Association of Test Publishers Security Committee Collaborative Website Enforcement Program

Association of Test Publishers
Security Committee
Collaborative Website Enforcement Program
Information Package
Many organizations in the testing industry are faced with the issue of rogue websites selling their
intellectual property (IP) - their exams. Is this an issue you’ve encountered? The ATPSC Enforcement
Subcommittee is focused on addressing the issue of infringing websites selling an organization’s IP.
The Collaborative Website Enforcement (CWE) program is aimed at shutting down infringing
websites. We provide resources and coordinate with multiple organizations to synchronize sending
Digital Millennium Copyright Act (DMCA) “take-down” notices to select Internet Service Providers
(ISPs) regarding rogue websites.
Because organizations have limited budgets and resources, we plan to:
 Conduct brief informational sessions on the CWE initiative;
 Share DMCA templates, enforcement approaches, and campaign schedules;
 Provide a list of target infringing websites and host provider name and contact info;
 Schedule target dates for the coordinated sending of “take-down” notices; and
 Execute website enforcement campaigns (multiple campaigns; conducted quarterly).
The informational session will provide an overview of the processes that you’ll need to take. If you’re
not familiar with the process or want to learn more, please plan to attend an information session.
For those who have already participated or are interested in joining, this information package contains
some key resources:
 Appendix 1 - List of target websites and the ISPs that host the websites;
 Appendix 2 - sample DMCA notice;
 Appendix 3 – Process Overview; and
 Appendix 4 – FAQs (answers to common questions).
Although every program may not have the resources to send DMCA letters to all ISPs or regarding all the
target websites, we encourage you to participate to whatever extent possible.
If your organization engages an outside attorney or a third-party provider to send DMCA notices, please
consider instructing your provider to synchronize sending the notices on the target date.
Key Dates
The first information session will be held on October 16th.
The target date for the next coordinated take-down notice campaign is: November 8th.
In the best of circumstances, each ISP will honor your request to either remove the offending materials or
shut down these sites altogether. If the ISP refuses, you would not be obligated in any way to pursue
legal action or otherwise continue your participation. But should that occur, we would welcome you to
join us in entering a collective dialogue with the ISP regarding ways to address this troubling problem.
As you may be aware, websites occasionally change Host ISPs. In our quest to provide you with the most
up-to-date information, we will send a follow-up email to notify you if a website(s) changes host
providers.
The following are the Enforcement Subcommittee members:
Cathy Donath, Co-Chair
The Donath Group
Greg Stephens, Co-Chair
Microsoft
Brent Hill
Cisco
Amanda Hoberg
Pearson VUE
Ben Mannes
American Board of Internal Medicine
Layne Pethick
Association of American Medical Colleges
G. Matt Rice
Linux Professional Institute
Jennifer Ancona Semko
Baker & McKenzie LLP
Christie Zervos
Caveon
Please plan to join us as we work together to achieve success through our collaborative efforts!
Let us know if your organization will plan to participate in the next website enforcement campaign.
Thank you!
The Enforcement Subcommittee
To learn more about ATP, go to www.testpublishers.org.
The ATPSC Enforcement Subcommittee published a report on the 2012 CWE Program.
The report will be available at the ATP website to members/non-members by October 16th.
Appendix 1 - Target Websites and Host Providers
Below is a list of the selection of target infringing websites for this campaign with website host providers
(ISPs) and the contact information. It appears that these sites are offering exam materials that may be
infringing your organization’s intellectual property.
Host ISP Name and Contact
Information
Amazon.com, Inc.
Websites Hosted
ucertify.com
[email protected]
Colostore
746 Arnold Street
South Bend, Indiana 46619
certkiller.com
cramguides.com
examsheets.com
FastDomain, Inc.
1958 South 950 East
Provo, UT 84606
braindumps.com
CramBible.com
Email: Terms of Service Compliance Dept.
([email protected])
InMotion Hosting, Inc.
General Counsel
6100 Center Drive, Suite 1190
Los Angeles, CA 90045
selftestengine.com
certsking.com
ExamBible.com
Email: [email protected]
InternetNamesForBusiness.com
CheatYourExams.com
CertifySky.com
Email:
[email protected]
LeaseWeb USA, Inc.
9480 Innovation Drive / Suite 1
Manassas, VA 20110
exampdf.com
testpassport.com
killtest.com
[email protected]
Dora Lira
SoftLayer Technologies
4849 Alpha Road
Dallas, TX 75244
Email: [email protected]
braindumpgalaxy.com
sure-braindumps.com
Note: formerly The Planet
Appendix 2
DMCA Template
A sample DMCA template notice is provided for your reference. This template has yellow highlighted
portions. These represent specific information that would be tailored by your organization to your
specific situation. Some organizations may send their own DMCA notice or adapt or modify this sample
notice as you see fit.
If you have not registered your exams with the U.S. Copyright office, you may simply delete the
reference to copyright registration numbers, as noted in the template below.
Sample DMCA Letter: (Host ISP).
Date
Via U.S. Mail and E-Mail
Host ISP Address
RE: Notice of Copyright Infringement (Website Names)
Dear Sir or Madam:
I am writing on behalf of [insert organization] to identify copyright infringement concerns regarding the
websites identified above. Specifically, we have determined that these websites are offering for sale live
test items currently used by [organization] in connection with our [type of exam: e.g., software engineer]
exams. These exams, and the individual test items that comprise them, are not only protected by
copyright law, but their public exposure by the infringing websites jeopardizes the security and integrity
of our exam(s).
Pursuant to the Digital Millennium Copyright Act (“DMCA”), I have provided relevant information
regarding the infringing sites and infringed content below. I am authorized to act on behalf of [insert
organization] with respect to these matters.
1.
Copyrighted Works. The copyrighted works at issue are the following [list all exams covered
by this letter, showing all those covered by a Secure Test Copyright first]:
 [insert description].
This exam is protected by U.S. Copyright Office Registration No. [insert]
registered, delete this sentence]
[Note: If any test is not

[insert description]. This exam is protected by U.S. Copyright Office Registration No [insert]

[insert description]. This exam is protected by U.S. Copyright Office Registration No [insert]
[If there are registered Secure Tests included in this list, add the following language: The US Registrar of
Copyrights has a special procedure for registration of secured tests, whereby the actual copy of the test is
not kept for public review by the Registrar of Copyrights. As you can well understand, if such tests are
carefully and specially protected by the Registrar, then it should be apparent that these tests should be
given the same protection under the DMCA.]
2.
Infringing Materials/Website. The infringing materials all are found on the [insert] website,
which upon information and belief, we understand to be registered and hosted by your organization, and
located at [insert website]. Similarly, the same infringing materials are found on the [insert] website,
which is also believed to be registered and hosted by your organization, and located at [insert website].
We have reason to believe that the operators of the [insert] website are the same operators of the [insert]
website.
These sites offer for sale what [name of organization] believes to be verbatim, content identical,
technically indistinguishable or substantially similar copies of the copyrighted exams listed above,
commercially available for downloading by site visitors for a fee. These websites are in no way affiliated
with or endorsed by [organization], nor have these sites secured written permission or authority to post
[organization’s] copyrighted works. The materials posted on the site are therefore unauthorized, illegal
reproductions of [organization’s] copyrighted exams.
[Organization] has formed a good faith belief that the use of the copyrighted materials described above is
not authorized by the copyright owners, their agents, or the law. [Organization] further believes that such
use is not covered by any form of Fair Use, inasmuch as the use is unquestionably commercial and the
amount of content being infringed is well beyond any reasonable fair use. I declare, under penalty of
perjury, that the information in this notification is accurate and that I am authorized to act on behalf of
[organization], the owner of the copyrights at issue.
In light of the above-described unlawful and infringing content, [organization] requests the immediate
suspension of (website). In the alternative, we request the immediate removal of the copyrighted material
from these sites, as well as the removal of all information on the websites referring or relating to such
material. We also caution you that you have an obligation to ensure that this same infringing content is
not simply re-posted on a new URL by the same individual(s) in an attempt to circumvent your initial
take down. [Organization] will be monitoring to make sure such action does not take place.
[Organization] appreciates your prompt attention to this serious matter.
I would appreciate a written response from you as to the specific steps you have taken in response to my
letter by __________ which can be delivered to me at [e-mail address]. If you have any questions
regarding this matter, please contact me at [phone or e-mail].
Sincerely,
[signature block]
cc: Alan J. Thiemann, Esq.
Association of Test Publishers
Note: ATP’s attorney is Alan Thiemann; email address: [Alan Thiemann ([email protected])]
Appendix 3
Process Overview
The following is an overview of the proposed process steps. Of course, the activities may vary depending
on your organization’s requirements.
1. Check Websites - determine if the website is advertising your exams
2. Purchase the exam(s) – confirm whether a website is selling your IP
The objective is to uncover whether the materials include actual test items to indicate
“substantial similarity.” You may select to purchase one exam from a specific website to validate
infringement; it is not necessary to purchase different exams – you are only required to form a “good
faith belief” that the content is infringing.
If you do decide to purchase an exam(s), you may want to do so anonymously to mask the identity of
the test sponsor or vendor. Experience has shown that the infringing site may refuse to “sell” the
exam if it suspects that you are not an individual candidate.
Some approaches to consider when planning to purchase exams include: a) use of a credit card
(whether corporate or individual, as a means to keep from identifying to the seller who is attempting
to buy the exam); b) gift cards that usually do not reflect any owner’s name; or c) use of a private
investigation firm to make the purchases.
3. Compare and Validate – determine if the exam(s) contain actual test items or substantial
similar items
After obtaining a copy of your exam, you will need to determine how much infringement exists so
you can develop a “good faith belief” that materials are infringing and that there is a breach.
You do not have to do 100% analysis of every item or every test. The goal is to determine whether
the site is offering/selling real test questions or, alternatively, how close the purchased items are to
your actual items. A key factor is whether the subject items are “substantially similar” to your IP.
4. Prepare DMCA Notice – prepare notice to specific ISP to identify infringement concerns regarding
specific websites
Refer to the sample DMCA notice provided in this package as reference. Prepare the appropriate
notice that meets your organization’s requirements.
5. Send DMCA notice
Each organization will work with its internal/external resources to send the notices to the ISPs.
We request that they be scheduled to be sent on the specified target date, or as close to that date as
possible.
6. Check to Verify Content Removed
The ISPs are typically very responsive. You’ll want to visit the websites for a few days following
your letter to verify that the content you identified was removed. Send a follow up notice, if needed.
7. Notify Us - Please track the information to provide back to the Enforcement Subcommittee as this
will be of value as we plan the next campaign.
APPENDIX 4
FREQUENTLY ASKED QUESTIONS
1. Do I need to purchase every exam offered for sale by the web site in order to confirm that
infringement is occurring?
This will depend upon the facts and circumstances of your situation. You should not send a DMCA
take-down notice unless you have a good faith belief that your protected content is being infringed. In
some circumstances, it will be necessary to purchase the advertised exam(s) in order to confirm that this is
the case. In other cases, you may have sufficient information to justify a good faith belief that
infringement is occurring without purchasing one or more exams (e.g., web site explicitly states that its
materials are “real” test questions; your trademarked name or logo is being cited; prior experience with
same site operator, etc.). You should conduct whatever analysis you and your legal team deem
appropriate in order to satisfy this good faith obligation. You may also be able to infer infringement of all
exams advertised on a site by confirming that one test is infringing.
2. Do the pirated exam questions have to be identical to my program’s real test questions?
No, questions need not be identical in order to be infringing. The test under U.S. Copyright law is
whether the infringing items are “substantially similar” to the protected content. When evaluating
“substantial similarity” you should take into account the question stem, answer choices, and answer
format.
3. What if I have not registered my exams with the U.S. Copyright Office? Can I still send a
DMCA notice?
Yes. Registration with the U.S. Copyright Office is not required to trigger the protection of the U.S.
copyright laws (although most jurisdictions do require registration prior to taking some other actions,
such as filing a copyright infringement lawsuit). But so long as your program is the lawful copyright
owner of the content at issue, its authorized representative can send a take-down notice.
4. What if the web site is using my organization’s logo or name?
This may constitute trademark infringement. You may have the right to have your logo/name
removed from the site and should seek advice from your legal counsel. Currently, the focus of the
Enforcement Subcommittee’s take-down initiative is limited to copyright infringement; however, as
indicated above, the use of your logo or name may be sufficient to form a good faith belief that your
content is being infringed.
5. Does the take-down notice have to list all of the exams being infringed by the web site?
You should list or describe the protected work that you want removed from the site. You may
accomplish this by, for example, listing individual exams or simply requesting that all content related to
your company be removed.