This theory of market harm does not work under Factor Four, because the full-text search function does not serve as a substitute for the books that are being searched. See Campbell, 510 U.S. at 591–92, 114 S.Ct. 1164; Bill Graham Archives, 448 F.3d at 614. Thus, it is irrelevant that the Libraries might be willing to purchase licenses in order to engage in this transformative use (if the use were deemed unfair). Lost licensing revenue counts under Factor Four only when the use serves as a substitute for the original and the full-text-search use does not.
Next, the Authors assert that the HDL creates the risk of a security breach which might impose irreparable damage on the Authors and their works. In particular, the Authors speculate that, if hackers were able to obtain unauthorized access to the books stored at the HDL, the full text of these tens of millions of books might be distributed worldwide without restriction, “decimat[ing]” the traditional market for those works. Appellants’ Br. 40.
The record before us documents the extensive security measures the Libraries have undertaken to safeguard against the risk of a data breach. Some of those measures were described by the HDL executive director as follows:
First, [HDL] maintains … rigorous physical security controls. HDL servers, storage, and networking equipment at Michigan and Indiana University are mounted in locked racks, and only six at Michigan and three at Indiana University have keys. The data centers housing HDL servers, storage, and networking equipment at each site location are monitored by video surveillance, and entry requires use of both a keycard and a biometric sensor.
Second, network access to the HDL corpus is highly restricted, even for the staff of the data centers housing HDL equipment at Michigan and Indiana University. For example, two levels of network firewalls are in place at each site, and Indiana University data center staff do not have network access to the HDL corpus, only access to the physical equipment. For the backup tapes, network access is limited to the administrators of the backup system, and these individuals are not provided the encryption key that would be required to access the encrypted files on the backup tapes.
Web access to the HDL corpus is also highly restricted. Access by users of the HDL service is governed by primarily by [sic] the HDL rights database, which classifies each work by presumed, which classifies each work by presumed copyright status, and also by a user’s authentication to the system (e.g., as an individual certified to have a print disability by Michigan’s Office of Services for Students with Disabilities).
…
Even where we do permit a work to be read online, such as a work in the public domain, we make efforts to ensure that inappropriate levels of access do not take place. For example, a mass download prevention system called “choke” is used to measure the rate of activity (such as the rate a user is reading pages) by each individual user. If a user’s rate of activity exceeds certain thresholds, the system assumes that the user is mechanized (e.g., a web robot) and blocks that user’s access for a set period of time.
J.A. 683–85 ¶¶94–96, 98 (Wilkins Decl.).
This showing of the security measures taken by the Libraries is essentially unrebutted. Consequently, we see no basis in the record on which to conclude that a security breach is likely to occur, much less one that would result in the public release of the specific copyrighted works
