On March 25, 2026, in Cox Communications v. Sony Music Entertainment, 607 U.S. ___ (2026), the United States Supreme Court unanimously reversed the Fourth Circuit’s finding that Cox Communications was contributorily liable for the copyright infringement of its Internet subscribers, holding that Cox lacked the requisite intent. Justice Thomas delivered the majority opinion. Justice Sotomayor, joined by Justice Jackson, concurred in the judgment but disagreed with the majority’s holding that contributory and vicarious liability are the only two forms of secondary liability available under the Copyright Act.
Background
Cox Communications is an Internet service provider (ISP) serving approximately six million subscribers. Sony Music Entertainment and other major copyright holders enlisted an entity called MarkMonitor to track online infringement. During the roughly two-year period at issue, MarkMonitor sent Cox 163,148 notices identifying subscriber Internet Protocol (IP) addresses associated with infringement. Sony sued Cox in the Eastern District of Virginia, and a jury found Cox contributorily liable and awarded $1 billion in statutory damages. The Fourth Circuit affirmed, reasoning that supplying a service with knowledge that users will infringe copyrights is sufficient for contributory liability. The Supreme Court granted certiorari.
The majority opinion
The Court held that “[t]he provider of a service is contributorily liable for the user’s infringement only if it intended that the provided service be used for infringement.” The intent required for contributory liability can be shown in only two ways: (1) inducement, where the provider actively encourages infringement through specific acts; or (2) where the provided service is tailored to infringement—that is, the service is incapable of commercially significant non-infringing uses. These two bases track the framework established in Sony Corp. of America v. Universal City Studios, Inc., 464 U.S. 417 (1984), and Metro-Goldwyn-Mayer Studios Inc. v. Grokster, Ltd., 545 U.S. 913 (2005), and mirror the contributory liability analysis under patent law. 35 U.S.C. §§ 271(b), (c).
Applying this framework, the Court found neither basis satisfied. Cox did not induce infringement—it never promoted its service as a tool for piracy and, to the contrary, contractually prohibited infringing use and maintained a graduated enforcement system of warnings, suspensions, and terminations. Nor was Cox’s service tailored to infringement, as general Internet access is plainly capable of substantial lawful use. The Court emphasized that knowledge of infringement alone is insufficient. Although Cox received tens of thousands of notices, ISPs like Cox cannot determine which individual at a given IP address—shared among household members, coffee shop patrons, or dormitory residents—committed the infringement.
The DMCA safe harbor
Sony argued that the DMCA safe harbor—under which ISPs can avoid secondary liability for copyright infringement if they adopt and reasonably implement a policy terminating repeat infringers “in appropriate circumstances,” 17 U.S.C. §512(i)(1)(A)—would be rendered meaningless if ISPs are not liable for continuing to serve known infringers. The Court rejected this argument, holding that the DMCA does not expressly impose liability on ISPs who serve known infringers; it merely creates additional defenses from liability. The Court pointed to 17 U.S.C. §512(l), which provides that failure to qualify for the safe harbor “shall not bear adversely upon the consideration of a defense by the service provider that the service provider’s conduct is not infringing.”
The concurring opinion
Justice Sotomayor agreed Cox is not liable on the facts of this case but criticized the majority for holding that contributory and vicarious liability are the only two forms of secondary liability available for copyright infringement. She argued that Sony and Grokster defined secondary liability by reference to common-law principles and left open additional theories such as aiding and abetting.
Nevertheless, drawing on the Court’s recent decisions in Twitter, Inc. v. Taamneh, 598 U.S. 471 (2023), and Smith & Wesson Brands, Inc. v. Estados Unidos Mexicanos, 605 US 280 (2025), Justice Sotomayor concluded that Cox would not be liable even under an aiding and abetting theory. Under those precedents, aiding-and-abetting requires proof the defendant intended to help the wrongdoer succeed—a standard Cox’s conduct does not meet given its lack of knowledge about which specific users committed infringement.
Justice Sotomayor also warned that the majority’s narrowing of secondary liability to inducement and tailoring effectively eliminates the incentive for ISPs to adopt and implement the anti-infringement policies the DMCA safe harbor was designed to encourage.
Key takeaways
This decision significantly reshapes secondary copyright liability and the role of the DMCA safe harbor. For ISPs and other service providers, the ruling provides substantial protection: mere knowledge that some users engage in infringement will not create contributory liability absent inducement or tailoring. For copyright holders, the decision means enforcement efforts must focus on direct infringers or on platforms that actively encourage or are designed to facilitate infringement, rather than on underlying ISPs. The practical consequence flagged by Justice Sotomayor's concurrence—that ISPs now have diminished incentive to implement DMCA-compliant anti-infringement policies—may invite a legislative response from Congress.
For more information on the content of this alert, please contact your Nixon Peabody attorney or the authors of this alert.