VIRGINIA M. KENDALL, District Judge.
The American Medical Association ("AMA") filed this action seeking a declaratory judgment that an article written by Howard Burde and published on its website does not infringe a copyrighted work owned by 3Lions. The AMA also sought to hold Defendants liable under the Racketeer Influenced and Corrupt Organizations Act and the Illinois Uniform Deceptive Trade Practices Act for their alleged participation in a larger-scale copyright trolling scheme. On March 25, 2015, this Court dismissed the RICO and UDTPA counts, leaving only the copyright count to be resolved. Defendants subsequently filed counterclaims against the AMA and a third-party complaint against Howard Burde, alleging copyright infringement and contributory copyright infringement. The AMA and Burde now move for judgment on the pleadings. Plaintiff's motion for judgment on the pleadings [57] is granted with respect to all pending claims and third-party claims. Defendant's counterclaims [53] for copyright infringement and contributory copyright infringement are dismissed as moot.
In evaluating Plaintiff's motion for judgment on the pleadings under Rule 12(c), the Court accepts the following allegations from the Complaint as true. See Harrison v. Deere & Co., 533 F. App'x 644, 647 (7th Cir. 2013). 3Lions published an overview of the 2009 Health Information Technology for Economic and Clinical Health Act ("HITECH") on its "HIPAA Survival Guide" website. (See Dkt. No. 1, at ¶ 10; Dkt. No. 53, at ¶ 10). 3Lions registered a copyright in the article with the United States Copyright Office in 2010. (See id.). The 3Lions article contains, among other information, the following three sections:
The Health Information Technology for Economic and Clinical Health Act (HITECH Act or "The Act") is part of the American Recovery and Reinvestment Act of 2009 (ARRA). ARRA contains incentives related to health care information technology in general (e.g. creation of a national health care infrastructure) and contains specific incentives designed to accelerate the adoption of electronic health record (EHR) systems among providers.
Because this legislation anticipates a massive expansion in the exchange of electronic protected health information (ePHI), the HITECH Act also widens the scope of privacy and security protections available under HIPAA; it increases the potential Regal liability for non-compliance and it provides for more enforcement.
Figure 1. Introduction to copyrighted article. (See Dkt. No. 58-3, 4).
THE HITECH Act now imposes data breach notification requirements for unauthorized uses and disclosures of "unsecured PHI." These notification requirements are similar to many state data breach laws related to personally identifiable financial information (e.g. banking and credit card data). HHS is required to define what "unsecured PHI" means within 60 days of enactment. If it fails to do so then the HITECH definition will control. Under the HITECH Act "unsecured PHI" essentially means "unencrypted PHI."
In general, the Act requires that patients be notified or any unsecured breach. If a breach impacts 500 patients or more then HFIS must also be notified. Notification will trigger posting the breaching entity's name on HHS' website. Linder certain conditions local media will also need to be notified. Furthermore, notification is triggered whether the unsecured breach occurred externally or internally. The notification provision is yet another example of the weight privacy and security concerns are given under the Act.
Figure 2. Notification of Breach section of copyrighted article. (See Dkt. No. 58-3, 5-6).
In the case where a provider has implemented an EHR system, the Act provides individuals with a right to obtain their PHI in an electronic format (i.e. ePHI). An individual can also designate that a third party be the recipient of the ePHI. The Act provides that only a fee equal to the labor cost can be charged for an electronic request.
Presumably, all that needs to be done on a provider's part is to click on a few screens and transmit the necessary records, the reality is that even providers that already have an EHR system in place may not have this capability readily available. However, given the Health 2.0 consumer led movement, you can expect that electronic records will be requested significantly more often than their paper counterparts.
Any provider expecting to participate in the HITECH Act's incentives should be prepared to deliver on these requests or risk a finding that their use does not qualify as "meaningful use." Lack of meaningful use may bar incentive payments, depending on how HHS ultimately defines this term. To be clear, the Act has nothing to say regarding a link between requests of ePHI and meaningful use, this is simply a plausible inference on our part.
Figure 3. Electronic Health Record Access section of copyrighted article. (See Dkt. No. 58-3, 6). In March 2011, the AMA published an article by Howard Burde entitled "Health Law the HITECH Act — an Overview" on its website. (Dkt. No. 1, at ¶ 9; Dkt. No. 53, at ¶ 9). That article contains, among other information, the following three sections:
Before the Patient Protection and Affordable Care Act, otherwise known as "Obamacare." or more generally, health reform. Congress had already passed the most sweeping health care reform measures since Medicare was created nearly 45 years ago As part of the American Recovery and Reinvestment Act (ARRA), Congress passed the Health information Technology for Economic and Clinical Health Act (HITECH). HITECH changed the nature of the relationships among health care professionals, organizations, patients, and payors by focusing on the implementation and use of health information technology. It puts particular emphasis on privacy and security, including expanded application and enforcement HITECH also provides incentives and subsidies for health information exchanges and education, which are outside the scope of this article.
Figure 4. Introduction to allegedly infringing article. (See Dkt. No. 53-2, 1).
HITECH mandates public notification of security breaches when "unsecure PHI" is disclosed or used for an unauthorized purpose. (Secure PHI," on the other hand, is not subject to such requirements because it is encrypted and cannot be breached [6]) These notification requirements are similar to many state and federal data breach laws pertaining to financial information.
In general, the act requires that partients be notified of any breach of their data security, whether external or internal if a breach affects 500 patients or more, then HHS must also be notified and the name of the institution where the breach occurred will be posted on the HHS web site. Under certain conditions, local media will also need to be notified. This provision is yet another example of the act's emphasis on privacy and security concerns [4].
Figure 5. Notification of Breach section of allegedly infringing article. (See Dkt. No. 53-2, 3).
When a health care practice or organization implements an EHR system, the act gives patients in those practices (or third parties they designate) the right to obtain their PHI in an electronic format. This requirement is similar to state laws that mandate patient access to their own paper medical records. The act specifies that charges for such requests may only cover the labor cost of fulfilling the request. Although one might presume that such a request requires a few clicks, the reality is that even practices with an EHR system already in place may not have this capability.
Figure 6. Electronic Health Record Access Section of allegedly infringing article. (See Dkt. No. 53-2, 3-4).
Following the publication of Burde's article on the AMA website, 3Lions threatened to file a copyright infringement suit against the AMA, claiming that the AMA article infringed the 3Lions article. (See Dkt. No. 1, at ¶ 15; Dkt. No. 53, at ¶ 15). The AMA filed this action for declaratory judgment on July 10, 2014. Four days later, 3Lions filed an action for copyright infringement and unfair competition in the Middle District of Florida. The Florida court granted the AMA's motion to transfer that action to this Court and 3Lions later voluntarily dismissed that action, though it subsequently filed analogous counterclaims and a third-party complaint in this action.
Rule 12(c) allows a party to move for judgment based on the content of the pleadings after both the plaintiff's complaint and the defendant's answer have been filed.
Copyright infringement requires proof of "(1) ownership of a valid copyright, and (2) copying of constituent elements of the work that are original." Janky v. Lake Cnty. Convention & Visitors Bureau, 576 F.3d 356, 361 (7th Cir. 2009) (internal citation omitted). In this case, the parties do not dispute that 3Lions holds a valid copyright. The issue is whether the AMA published a copied piece of work. "Because direct evidence of copying often is unavailable, copying may be inferred where the defendant had access to the copyrighted work and the accused work is substantially similar to the copyrighted work." Atari, Inc. v. N. Am. Philips Consumer Elec. Corp., 672 F.2d 607, 614, superseded on other grounds 722 F.3d 1089 (7th Cir. 1982). In determining whether the works are substantially similar, the Court must consider "whether the accused work is so similar to the plaintiff's work that an ordinary reasonable person would conclude that the defendant unlawfully appropriated the plaintiff's protectable expression by taking material of substance and value." Wildlife Express Corp. v. Carol Wright Sales, Inc., 18 F.3d 502, 509 (7th Cir.1994); see also Incredible Techs., Inc. v. Virtual Techs., Inc., 400 F.3d 1007, 1011 (7th Cir.2007) ("[W]hether the copying, if proven, went so far as to constitute an improper appropriation . . . leads us to the `ordinary observer' test." (internal quotation omitted)). Because Plaintiff in this case concedes that 3Lions owns a copyright in its HITECH article and that Burde had access to the copyrighted article, the sole inquiry before the Court is whether a reasonable jury could find the protectable portions of the articles to be substantially similar.
Preliminarily, the Court notes that it is unclear what aspects of AMA article Defendants believe infringe the 3Lions article. In their counterclaims, Defendants provided the Court with a highlighted version of the AMA article, labelling the highlighted version the "Infringing Content." (See Dkt. No. 53, Counterclaims at ¶ 13; see also, e.g., Figures 4-6 above). Now, in their response to this motion, Defendants insist that additional discovery is needed because the highlighted version they provided is incomplete and the AMA article contains other offensive material, including "paraphrasing." (See Dkt. No. 60, 3). Defendants, however, have failed to support that argument or indicate what evidence is missing from the record. The Court has the copyrighted and allegedly infringing articles; nothing else is needed. See Brownmark Films, LLC v. Comedy Partners, 682 F.3d 687, 691 (7th Cir. 2012) ("District courts need not, and indeed ought not, allow discovery when it is clear that the case turns on facts already in evidence."). Based on the text of these two articles, no reasonable trier of fact could find that they are substantially similar.
The challenged text before the Court (based on Defendants' highlighted version of the AMA article) includes a portion of the introductory paragraph, as well as the majority of two sections entitled "Notification of Breach" and "Electronic Health Record Access." (See Figures 1-6 above). First of all, much of this text is not protectable. The overlapping headings and short phrases, such as "privacy and security" or "breach laws" or "the name of the institution," are excluded from copyright protection under 37 C.F.R. § 202.1(a) and under the merger doctrine, which deny protection to short phrases and expressions that provide the only way feasible way to convey an idea. See Seng-Tiong Ho v. Taflove, 648 F.3d 489, 497 (7th Cir. 2011). Moreover, any similarities that exist between the two articles are outweighed by points of dissimilarity and are, in the context of the articles as wholes, both qualitatively and quantitatively minimal.
Despite both articles providing overviews of the HITECH Act, the articles are actually very different. The 3Lions article has a number of introductory paragraphs followed by five distinct sections. The AMA article has one introductory paragraph followed by seven distinct sections. Any argument that the opening paragraphs of the two articles are similar is belied by their text. There is no overlap between the text of these sections other than the full name of the statute and other non-essential words. The only other two sections of the articles that appear even remotely similar are the sections titled "Notification of Breach" and "Electronic Health Record Access." Yes, both articles invoke these same section titles, but—as already mentioned—these titles are not subject to copyright protection. See supra.
Moreover, the only sentence that appears verbatim in these challenged sections is: "Under certain conditions, local media will also need to be notified." Beyond this one sentence, the two accused AMA sections are quite different from the protected 3Lions' sections. The facts are arranged in different orders, sentences have different structures, and facts in short sentences are combined into longer sentences and vice versa. The challenged AMA sections, by and large, adopt very different structure and organization of the facts that are also included in the 3Lions article. See, e.g., Francorp, Inc. v. Siebert, 210 F.Supp.2d 961, 968 (N.D. Ill. 2001) ("Ultimately, it appears that all that the iFranchise website has in common with Francorp's materials is subject matter. This necessarily means there will be some overlap in process and terminology, but the structure and explanations are unique. As a matter of law, no protected expression has been infringed."); Nihon Keizai Shimbun, Inc. v. Comline Business Data, Inc., 166 F.3d 65, 71 (2nd Cir. 1999) (finding article abstracts substantially similar where infringing abstracts were "direct, if not word-for-word, translations" of the protected abstracts and contained about two-thirds of the protectable material).
Because the similarities between the AMA article and the 3Lions article are slight, no reasonable trier of fact could conclude that they are "substantially similar." And, because no genuine issue of material fact exists as to the material issue of "substantial similarity," judgment on the pleadings is entered in favor of the AMA and Burde. The Court need not delve into a fair use analysis. Defendant's counterclaims for copyright infringement and contributory copyright infringement are moot and thus subject to dismissal. See Mostly Memories, Inc. v. For Your Ease Only, Inc., 526 F.3d 1093, 1098 n. 1 (7th Cir. 2008).
For the reasons stated, Plaintiff's motion for judgment on the pleadings [57] is granted in favor of the AMA and Burde. Defendant's counterclaims [53] are dismissed as moot.