Is it Legal to Embed Public Instagram Photos on Your Website?

Is it Legal to Embed Public Instagram Photos on Your Website?

Nearly 25% of online news articles contain embedded links to social media posts. Are the publishers of these articles all committing copyright infringement?

July 10, 2013 was an auspicious day in Instagram history. That’s when the company officially announced the introduction of its “web embed” feature, which Instagram described in a blog post as “an easy way to add Instagram photos and videos to the stories you want to tell.” Instagram assured its users that they still owned their photos and videos, even if others chose to embed that content on their own websites. “Whether you want to embed your video on your blog or a friend wants to feature your photo on a website, everyone will clearly see that your content belongs to you.”

It sure seemed like Instagram was telling the world that it was OK to use its new API (application programming interface) to share public Instagram content. Instagram also touted the benefits for content creators, noting that “clicking on the Instagram logo will take people to your page on Instagram.com where they can discover more of your photos and videos.” For users who wanted their content to remain private, Instagram assured them that its embed code was “only available to those whose photos and videos are public.”

Fast forward to June 4, 2020, which was another auspicious day in Instagram history. On that day, Ars Technica reported that “Instagram just threw users of its embedding API under the bus.” In an email sent to the tech blog, an unnamed spokesperson of Instagram’s parent company Facebook said that Instagram had not—contrary to a long and widely held assumption—granted users of its web embed API a license to display embedded content on other websites:

While our terms allow us to grant a sub-license, we do not grant one for our embeds API …. Our platform policies require third parties to have the necessary rights from applicable rights holders. This includes ensuring they have a license to share this content, if a license is required by law.

Email from Facebook to Ars Technica, June 4, 2020

Instagram’s “bombshell” statement sent shockwaves throughout the online creative and publishing industries, with many wondering whether journalists, blogs and news sites that regularly embed third party Instagram content were now copyright infringers

It’s not just an academic question. A recent study of over one million online articles found that 23% of news articles included an embedded link to a social media post.

So, what’s the cause of Instagram’s seeming about-face? And is any website that embeds public Instagram photos violating copyright law?

To answer the first question first, Instagram’s comments appear to have been prompted by a series of currently pending copyright cases out of New York in which online publishers had relied upon Instagram’s “terms of use” as a defense to copyright infringement.

Sinclair I

First, in April, Judge Kimba Wood of the Southern District of New York dismissed an infringement lawsuit filed by photographer Stephanie Sinclair against web site Mashable. The court found that, based on Instagram’s terms of service, Sinclair had given Instagram a license to use her publicly-posted photos, and that Instagram had in turn given Mashable a sublicense to embed these photos on its site using the web embed API.

Sinclair v. Ziff Davis et al.: Read the Platform's Terms of Use Before You  Post Content to Social Media | Arent Fox - JDSupra
The embedded image that led to Stephanie Sinclair’s lawsuit against Mashable.

McGucken

But then, on June 1, Judge Katherine Polk Failla, also from the Southern District of New York, reached the opposite conclusion in McGucken v. Newsweek. This was a case in which Newsweek was sued for embedding McGucken’s image of a Death Valley lake without his permission in one of its articles. In denying Newsweek’s motion to dismiss, the McGucken court acknowledged that Instagram’s terms of service did grant the site a license to publicly-shared content, and that Instagram had the right to sublicense rights in this content to third party websites. However, the court found that it wasn’t clear that Instagram had in fact sublicensed those rights to Newsweek.

Instagram’s Statement to Ars Technica

Against this backdrop, Instagram weighed in with its June 4 statement to Ars Technica. Instagram’s current position is that no, it has not granted a sublicense to sites that embed Instagram content—even though it has the legal right to do so. Therefore, any websites that want to embed third party content using Instagram’s web embed API have to determine for themselves whether they need to get a license directly from the owner of the original content. Incidentally, Instagram’s June statement made no mention of its announcement seven years ago, in which the company certainly suggested, if not outright advertised, that websites were free to embed third party posts so long as the content had been set to “public.”

It seems odd that Instagram would obtain a sublicensable license from its users to share their content—and promote an API that allows third party websites to do just that—but not actually authorize the embedding. But, apparently that’s Instagram’s position.

Sinclair II

James Grimmelmann, Professor of Digital and Information Law at Cornell, predicted that Instagram’s statement was “going to blow up the Sinclair case.” He was right. Just three weeks later, Judge Wood granted a motion for reconsideration brought by photographer Sinclair. Revisiting its April ruling (and relying on McGucken), the court held that Instagram’s terms of use were “insufficiently clear” to warrant dismissal of Sinclair’s claims at the pleading stage of the litigation.

In support of its sublicense argument, Mashable had relied on Instagram’s Platform Policy, which states that Instagram “provide[s] the Instagram APIs to help broadcasters and publishers discover content, get digital rights to media, and share media using web embeds.”

However, contrary to her prior ruling, Judge Wood said it was too early in the case to find that a sublicense existed between Instagram and Mashable. While the court acknowledged that it may be possible to read Instagram’s various terms and policies to grant a sublicense to embedders, this was not the only interpretation, and on a motion to dismiss the court was required to draw all reasonable inferences in favor of Sinclair.

Judge Wood’s order on reconsideration made no mention of any of Instagram’s public statements on either side of the embedding issue (which isn’t too surprising given the procedural posture of the case).

So now we have two courts in the Southern District of New York ruling that online publishers can’t necessarily rely on a sublicense to embed Instagram content on their sites. But remember, both Sinclair and McGucken are still in their early, pre-discovery phases, and neither court has definitively decided that Instagram has not granted a sublicense. And as for Instagram, it doesn’t appear that the platform has amended its terms of service to incorporate the statement its spokesperson gave to Ars Technica via email. 

Is Embedding Without a License Infringement? 

Let’s assume for the moment that everything online publishers may have previously believed about Instagram’s terms of service has been wrong. Does that mean that embedding an Instagram user’s public posts and photos is copyright infringement?

Not necessarily. Just because you don’t have a license doesn’t mean you actually need a license. Even Instagram’s June 4 Ars Technica email recognized as much, noting that online publishers should ensure they have a license to share content “if a license is required by law.”

There are a number of reasons a license wouldn’t be required in any individual case. An obvious example is when a site uses an Instagram post in a way that qualifies as a “fair use” under the Copyright Act.

The “Server Test”

A license also wouldn’t be required if the entire process of embedding didn’t implicate a copyright owner’s exclusive rights in the first place. That’s the outcome reached by courts that follow the “server test,” which effectively insulates online publishers who link to outside content from liability for copyright infringement.

Understanding the server test requires recognizing that there’s a difference between hosting a photo on your website and using embed code that links to that photo on a third party site. While the distinction may be technical—and may not even be noticed by the casual website visitor—it’s a distinction nonetheless. 

When you copy a photo, upload it to your website and make the site available to the public, you’re implicating several of the copyright owner’s exclusive rights in the photo, including the right to reproduce copyrighted content and to display that content publicly.

But when you use Instagram’s API and insert embed code into your site, a copy of the photo isn’t hosted on your web server. Instead, the code instructs a visitor’s web browser to fetch the contents of a post directly from Instagram’s own servers. Your site is essentially acting as a “window” to Instagram. It’s Instagram, not your site, that ultimately controls the content that’s displayed to your visitors. For example, if Instagram (or an individual Instagram user) changes or deletes a photo or post, the original content will no longer appear on any site that uses an embed link to point to that photo.

You might see a similar message on YouTube if a video has been removed, either because it’s been deleted by the user, or as the result of a take down request under the Digital Millennium Copyright Act (DMCA).

I’m still not sure what facial expression the red YouTube guy is making. He doesn’t seem particularly sad that the video has been removed as much as he’s just sort of embarrassed about the whole situation. Anyway, the point is that the website using the embed code doesn’t control the content and so, under the server test, there’s no infringement.

Here’s an example of how embedded content looks to a website visitor vs. content that is served up directly. Below is a concert photograph I took of Janelle Monáe as it appears on my personal Instagram, using embed code.

Here’s an example of the same image, served up on this website:

Janelle Monáe / Photo by Aaron Moss

The server test was explicitly recognized and adopted by the Ninth Circuit in Perfect 10, Inc. v. Amazon, Inc., a case involving the display of copyrighted images in Google image search results. The server test has also been followed by the Seventh Circuit, at least in cases involving contributory liability.

But not every court has decided to follow the server test. Most notably, in 2018, Southern District of New York judge Katherine Forrest explicitly rejected the server test in Goldman v. Breitbart News Network, a case which involved an embedded tweet. Judge Forrest eschewed the technical distinctions underlying the server test in favor of a more practical approach that focuses on how users actually perceive the content being displayed.

The Second Circuit declined to accept an early “interlocutory” appeal of the Goldman decision, and the case settled soon afterwards. This left Judge Forrest’s ruling intact, and left the Second Circuit without any definitive guidance. The decision in Goldman is not binding on any other court within the Southern District, let alone outside of New York, although future courts may find its reasoning persuasive.

DMCA § 512(d)

Another potential defense for publishers who embed social media is found in section 512(d) of the DMCA. Not to be confused with the better known section 512(c) dealing with user-generated content, section 512(d) provides a safe harbor from liability when a “service provider” refers or links its users to infringing material found on another online location.

Unlike section 512(c), which only applies to material uploaded “at the direction of a user,” section 512(d) arises from a service provider’s own conduct—so long as the provider meets certain conditions. For example, a site has to act expeditiously to remove the material upon receiving a take down notice from the copyright owner.

More challenging is the fact that section 512(d) only applies to links to “infringing material or infringing activity.” This suggests that the law may only provide a safe harbor if you link to an Instagram post that contains an infringing copy of someone else’s image.

It’s also a bit of an open issue as to whether section 512(d) applies to embedded links which automatically display content as opposed to traditional hyperlinks, which require a user to affirmatively click on the link to access the content. There hasn’t been much litigation involving section 512(d) yet, but expect that to change if the server test ceases to be a viable defense.

What’s Next?

There are a few different ways that the uncertainly surrounding the embedding of Instagram posts can be resolved. The first would be to get a binding decision on the viability of the Ninth Circuit’s server test, which would probably require another circuit-level court to reject the test, and for the Supreme Court to agree to take the case and resolve the split.

The second way is for Instagram to explicitly provide in its terms of use that it has granted a sublicense for websites to embed public posts.

The third, most flexible option, would be for Instagram to let its users decide whether to allow their posts and images to be embedded on third party sites. This could be done on a per-user or per-post basis. If a user did not affirmatively choose to disable the sharing option, a third party would be deemed to have permission to embed the post consistent with Instagram’s terms.

This is basically how YouTube’s video embedding function currently works. Users can decide whether to allow their videos to be embedded, while still sharing them publicly. A user can be presumed to have consented to third party embedding by not turning that function off. 

Instagram has said that it’s exploring the possibility of giving users more control over embedding. But as of now, the only way that users can prevent their photos and posts from being embedded is to set them to private. That’s not a great solution for photographers who want their work to be discovered (whether on the platform or off). It’s also not a great solution for content publishers, who have to guess whether they may be on the receiving end of a lawsuit when they embed third party content. 

What do you think? Should embedding be considered copyright infringement? Let us know in the comments below.

Leave a Reply

Your email address will not be published. Required fields are marked *