting creators' intellectual property rights. This responsibility
is salient at the Library, as the home of the United States Copyright
Office.'' \87\ After consultation with the Library, the Office is
sharing additional information provided to it that discusses the
significant effort the Library has undertaken to revamp its IT
operations and ensure the integrity of its electronic deposits and
other digital material in its collections.
---------------------------------------------------------------------------
\87\ Library of Congress, Digital Strategy at 4 (Apr. 26, 2019),
https://www.loc.gov/static/portals/digital-strategy/documents/Library-of-Congress-Digital-Strategy-v1.1.2.pdf.
---------------------------------------------------------------------------
As an initial matter, the Library has provided assurances of its
commitment to digital security, both in public statements and in
consultations with the Office. As the Library's Chief Information
Officer testified to Congress in December 2019, ``the Library is well
aware of the need to ensure the security of the digital content in
[its] care.'' \88\ He also has testified that the Library is
implementing encryption for electronic copyright deposits, putting such
materials on the same footing as other sensitive Library data.\89\
Likewise, the Library has informed the Office that electronic deposits
are given the same level of security as other highly sensitive
information held by the Library, such as congressional material.
According to the Library, this material is stored on a network that
complies with the security standards established by the National
Institute of Standards and Technology (``NIST''),\90\ including
standards SP 800-53 Rev. 4 \91\ and FIPS 140-2,\92\ among others. NIST
creates these security standards as required by the Federal Information
Security Management Act,\93\ which seeks to ensure that federal
agencies ``incorporate adequate, risk-based, and cost-effective
security compatible with business processes.'' \94\ Through its
systems, the Library has received tens of millions of digital files in
the last decade, including over 300,000 electronic serial issues and
460,000 electronic books received under the interim rule or pursuant to
special relief agreements with publishers. As the Library has reported
to the Copyright Office, in no known instance has the Library's
security been breached or its digital collections stolen.
---------------------------------------------------------------------------
\88\ Oversight of Modernization of the United States Copyright
Office, Hearing Before the Senate Subcomm. on Intellectual Property,
116th Cong. 3 (Dec. 10, 2019) (prepared statement of Bernard A.
Barton, Jr., Chief Information Officer, Library of Congress),
https://www.judiciary.senate.gov/imo/media/doc/Barton%20Testimony.pdf (``Dec. 2019 Senate Oversight CIO
Statement'').
\89\ Id. at 4.
\90\ See id. at 3-4 (stating that the Library has ``implemented
NIST security standards, with role based security, to ensure that
users only have access to the data they are supposed to see'').
\91\ Special Publication (SP) 800-53 is ``a catalog of security
and privacy controls for federal information systems and
organizations'' provided by NIST that is meant to secure federal
organizations ``from a diverse set of threats including hostile
cyber attacks, natural disasters, structural failures, and human
errors (both intentional and unintentional).'' SP 800-53 Rev. 4:
Security and Privacy Controls for Federal Information Systems and
Organizations, NIST (Jan. 22, 2015), https://csrc.nist.gov/publications/detail/sp/800-53/rev-4/final.
\92\ The FIPS 140-2 standard is the current set of requirements
for cryptographic security outlined by NIST. See FIPS 140-2:
Security Requirements for Cryptographic Modules, NIST (May 25,
2001), https://csrc.nist.gov/publications/detail/fips/140/2/final.
\93\ The Federal Information Security Management Act was passed
as Title III of the E-Government Act of 2002, Public Law 107-347.
\94\ 44 U.S.C. 3602(f)(15) (describing responsibilities of head
of Office of Electronic Government); see also National Institute of
Standards and Technology, FISMA Implementation Project: FISMA
Background (Feb. 26, 2020), https://csrc.nist.gov/projects/risk-management/detailed-overview/ (describing law as ``explicitly
emphasiz[ing] a risk-based policy for cost-effective security'').
---------------------------------------------------------------------------
Since the 2018 NPRM was published, the Library has provided
additional detail on its IT security policies in several recent public
statements, including congressional testimony. The Library's Chief
Information Officer recently testified that the Library has
``significantly increased our IT security posture over the last few
years. We have implemented NIST security standards, with role based
security, to ensure that users only have access to the data they are
supposed to see.'' \95\ He further noted that the Library regularly
conducts penetration tests of its high value assets and ``are
implementing encryption--at-rest and in-motion--for all sensitive
Library data, including e-deposits.'' \96\ Noting that ``[s]ecurity is
always a top priority for all Library IT,'' he further stated that the
Library employs cybersecurity professionals to proactively monitor,
test, and oversee security of the Library's systems.\97\
---------------------------------------------------------------------------
\95\ Dec. 2019 Senate Oversight CIO Statement at 3-4. With
respect to digital deposits, for example, the only staff able to
access digital copies of audiovisual works are system administrators
and employees of the Library's National Audio-Visual Conservation
Center.
\96\ Id.
\97\ Id.
---------------------------------------------------------------------------
The Librarian has similarly testified that the Library had made
``significant IT security improvements'' and cybersecurity enhancements
``to heighten the detection of threats, thwart denial of service
attacks, protect against malware and enable continuous monitoring so
that issues are prevented, and if they occur, quickly identified and
resolved.'' \98\ Other improvements highlighted by the Library include
requiring all staff to use multi-factor authentication to access the
Library's systems,\99\ upgrading the Library to a new data center that
reduces the risk of service interruptions,\100\ and
[[Page 38813]]
participating in the Legislative Branch Cyber Security Working Group,
which facilitates the exchange of expertise and coordination in
response to security threats.\101\
---------------------------------------------------------------------------
\98\ Library of Congress Modernization Oversight, Hearing Before
the Senate Comm. on Rules and Admin., 116th Cong. 23-24, (Nov. 7,
2019) (prepared statement of Carla Hayden, Librarian of Congress),
https://www.govinfo.gov/content/pkg/CHRG-116shrg38506/pdf/CHRG-116shrg38506.pdf (``Nov. 2019 Senate Oversight Hearing'').
\99\ Id. at 23 (``We have implemented multi-factor
authentication for all users, enhancing security protections for
access to sensitive Library resources.'').
\100\ Annual Oversight of the Library of Congress, Hearing
Before the Senate Comm. on Rules & Admin. 116th Cong. 21-22 (Mar. 6,
2019) (prepared statement of Carla Hayden, Librarian of Congress),
https://www.rules.senate.gov/imo/media/doc/Annual%20Oversight%20of%20the%20library%20of%20Congress%20Transcript.pdf (``Mar. 2019 Senate Oversight Hearing'') (``We are optimizing
our hosting environments by transitioning to a new, Tier III-level
data center, reducing the risk of service interruptions.'').
\101\ Id. at 21.
---------------------------------------------------------------------------
More generally, the Library has sought to provide greater
coordination by centralizing all IT efforts under the direction of the
Office of the Chief Information Officer (``OCIO''). As the Librarian
has explained, centralization was completed in October 2018 (after the
close of the comment period), and now OCIO serves as the ``single
authoritative source for technology'' at the Library.\102\ The Library
has stated that it views IT centralization as key to enabling more
efficient use of IT resources and improving IT security.\103\
---------------------------------------------------------------------------
\102\ Nov. 2019 Senate Oversight Hearing at 23 (prepared
statement of Carla Hayden, Librarian of Congress).
\103\ Mar. 2019 Senate Oversight Hearing at 16.
---------------------------------------------------------------------------
In addition, in late 2019 the Library launched a Digital
Collections Management Compendium (``DCMC''), an online resource that
collects the Library's policies and practices for management of its
digital collections.\104\ The DCMC is intended to ``broadly explain the
Library's practices for managing digital content for the public.''
\105\ It includes information about how the Library keeps inventory and
tracks use of digital material, who is responsible for the security of
digital collections, and what policies govern user permissions and
periodic reviews of staff accounts.\106\ For example, its guidance for
digital collections security for stored digital content states:
---------------------------------------------------------------------------
\104\ See Library of Congress, Digital Collections Management:
About This Program, https://loc.gov/programs/digital-collections-management/about-this-program/.
\105\ Library of Congress, Digital Collections Management:
Frequently Asked Questions, https://www.loc.gov/programs/digital-collections-management/about-this-program/frequently-asked-questions/. The information in the Compendium is ``specifically
focused on a collections management approach to ongoing management
of digital collections'' and thus ``focuses less on the specific
technical requirements of systems and more on the areas of work
which are critical to the Library at present, including digital
formats, custody, and inventory management.'' Id.
\106\ Library of Congress, Digital Collections Security, https://www.loc.gov/programs/digital-collections-management/inventory-and-custody/digital-collections-security/ (explaining that ``digital
collections security policies and systems ensure that appropriate
controls prevent unauthorized access, changes, deletion, or removal
of collection content'' and that the Library coordinates periodic
account review to ``ensure[ ] that appropriate access levels are
maintained for digital content managers, and that account holders
and system users represent currently active Library staff'').
To safeguard digital collections, the Library will develop and
follow policies to ensure that only authorized user accounts and
systems may modify digital collection content. Inventory systems
maintain logs of actions on digital content by digital content
managers as well as systems. No single user should be able to
unilaterally move or delete digital content without following an
established procedure or system protocol, which can be monitored
according to the documentation and recordkeeping of actions in
inventory logs.\107\
---------------------------------------------------------------------------
\107\ Id.
The DCMC also sets out a set of principles to be followed by the
Library in providing access to digital collections that are
supplementary to the regulatory restrictions established in 37 CFR
202.18, including ``communicat[ing] known restrictions'' on digital
works to patrons and requiring patrons seeking use of digital items to
``mak[e] independent legal assessments and secur[e] necessary
permissions.'' \108\
---------------------------------------------------------------------------
\108\ Library of Congress, Principles of Access, https://www.loc.gov/programs/digital-collections-management/access/principles-of-access/. See also 2018 NPRM at 16275 (expanding 37 CFR
202.18 to electronic deposits under this rule); 2016 NOI at 30508.
---------------------------------------------------------------------------
The Library's security efforts are bolstered by oversight from the
OIG, which issues public reports detailing the Library's progress. For
example, the OIG's March 2019 semiannual report to Congress noted that
the Library uses Security Information and Event Management (``SIEM'')
functionality for ``robust continuous monitoring capabilities and
ongoing insight into IT security control effectiveness.'' \109\ The OIG
noted that it had engaged an IT contractor to evaluate the Library's
``SIEM implementation strategy and execution, internal controls,
configuration, and incident detection response,'' and that the Library
agreed with all of the resulting recommendations.\110\ OIG also
monitors the Library's security practices in connection with its April
2015 report, which recommended that the Library, in developing a
comprehensive policy for digital collections, ensure that electronic
collections material be protected by ``robust security'' to prevent
``loss, alteration, and unauthorized access'' \111\ The OIG's March
2018 report stated that ``the Library's IT Security Program and Systems
Development Lifecycle addresses the need for robust security.'' \112\
---------------------------------------------------------------------------
\109\ Library of Congress Office of the Inspector General,
Semiannual Report to Congress at 10 (Mar. 29, 2019), https://www.loc.gov/static/portals/about/office-of-the-inspector-general/annual-reports/documents/March2019-OIG-Semiannual-Report-to-Congress.pdf.
\110\ Id.
\111\ Library of Congress Office of the Inspector General, The
Library Needs to Determine an eDeposit and eCollections Strategy at
35 (Apr. 24, 2015), https://www.loc.gov/static/portals/about/documents/edeposit-and-ecollections-strategy-april-2015.pdf
(recommending Architecture Review Board be required to address
eCollections security needs).
\112\ Library of Congress Office of the Inspector General,
Semiannual Report to Congress at 33 (Mar. 30, 2018), https://www.loc.gov/static/portals/about/office-of-the-inspector-general/annual-reports/documents/March2018-semi-annual-report-to-congress.pdf.
---------------------------------------------------------------------------
Further, the Library has announced significant strides toward full
implementation of the GAO's 2015 recommendations.\113\ Some commenters
requested that the Office wait to issue a final rule until the GAO's
thirty-one public recommendations had been implemented.\114\ In late
2019, the Librarian reported to Congress that all but four of the
public recommendations have been implemented and closed, and that the
GAO is reviewing the Library's evidence for closing the final six (two
of which are not public).\115\ Moreover, three of the four remaining
public recommendations do not directly implicate security, instead
involving the adoption of organizational plans for cost estimates,
project scheduling, and customer satisfaction.\116\ The final
[[Page 38814]]
outstanding public recommendation, No. 22, calls for comprehensive and
effective security testing.\117\ In response, the Library advised the
GAO that it has conducted monthly tests since August 2015, and in
November 2019 the Library provided the GAO with security control
assessments for select systems.\118\ The Library has advised Congress
that it expects to achieve closure of these outstanding recommendations
within the next several months.\119\
---------------------------------------------------------------------------
\113\ The GAO landing page for the report keeps track of which
recommendations have been closed and the status of those that remain
open. U.S. Government Accountability Office, Library of Congress:
Strong Leadership Needed to Address Serious Information Technology
Management Weaknesses, https://www.gao.gov/products/GAO-15-315#summary_recommend. See Government Accountability Office, Strong
Leadership Needed to Address Serious Information Technology
Management Weaknesses (Mar. 31, 2015), https://www.gao.gov/assets/670/669367.pdf (underlying report).
\114\ AAP Comment at 3 (``AAP insists that it is premature for
the Copyright Office to issue a final rule for the benefit of the
Library before there is public accountability as to the Library's
implementation of all of the Government Accountability Office's 2015
rectifying recommendations''); Copyright Alliance Comment at 4-5
(citing GAO report and recommending a delay until ``proper IT
security and infrastructure is in place and fully functional'').
\115\ Nov. 2019 Senate Oversight Hearing at 22-23 (prepared
statement of Carla Hayden, Librarian of Congress) (of the 107 total
recommendations made by GAO, Library has closed 27 out of 31 public
recommendations, 72 out of 74 non-public recommendations, and both
recommendations for Copyright Office technology); Oversight of
Modernization of the United States Copyright Office, Hearing Before
Senate Subcomm. on Intellectual Property, 116th Cong. 1 (Dec. 10,
2019) (prepared statement of Carla Hayden, Librarian of Congress),
https://www.judiciary.senate.gov/imo/media/doc/Hayden%20Testimony.pdf (``Dec. 2019 Senate Oversight Librarian
Statement'') (``[T]his hard work has allowed us to close as
implemented nearly 95% of the IT recommendations made by the
Government Accountability Office (GAO) in 2015, and we will keep
working until we close 100%.'').
\116\ See U.S. Government Accountability Office, Library of
Congress: Strong Leadership Needed to Address Serious Information
Technology Management Weaknesses, https://www.gao.gov/products/GAO-15-315#summary_recommend (comments in response to Recommendations
17, 18, 30).
\117\ Id. (``To better protect IT systems and reduce the risk
that the information they contain will be compromised, the Librarian
should conduct comprehensive and effective security testing for all
systems within the time frames called for by Library policy, to
include assessing security controls that are inherited from the
Library's information security program.'').
\118\ Id. (comments in response to Recommendation 22).
\119\ See Nov. 2019 Senate Oversight Hearing at 14 (testimony by
Bernard A. Barton, Jr., Chief Information Officer, Library of
Congress) (``We are in constant communication with the GAO and
providing evidence on closing out the remaining six finding. I do
not have any concerns about being able to meet that by the end of
this fiscal year.''); Dec. 2019 Senate Oversight Librarian Statement
at 1 (``this hard work has allowed us to close as implemented nearly
95% of the IT recommendations made by the Government Accountability
Office (GAO) in 2015, and we will keep working until we close
100%'').
---------------------------------------------------------------------------
While the Office appreciates commenters' interest in full
implementation of the GAO's recommendations, it does not appear that
the few remaining open items provide a basis for further delaying
issuance of the proposed rule, particularly given the Library's overall
efforts with respect to IT security since 2018. Collectively, those
efforts support the Library's statement that it has ``invested heavily
in the optimization and centralization of information technology'' and
that ``from a technological perspective, the Library of Congress today
is a fundamentally different institution than it was just three short
years ago.'' \120\ Further, the Library has repeatedly expressed a
commitment ``to ensure the security of the digital content in [its]
care.'' \121\ The Office believes that these security upgrades,
together with the additional IT-related information made public since
the close of the prior comment period, may reasonably address the
concerns raised by commenters regarding the security of digital
deposits.\122\ To ensure, however, that stakeholders have an adequate
opportunity to consider and respond to the information provided on this
important issue, the Office invites further comment on this topic.
---------------------------------------------------------------------------
\120\ Dec. 2019 Senate Oversight Barton Statement at 1.
\121\ Id. at 3; Mar. 2019 Senate Oversight Hearing at 16 (Mar.
6, 2019) (testimony by Carla Hayden, Librarian of Congress) (stating
that ``security is of paramount importance'' in response to question
about whether Library was prepared for security threats to Library
and Copyright Office materials); Oversight of the Library of
Congress' Information Technology Management, Hearing Before the
House Committee on Administration, 115th Cong. 10 (June 8, 2017)
(testimony of Bernard A. Barton, Jr., Chief Information Officer,
Library of Congress) https://www.govinfo.gov/content/pkg/CHRG-115hhrg27632/pdf/CHRG-115hhrg27632.pdf (``As confidential
consultants to the Congress, administrator of the national copyright
system, and stewards of the Nation's cultural history, the Library
is well aware of the need to ensure security of the digital content
in our care.''); see also Library of Congress, Digital Strategy at 4
(Apr. 26, 2019), https://www.loc.gov/static/portals/digital-strategy/documents/Library-of-Congress-Digital-Strategy-v1.1.2.pdf
(``Promoting creativity and building cultural heritage collections
entails protecting creators' intellectual property rights. This
responsibility is salient at the Library, as the home of the United
States Copyright Office. We will explore creative solutions to
reduce the barriers to material while respecting the rights of
creators, the desires of our donors, and our other legal and ethical
responsibilities.'').
\122\ The Library has also sought stakeholder input when making
technology decisions, providing opportunities for commenters to
advise on the Library's security practices. See Dec. 2019 Senate
Oversight Barton Statement at 1 (thanking leaders of subcommittee
``for facilitating the opportunity for . . . me to speak with
copyright stakeholders last month about modernization,'' as such
dialogue ``goes a long way to increase transparency and clarify
OCIO's role in the copyright modernization process''); Library of
Congress, Library of Congress Fiscal 2020 Budget Justification at
121, https://www.loc.gov/static/portals/about/reports-and-budgets/documents/budgets/fy2020.pdf (``the USCO and Library's OCIO will
provide opportunities for broad involvement'' through ``[o]ngoing
stakeholder outreach'' in modernizing Copyright Office systems).
---------------------------------------------------------------------------
III. Subjects of Inquiry
After considering the comments in response to the 2018 NPRM, the
Office is proposing certain revisions to the initial proposed rule. The
amended rule:
(1) Redefines an ``electronic-only book'' to clarify that short
online works, such as social media posts, are not intended to be
encompassed by the rule;
(2) Clarifies that books that are preloaded onto electronic devices
before those devices are sold to consumers are subject to the rule,
provided they otherwise meet its requirements;
(3) Modifies the definitional language to further clarify when
print-on-demand books are to be deemed ``available only online''; and
(4) Removes the requirement that all technological protection
measures be removed, while retaining the general requirement that
deposits be able to be ``accessed and reviewed by the Copyright Office,
Library of Congress, and the Library's authorized users on an ongoing
basis.''
The Copyright Office invites comment from the public on these
proposed amendments and on the other matters discussed in this notice.
List of Subjects in 37 CFR Part 202
Copyright.
Proposed Regulations
For the reasons set forth in the preamble, the Copyright Office
proposes amending 37 CFR part 202 as follows:
PART 202--PREREGISTRATION AND REGISTRATION OF CLAIMS TO COPYRIGHT
0
1. The authority citation for part 202 continues to read as follows:
Authority: 17 U.S.C. 408(f), 702.
0
2. Amend Sec. 202.18 by:
0
a. Adding in paragraph (a) the words ``and Sec. 202.19, and
transferred into the Library of Congress's collections,'' after ``under
Sec. 202.4(e)'' in the first sentence;
0
b. Adding in paragraph (b), the words ``and Sec. 202.19'' after
``under Sec. 202.4(e)'' in the first sentence;
0
c. Adding in paragraph (c), the words ``and Sec. 202.19'' after
``under Sec. 202.4(e)'' in the first sentence, and d. Adding paragraph
(f) to read as follows:
Sec. 202.18 Access to electronic works.
* * * * *
(f) Except as provided under special relief agreements entered into
pursuant to Sec. 202.19(e) or Sec. 202.20(d), electronic works will
be transferred to the Library of Congress for its collections and made
available only under the conditions specified by this section.
0
3. Amend Sec. 202.19 by:
0
a. Revising paragraph (b)(4), and
0
b. Adding in paragraph (c)(5), the words ``electronic-only books and''
after the words ``This exemption includes''.
The revisions read as follows:
Sec. 202.19 Deposit of published copies or phonorecords for the
Library of Congress.
* * * * *
(b) * * *
(4) For purposes of paragraph (c)(5) of this section:
(i) An electronic-only serial is a serial as defined in Sec.
202.3(b)(1)(v) that is published in electronic form in the United
States and available only online.
(ii) An electronic-only book is an electronic literary work
published in one volume or a finite number of volumes published in the
United States and available only online. This class excludes literary
works distributed solely in phonorecords (e.g., audiobooks), serials
(as defined in Sec. 202.3(b)(1)(v)), computer programs, websites,
blogs, emails, and short online literary works such as social media
posts.
(iii) A work shall be deemed to be available only online even if
copies have been made available to individual
[[Page 38815]]
consumers to print on demand, so long as the work is otherwise
available only online. A work also shall be deemed to be available only
online even if copies have been loaded onto electronic devices, such as
tablets or e-readers, in advance of sale to individual consumers, so
long as the work is otherwise available only online.
* * * * *
0
4. Amend Sec. 202.24 by:
0
a. Removing in paragraph (a)(2), the words ``works'' and adding in its
place the words ``electronic-only serials''.
0
b. Redesignating paragraphs (a)(3) and (4) as paragraphs (a)(4) and
(5), respectively.
0
c. Adding new paragraph (a)(3).
0
d. Removing in paragraph (b), the words ``online-only'' and adding in
its place the words ``electronic-only''.
0
e. Revising paragraph (c)(3).
The addition and revision reads as follows:
Sec. 202.24 Deposit of published electronic works available only
online.
* * * * *
(a) * * *
(3) Demands may be made only for electronic-only books published on
or after EFFECTIVE DATE OF RULE.
* * * * *
(c) * * *
(3) ``Electronic-only'' works are electronic works that are
published and available only online.
* * * * *
Appendix B to Part 202 [Amended]
0
6. Amend Appendix B to Part 202 by revising paragraph IX to read as
follows:
* * * * *
IX. Electronic-Only Works Published in the United States and Available
Only Online
The following encodings are listed in descending order of
preference for all deposits in all categories below:
1. UTF-8.
2. UTF-16 (with BOM).
3. US-ASCII.
4. ISO 8859.
5. All other character encodings.
A. Electronic-Only Serials:
1. Content Format:
a. Serials-specific structured/markup format:
i. Content compliant with the NLM Journal Archiving (XML)
Document Type Definition (DTD), with presentation stylesheet(s),
rather than without NISO JATS: Journal Article Tag Suite (NISO
Z39.96-201x) with XSD/XSL presentation stylesheet(s) and explicitly
stated character encoding.
ii. Other widely used serials or journal XML DTDs/schemas, with
presentation stylesheet(s), rather than without.
iii. Proprietary XML format for serials or journals (with
documentation), with DTD/schema and presentation stylesheet(s),
rather than without.
b. Page-oriented rendition:
i. PDF/UA (Portable Document Format/Universal Accessibility;
compliant with ISO 14289-1).
ii. PDF/A (Portable Document Format/Archival; compliant with ISO
19005).
iii. PDF (Portable Document Format, with searchable text, rather
than without; highest quality available, with features such as
searchable text, embedded fonts, lossless compression, high
resolution images, device-independent specification of colorspace;
content tagging; includes document formats such as PDF/X).
c. Other structured or markup formats:
i. Widely-used serials or journal non-proprietary XML-based
DTDs/schemas with presentation stylesheet(s).
ii. Proprietary XML-based format for serials or journals (with
documentation) with DTD/schema and presentation stylesheet(s).
iii. XHTML or HTML, with DOCTYPE declaration and presentation
stylesheet(s).
iv. XML-based document formats (widely used and publicly
documented). With presentation stylesheets, if applicable. Includes
ODF (ISO/IEC 26300) and OOXML (ISO/IEC 229500).
d. PDF (web-optimized with searchable text).
e. Other formats:
i. Rich text format.
ii. Plain text.
iii. Widely-used proprietary word processing or page-layout
formats.
iv. Other text formats not listed here.
2. Metadata Elements: If included with published version of
work, descriptive data (metadata) as described below should
accompany the deposited material:
a. Title level metadata: Serial or journal title, ISSN,
publisher, frequency, place of publication.
b. Article level metadata, as relevant/or applicable: Volume(s),
number(s), issue dates(s), article title(s), article author(s),
article identifier (DOI, etc.).
c. With other descriptive metadata (e.g., subject heading(s),
descriptor(s), abstract(s)), rather than without.
3. Completeness:
a. All elements considered integral to the publication and
offered for sale or distribution must be deposited--e.g., articles,
table(s) of contents, front matter, back matter, etc. Includes all
associated external files and fonts considered integral to or
necessary to view the work as published.
b. All updates, supplements, releases, and supersessions
published as part of the work and offered for sale or distribution
must be deposited and received in a regular and timely manner for
proper maintenance of the deposit.
4. Technological measures that control access to or use of the
work should be removed.
B. Electronic-Only Books:
1. Content Format:
a. Book-specific structured/markup format, i.e., XML-based
markup formats, with included or accessible DTD/schema, XSD/XSL
presentation stylesheet(s), and explicitly stated character
encoding:
i. BITS-compliant (NLM Book DTD).
ii. EPUB-compliant.
iii. Other widely-used book DTD/schemas (e.g., TEI, DocBook,
etc.).
b. Page-oriented rendition:
i. PDF/UA (Portable Document Format/Universal Accessibility;
compliant with ISO 14289-1).
ii. PDF/A (Portable Document Format/Archival; compliant with ISO
19005).
ii. PDF (Portable Document Format; highest quality available,
with features such as searchable text, embedded fonts, lossless
compression, high resolution images, device-independent
specification of colorspace; content tagging; includes document
formats such as PDF/X).
c. Other structured markup formats:
i. XHTML or HTML, with DOCTYPE declaration and presentation
stylesheet(s).
ii. XML-based document formats (widely-used and publicly-
documented), with presentation style sheet(s) if applicable.
Includes ODF (ISO/IEC 26300) and OOXML (ISO/IEC 29500).
iii. SGML, with included or accessible DTD.
iv. Other XML-based non-proprietary formats, with presentation
stylesheet(s).
v. XML-based formats that use proprietary DTDs or schemas, with
presentation stylesheet(s).
d. PDF (web-optimized with searchable text).
e. Other formats:
i. Rich text format.
ii. Plain text.
iii. Widely-used proprietary word processing formats.
iv. Other text formats not listed here.
2. Metadata Elements: If included with published version of
work, descriptive data (metadata) as described below should
accompany the deposited material:
a. As supported by format (e.g., standards-based formats such as
ONIX, XMP, MODS, or MARCXML either embedded in or accompanying the
digital item): Title, creator, creation date, place of publication,
publisher/producer/distributor, ISBN, contact information.
b. Include if part of published version of work: Language of
work, other relevant identifiers (e.g., DOI, LCCN, etc.), edition,
subject descriptors, abstracts.
3. Rarity and Special Features:
a. Limited editions (including those with special features such
as high resolution images.)
b. Editions with the greatest number of unique features (such as
additional content, multimedia, interactive elements.)
4. Completeness:
a. For items published in a finite number of separate
components, all elements published as part of the work and offered
for sale or distribution must be deposited. Includes all associated
external files and fonts considered integral to or necessary to view
the work as published.
b. All updates, supplements, releases, and supersessions
published as part of the work and offered for sale or distribution
must be submitted and received in a regular and timely manner for
proper maintenance of the deposit.
5. Technological Protection Measures:
[[Page 38816]]
a. Copies published in formats that do not contain technological
measures controlling access to or use of the work.
b. Copies published with technological measures that control
access to or use of the work, and for which the owner has elected to
remove such technological measures.
c. Copies otherwise provided in a manner that meets the
requirements of Sec. 202.24(a)(5).
* * * * *
Dated: June 11, 2020.
Regan A. Smith,
General Counsel and Associate Register of Copyrights.
[FR Doc. 2020-12969 Filed 6-26-20; 8:45 am]
BILLING CODE 1410-30-P
