ORDER

The opinion filed on December 20, 2011, and appearing at 667 F.3d 1022 (9th Cir. 2011) is withdrawn.

Appellant's petition for panel rehearing is GRANTED and the petition for rehearing en banc is DENIED AS MOOT.

A superseding opinion will be filed concurrently with this order.

The parties may file additional petitions for rehearing or rehearing en banc.

OPINION

FISHER, Circuit Judge:

Veoh Networks (Veoh) operates a publicly accessible website that enables users to share videos with other users. Universal Music Group (UMG) is one of the world's largest recorded music and music publishing companies, and includes record labels such as Motown, Def Jam and Geffen. In addition to producing and distributing recorded music, UMG produces music videos. Although Veoh has implemented various procedures to prevent copyright infringement through its system, users of Veoh's service have in the past been able, without UMG's authorization, to download videos containing songs for which UMG owns the copyright. UMG responded by filing suit against Veoh for direct and secondary copyright infringement. The district court granted summary judgment to Veoh after determining that it was protected by the Digital Millennium Copyright Act (DMCA) "safe harbor" limiting service providers' liability for "infringement of copyright by reason of the storage at the direction of a user of material that resides on a system or network controlled or operated by or for the service provider." 17 U.S.C. § 512(c). We agree, and accordingly affirm.

BACKGROUND1

Veoh allows people to share video content over the Internet. Users can view videos uploaded by other users as well as authorized "partner content" made available by major copyright holders such as SonyBMG, ABC and ESPN. There are two ways to use Veoh's service: through a standalone software client application launched in late 2005, or through the veoh. com website launched in early 2006 that users access via a standard web browser. Both services are provided free of charge. Veoh generates revenue from advertising displayed along with the videos. "As of April 2009, Veoh had well over a million videos available for viewing, and users had uploaded more than four million videos to Veoh."

Before a user may share a video through Veoh, he must register at veoh.com by providing an email address, user name and password. He must then state that he has read and agreed to Veoh's "Publisher Terms and Conditions" (PTC). The PTC instructs users that they "may not submit [material] . . . that contains any . . . infringing. . . or illegal content" and directs that they "may only upload and publish [material] on the Veoh Service to which [they] have sufficient rights and licenses to permit the distribution of [their] [material] via the Veoh Services." The PTC agreement also gives Veoh a license to "publicly display, publicly perform, transmit, distribute, copy, store, reproduce and/or provide" the uploaded video "through the Veoh Service, either in its original form, copy or in the form of an encoded work."

A user who wants to share a video must also agree to Veoh's "Terms of Use," which give Veoh a license "to use, reproduce, modify, distribute, prepare derivative works of, display, publish, perform and transmit" the video. The Terms of Use provide that "you expressly represent and warrant that you own or have the necessary licenses, rights, consents, and permissions to use and authorize Veoh to use all. . . copyright or other proprietary rights in and to any and all [material shared on Veoh]." Users must agree "not to (a) take any action or (b) upload, download, post, submit or otherwise distribute or facilitate distribution of any [material] . . . through the Veoh Service, that . . . infringes any. . . copyright." Once a user agrees to the PTC and Terms of Use, he may upload a video. Each time a user begins to upload a video to Veoh's website, a message appears stating, "Do not upload videos that infringe copyright, are pornographic, obscene, violent, or any other videos that violate Veoh's Terms of Use."

When a video is uploaded, various automated processes take place. Veoh's software automatically breaks down the video file into smaller 256-kilobyte "chunks," which facilitate making the video accessible to others. Veoh's software also automatically converts, or "transcodes," the video file into Flash 7 format. This is done because "the vast majority of internet users have software that can play videos" in this format. Veoh presets the requisite settings for the Flash conversion. If the user is a "Pro" user, Veoh's software also converts the uploaded video into Flash 8 and MPEG-4 formats, which are playable on some portable devices. Accordingly, when a Pro user uploads a video, Veoh automatically creates and retains four copies: the chunked file, the Flash 7 file, the Flash 8 file and the MPEG-4 file. None of these automated conversions affects the content of the video.

Veoh's computers also automatically extract metadata from information users provide to help others locate the video for viewing. Users can provide a title, as well as tags or keywords that describe the video, and can also select pre-set categories describing the video, such as "music," "faith" or "politics." The Veoh system then automatically assigns every uploaded video a "permalink," or web address, that uniquely identifies the video and makes it available to users. Veoh employees do not review the user-submitted video, title or tags before the video is made available.2

Veoh's system allows users to access shared videos in two ways. First, the video may be "streamed" from a server, whereby the user's web browser begins displaying the video almost immediately, before the entire file has been transmitted to the user's computer. Depending on whether the user stops his web browser from streaming the full video, a partial or full copy of the video is stored temporarily on the user's computer. Second, the user can download a copy of the video through Veoh's website or client software application. Veoh transfers a "chunked" copy of the file to the user's computer, and the software reassembles the chunks into a viewable copy. The downloaded file is stored on the user's computer in a Veoh directory, which gives Veoh the ability to terminate access to the files.

Veoh employs various technologies to automatically prevent copyright infringement on its system. In 2006, Veoh adopted "hash filtering" software. Whenever Veoh disables access to an infringing video, the hash filter also automatically disables access to any identical videos and blocks any subsequently submitted duplicates. Veoh also began developing an additional filtering method of its own, but in 2007 opted instead to adopt a third-party filtering solution produced by a company called Audible Magic. Audible Magic's technology takes audio "fingerprints" from video files and compares them to a database of copyrighted content provided by copyright holders. If a user attempts to upload a video that matches a fingerprint from Audible Magic's database of forbidden material, the video never becomes available for viewing. Approximately nine months after beginning to apply the Audible Magic filter to all newly uploaded videos, Veoh applied the filter to its backlog of previously uploaded videos. This resulted in the removal of more than 60,000 videos, including some incorporating UMG's works. Veoh has also implemented a policy for terminating users who repeatedly upload infringing material, and has terminated thousands of user accounts.

Despite Veoh's efforts to prevent copyright infringement on its system, both Veoh and UMG agree that some of Veoh's users were able to download unauthorized videos containing songs for which UMG owns the copyright. The parties also agree that before UMG filed its complaint, the only notices Veoh received regarding alleged infringements of UMG's works were sent by the Recording Industry Association of America (RIAA). The RIAA notices listed specific videos that were allegedly infringing, and included links to those videos. The notices did not assert rights to all works by the identified artists, and did not mention UMG. UMG does not dispute that Veoh removed the material located at the links identified in the RIAA notices.

In September 2007, UMG filed suit against Veoh for direct, vicarious and contributory copyright infringement, and for inducement of infringement. UMG contended that Veoh's efforts to prevent copyright infringement on its system were "too little too late" because Veoh did not adopt filtering technology until "after Veoh harbored infringing material for its own benefit," and initially it ran the filters only on newly uploaded videos. UMG also argued that Veoh "remove[d] copyrighted material only if identified specifically in a notice of infringement," and "[e]ven then, Veoh would only remove the video associated with the particular URL and bit-for-bit copies of that same video."

In UMG's first amended complaint (FAC), it added three of Veoh's investors as defendants on theories of secondary liability.3 The Investor Defendants sought dismissal of UMG's FAC for failure to state a claim against them under Federal Rule of Civil Procedure 12(b)(6). The district court granted the motion to dismiss without prejudice and UMG filed a Second Amended Complaint (SAC). The Investor Defendants again moved to dismiss, and the district court dismissed the claims against the Investor Defendants with prejudice, holding that UMG's "allegations amounted to little more than what is legally and customarily required of corporate board members." Final judgment on that ground was entered on June 1, 2009.

Veoh asserted as an affirmative defense that it is protected by the DMCA safe harbor provisions. UMG moved for partial summary judgment that Veoh is not entitled to protection under the 17 U.S.C. § 512(c) safe harbor because the alleged infringement did not qualify as "by reason of the storage [of material] at the direction of a user." The district court disagreed and denied UMG's motion. See UMG Recordings, Inc. v. Veoh Networks Inc. (UMG I), 620 F.Supp.2d 1081, 1092 (C.D.Cal.2008). Veoh then moved for summary judgment on the basis that it satisfied the remaining requirements of § 512(c). Judge Matz granted the motion in a careful and comprehensive decision holding that Veoh met all the § 512(c) requirements and was thus entitled to DMCA safe harbor protection. See UMG Recordings, Inc. v. Veoh Networks Inc. (UMG II), 665 F.Supp.2d 1099, 1118 (C.D.Cal.2009). The parties thereafter stipulated to final judgment, which was entered on November 3, 2009.

Veoh moved for an award of costs and attorney's fees under Federal Rule of Civil Procedure 68 and the Copyright Act, 17 U.S.C. § 505. Although the district court found that Veoh was the prevailing party "on the core issue in the litigation," the court declined to exercise its discretion to award Veoh fees under § 505 because Veoh "failed to demonstrate that UMG's legal challenge was improper, in bad faith, or contrary to the purposes of the Copyright Act." Because the court concluded fees were not "properly awardable" under § 505, it also denied Veoh fees and costs under Rule 68. Veoh does not challenge the denial of fees under § 505, but appeals the denial of Rule 68 costs and fees. UMG appeals the entry of summary judgment in Veoh's favor and the dismissal of its complaint against the Investor Defendants.

DISCUSSION

I.

The district court had jurisdiction over these matters under 28 U.S.C. § 1331, and we have jurisdiction over the appeals under 28 U.S.C. § 1291. We review de novo a district court's summary judgment ruling. See Rossi v. Motion Picture Ass'n of Am. Inc., 391 F.3d 1000, 1002 (9th Cir. 2004). "Viewing the evidence in the light most favorable to the non-moving party," the moving party has the "burden to show that there are no genuine issues of material fact," and that it is entitled to judgment as a matter of law. Kennedy v. Allied Mut. Ins. Co., 952 F.2d 262, 265 (9th Cir. 1991). Review of a dismissal for failure to state a claim under Rule 12(b)(6) is likewise de novo. See Balistreri v. Pacifica Police Dep't, 901 F.2d 696, 699 (9th Cir. 1988). "On a motion to dismiss, the court accepts the facts alleged in the complaint as true," and "[d]ismissal can be based on the lack of a cognizable legal theory or the absence of sufficient facts alleged." Id. We also review de novo the district court's interpretation of the Copyright Act, see Rossi, 391 F.3d at 1002-03, and of Rule 68, see Champion Produce, Inc. v. Ruby Robinson Co., 342 F.3d 1016, 1020 (9th Cir. 2003).

II.

"Difficult and controversial questions of copyright liability in the online world prompted Congress to enact Title II of the DMCA, the Online Copyright Infringement Liability Limitation Act (OCILLA)." Ellison v. Robertson, 357 F.3d 1072, 1076 (9th Cir.2004). Congress recognized that "[i]n the ordinary course of their operations service providers must engage in all kinds of acts that expose them to potential copyright infringement liability." S.Rep. No. 105-190, at 8 (1998). Although Congress was aware that the services provided by companies like Veoh are capable of being misused to facilitate copyright infringement, it was loath to permit the specter of liability to chill innovation that could also serve substantial socially beneficial functions. Congress decided that "by limiting [service providers'] liability," it would "ensure[] that the efficiency of the Internet will continue to improve and that the variety and quality of services on the Internet will continue to expand." Id. To that end, OCILLA created four safe harbors that preclude imposing monetary liability on service providers for copyright infringement that occurs as a result of specified activities. The district court concluded that Veoh qualified for one such safe harbor, under 17 U.S.C. § 512(c). UMG challenges that determination and the consequent entry of summary judgment in Veoh's favor.

There are a number of requirements that must be met for a "service provider" like Veoh to receive § 512(c) safe harbor protection.4 Section 512(c) provides in relevant part:

On appeal, UMG contends that three of these requirements were not met. First, UMG argues that the alleged infringing activities do not fall within the plain meaning of "infringement of copyright by reason of the storage [of material] at the direction of a user," a threshold requirement under § 512(c)(1). Second, UMG argues that genuine issues of fact remain about whether Veoh had actual knowledge of infringement, or was "aware of facts or circumstances from which infringing activity [wa]s apparent" under § 512(c)(1)(A). Finally, UMG argues that it presented sufficient evidence that Veoh "receive[d] a financial benefit directly attributable to. . . infringing activity" that it had "the right and ability to control" under § 512(c)(1)(B). We disagree on each count, and accordingly we affirm the district court.5

A.

We must first decide whether the functions automatically performed by Veoh's software when a user uploads a video fall within the meaning of "by reason of the storage at the direction of a user." 17 U.S.C. § 512(c)(1). Although UMG concedes that "[s]torage on computers involves making a copy of the underlying data," it argues that "nothing in the ordinary definition of `storage' encompasses" the automatic processes undertaken to facilitate public access to user-uploaded videos. Facilitation of access, UMG argues, goes beyond "storage." Therefore the creation of chunked and Flash files and the streaming and downloading of videos fall outside § 512(c). UMG also contends that these automatic processes are not undertaken "at the direction of the user."

The district court concluded that UMG's reading of § 512(c) was too narrow, wrongly requiring "that the infringing conduct be storage," rather than be "`by reason of the storage,'" as its terms provide. UMG I, 620 F.Supp.2d at 1088-89 (quoting § 512(c)) (emphasis in original). We agree that the phrase "by reason of the storage at the direction of the user" is broader causal language than UMG contends, "clearly meant to cover more than mere electronic storage lockers." Id. at 1088. We hold that the language and structure of the statute, as well as the legislative intent that motivated its enactment, clarify that § 512(c) encompasses the access-facilitating processes that automatically occur when a user uploads a video to Veoh.

UMG's argument that the district court too broadly construed the scope of § 512(c) rests in part on UMG's contention that the DMCA's "by reason of" language should be interpreted in the same way as similar language in the Racketeer Influenced and Corrupt Organizations Act (RICO), 18 U.S.C. §§ 1961-1968. RICO provides that "[a]ny person injured in his business or property by reason of a violation of section 1962 of this chapter may sue therefor." 18 U.S.C. § 1964(c). In Holmes v. Securities Investor Protection Corp., 503 U.S. 258, 268, 112 S.Ct. 1311, 117 L.Ed.2d 532 (1992), the Supreme Court held that RICO's "by reason of" language required proximate causation. UMG contends that we should thus read § 512(c)'s "by reason of storage" to mean that infringement must be proximately caused by the storage, rather than caused by the access that the storage facilitates.

Ordinarily we presume that "similar language in similar statutes should be interpreted similarly." United States v. Sioux, 362 F.3d 1241, 1246 (9th Cir.2004); see also Northcross v. Bd. of Educ. of Memphis City Schs., 412 U.S. 427, 428, 93 S.Ct. 2201, 37 L.Ed.2d 48 (1973) (noting that the "similarity of language" in two statutes is an indicator that the statutes "should be interpreted pari passu," particularly when they "share a common raison d'etre" (internal quotations omitted)). In this case, however, there are important differences between the statutes and their purposes. The reasoning underlying Holmes counsels against extending its reading to the DMCA, and the language and structure of § 512(c) compel us to conclude that it should not be interpreted in the same manner as RICO.

The Holmes Court began its analysis by recognizing that "by reason of" "can, of course, be read to mean that . . . the defendant's violation was a `but for' cause of plaintiff's injury." 503 U.S. at 265-6, 112 S.Ct. 1311.6 Ultimately, however, Holmes held that the "unlikelihood that Congress meant to allow all factually injured plaintiffs to recover persuades us that RICO should not get such an expansive reading." Id. at 266, 112 S.Ct. 1311. Holmes explained that "[t]he key to the better interpretation lies in some statutory history," and traced the "by reason of" language back to § 4 of the Clayton Act, which courts had long held required proximate causation. Id. at 267, 112 S.Ct. 1311. Because RICO was specifically modeled on § 4, Holmes concluded that the Clayton Act's interpretation was particularly persuasive. See id. at 267-68, 112 S.Ct. 1311.

Holmes also explained that "such directness of relationship" between the harm and the alleged wrong is a "central element[]" of "Clayton Act causation" for three primary reasons, and, significantly, concluded that all three "apply with equal force to suits under [RICO]." Id. at 269-70, 112 S.Ct. 1311. First, "the less direct an injury is, the more difficult it becomes to ascertain the amount of a plaintiff's damages attributable to the violation." Id. at 269, 112 S.Ct. 1311. Second, "recognizing claims of the indirectly injured would force courts to adopt complicated rules apportioning damages among plaintiffs removed at different levels of injury from the violative acts, to obviate the risk of multiple recoveries." Id. "And, finally, the need to grapple with these problems is simply unjustified by the general interest in deterring injurious conduct, since directly injured victims can generally be counted on to vindicate the law as private attorneys general, without any of the problems attendant upon suits by plaintiffs injured more remotely." Id. at 269-70, 112 S.Ct. 1311.

None of these concerns applies to the DMCA, which, unlike the Clayton Act and RICO, involves a narrow affirmative defense rather than the expansion of liability. Further, unlike in Holmes, there is no indication that Congress modeled the DMCA on the Clayton Act or RICO. We are therefore doubtful that in this quite different context, Holmes' strict reading of "by reason of" is what Congress intended.7

Our doubts are confirmed by the fact that UMG's reading of the "by reason of" language would create internal statutory conflicts. By its terms, § 512(c) presupposes that service providers will provide access to users' stored material, and we would thus contravene the statute if we held that such access disqualified Veoh from the safe harbor. Section 512(c) codifies a detailed notice and takedown procedure by which copyright holders inform service providers of infringing material accessible through their sites, and service providers then "disable access to" such materials. 17 U.S.C. § 512(c)(1)(A)(iii), (c)(1)(C) & (c)(3)(A)(iii) (emphasis added). This carefully considered protocol, and the statute's attendant references to "disabl[ing] access" to infringing materials, see id., would be superfluous if we accepted UMG's constrained reading of the statute. See Greenwood v. CompuCredit Corp., 615 F.3d 1204, 1209 (9th Cir.2010) ("We must, if possible, interpret a statute such that all its language is given effect, and none of it is rendered superfluous." (citing TRW Inc. v. Andrews, 534 U.S. 19, 31, 122 S.Ct. 441, 151 L.Ed.2d 339 (2001))). Indeed, it is not clear how copyright holders could even discover infringing materials on service providers' sites to notify them as the protocol dictates if § 512(c) did not contemplate that there would be access to the materials.8

We do not find persuasive UMG's effort to reconcile the internal contradictions its reading of the statute creates by positing that Congress must have meant § 512(c) to protect only "web hosting" services. Web hosts "host" websites on their servers, thereby "mak[ing] storage resources available to website operators." The thrust of UMG's argument seems to be that web hosts do not undertake the sorts of accessibility-facilitating functions that Veoh does, and thus the services they perform "fit within the ordinary meaning of `storage,'" and thereby "harmoniz[e]" with the notice and takedown procedures. UMG's theory fails to account for the reality that web hosts, like Veoh, also store user-submitted materials in order to make those materials accessible to other Internet users. The reason one has a website is so that others may view it. As amici note, these access activities define web hosting — if the web host only stored information for a single user, it would be more aptly described as an online back-up service. See Brief for Electronic Frontier Found. et al. as Amici Curiae Supporting Appellees at 15, UMG Recordings, Inc. v. Veoh Networks, Inc., No. 09-56777 (9th Cir. 2011).

In addition, the technological processes involved in providing web hosting services require those service providers to make, transmit and download multiple copies of users' stored materials. To create a website, the user uploads content to the web host's computers, which make an initial copy. "Content may be any number of things — family photos, poems, . . . even sound clips and movies." Preston Gralla, How The Internet Works 132 (2d ed. 1999). Then, when another Internet user wants to access the website by clicking a link or entering the URL, all the website's relevant content is transmitted to the user's computer, where another copy is automatically made by the user's web browser software in order to assemble the materials for viewing and listening. See id. at 157. To carry out their function of making websites available to Internet users, web hosting services thus routinely copy content and transmit it to Internet users. See id. We cannot see how these access-facilitating processes are meaningfully distinguishable from Veoh's for § 512(c)(1) purposes.

Further, the language of the statute recognizes that one is unlikely to infringe a copyright by merely storing material that no one could access, and so includes activities that go beyond storage. Section 512(c)(1)(A)(i) so recognizes in stating "the material or an activity using the material. . . is infringing." (Emphasis added.) Section 512(c)(1)(A)(ii) similarly addresses "infringing activity." Section 512(c)(1)(A)(iii) also reinforces this reading by requiring the service provider "to remove, or disable access to, the material," suggesting that if the material were still being stored by the service provider, but was inaccessible, it might well not be infringing. (Emphasis added.)

Finally, if Congress wanted to confine § 512(c) exclusively to web hosts rather than reach a wider range of service providers, we very much doubt it would have done so with the oblique "by reason of storage" language. We presume that Congress instead would have taken the more straightforward course of clarifying in the definition of "service provider" that, as it applies to § 512(c), only web hosts qualify. Indeed, Congress already gives two definitions of "service provider[s]" — one narrow definition specific to § 512(a), and one broader definition that applies to the rest of § 512.9 We therefore see no basis for adopting UMG's novel theory that Congress intended § 512(c) to protect only web hosting services.10

OCILLA's two "service provider" definitions also undermine UMG's argument that the automatic processes that make user-uploaded videos accessible are not undertaken "at the direction of the user." The narrower definition that applies exclusively to § 512(a), which governs conduit-only functions, expressly excludes service providers that "modif[y] [] the content of the material as sent or received." 17 U.S.C. § 512(k)(1)(A). Under the broader definition applying to § 512(c), by contrast, there is no limitation on the service provider's ability to modify user-submitted material to facilitate storage and access, as Veoh's automatic processes do. See Io Grp., Inc. v. Veoh Networks, Inc., 586 F.Supp.2d 1132, 1147 (N.D.Cal.2008). Had Congress intended to include such a limitation, it would have said so expressly and unambiguously, as it did in the narrower definition of "service provider." See id.

"Veoh has simply established a system whereby software automatically processes user-submitted content and recasts it in a format that is readily accessible to its users." Id. at 1148. Veoh does not actively participate in or supervise file uploading, "[n]or does it preview or select the files before the upload is completed." Id. Rather, this "automated process" for making files accessible "is initiated entirely at the volition of Veoh's users." Id.; see also CoStar Grp., Inc. v. Loopnet, Inc., 373 F.3d 544, 555 (4th Cir.2004). We therefore hold that Veoh has satisfied the threshold requirement that the infringement be "by reason of the storage at the direction of a user of material" residing on Veoh's system. 17 U.S.C. § 512(c)(1).

B.

Under § 512(c)(1)(A), a service provider can receive safe harbor protection only if it "(i) does not have actual knowledge that the material or an activity using the material on the system or network is infringing;" "(ii) in the absence of such actual knowledge, is not aware of facts or circumstances from which infringing activity is apparent; or" "(iii) upon obtaining such knowledge or awareness, acts expeditiously to remove, or disable access to, the material."11 UMG has never disputed that when Veoh became aware of allegedly infringing material as a result of the RIAA's DMCA notices, it removed the files. Rather, it argues that Veoh had knowledge or awareness of other infringing videos that it did not remove. The district court found that UMG failed to rebut Veoh's showing "that when it did acquire knowledge of allegedly infringing material — whether from DMCA notices, informal notices, or other means — it expeditiously removed such material." UMG II, 665 F.Supp.2d at 1107. UMG argues on appeal that the district court erred by improperly construing the knowledge requirement to unduly restrict the circumstances in which a service provider has "actual knowledge" under subsection (i) and setting too stringent a standard for what we have termed "red flag" awareness based on facts or circumstances from which infringing activity is apparent under subsection (ii). We hold that the district court properly construed these requirements.

1.

It is undisputed that, until the filing of this lawsuit, UMG "had not identified to Veoh any specific infringing video available on Veoh's system." UMG's decision to forgo the DMCA notice protocol "stripped it of the most powerful evidence of a service provider's knowledge — actual notice of infringement from the copyright holder." Corbis Corp. v. Amazon.com, Inc., 351 F.Supp.2d 1090, 1107 (W.D.Wash.2004) (citing 3 M. Nimmer & D. Nimmer, Nimmer on Copyright § 12B.04(A)(3), at 12B-53 [hereinafter "Nimmer"]); see also Io Grp., 586 F.Supp.2d at 1148.12 Nevertheless, UMG contends that Veoh hosted a category of copyrightable content — music — for which it had no license from any major music company. UMG argues Veoh thus must have known this content was unauthorized, given its general knowledge that its services could be used to post infringing material. UMG urges us to hold that this sufficiently demonstrates knowledge of infringement. We cannot, for several reasons.

As an initial matter, contrary to UMG's contentions, there are many music videos that could in fact legally appear on Veoh. "Among the types of videos subject to copyright protection but lawfully available on Veoh's system were videos with music created by users and videos that Veoh provided pursuant to arrangements it reached with major copyright holders, such as SonyBMG." UMG II, 665 F.Supp.2d at 1109. Further, Congress' express intention that the DMCA "facilitate making available quickly and conveniently via the Internet . . . movies, music, software, and literary works" — precisely the service Veoh provides — makes us skeptical that UMG's narrow interpretation of § 512(c) is plausible. S.Rep. No. 105-190, at 8. Finally, if merely hosting material that falls within a category of content capable of copyright protection, with the general knowledge that one's services could be used to share unauthorized copies of copyrighted material, was sufficient to impute knowledge to service providers, the § 512(c) safe harbor would be rendered a dead letter: § 512(c) applies only to claims of copyright infringement, yet the fact that a service provider's website could contain copyrightable material would remove the service provider from § 512(c) eligibility.

Cases analyzing knowledge in the secondary copyright infringement context also counsel against UMG's should-have-known approach. In Sony Corp. of America v. Universal City Studios, Inc., 464 U.S. 417, 104 S.Ct. 774, 78 L.Ed.2d 574 (1984), the Supreme Court held that there was "no precedent in the law of copyright for the imposition of" liability based on the theory that the defendant had "sold equipment with constructive knowledge of the fact that their customers may use that equipment to make unauthorized copies of copyrighted material." Id. at 439, 104 S.Ct. 774. So long as the product was "capable of substantial noninfringing uses," the Court refused to impute knowledge of infringement. Id. at 442, 104 S.Ct. 774. Applying Sony to the Internet context, we held in A & M Records, Inc. v. Napster, Inc., 239 F.3d 1004 (9th Cir.2001), that "if a computer system operator learns of specific infringing material available on his system and fails to purge such material from the system, the operator knows of and contributes to direct infringement." Id. at 1021. But "absent any specific information which identifies infringing activity, a computer system operator cannot be liable for contributory infringement merely because the structure of the system allows for the exchange of copyrighted material." Id.

Requiring specific knowledge of particular infringing activity makes good sense in the context of the DMCA, which Congress enacted to foster cooperation among copyright holders and service providers in dealing with infringement on the Internet. See S.Rep. No. 105-190, at 20 (noting OCILLA was intended to provide "strong incentives for service providers and copyright owners to cooperate to detect and deal with copyright infringements"); H.R.Rep. No. 105-551, pt. 2, at 49 (1998) (same). Copyright holders know precisely what materials they own, and are thus better able to efficiently identify infringing copies than service providers like Veoh, who cannot readily ascertain what material is copyrighted and what is not. See S.Rep. No. 105-190, at 48; ("[A] [service] provider could not be expected, during the course of its brief cataloguing visit, to determine whether [a] photograph was still protected by copyright or was in the public domain; if the photograph was still protected by copyright, whether the use was licensed; and if the use was not licensed, whether it was permitted under the fair use doctrine."); H.R.Rep. No. 105-551, pt. 2, at 57-58 (same).

These considerations are reflected in Congress' decision to enact a notice and takedown protocol encouraging copyright holders to identify specific infringing material to service providers. They are also evidenced in the "exclusionary rule" that prohibits consideration of substantially deficient § 512(c)(3)(A) notices for purposes of "determining whether a service provider has actual knowledge or is aware of facts and circumstances from which infringing activity is apparent." 17 U.S.C. § 512(c)(3)(B)(i); see also H.R.Rep. No. 105-551, pt. 2, at 56 (explaining this provision); Nimmer § 12B.04(B)(4)(c) ("[T]he copyright owner bears the burden of demonstrating knowledge independently of the failed notification."). Congress' intention is further reflected in the DMCA's direct statement that "[n]othing in this section shall be construed to condition the applicability of subsections (a) through (d) on . . . a service provider monitoring its service or affirmatively seeking facts indicating infringing activity." 17 U.S.C. § 512(m).13 Congress made a considered policy determination that the "DMCA notification procedures [would] place the burden of policing copyright infringement — identifying the potentially infringing material and adequately documenting infringement — squarely on the owners of the copyright." Perfect 10, Inc. v. CCBill LLC, 488 F.3d 1102, 1113 (9th Cir.2007). In parsing § 512(c)(3), we have "decline[d] to shift [that] substantial burden from the copyright owner to the provider." Id.

UMG asks us to change course with regard to § 512(c)(1)(A) by adopting a broad conception of the knowledge requirement. We see no principled basis for doing so. We therefore hold that merely hosting a category of copyrightable content, such as music videos, with the general knowledge that one's services could be used to share infringing material, is insufficient to meet the actual knowledge requirement under § 512(c)(1)(A)(i).

We reach the same conclusion with regard to the § 512(c)(1)(A)(ii) inquiry into whether a service provider is "aware of facts or circumstances from which infringing activity is apparent." The district court's conception of this "red flag test" properly followed our analysis in CCBill, which reiterated that the burden remains with the copyright holder rather than the service provider. See id. at 1114. The plaintiffs in CCBill argued that there were a number of red flags that made it apparent infringing activity was afoot, noting that the defendant hosted sites with names such as "illegal.net" and "stolencelebritypics.com," as well as password hacking websites, which obviously infringe. See id. We disagreed that these were sufficient red flags because "[w]e do not place the burden of determining whether [materials] are actually illegal on a service provider," and "[w]e impose no such investigative duties on service providers." Id. For the same reasons, we hold that Veoh's general knowledge that it hosted copyrightable material and that its services could be used for infringement is insufficient to constitute a red flag.

Of course, a service provider cannot willfully bury its head in the sand to avoid obtaining such specific knowledge. See Viacom Int'l v. YouTube, Inc., 676 F.3d 19, 31 (2d Cir.2012). Even viewing the evidence in the light most favorable to UMG as we must here, however, we agree with the district court there is no evidence that Veoh acted in such a manner. Rather, the evidence demonstrates that Veoh promptly removed infringing material when it became aware of specific instances of infringement. Although the parties agree, in retrospect, that at times there was infringing material available on Veoh's services, the DMCA recognizes that service providers who do not locate and remove infringing materials they do not specifically know of should not suffer the loss of safe harbor protection.

2.

We are not persuaded that UMG's other purported evidence of Veoh's actual or apparent knowledge of infringement warrants trial. First, UMG points to the tagging of videos on Veoh's service as "music videos." Relying on the theory rejected above, UMG contends that this demonstrates Veoh's knowledge that it hosted a category of infringing content. Relatedly, UMG argues that Veoh's purchase of certain search terms through the Google AdWords program demonstrates knowledge of infringing activity because some of the terms purchased, such as "50 Cent," "Avril Lavigne" and "Britney Spears," are the names of UMG artists. However, artists are not always in exclusive relationships with recording companies, so just because UMG owns the copyrights for some Britney Spears songs does not mean it owns the copyright for all Britney Spears songs. Indeed, 50 Cent, Avril Lavigne and Britney Spears are also affiliated with SonyBMG, which gave Veoh permission to stream its videos by these artists. Furthermore, even if Veoh had not had such permission, we recognize that companies sometimes purchase search terms they believe will lead potential customers to their websites even if the terms do not describe goods or services the company actually provides. For example, a sunglass company might buy the search terms "sunscreen" or "vacation" because it believed that people interested in such searches would often also be interested in sunglasses. Accordingly, Veoh's search term purchases are insufficient to demonstrate that it knew it hosted infringing material.

UMG also argues that Veoh's removal of unauthorized content identified in RIAA notices demonstrates knowledge, even if Veoh complied with § 512(c)'s notice and takedown procedures. According to UMG, Veoh should have taken the initiative to use search and indexing tools to locate and remove from its website any other content by the artists identified in the notices. Relatedly, UMG argues that some of the videos on Veoh that had been pulled from MTV or other broadcast television stations bore information about the artist, song title and record label. UMG contends that Veoh should have used this information to find and remove unauthorized videos. As we have explained, however, to so require would conflict with § 512(m), § 512(c)(1)(C) and CCBill's refusal to "impose. . . investigative duties on service providers." 488 F.3d at 1114. It could also result in removal of noninfringing content.

UMG also points to news articles discussing the availability of copyrighted materials on Veoh. One article reported that "several major media companies . . . say that Veoh.com has been among the least aggressive video sharing sites in fighting copyrighted content," and has thus "become a haven for pirated content." Brad Stone, Veoh's Vexing Visitor Numbers, N.Y. Times Bits Blog (July 15, 2007, 9:35 AM), http://bits.blogs.nytimes.com/2007/07/15/veohs-vexing-visitor-numbers/. Another article reported that,

Greg Sandoval, A new copyright battlefield: Veoh Networks, CNET News (Feb. 21, 2007, 4:00 AM), http://news.cnet.com/A-new-copyright-battlefield-Veoh-Networks/2100-1026_3-6160860.html. UMG elicited deposition testimony from Shapiro that he had heard of these articles, and was aware that, "from time to time," "material belonging to someone else end[ed] up on" Veoh. UMG argues that this evidence of knowledge that, as a general matter, unauthorized materials had been previously posted on Veoh is sufficient to meet the § 512(c)(1)(A) requirements.

At base, this argument relies on UMG's primary theory, which we rejected above. Here, as well, more specific information than UMG has adduced is required. The DMCA's detailed notice and takedown procedure assumes that, "from time to time," "material belonging to someone else ends up" on service providers' websites, and establishes a process for ensuring the prompt removal of such unauthorized material. If Veoh's CEO's acknowledgment of this general problem and awareness of news reports discussing it was enough to remove a service provider from DMCA safe harbor eligibility, the notice and takedown procedures would make little sense and the safe harbors would be effectively nullified. We cannot conclude that Congress intended such a result, and we therefore hold that this evidence is insufficient to warrant a trial.

UMG comes closer to meeting the § 512(c)(1)(A) requirements with its evidence of emails sent to Veoh executives and investors by copyright holders and users identifying infringing content. One email, sent by the CEO of Disney, a major copyright holder, to Michael Eisner, a Veoh investor, stated that the movie Cinderella III and various episodes from the television show Lost were available on Veoh without Disney's authorization. If this notification had come from a third party, such as a Veoh user, rather than from a copyright holder, it might meet the red flag test because it specified particular infringing material.14 As a copyright holder, however, Disney is subject to the notification requirements in § 512(c)(3), which this informal email failed to meet. Accordingly, this deficient notice "shall not be considered under paragraph (1)(A) in determining whether a service provider has actual knowledge or is aware of facts or circumstances from which infringing activity is apparent." 17 U.S.C. § 512(c)(3)(B)(i). Further, even if this email could have created actual knowledge or qualified as a red flag, Eisner's email in response assured Disney that he would instruct Veoh to "take it down," and Eisner copied Veoh's founder to ensure this happened "right away." UMG nowhere alleges that the offending material was not immediately removed, and accordingly Veoh would be saved by § 512(c)(1)(A)(iii), which preserves the safe harbor for service providers with such knowledge so long as they "act[] expeditiously to remove, or disable access to, the material."

UMG also points to an email from a Veoh user whose video was rejected for containing infringing content. Upset that Veoh would not post his unauthorized material, he stated that he had seen "plenty of [other] copyright infringement material" on the site, and identified another user who he said posted infringing content. It is possible that this email would be sufficient to constitute a red flag under § 512(c)(1)(A)(ii), even though it would not qualify as sufficient notice from a copyright holder under § 512(c)(3). But even assuming that is so, UMG has not specifically alleged that Veoh failed to expeditiously remove the infringing content identified by the user's email. Accordingly, this too fails to create a genuine issue of material fact regarding Veoh's knowledge of infringement.

We do not credit UMG's contention that the district court conflated the actual knowledge and red flag awareness tests. A user email informing Veoh of material that appeared to the user to be infringing and specifying its location provides a good example of the distinction. Although the user's allegations would not give Veoh actual knowledge under § 512(c)(1)(A)(i), because Veoh would have no assurance that a third party who does not hold the copyright in question would know whether the material was infringing, the email nonetheless could act as a red flag under § 512(c)(1)(A)(ii) provided its information was sufficiently specific. As the Second Circuit recognized:

Viacom Int'l v. YouTube, Inc., 676 F.3d 19, 31 (2d Cir.2012); cf. S.Rep. No. 105-190, at 44 ("The `red flag' test has both a subjective and an objective element. In determining whether the service provider was aware of a `red flag,' the subjective awareness of the service provider of the facts or circumstances in question must be determined. However, in deciding whether those facts or circumstances constitute a `red flag' — in other words, whether infringing activity would have been apparent to a reasonable person operating under the same or similar circumstances — an objective standard should be used."). In sum, we agree that there is a distinction between actual and red flag knowledge, but UMG has not created a genuine issue of material fact as to whether Veoh had either kind of knowledge here.15

C.

A service provider is eligible for the § 512(c) safe harbor only if it "does not receive a financial benefit directly attributable to the infringing activity, in a case in which the service provider has the right and ability to control such activity." 17 U.S.C. § 512(c)(1)(B). UMG appeals the district court's determination that Veoh did not have the necessary right and ability to control infringing activity and thus remained eligible for safe harbor protection. We conclude the district court was correct, and therefore affirm.16

"Statutory interpretation begins with the language of the statute." Children's Hosp. & Health Ctr. v. Belshe, 188 F.3d 1090, 1096 (9th Cir.1999). When terms are not defined within a statute, they are accorded their plain and ordinary meaning, which can be deduced through reference sources such as general usage dictionaries. See Bilski v. Kappos, ___ U.S. ___, 130 S.Ct. 3218, 3226, 177 L.Ed.2d 792 (2010). "[S]tatutory language must always be read in its proper context," McCarthy v. Bronson, 500 U.S. 136, 139, 111 S.Ct. 1737, 114 L.Ed.2d 194 (1991), and "[i]n determining the meaning of the statute, we look not only to the particular statutory language, but to the design of the statute as a whole and to its object and policy," Crandon v. United States, 494 U.S. 152, 158, 110 S.Ct. 997, 108 L.Ed.2d 132 (1990). We must, if possible, interpret a statute such that all its language is given effect, and none of it is rendered superfluous. See TRW Inc. v. Andrews, 534 U.S. 19, 31, 122 S.Ct. 441, 151 L.Ed.2d 339 (2001).

Whether Veoh had the requisite "ability to control" the infringing activity at issue depends on what the statute means by that phrase, which the statute does not define. Looking first to the dictionary, "ability" is defined as "the quality or state of being able: physical, mental, or legal power to perform: competence in doing"; and "able" is in turn defined as "possessed of needed powers (as intelligence or strength) or of needed resources (as means or influence) to accomplish an objective . . .: constituted or situated so as to be susceptible or readily subjected to some action or treatment." Webster's Third New International Dictionary 3, 4 (2002). "Control" is defined as having the "power or authority to guide or manage: directing or restraining domination." Id. at 496.

UMG argues that we should interpret § 512(c) as we did a similar concept in the common law vicarious liability context in Napster, 239 F.3d at 1024. The Second Circuit recently rejected this reading, see Viacom, 676 F.3d at 36-38, and we too are unpersuaded for several reasons. First, § 512(c) nowhere mentions the term "vicarious liability." Although it uses a set of words that has sometimes been used to describe common law vicarious liability, the language used in the common law standard is loose and has varied. For example, Metro-Goldwyn-Mayer Studios Inc. v. Grokster, Ltd., 545 U.S. 913, 930 n. 9, 125 S.Ct. 2764, 162 L.Ed.2d 781 (2005), refers to "supervis[ing] the direct infringer" rather than "control[ing] such [infringing] activity," § 512(c)(1)(B), and "supervise" and "control" are different in potentially significant ways. "Control," which we have noted means having the "power or authority to guide or manage: directing or restraining domination," connotes more ability to command than does "supervise," which means "to look over, inspect, oversee." Webster's Third New International Dictionary 496, 2296.

Second, § 512(c) actually presumes that service providers have the sort of control that UMG argues satisfies the § 512(c)(1)(B) "right and ability to control" requirement to be eligible for several of the safe harbors: they must "remove[] or disable access to" infringing material when they become aware of it. 17 U.S.C. § 512(c)(1)(A)(iii) & (C). Quoting Napster, 239 F.3d at 1024, UMG argues that service providers have "the right and ability to control" infringing activity, § 512(c)(1)(B), as long as they have "the ability to locate infringing material" and "terminate users' access." Under that reading, service providers would have the "right and ability to control" infringing activity regardless of their becoming "aware of" the material. Under that interpretation, the prerequisite to § 512(c) protection under § 512(c)(1)(A)(iii) and (C), would at the same time be a disqualifier under § 512(c)(1)(B) where the "financial benefit" condition is met.

We agree with Judge Matz that "Congress could not have intended for courts to hold that a service provider loses immunity under the safe harbor provision of the DMCA because it engages in acts that are specifically required by the DMCA" to obtain safe harbor protection. UMG II, 665 F.Supp.2d at 1113 (quoting Hendrickson v. eBay, Inc., 165 F.Supp.2d 1082, 1093-94 (C.D.Cal.2001)) (internal quotation marks omitted); see also Io Grp., Inc. v. Veoh Networks, Inc., 586 F.Supp.2d 1132, 1151 (N.D.Cal.2008) (same); Lee, supra, 32 Colum. J.L. & Arts at 247 ("A[] [service provider's] ability to remove materials posted by third parties does not satisfy the `right and ability to control' prong, because such power is necessary for a[] [service provider] to satisfy the basic requirement of `takedown' under the DMCA.").17 Moreover, Napster was decided after the DMCA was enacted, so Congress could not have intended to codify Napster's precise application upon which UMG relies.

Third, although not definitive, the legislative history informs our conclusion that Congress did not intend to exclude from § 512(c)'s safe harbor all service providers who would be vicariously liable for their users' infringing activity under the common law. The legislative history did, at one point, suggest an intention to codify the "right and ability to control" element of vicarious infringement, and § 512(c)(1)(B) was not modified following that report.18 That report, however, referred to a version of the bill different from the one ultimately passed, and the discussion of vicarious liability is omitted from all later reports and, notably, from the statutory language. See H.R.Rep. No. 105-551, pt. 2, at 54; S.Rep. No. 105-190, at 44-45; H.R. Conf. Rep. No. 105-796, at 64 (1998), reprinted in 1998 U.S.C.C.A.N. 639, 649.

Subsequent legislative statements help clarify Congress' intent. First, Congress explicitly stated in three different reports that the DMCA was intended to "protect qualifying service providers from liability for all monetary relief for direct, vicarious and contributory infringement." H.R. Conf. Rep. No. 105-796, at 64, 1998 U.S.C.C.A.N. at 649 (emphasis added); S.Rep. No. 105-190, at 20, 40; H.R.Rep. No. 105-551, pt. 2, at 50. Under UMG's interpretation, however, every service provider subject to vicarious liability would be automatically excluded from safe harbor protection. Second, Congress made clear that it intended to provide safe harbor protection not by altering the common law vicarious liability standards, but rather by carving out permanent safe harbors to that liability for Internet service providers even while the common law standards continue to evolve. See S.Rep. No. 105-190, at 19 ("There have been several cases relevant to service provider liability for copyright infringement. Most have approached the issue from the standpoint of contributory and vicarious liability. Rather than embarking upon a wholesale clarification of these doctrines, the Committee decided to leave current law in its evolving state and, instead, to create a series of `safe harbors,' for certain common activities of service providers. A service provider which qualifies for a safe harbor, receives the benefit of limited liability." (footnote omitted)).19

Given Congress' explicit intention to protect qualifying service providers who would otherwise be subject to vicarious liability, it would be puzzling for Congress to make § 512(c) entirely coextensive with the vicarious liability requirements, which would effectively exclude all vicarious liability claims from the § 512(c) safe harbor. See, e.g., Lee, supra, 32 Colum. J.L. & Arts at 236-37 (acknowledging that interpreting the DMCA to exclude service providers subject to vicarious liability would "undo the benefits of the safe harbors altogether" (quoting Mark A. Lemley, Rationalizing Internet Safe Harbors, 6 J. Telecomm. & High Tech. L. 101, 104 (2007)) (internal quotation marks omitted)). In addition, it is difficult to envision, from a policy perspective, why Congress would have chosen to exclude vicarious infringement from the safe harbors, but retain protection for contributory infringement. It is not apparent why the former might be seen as somehow worse than the latter. See id. at 243-44.

Furthermore, if Congress had intended that the § 512(c)(1)(B) "right and ability to control" requirement be coextensive with vicarious liability law, the statute could have accomplished that result in a more direct manner.

Ellison v. Robertson, 189 F.Supp.2d 1051, 1061 (C.D.Cal.2002), aff'd in part and rev'd in part on different grounds, 357 F.3d 1072 (9th Cir.2004). Indeed, in the anticircumvention provision in Title I of the DMCA, which was enacted at the same time as the § 512 safe harbors, Congress explicitly stated, "Nothing in this section shall enlarge or diminish vicarious or contributory liability for copyright infringement in connection with any technology, product, service, device, component, or part thereof." 17 U.S.C. § 1201(c)(2). "If Congress had intended to exclude vicarious liability from the DMCA [Title II] safe harbors, it would have done so expressly as it did in Title I of the DMCA." Lee, supra, 32 Colum. J.L. & Arts at 242.

Our reading of § 512(c)(1)(B) is further informed and reinforced by our concern that the statute would be internally inconsistent in other respects were we to interpret the "right and ability to control" language as UMG urges. First, § 512(m) cuts against holding that Veoh's general knowledge that infringing material could be uploaded to its site triggered an obligation to "police" its services to the "fullest extent" possible. As we have explained, § 512(m) provides that § 512(c)'s safe harbor protection may not be conditioned on "a service provider monitoring its service or affirmatively seeking facts indicating infringing activity." UMG's reading of the "right and ability to control" language would similarly run afoul of CCBill, 488 F.3d at 1113-14, which likewise clarified that § 512(c) "impose[s] no such investigative duties on service providers," and "place[s] the burden of policing copyright infringement . . . squarely on the owners of the copyright." CCBill did not suggest that Congress meant this limitation on the duty to monitor to apply only to service providers who do not receive a direct financial benefit under subsection (B).

In light of the DMCA's language, structure, purpose and legislative history, we are compelled to reject UMG's argument that the district court should have employed Napster's vicarious liability standard to evaluate whether Veoh had sufficient "right and ability to control" infringing activity under § 512(c). Although in some cases service providers subject to vicarious liability will be excluded from the § 512(c) safe harbor, in others they will not. As we are unpersuaded by UMG's argument, we conclude instead that whereas the vicarious liability standard applied in Napster can be met by merely having the general ability to locate infringing material and terminate users' access, § 512(c) requires "something more," Cybernet Ventures, 213 F.Supp.2d at 1181 (internal quotation marks omitted); see Napster, 239 F.3d at 1024.

The Second Circuit recently considered what constitutes "something more." See Viacom, 676 F.3d at 38. First, the court observed:

Id. (footnote and citations omitted). The Second Circuit also suggested that "inducement of copyright infringement under Metro-Goldwyn-Mayer Studios Inc. v. Grokster, Ltd., which `premises liability on purposeful, culpable expression and conduct,' might also rise to the level of control under § 512(c)(1)(B)." Id. (citations omitted). Finally, the court noted that "[o]ther courts have suggested that control may exist where the service provider is `actively involved in the listing, bidding, sale and delivery' of items offered for sale, Hendrickson v. eBay, Inc., . . . or otherwise controls vendor sales by previewing products prior to their listing, editing product descriptions, or suggesting prices, Corbis Corp. [v. Amazon.com, Inc.]." Id. at 38 n. 13. After offering this guidance, the Second Circuit "remand[ed] to the District Court to consider in the first instance whether the plaintiffs ha[d] adduced sufficient evidence to allow a reasonable jury to conclude that YouTube had the right and ability to control the infringing activity and received a financial benefit directly attributable to that activity." Id. at 38.

We agree with the Second Circuit and hold that, in order to have the "right and ability to control," the service provider must "exert[] substantial influence on the activities of users." Id. "Substantial influence" may include, as the Second Circuit suggested, high levels of control over activities of users, as in Cybernet. Or it may include purposeful conduct, as in Grokster. In this case, Veoh's interactions with and conduct toward its users did not rise to such a level. As Judge Matz recognized, "(a) the allegedly infringing material resided on Veoh's system; (b) Veoh had the ability to remove such material; (c) Veoh could have implemented, and did implement, filtering systems; and (d) Veoh could have searched for potentially infringing content." UMG II, 665 F.Supp.2d at 1112. Such circumstances are not equivalent to the activities found to constitute substantial influence in Cybernet and Grokster. Nor has UMG, in its initial or supplemental briefing to this court, pointed to other evidence raising a genuine issue of material fact as to whether Veoh's activities involved "something more than the ability to remove or block access to materials posted on a service provider's website." Viacom, 676 F.3d at 38 (quoting Capital Records, Inc. v. MP3tunes, LLC, 821 F.Supp.2d 627, 635 (S.D.N.Y. Oct. 25, 2011)); cf. Obodai v. Demand Media, Inc., No. 11 Civ. 2503(PKC), 2012 WL 2189740 (S.D.N.Y. June 13, 2012) (citing the Viacom examples and holding, "No evidence supports a conclusion that the defendant exerted such close control over content posted to [the website]. . . . Based on the evidence at summary judgment, no reasonable jury could conclude that the defendant exercised control over user submissions sufficient to remove it from the safe harbor provision of section 512(c)(1)(B)."). Accordingly, because UMG has not created a triable issue regarding Veoh's right and ability to control infringing activity, we conclude that Veoh met all the § 512(c) requirements, and we affirm the entry of summary judgment in its favor.

III.

UMG also appeals the district court's Rule 12(b)(6) dismissal of its complaint against the Investor Defendants for vicarious infringement, contributory infringement and inducement of infringement. It is well-established that "[s]econdary liability for copyright infringement does not exist in the absence of direct infringement. . . ." Napster, 239 F.3d at 1013 n. 2. UMG argues, however, that even if summary judgment was properly granted to Veoh on the basis of the DMCA safe harbor, as we have held it was, "the [Investor] Defendants remain potentially liable for their related indirect infringement" because the district court did not "make a finding regarding Veoh's direct infringement," and the Investor Defendants do not qualify as "service providers" who can receive DMCA safe harbor protection. The Investor Defendants argue that it would be illogical to impose greater liability on them than on Veoh itself. Although we agree that this would create an anomalous result, we assume without deciding that the suit against the Investor Defendants can properly proceed even though Veoh is protected from monetary liability by the DMCA.20 Reaching the merits of UMG's secondary liability arguments, we hold that the district court properly dismissed the complaint.

UMG first alleges that the Investor Defendants are liable for contributory infringement. "[O]ne who, with knowledge of the infringing activity, induces, causes or materially contributes to the infringing conduct of another, may be held liable as a `contributory' infringer." Fonovisa, Inc. v. Cherry Auction, Inc., 76 F.3d 259, 264 (9th Cir.1996) (quoting Gershwin Publ'g Corp. v. Columbia Artists Mgmt., Inc., 443 F.2d 1159, 1162 (2d Cir.1971)) (alteration in original) (internal quotation marks omitted); see also Grokster, 545 U.S. at 930, 125 S.Ct. 2764 ("One infringes contributorily by intentionally inducing or encouraging direct infringement."). In Fonovisa, 76 F.3d at 264, we established the "site and facilities" test: "providing the site and facilities for known infringing activity is sufficient to establish contributory liability" where the defendant "actively strives to provide the environment and the market for counterfeit . . . sales to thrive." The district court concluded this test was not met, dismissing the complaint because UMG did "not allege sufficiently that [the Investor Defendants] gave material assistance in helping Veoh or its users accomplish infringement." We agree.

UMG acknowledges that funding alone cannot satisfy the material assistance requirement. It thus argues that the Investor Defendants "provided Veoh's necessary funding and directed its spending" on "basic operations including . . . hardware, software, and employees" — "elements" UMG argues "form `the site and facilities' for Veoh's direct infringement." UMG thus attempts to liken its case to UMG Recordings, Inc. v. Bertelsmann AG et al., 222 F.R.D. 408 (N.D.Cal.2004), where the district court denied an investor's motion to dismiss claims of contributory infringement. In Bertelsmann, however, the investor was Napster's "only available source of funding," and thus "held significant power and control over Napster's operations." Id. at 412. Here, by contrast, there were multiple investors, and none of the Investor Defendants could individually control Veoh. Accordingly, UMG hinges its novel theory of secondary liability on the contention that the three Investor Defendants together took control of Veoh's operations by "obtain[ing] three of the five seats on Veoh's Board of Directors," and effectively provided the "site and facilities" for direct infringement by wielding their majority power to direct spending.

Even assuming that such joint control, not typically an element of contributory infringement, could satisfy Fonovisa's site and facilities requirement, UMG's argument fails on its own terms, because the complaint nowhere alleged that the Investor Defendants agreed to work in concert to this end. UMG suggests that it "did allege that the [Investor] Defendants agreed to `operate' Veoh jointly — UMG alleged that the [Investor] Defendants operated Veoh by `s[eeking] and obtain[ing] seats on Veoh's Board of Directors as a condition of their investments.'" But three investors individually acquiring one seat apiece is not the same as agreeing to operate as a unified entity to obtain and leverage majority control. Unless the three independent investors were on some level working in concert, then none of them actually had sufficient control over the Board to direct Veoh in the way UMG contends. This missing allegation is critical because finding secondary liability without it would allow plaintiffs to sue any collection of directors making up 51 percent of the board on the theory that they constitute a majority, and therefore together they control the company. Without this lynchpin allegation, UMG's claim that the Investor Defendants had sufficient control over Veoh to direct its spending and operations in a manner that might theoretically satisfy the "site and facilities" test falls apart. We therefore affirm the dismissal of UMG's contributory infringement claim.

This missing allegation likewise requires us to affirm the district court's dismissal of UMG's vicarious liability and inducement of infringement claims. Inducement liability is proper where "one [] distributes a device with the object of promoting its use to infringe copyright, as shown by clear expression or other affirmative steps taken to foster infringement." Grokster, 545 U.S. at 936-37, 125 S.Ct. 2764. Vicarious liability is warranted if "the defendant profits directly from the infringement and has a right and ability to supervise the direct infringer." Grokster, 545 U.S. at 930 n. 9, 125 S.Ct. 2764; see also Visa, 494 F.3d at 802. UMG's arguments that the Investor Defendants "distribute[d]" Veoh's services and had the right and ability to supervise the infringing users are premised on the unalleged contention that the Investor Defendants agreed to act in concert, and thus together they held a majority of seats on the Board and "maintained operational control over the company." We therefore affirm the dismissal of the complaint against the Investor Defendants.21

IV.

Veoh appeals the district court's refusal to grant it costs and attorney's fees under Federal Rule of Civil Procedure 68. "Under Rule 68, if a plaintiff rejects a defendant's offer of judgment, and the judgment finally obtained by plaintiff is not more favorable than the offer, the plaintiff must pay the costs incurred subsequent to the offer." United States v. Trident Seafoods Corp., 92 F.3d 855, 859 (9th Cir.1996).22 "Rule 68 is designed to `require plaintiffs to think very hard about whether continued litigation is worthwhile,'" and compensate defendants for costs they ought not have had to incur. Champion Produce, Inc. v. Ruby Robinson Co., 342 F.3d 1016, 1032 (9th Cir.2003) (quoting Marek v. Chesny, 473 U.S. 1, 11, 105 S.Ct. 3012, 87 L.Ed.2d 1 (1985)). In October 2008, Veoh offered UMG $100,000 to settle this lawsuit, pursuant to the procedures set forth in Rule 68. UMG declined the offer and ultimately failed to win any monetary relief. After the district court ruled that Veoh was entitled to § 512(c) protection, the parties requested the entry of judgment and stipulated that Veoh "agree[d] to continue to disable access to the Allegedly Infringing Video Files and to continue to use hash filtering to prevent [infringing] video files . . . from being accessed by users," and UMG "agree[d] that, even if it were to prevail on its remaining claims against Veoh . . ., it is entitled to no further relief."

Veoh contends that it was entitled to receive Rule 68 costs incurred from the time of its October 2008 settlement offer. It argues these costs should include attorney's fees because Marek, 473 U.S. at 9, 105 S.Ct. 3012, held that, "where the underlying statute defines `costs' to include attorney's fees, . . . such fees are to be included as costs for purposes of Rule 68," and the Copyright Act, 17 U.S.C. § 505, provides that a court "may . . . award a reasonable attorney's fee to the prevailing party as part of the costs." Relying on Trident, the district court declined to grant attorney's fees under Rule 68 because it had previously determined that fees were not "properly awardable" under § 505.23 Veoh has not challenged the district court's decision with regard to § 505, but argues on appeal that under Rule 68 an award of costs, including fees, was mandatory. We agree with the district court that, because it found that attorney's fees were not "properly awardable" under § 505 in this case, fees could not be awarded under Rule 68. We remand to the district court to separately analyze whether Rule 68 costs, excluding attorney's fees, are warranted.

A.

In Marek, the Supreme Court held that "the term `costs' in Rule 68 was intended to refer to all costs properly awardable under the relevant substantive statute." 473 U.S. at 9, 105 S.Ct. 3012 (emphasis added). We have interpreted this to mean that attorney's fees may be awarded as Rule 68 costs only if those fees would have been properly awarded under the relevant substantive statute in that particular case. In Trident, 92 F.3d at 860, for example, the issue was the interplay between the Clean Air Act (CAA) and Rule 68. Under the CAA, fees may only be awarded if the action was "unreasonable." See id.24 Trident held that "[t]he only interpretation that gives meaning to every word in both Rule 68 and the [CAA] is that `costs' in Rule 68 include attorneys' fees only if the action was unreasonable." Id. The fact that fees could have been awarded under the CAA, had its requirements been met, was insufficient to make them "properly awardable" within the meaning of Marek when the district court decided not to grant them in that case. See id.

We confronted the same issue with regard to a different substantive statute in Champion. There, we considered whether Rule 68 "costs" included attorney's fees where Idaho Code § 12-120(3) permitted the award of fees to a "prevailing party," and the district court expressly held that the defendant had not prevailed within the meaning of that section. See Champion, 342 F.3d at 1031. Relying on Trident, we held that "Rule 68 is not intended to expand the bases for a party's recovery of attorneys' fees," id. at 1029, and thus,

Id. at 1031 (citing Payne v. Milwaukee Cnty., 288 F.3d 1021, 1026 (7th Cir.2002) ("Briefly put, `costs' cannot encompass more than the rules or other relevant statutes authorize.")). Although we have not yet confronted this question in a Copyright Act case, Trident and Champion make clear that in this context as well, because the district court determined that attorney's fees were not "properly awardable" to Veoh under § 505, they were not awardable under Rule 68 either.25

B.

Even though Veoh is not entitled to attorney's fees under Rule 68, it may be entitled to its other costs. See, e.g., Champion, 342 F.3d at 1028 (holding that even though attorney's fees were not properly awardable under Rule 68, costs (excluding fees) were mandatory). The district court, however, did not analyze whether costs apart from fees were warranted. Veoh has already been awarded some of its costs under Federal Rule of Civil Procedure 54(d), but it argues on appeal that it is entitled to all of its post-settlement offer costs under Rule 68. This may be true, if certain conditions are met. First, costs are awardable under Rule 68 where "the judgment that the offeree finally obtains is not more favorable than the unaccepted offer." Fed.R.Civ.P. 68(d). Veoh argues that "[b]ecause Veoh was already taking the measures set forth in the [stipulated] injunction, and UMG was primarily seeking monetary damages, the value of that stipulation was less than Veoh's Rule 68 Offer." Although this may prove true, the value of the stipulated injunction is not clear on this record.

Second, Veoh can recover Rule 68 costs only if it is not a prevailing defendant. In Delta Air Lines, Inc. v. August, 450 U.S. 346, 352, 101 S.Ct. 1146, 67 L.Ed.2d 287 (1981), the Supreme Court held that Rule 68 "applies only to offers made by the defendant and only to judgments obtained by the plaintiff," and "therefore is simply inapplicable [where] it was the defendant that obtained the judgment." See also Goldberg v. Pac. Indem. Co., 627 F.3d 752, 755 (9th Cir.2010) ("Rule 68 does not allow a defendant to recover costs when judgment is entered in the defendant's favor."). The Court observed that holding otherwise would create an odd system in which "any settlement offer, no matter how small, would apparently trigger the operation of the Rule," and "[t]hus any defendant, by performing the meaningless act of making a nominal settlement offer, could eliminate the trial judge's discretion under Rule 54(d)." Delta, 450 U.S. at 353, 101 S.Ct. 1146. Delta rejected such an understanding of Rule 68:

Id.; see also MRO Commc'ns, Inc. v. Am. Tel. & Tel. Co., 197 F.3d 1276, 1280 (9th Cir.1999) ("Where a defendant prevails after making an offer of judgment, `the trial judge retains his Rule 54(d) discretion.'" (quoting Delta, 450 U.S. at 354, 101 S.Ct. 1146)).

Veoh argues that Delta does not apply because UMG "actually obtained certain relief" in the form of the parties' stipulation that Veoh would continue removing infringing content discovered by its hash filtering system, and thus UMG rather than Veoh "obtained the judgment." Delta, 450 U.S. at 352, 101 S.Ct. 1146. Although the district court determined that Veoh was "the prevailing party on the core issue in the litigation" for § 505 purposes, it did not clarify whether it also concluded that Veoh was a prevailing defendant under Delta for Rule 68 purposes. We therefore remand to the district court to consider in the first instance whether Veoh is eligible to receive Rule 68 costs under Delta, and, if so, whether "the judgment that the offeree finally obtain[ed] [wa]s not more favorable than the unaccepted offer." Fed.R.Civ.P. 68(d). If both conditions are met, then the district court should determine what remaining costs are due to Veoh.

CONCLUSION

We affirm the district court's determination on summary judgment that Veoh is entitled to § 512(c) safe harbor protection, and its dismissal of the claims of secondary liability against the Investor Defendants. We also affirm its determination that, in this case, attorney's fees may not be awarded under Rule 68. We remand for the district court to consider in the first instance whether Veoh is entitled to Rule 68 costs excluding attorney's fees.

The parties shall bear their own costs on appeal.

The motions of the Recording Industry Association of America et al., the Electronic Frontier Foundation et al., and eBay Inc. et al., for leave to file amicus curiae briefs are granted, and the briefs are ordered filed.

AFFIRMED in part and REMANDED in part.