[Federal Register Volume 85, Number 125 (Monday, June 29, 2020)]
[Proposed Rules]
[Pages 38806-38816]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-12969]


=======================================================================
-----------------------------------------------------------------------

LIBRARY OF CONGRESS

Copyright Office

37 CFR Part 202

[Docket No. 2016-03]


Mandatory Deposit of Electronic-Only Books

AGENCY: U.S. Copyright Office, Library of Congress.

ACTION: Notice of proposed rulemaking.

-----------------------------------------------------------------------

SUMMARY: The Copyright Office is issuing a revised proposed rule to 
make electronic-only books published in the United States subject to 
the Copyright Act's mandatory deposit provisions if they are 
affirmatively demanded by the Office. In response to comments received 
in response to the Office's April 16, 2018 Notice of Proposed 
Rulemaking, the revised proposed rule makes additional clarifying edits 
to the definition of an ``electronic-only book'' and adjusts the 
requirements related to employment of technological protection 
measures. This document also updates the public on developments 
subsequently announced by the Library of Congress related to certain 
questions raised in public comments with respect to its digital 
collection strategy and information technology security matters.

DATES: Written comments must be received no later than 11:59 p.m. 
Eastern Time on July 29, 2020.

ADDRESSES: For reasons of government efficiency, the Copyright Office 
is using the regulations.gov system for the submission and posting of 
public comments in this proceeding. All comments are to be submitted 
electronically through regulations.gov. Specific instructions for 
submitting comments are available on the Copyright Office website at 
https://www.copyright.gov/rulemaking/ebookdeposit. If electronic 
submission of comments is not feasible due to lack of access to a 
computer and/or the internet, please contact the Office using the 
contact information below for special instructions.

FOR FURTHER INFORMATION CONTACT: Regan A. Smith, General Counsel and 
Associate Register of Copyrights, [email protected]; Kevin R. Amer, 
Deputy General Counsel, [email protected]; or Mark T. Gray, Attorney-
Advisor, [email protected]. They can be reached by telephone at 202-
707-3000.

SUPPLEMENTARY INFORMATION:

I. Background

A. Mandatory Deposit Under the Copyright Act Generally

    Section 407 of title 17 requires that the owner of the copyright or 
the exclusive right of publication in a work published in the United 
States, within three months of publication, deposit ``two complete 
copies of the best edition'' with the Copyright Office ``for the use or 
disposition of the Library of Congress.'' \1\ The ``best edition'' is 
defined as ``the edition, published in the

[[Page 38807]]

United States at any time before the date of deposit, that the Library 
of Congress determines to be most suitable for its purposes.'' \2\ 
These requirements are governed by section 202.19 and Appendix B of 
part 202 of the Office's regulations, which set forth rules and 
criteria, respectively, for the different types of works subject to the 
mandatory deposit requirement.
---------------------------------------------------------------------------

    \1\ 17 U.S.C. 407(a), (b); see generally 37 CFR 202.19.
    \2\ 17 U.S.C. 101; see also 17 U.S.C. 407(b).
---------------------------------------------------------------------------

    Under the statute, the Register of Copyrights may issue a written 
demand for works at any time after they have been published in the 
United States, and failure to deposit after a demand may subject the 
recipient to monetary liability.\3\ Compliance with this section is 
separate from the copyright registration process, but the Copyright Act 
provides that deposits made under section 407 may be used to satisfy 
the registration deposit provisions under section 408, if all other 
registration conditions are met.\4\
---------------------------------------------------------------------------

    \3\ 17 U.S.C. 407(d).
    \4\ Id. at 408(b). Although section 408 states that copies 
deposited pursuant to the mandatory deposit provision in section 407 
may be used to satisfy the registration deposit requirement in 
section 408, in practice the Office treats copies of works submitted 
for registration as satisfying the mandatory deposit requirement 
(assuming the deposit requirements are the same), and not vice 
versa. 37 CFR 202.19(f)(1), 202.20(e); see 43 FR 763, 768 (Jan. 4, 
1978).
---------------------------------------------------------------------------

    Certain categories of works are not subject to mandatory deposit. 
As set out in the statute, unpublished works and foreign works that 
have not been published in any form in the United States do not have to 
be deposited. In addition, under section 407(c), the Register can, by 
regulation, exempt any categories of material from section 407's 
mandatory deposit requirements or demand only one copy to provide a 
``satisfactory archival record of a work.'' Under this authority, the 
Register has excluded numerous categories of works from the mandatory 
deposit requirement, such as greeting cards, architectural blueprints, 
and three-dimensional sculptural works.\5\
---------------------------------------------------------------------------

    \5\ See 37 CFR 202.19(c).
---------------------------------------------------------------------------

B. Regulations Regarding Mandatory Deposit of Electronic-Only Materials

    In 2010, the Office issued an interim rule (the ``2010 Interim 
Rule'') codifying its established practice of excluding from mandatory 
deposit requirements all ``[e]lectronic works published in the United 
States and available only online.'' \6\ The 2010 Interim Rule referred 
to such works as ``electronic-only.'' In generally excluding 
electronic-only works from the mandatory deposit requirement, the 
Office also, however, adopted an exception to this exemption, requiring 
the deposit of electronic-only serials if affirmatively demanded by the 
Office.\7\ An electronic-only serial is ``an electronic work published 
in the United States and available only online, issued or intended to 
be issued on an established schedule in successive parts bearing 
numerical or chronological designations, without subsequent 
alterations, and intended to be continued indefinitely.'' \8\ This 
category includes ``periodicals, newspapers, annuals, and the journals, 
proceedings, transactions, and other publications of societies.'' \9\ 
The 2010 Interim Rule stated that any additional categories of 
electronic-only works would first be ``identified as being subject to 
demand'' through a rulemaking with notice and comment before the Office 
issues any actual demands for such works.\10\ The present proposed rule 
is one such rulemaking.
---------------------------------------------------------------------------

    \6\ Mandatory Deposit of Published Electronic Works Available 
Only Online, 75 FR 3863, 3869 (Jan. 25, 2010) (``2010 Interim 
Rule''); 37 CFR 202.19(c)(5).
    \7\ 2010 Interim Rule at 3865-66. ``Electronic works'' are 
themselves defined as ``works fixed and published solely in an 
electronic format.'' 37 CFR 202.24(c)(3).
    \8\ 37 CFR 202.19(b)(4).
    \9\ Id.
    \10\ 2010 Interim Rule at 3866.
---------------------------------------------------------------------------

C. 2016 Notice of Inquiry Regarding Expansion of Demand-Based Deposit

    In 2016, the Office issued a notice of inquiry (``NOI'') that 
proposed to finalize the 2010 interim rule and to add a new category of 
online works--electronic-only books--to the demand-based mandatory 
deposit scheme.\11\ The Office sought comments on four topics: (1) The 
efficacy of the interim rule, including whether it adequately serves 
the needs of the Library and other affected parties and whether it 
could serve as a good framework for adding additional categories of 
electronic works to the mandatory deposit system; (2) the Library's 
access policy as applied to both electronic-only serials and, 
potentially, to electronic-only books; (3) ``information technology, 
security, and/or other requirements'' that should apply to the receipt 
and storage of, and access to, electronic-only books; and (4) how the 
``best edition'' requirements should be applied to the mandatory 
deposit of electronic-only books. The Office received fifteen comments 
on the proposed changes. While some of the comments praised the efforts 
to collect more works in the identified categories, others expressed 
reservations.
---------------------------------------------------------------------------

    \11\ Mandatory Deposit of Electronic Books and Sound Recordings 
Available Only Online, 81 FR 30505, 30506-08 (May 17, 2016) (``2016 
NOI''). The NOI also included online sound recordings as a potential 
additional category of works to subject to mandatory deposit, but 
the Office has decided to postpone further consideration of this 
issue until after the conclusion of this rulemaking.
---------------------------------------------------------------------------

D. 2018 Proposed Rule Regarding Electronic-Only Book Deposit

    In April 2018, the Office issued a notice of proposed rulemaking 
(``2018 NPRM'') seeking public comment on a proposal to finalize the 
interim rule and to extend the demand-based mandatory deposit 
requirements to electronic-only books.\12\ The 2018 NPRM proposed that 
the term ``electronic-only book'' be ``defined broadly as an electronic 
literary work published in one volume or a finite number of volumes 
published in the United States and available only online,'' with some 
exclusions for specific types of works such as serials, audiobooks, 
websites, blogs, and emails.\13\ To clarify how the rule would apply in 
the context of books available for print-on-demand, the definition 
provided that a work would be deemed available only online ``even if 
physical copies or phonorecords have been made on demand for individual 
consumers, so long as the work is otherwise available only online.'' 
\14\
---------------------------------------------------------------------------

    \12\ Mandatory Deposit of Electronic-Only Books, 83 FR 16269 
(Apr. 16, 2018) (``2018 NPRM'').
    \13\ Id. at 16272.
    \14\ Id. at 16272-73.
---------------------------------------------------------------------------

    The 2018 NPRM also addressed questions raised by commenters 
regarding Library access policies and information technology 
requirements. The Office proposed to modify existing regulations to 
apply the same access policies to deposited electronic-only books as 
those applicable to electronic deposits of newspapers: Access would be 
provided only to authorized users on Library of Congress premises and 
off-site to Library staff as part of their assigned duties via a secure 
connection.\15\ In response to comments expressing concern about the 
adequacy of the Library's technology security infrastructure, the 2018 
NPRM provided information on the recent steps taken by the Library to 
address its information technology needs, including the appointment of 
a permanent Chief Information Officer, the implementation of security 
standards, and the use of comprehensive security testing for all 
Library systems.\16\
---------------------------------------------------------------------------

    \15\ Id. at 16270 (citing 37 CFR 202.18).
    \16\ 2018 NPRM at 16273-74.
---------------------------------------------------------------------------

    Finally, the proposed rule established ``best edition'' 
requirements for electronic-only books, adopting provisions from the 
Library's Recommended Formats Statement with some clarifying language 
regarding the

[[Page 38808]]

``completeness'' of a work.\17\ These provisions also included a 
requirement that depositors remove technological measures that control 
access to or use of the work, as is currently required for electronic-
only serials.\18\
---------------------------------------------------------------------------

    \17\ Id. at 16274-75.
    \18\ Id. at 16275.
---------------------------------------------------------------------------

II. Discussion

    The Office received nine comments in response to the 2018 NPRM. 
Commenters generally expressed agreement with the broad goal of 
supporting the Library's acquisition and preservation of digital 
materials for the benefit of the American public. The Library Copyright 
Alliance supported the proposed rule ``because of the critical role of 
deposit in building the Library's collection and ensuring long-term 
preservation'' of digital materials.\19\ Authors Guild similarly noted 
that the Library ``cannot fulfill [its] mission today without 
collecting books that are published only in electronic form,'' \20\ and 
the Association of American Publishers stated ``[p]ublishers have long 
supported the special privilege of the Library to collect works'' 
through mandatory deposit.\21\ Authors Alliance supported the rule 
because, in its view, mandatory deposit ``serve[s] the long-term 
interests of authors by ensuring that their creative and intellectual 
legacies are preserved.'' \22\
---------------------------------------------------------------------------

    \19\ Library Copyright Alliance Comment at 2; see also 
University of Michigan Copyright Office Comment at 1-2 (``strongly 
support[ing]'' the proposed rule because it ``provide a means for 
the Library of Congress to acquire [electronic-only books], preserve 
them, and provide limited access to them'').
    \20\ Authors Guild Comment at 2.
    \21\ American Association of Publishers (``AAP'') Comment at 3-
4; see also Copyright Alliance Comment at 2 (noting ``the value of 
the Library's ongoing efforts to preserve culturally significant 
works'').
    \22\ Authors Alliance Comment at 2.
---------------------------------------------------------------------------

    At the same time, the comments revealed significant concern over 
several aspects of the proposed rule. A number of commenters requested 
clarification of the rule's intended scope, pointing to ambiguity in 
the definition of the term ``electronic-only book'' and uncertainty as 
to the collections policies that would govern acquisition 
decisions.\23\ Commenters also raised questions regarding the security 
of digital materials deposited pursuant to the rule. Some commenters 
urged the Office to provide additional assurances as to the adequacy of 
the Library's digital security practices,\24\ while others objected to 
the proposed requirement that deposited materials be free of 
technological protection measures.\25\
---------------------------------------------------------------------------

    \23\ Authors Guild Comment at 3-4 (raising questions about the 
Library's collections policies and recommending changes to 
definition of ``electronic-only book''); National Writers Union 
(``NWU'') Comment at 3-4 (expressing uncertainty about what material 
would be demanded based on Library collections policies); Copyright 
Alliance Comment at 3 (raising questions about Library's collections 
strategy).
    \24\ Copyright Alliance Comment at 4 (requesting the Library 
``demonstrat[e] the adequacy of the Library's IT system'' before 
finalizing the rule); Authors Guild Comment at 3 (seeking additional 
specifics about the ``security measures for e-books'' and requesting 
more information about Library's creation of a secure e-book 
repository); AAP Comment at 2-3 (seeking additional information 
about ``the state of the Library's technology capabilities, 
protocols, and security measures'').
    \25\ Copyright Alliance Comment at 4-5 (stating that 
technological protection measures serve as ``important safeguards'' 
for digital material); Authors Guild Comment at 5-6 (expressing 
concern that requiring removal of technological protection measures 
may ``essentially require the publisher to create a new edition'' 
where no such version is sold in the market).
---------------------------------------------------------------------------

    The Office has carefully considered these comments and finds that 
they have helpfully identified several areas that would benefit from 
further discussion or explanation. In response to certain issues raised 
by commenters, the Office has made revisions to the proposed regulatory 
text. In addition, to further demonstrate the basis for the proposed 
rule, the Office is providing additional information in response to 
commenters' questions regarding Library collections and security 
policies, including to share relevant developments that occurred after 
the close of the initial comment period.\26\ The Office addresses each 
of these issues below and welcomes additional public comment. In light 
of the existing rulemaking record and, as noted below, the progress the 
Library has reported to the Office in response to the 2018 NPRM, the 
Office anticipates being able to reasonably move forward with 
finalization of the proposed rule after this round of comments.
---------------------------------------------------------------------------

    \26\ The Library Copyright Alliance suggested the Library's 
access policies were overly restrictive and should allow for more 
than two users at a time to view the same resource. Library 
Copyright Alliance Comment at 4. For the reasons stated in the 2018 
NPRM, the Office believes the Library's access policies strike an 
appropriate balance between protecting against infringement and 
facilitating lawful uses by Library patrons. See 2018 NPRM at 16723.
---------------------------------------------------------------------------

A. Scope of Material Subject to Deposit

1. Definition of ``Electronic-Only Book''
    The 2018 proposed rule defined an ``electronic-only book'' as ``an 
electronic literary work published in one volume or a finite number of 
volumes published in the United States and available only online.'' 
\27\ It specifically excluded ``literary works distributed solely in 
phonorecords (e.g., audiobooks), serials (as defined in Sec.  
202.3(b)(1)(v)), computer programs, websites, blogs, and emails.'' \28\ 
A number of comments raised questions about the scope of materials that 
would be subject to mandatory deposit under this definition.
---------------------------------------------------------------------------

    \27\ 2018 NPRM at 16275.
    \28\ Id.
---------------------------------------------------------------------------

    First, the National Writers Union (NWU) found certain terminology 
in the proposed rule ambiguous. It noted that ``[t]he term `volume,' as 
applied to digital data, is normally used to describe a physical or 
virtual drive, storage device, partition, or filesystem, which can 
contain any number of related or unrelated files.'' \29\ NWU therefore 
believed the rule was unclear as to ``which digital files or groups of 
files the Copyright Office considers or will deem to constitute 
`volumes.' '' \30\ Additionally, NWU expressed confusion over the 
exclusion of ``websites'' and ``email'' from the definition, noting 
that ``[m]ost works distributed in electronic formats are distributed 
either as files downloadable from the World Wide Web--i.e., as part of 
websites--or by email.'' \31\ Based on this interpretation, NWU reads 
the proposed rule to exclude, for example, all e-book files released 
for the Amazon Kindle because those files ``can be downloaded . . . 
through the Amazon.com website'' and thus are ``part of websites.'' 
\32\
---------------------------------------------------------------------------

    \29\ NWU Comment at 3.
    \30\ Id.
    \31\ Id. at 4.
    \32\ Id. at 4.
---------------------------------------------------------------------------

    After consideration of NWU's comments, the Office does not agree 
that the cited provisions are likely to cause confusion. When read in 
context, the term ``volume'' cannot plausibly be understood to describe 
a physical or digital drive that stores data. Rather, the regulatory 
text makes clear that the term carries its ordinary meaning as a unit 
in which a ``literary work'' is published.\33\ The language simply 
indicates that, for purposes of defining an ``electronic-only book,'' 
it is immaterial whether a work is published in one file or is broken 
into multiple files. Nor does the Office find NWU's interpretation of 
``websites'' to be a reasonable reading. The fact that copies of a work 
are distributed via a website does not mean the work is part of the 
website. Moreover, excluding

[[Page 38809]]

such books would be at odds with both the purpose of the rule and 
Copyright Office practice. As the NOI explained, this proceeding is 
intended to facilitate collection of ``electronic books that have been 
published solely through online channels,'' \34\ which certainly would 
include books distributed through major platforms such as Amazon. 
Further, the Compendium of U.S. Copyright Office Practices provides 
that a ``work that is perceptible to the user only by downloading or 
separately purchasing that particular work is not considered part of 
the website for registration purposes and must be registered 
separately.'' \35\
---------------------------------------------------------------------------

    \33\ The existing interim rule for electronic serials uses the 
terms ``issues'' and ``volumes'' in reference to units of a literary 
work, and depositors have not expressed confusion in applying these 
terms. See 37 CFR 202 app. B.IX.A.2.b. (requiring submission of 
available metadata for ``volume(s)'' and ``issue dates(s)''); 2010 
Interim Rule at 3867 (``[I]t is expected that each issue of a 
demanded serial will be deposited with the Copyright Office 
thereafter as is the current practice.'').
    \34\ 81 FR at 30508.
    \35\ U.S. Copyright Office, Compendium of U.S. Copyright Office 
Practices sec. 1002.2 (3d ed. 2017).
---------------------------------------------------------------------------

    Second, the Authors Guild noted that the proposed regulatory 
language did not address the length of works subject to the rule even 
though ``books are generally defined as longer literary works.'' \36\ 
It recommended modifying the rule to clarify that ``very short works, 
such as a single poem or a string of tweets,'' are not covered.\37\
---------------------------------------------------------------------------

    \36\ Authors Guild Comment at 4.
    \37\ Id.
---------------------------------------------------------------------------

    Although the 2018 NPRM noted that the Library ``does not intend to 
obtain blog posts, social media posts, and general web pages'' through 
this rule,\38\ the Office agrees that that limitation could be made 
clearer in the regulatory text itself. The Office therefore proposes 
revising the definitional language to expressly exclude ``short online 
literary works such as social media posts.'' The Office considered the 
possibility of adopting a longer and more detailed list of exclusions 
but ultimately concluded that such an approach would be infeasible 
given the speed at which new online services emerge. Moreover, any 
attempt to further limit the subclasses of literary works subject to 
the rule could result in the exclusion of certain works that fall 
within the rule's intended scope. For example, excluding ``poems'' 
would not be advisable, as some poems are long enough to constitute a 
book (e.g., Paradise Lost). As noted in the 2018 NPRM, the Office 
recognizes that the traditional definition of a physical book ``does 
not translate neatly to the digital environment'' and that 
distinguishing ``electronic-only books'' from other types of online 
literary works may be difficult in certain cases at the margins.\39\ 
Nevertheless, the Office continues to believe that the overall 
definitional approach set forth in the 2018 NPRM strikes an appropriate 
balance between ensuring that the Library retains sufficient 
flexibility in its acquisition decisions, and making clear that rule's 
intended focus is on ``textual works that are marketed or presented as 
`electronic books' and other monographic works such as organizational 
reports and long-form essays''--and not on blogs, social media posts, 
websites, and the like.\40\ The additional language proposed here 
further clarifies this distinction.
---------------------------------------------------------------------------

    \38\ 2018 NPRM at 16272.
    \39\ Id.
    \40\ Id. To the extent that numerous short online posts, blogs, 
and social media posts are collected and published in a single 
monograph, such a collection would be subject to this rule, because 
it would be presented as an ``electronic book'' and would be 
copyrightable as a collective work.
---------------------------------------------------------------------------

    Third, the Authors Guild suggested that the proposed definition is 
underinclusive because the phrase ``available only online'' might not 
encompass electronic books distributed offline, such as books preloaded 
onto e-readers or tablets.\41\ The Authors Guild proposed instead that 
references to a work being ``available only online'' be replaced with 
``available in electronic form.'' \42\ The Office agrees that works of 
this type should be covered by the rule, but the language proposed by 
the Authors Guild potentially could sweep in electronic works that are 
also published in physical form. The Office believes that a more 
targeted solution is to address this situation in the section of the 
rule defining when a work is considered to be available only online. 
The revised proposed rule adds language to that definition providing 
that a work shall be deemed to be available only online ``even if 
copies have been loaded onto electronic devices, such as tablets or e-
readers, in advance of sale to individual consumers, so long as the 
work is otherwise available only online.''
---------------------------------------------------------------------------

    \41\ Authors Guild Comment at 4.
    \42\ Id.
---------------------------------------------------------------------------

    Fourth, AAP raised questions about the rule's requirement that 
``[a]ll updates, supplements, releases, and supersessions'' of the work 
be deposited in a timely manner. AAP requested that the Office define 
the terms ``updates, supplements, releases, and supersessions'' and 
sought clarification as how the Office would treat books available in 
print whose digital editions contain additional content or 
revisions.\43\ After consideration, the Office does not believe 
modification of the regulatory text is necessary. The language 
regarding updates and similar material is analogous to a longstanding 
requirement in the best edition regulations for printed textual matter, 
which require ``the regular and timely receipt of all appropriate 
looseleaf updates, supplements, and releases.'' \44\ The deposit 
requirement for updates to electronic-only books will be administered 
in the same manner that publishers are accustomed to for printed 
material. Nor is revision required to accommodate books available in 
print with additional content in a digital version. Where a work is 
available in both digital and print editions, the work is not 
``available only online,'' and thus is not subject to the rule. To the 
extent the digital version contains supplementary material that is not 
published in the physical version, the electronically enhanced version 
would be subject to demand if it constitutes a separate ``work'' under 
the Copyright Act and is not otherwise excluded from the rule.
---------------------------------------------------------------------------

    \43\ AAP Comment at 7 (inquiring as to the ``degree of variation 
from the print version [that] suffices to make an electronic-only 
book subject to the requirement'').
    \44\ 37 CFR 202 app. B.I.A.8.
---------------------------------------------------------------------------

    Fifth, the Office has determined that the rule should be revised to 
further clarify when print-on-demand books are to be deemed ``available 
only online.'' The original proposed rule provided that ``[a] work 
shall be deemed to be available only online even if physical copies 
have been made on demand for individual consumers, so long as the work 
is otherwise available only online.'' \45\ The Office proposed that 
definition to address commenters' concern that, in the case of books 
made available for printing by individual consumers, ``it [would] be 
difficult for publishers to determine whether such works are subject to 
the general exemption for electronic-only works (and the demand-based 
mandatory deposit scheme proposed here), or whether they are subject to 
affirmative mandatory deposit requirements.'' \46\ The 2018 NPRM thus 
contemplated that a work would qualify as an e-book under the rule even 
if copies were ``printed privately, in consumers' homes, or at kiosks 
at brick-and-mortar bookstores.'' \47\
---------------------------------------------------------------------------

    \45\ 2018 NPRM at 16275.
    \46\ Id. at 16272-73.
    \47\ Id. at 16273.
---------------------------------------------------------------------------

    That situation, however, is distinguishable from a business model 
in which an author, publisher, or distributor prints copies in response 
to purchases by individual consumers. For example, a physical or online 
retailer might place orders for printed copies of a particular title 
only as individual requests for that title are received from customers, 
as opposed to ordering multiple copies from the publisher in advance of 
any customer purchases. These books are outside the scope of

[[Page 38810]]

this rule, and instead remain subject to the general mandatory deposit 
obligation under section 407. In circumstances where a retailer 
provides a physical copy for sale, it is immaterial to the purchaser--
and likely unknown to acquisition specialists at the Copyright Office--
whether the retailer has multiple copies on hand or obtains them 
individually to fulfill purchases as they occur. To make this 
distinction clear, the Office has amended the proposed rule to more 
precisely refer to books made available for on-demand printing by 
individual consumers, as distinguished from on-demand activities 
performed by distributors, publishers, retailers, or others in the 
supply chain. The revised language provides: ``A work shall be deemed 
to be available only online even if copies have been made available to 
individual consumers to print on demand, so long as the work is 
otherwise available only online.'' \48\
---------------------------------------------------------------------------

    \48\ On a related issue, one commenter inquired whether a 
copyright owner could comply with a demand from the Office under 
this rule by providing a print version of an electronic-only book. 
AAP Comment at 7. Because this rule is crafted ``as a way to fulfill 
the Library's digital collections,'' 2018 NPRM at 16271, the rule 
does not contemplate deposit of a print version of an electronic-
only book. As with any deposit demand under section 407, however, 
copyright owners may request special relief from the deposit 
requirement to provide a different format, such as a print version. 
Such a decision would be made by the Register after consultation 
with other appropriate officials from the Library of Congress. See 
37 CFR 202.19(e)(2).
---------------------------------------------------------------------------

2. The Library's Collections Policies
    In discussing the scope of materials subject to deposit under this 
rule, a number of commenters sought additional information about the 
Library of Congress's specific collections policies. As the AAP put it, 
``[i]n providing for the transfer of said copies through mandatory 
deposit, Congress made clear that the Library must make demands under 
Section 407 with a purpose.'' \49\ The NWU stated that it ``remain[ed] 
puzzled as to what works the Copyright Office intends to demand be 
deposited'' under the proposed rule,\50\ and the Authors Guild desired 
to see a ``comprehensive collection strategy'' from the Library before 
finalization of a rule.\51\ The Copyright Alliance expressed concern 
that there was a ``lack of a clear and cohesive digital collections 
strategy within the Library of Congress'' and requested the opportunity 
to give input into that strategy.\52\ And with respect to collection 
and preservation of digital materials specifically, the Authors' Guild 
explained, ``[i]t is our understanding that the Library has not yet 
created and adopted a comprehensive strategy for safely storing books 
published in electronic form, despite the fact that e-books and 
electronic audio books have been a significant and growing percentage 
of books published for over a decade.'' \53\
---------------------------------------------------------------------------

    \49\ AAP Comment at 4 (citing H.R. Rep. No. 1476, 94th Cong., 2d 
Sess. 151 (1976)).
    \50\ NWU Comment at 3.
    \51\ Authors Guild Comment at 3.
    \52\ Copyright Alliance Comment at 3.
    \53\ Authors Guild Comment at 2.
---------------------------------------------------------------------------

    As the 2018 NPRM indicates, the Copyright Office consults with the 
Library and relies on those discussions along with the Library's public 
statements in considering and responding to commenters' concerns in 
this area.\54\ According to the Library, the criteria used to determine 
what electronic materials to acquire ``do not greatly differ from those 
used for other formats.'' \55\ The Library prepares subject-specific 
Collections Policy Statements (e.g., Education, Chemical Sciences, 
Medicine, Theater) and makes them available on its website.\56\ These 
policies detail what kinds of works the Library seeks to collect and at 
what level of comprehensiveness. For example, the Political Science 
statement notes that the Library seeks to ``collect[ ] all the 
important current reference works'' in the field, regardless of 
language, while it collects foreign textbooks ``on a highly selective 
basis.'' \57\ The Library also maintains supplementary guidelines to 
assist in applying these standards to electronic works.\58\ For 
example, the guidelines note that criteria weighing in favor of 
acquisition include the at-risk nature of a work or its availability 
only in digital format.\59\ In general, however, the Office understands 
that Library acquisition decisions involving electronic materials are 
governed by the relevant Collections Policy Statement, as is true for 
works in physical format.\60\ As the Library's Collection Development 
Office has explained, this policy reflects the Library's effort to 
develop ``one interdependent collection that contains both its 
traditional physical holdings and materials in digital formats.'' \61\
---------------------------------------------------------------------------

    \54\ See 2018 NPRM at 16271, 16273 (noting consultations with 
and public statements by the Library).
    \55\ Library of Congress, Library of Congress Collections Policy 
Statements Supplementary Guidelines: Electronic Resources 2 (Aug. 
2016), https://www.loc.gov/acq/devpol/electronicresources.pdf.
    \56\ See Collections Policy Statements and Supplementary 
Guidelines, Library of Congress, https://www.loc.gov/acq/devpol/cpsstate.html.
    \57\ Library of Congress, Library of Congress Collections Policy 
Statements: Political Science 2-3 (Nov. 2017), https://www.loc.gov/acq/devpol/polisci.pdf.
    \58\ Library of Congress, Library of Congress Collections Policy 
Statements Supplementary Guidelines: Electronic Resources 2 (Aug. 
2016), https://www.loc.gov/acq/devpol/electronicresources.pdf.
    \59\ Id.
    \60\ See, e.g., Library of Congress, Library of Congress 
Collections Policy Statements: Political Science 2 (Nov. 2017), 
https://www.loc.gov/acq/devpol/polisci.pdf (``[c]omparable 
electronic materials are collected at the same levels'' as physical 
materials).
    \61\ Library of Congress Collection Development Office, 
Collecting Digital Content at the Library of Congress at 3 (Feb. 
2017), https://www.loc.gov/acq/devpol/CollectingDigitalContent.pdf.
---------------------------------------------------------------------------

    With respect to commenters' concerns about the Library's digital 
strategy,\62\ the Library has provided further public information 
following the close of the comment period, most notably in its five-
year strategic plan and in a formal digital strategy document that 
supports the strategic plan. The 2019-2023 strategic plan, Enriching 
the User Experience, notes that ``being digitally enabled is paramount 
to [the Library of Congress's] success.'' \63\ Describing digital 
efforts as an ``ongoing process,'' the plan states that in the next 
five years the Library will streamline its operational capabilities and 
undertake efforts to identify gaps in expertise and recruit new talent 
to fill those gaps.\64\ The Library's digital strategy, published in 
April 2019, describes a five-year plan for expanding its digital 
collections and providing access to that material, in connection with 
the Library's broad goals of ``throwing open the treasure chest, 
connecting, and investing in our future.'' \65\ It notes that the 
Library intends to ``exponentially'' expand its digital collections, 
provide ``maximum authorized access'' to material in the collection 
depending on the type of patron, and use ``verifiable chain of 
custody'' to ensure the authenticity of digital material and prevent 
digital deterioration.\66\
---------------------------------------------------------------------------

    \62\ Authors Guild Comment at 2; Copyright Alliance Comment at 
3.
    \63\ Library of Congress, Enriching the Library Experience: The 
FY2019-2023 Strategic Plan of the Library of Congress at 13, https://www.loc.gov/static/portals/strategic-plan/documents/LOC_Strat_Plan_2018.pdf.
    \64\ Id. at 13, 23.
    \65\ Library of Congress, Digital Strategy at 2 (Apr. 26, 2019), 
https://www.loc.gov/static/portals/digital-strategy/documents/Library-of-Congress-Digital-Strategy-v1.1.2.pdf.
    \66\ Id. at 3-4, 10 (digital acquisitions will be expanding ``as 
outlined in Collecting Digital Content at the Library of 
Congress''); see also Library of Congress Collection Development 
Office, Collecting Digital Content at the Library of Congress at 3-6 
(Feb. 2017), https://www.loc.gov/acq/devpol/CollectingDigitalContent.pdf (describing Library's plans to expand 
digital collections through avenues such as copyright deposit, 
purchase, and exchange).
---------------------------------------------------------------------------

    The Library also has worked to implement the recommendation made in 
an April 2015 report by its Inspector

[[Page 38811]]

General (``OIG'') on these issues.\67\ In March 2018, the OIG noted 
that the Library had made progress toward creating ``an overarching, 
transformative eCollections Strategy for collecting electronic works'' 
by aligning all electronic collection under a single Digital Collecting 
Plan.\68\ A subsequent OIG report noted that the Library has provided 
evidence of its efforts toward closing this recommendation, including 
``current Library of Congress Collections Policy Statements, which 
include digital content and proof that digital collecting is part of 
overarching Library collections strategies.'' \69\ The report further 
noted that the Library and OIG met in September 2019 to discuss next 
steps to achieve closure of the remaining e-deposit and e-collections 
recommendations.\70\
---------------------------------------------------------------------------

    \67\ See Library of Congress Office of the Inspector General, 
The Library Needs to Determine an eDeposit and eCollections Strategy 
at 12 (Apr. 24, 2015), https://www.loc.gov/static/portals/about/documents/edeposit-and-ecollections-strategy-april-2015.pdf.
    \68\ Library of Congress Office of the Inspector General, 
Semiannual Report to Congress at 38 (Mar. 30, 2018), https://www.loc.gov/static/portals/about/office-of-the-inspector-general/annual-reports/documents/March2018-semi-annual-report-to-congress.pdf.
    \69\ Library of Congress Office of the Inspector General, 
Semiannual Report to Congress at 30 (Sept. 30, 2019), https://www.loc.gov/static/portals/about/office-of-the-inspector-general/annual-reports/documents/September-2019-OIG-Semiannual-Report-to-Congress.pdf.
    \70\ Id.
---------------------------------------------------------------------------

    The Office interprets this additional information to further 
clarify that the Library's plans to increase its digital collection do 
not reflect a shift in the content-based considerations underlying its 
collections policies. Rather, the Office understands that the Library's 
digital collections policies are substantively the same as its policies 
for physical works, and so an expansion of the mandatory deposit rule 
to electronic-only books would not significantly change the nature of 
the Library's collections activity.

B. Technological Protection Measures

    The 2018 proposed rule provided that ``technological measures that 
control access to or use of the work should be removed.'' \71\ In 
support of that requirement, the 2018 NPRM noted that while 
technological protection measures (``TPM''s) ``provide significant 
security assurances, . . . encumbering deposited copies with such 
protections would conflict with the Library's purposes of preserving 
the works.'' \72\ This requirement was adopted for electronic serials 
in the 2010 interim rule \73\ and, to the Office's knowledge, has 
functioned without issue for those deposits.
---------------------------------------------------------------------------

    \71\ 2018 NPRM at 16275.
    \72\ Id.
    \73\ 2010 Interim Rule at 3870.
---------------------------------------------------------------------------

    Some commenters objected to extending this requirement to 
electronic-only books. For example, the Authors Guild expressed concern 
that in some instances, the only published edition of a book may be one 
employing technological protection measures, and that requiring removal 
would force some publishers to ``transfer the files to new formats or 
use hacking codes to remove the controls.'' \74\ This would ``not only 
put[ ] the author's work at risk of piracy, but [would] put[ ] an 
unnecessary burden on publishers, especially on authors who 
independently publish and small publishers.'' \75\ The Copyright 
Alliance pointed to this requirement as heightening concerns about the 
Library's IT security system, arguing that the possession of 
unencrypted digital works greatly increases the potential harm if the 
Library's storage system were ever breached.\76\
---------------------------------------------------------------------------

    \74\ Authors Guild Comment at 5.
    \75\ Id.
    \76\ Copyright Alliance Comment at 4-5.
---------------------------------------------------------------------------

    For the reasons noted in the 2018 NPRM, the Library generally 
prefers TPM-free editions of works to simplify and further its 
preservation efforts.\77\ At the same time, the 2018 NPRM noted that 
the statutory deposit requirement is limited to the best published 
edition and ``does not require the publisher or producer to create a 
special preservation copy simply for the benefit of the Library of 
Congress.'' \78\ To appropriately balance these considerations, and to 
respond to commenters' concerns, the revised proposed rule removes the 
requirement that TPMs be removed from deposit copies, but updates the 
Best Edition regulations in Appendix B to Part 202 to reflect the 
Library's preference for a TPM-free edition, if such a version has been 
published. That is, where a publisher has published both TPM-protected 
and non-TPM-protected versions of an e-book, the best edition for 
purposes of this rule is the latter. In accordance with the general 
approach of Appendix B to provide alternate options in descending 
orders of preference, where an electronic-only book is not published 
TPM-free, the proposed rule would next accept a copy for which the 
owner has elected to remove such technological measures.
---------------------------------------------------------------------------

    \77\ The University of Michigan Copyright Office wrote in 
support of this proposed requirement because, in its experience, 
``such technological measures seriously impede long-term 
preservation.'' University of Michigan Copyright Office Comment at 
3.
    \78\ 2018 NPRM at 16274-75.
---------------------------------------------------------------------------

    It is important to note, however, that under section 202.24, the 
Office's regulations already provide that deposits ``must be able to be 
accessed and reviewed by the Copyright Office, Library of Congress, and 
the Library's authorized users on an ongoing basis.'' \79\ Such 
language is consistent with section 407 of the Copyright Act, which 
obligates deposit of materials for ``use or disposition of the Library 
of Congress'' in its collections.\80\ So as a floor, the proposed rule 
clarifies that deposits must be otherwise provided in a manner that 
meets the requirements of current section 202.24(a)(4). In sum, 
depositors must take reasonable steps to ensure that the Library is 
able to access the work to the extent necessary for preservation and 
other lawful uses.\81\ In the case of a TPM-protected work, such 
efforts might include providing the same access codes that are 
available to purchasing consumers. And as explained in the NPRM, ``in 
the unlikely event that the Library seeks to acquire a work that is 
only published in a proprietary format that cannot be viewed by the 
Library, the Office will work with the publisher to identify a means to 
access the work.'' \82\
---------------------------------------------------------------------------

    \79\ 37 CFR 202.24(a)(4).
    \80\ As commenters noted, in 1998, Congress specifically 
protected the use of technological protection measures by copyright 
owners by establishing a separate remedy against circumvention of 
such measures under section 1201 of title 17. See Copyright Alliance 
Comment at 5 (raising concerns about removal of technology 
protection measures, ``which Congress considered critical enough to 
secure with independent legal protection''). But there is no 
indication that there was any congressional intent to abrogate the 
Library's preexisting entitlement to usable deposits in section 407. 
See 17 U.S.C. 407(b) (``The required copies . . . shall be deposited 
. . . for the use or disposition of the Library of Congress.'').
    \81\ Cf. 37 CFR 202.20(b)(2)(iii)(D) (noting that correspondence 
may be necessary for digital deposits ``if the Copyright Office 
cannot access, view, or examine the content of any particular 
digital file that has been submitted for the registration of a 
work'').
    \82\ 2018 NPRM at 16274.
---------------------------------------------------------------------------

C. Library of Congress IT Security

    Several comments were directed not at the specific regulatory text 
in the proposed rule but instead at the Library's IT security practices 
and the ability of the Library to secure electronic deposits from 
digital theft. The 2018 NPRM briefly discussed the Library's work in 
this area,\83\ but in light of the level of concern expressed by 
commenters, and because of important developments that have occurred 
since the close of the prior comment period, the Office is providing 
additional

[[Page 38812]]

information shared by the Library that speaks to these issues.
---------------------------------------------------------------------------

    \83\ Id. at 16273-74.
---------------------------------------------------------------------------

    Many commenters from organizations representing copyright owners 
were reluctant to support the proposed rule without additional 
assurances regarding the Library's security capabilities. The Authors 
Guild stated that it was ``premature'' to finalize a rule until the 
Library could ``ensure[ ]'' the security of e-books, and requested that 
a full security plan be explained and ``vetted with publishers.'' \84\ 
The Copyright Alliance requested that the Library ``demonstrat[e] the 
adequacy of the Library's IT system'' before finalizing a rule, lest 
the Office ``put[ ] the cart before the horse'' in demanding ``blind 
faith'' from copyright owners that the Library will protect 
deposits.\85\ And AAP said it would be ``premature'' and ``nothing 
short of reckless'' to issue a final rule before implementation of the 
recommendations of the Government Accountability Office (``GAO'') in 
its 2015 report on the Library's IT management.\86\
---------------------------------------------------------------------------

    \84\ Authors Guild Comment at 2-3.
    \85\ Copyright Alliance Comment at 4.
    \86\ AAP Comment at 3, 5; see Government Accountability Office, 
Strong Leadership Needed to Address Serious Information Technology 
Management Weaknesses (Mar. 31, 2015), https://www.gao.gov/assets/670/669367.pdf.
---------------------------------------------------------------------------

    The Copyright Office appreciates concerns about the security of 
digital deposits and agrees that the Office and Library occupy a 
position of public trust with respect to copyright deposits. It is 
incumbent on both organizations to operate in accordance with that 
trust. As the Library has stated in its digital strategy, ``[p]romoting 
creativity and building cultural heritage collections entails 
protecting creators' intellectual property rights. This responsibility 
is salient at the Library, as the home of the United States Copyright 
Office.'' \87\ After consultation with the Library, the Office is 
sharing additional information provided to it that discusses the 
significant effort the Library has undertaken to revamp its IT 
operations and ensure the integrity of its electronic deposits and 
other digital material in its collections.
---------------------------------------------------------------------------

    \87\ Library of Congress, Digital Strategy at 4 (Apr. 26, 2019), 
https://www.loc.gov/static/portals/digital-strategy/documents/Library-of-Congress-Digital-Strategy-v1.1.2.pdf.
---------------------------------------------------------------------------

    As an initial matter, the Library has provided assurances of its 
commitment to digital security, both in public statements and in 
consultations with the Office. As the Library's Chief Information 
Officer testified to Congress in December 2019, ``the Library is well 
aware of the need to ensure the security of the digital content in 
[its] care.'' \88\ He also has testified that the Library is 
implementing encryption for electronic copyright deposits, putting such 
materials on the same footing as other sensitive Library data.\89\ 
Likewise, the Library has informed the Office that electronic deposits 
are given the same level of security as other highly sensitive 
information held by the Library, such as congressional material. 
According to the Library, this material is stored on a network that 
complies with the security standards established by the National 
Institute of Standards and Technology (``NIST''),\90\ including 
standards SP 800-53 Rev. 4 \91\ and FIPS 140-2,\92\ among others. NIST 
creates these security standards as required by the Federal Information 
Security Management Act,\93\ which seeks to ensure that federal 
agencies ``incorporate adequate, risk-based, and cost-effective 
security compatible with business processes.'' \94\ Through its 
systems, the Library has received tens of millions of digital files in 
the last decade, including over 300,000 electronic serial issues and 
460,000 electronic books received under the interim rule or pursuant to 
special relief agreements with publishers. As the Library has reported 
to the Copyright Office, in no known instance has the Library's 
security been breached or its digital collections stolen.
---------------------------------------------------------------------------

    \88\ Oversight of Modernization of the United States Copyright 
Office, Hearing Before the Senate Subcomm. on Intellectual Property, 
116th Cong. 3 (Dec. 10, 2019) (prepared statement of Bernard A. 
Barton, Jr., Chief Information Officer, Library of Congress), 
https://www.judiciary.senate.gov/imo/media/doc/Barton%20Testimony.pdf (``Dec. 2019 Senate Oversight CIO 
Statement'').
    \89\ Id. at 4.
    \90\ See id. at 3-4 (stating that the Library has ``implemented 
NIST security standards, with role based security, to ensure that 
users only have access to the data they are supposed to see'').
    \91\ Special Publication (SP) 800-53 is ``a catalog of security 
and privacy controls for federal information systems and 
organizations'' provided by NIST that is meant to secure federal 
organizations ``from a diverse set of threats including hostile 
cyber attacks, natural disasters, structural failures, and human 
errors (both intentional and unintentional).'' SP 800-53 Rev. 4: 
Security and Privacy Controls for Federal Information Systems and 
Organizations, NIST (Jan. 22, 2015), https://csrc.nist.gov/publications/detail/sp/800-53/rev-4/final.
    \92\ The FIPS 140-2 standard is the current set of requirements 
for cryptographic security outlined by NIST. See FIPS 140-2: 
Security Requirements for Cryptographic Modules, NIST (May 25, 
2001), https://csrc.nist.gov/publications/detail/fips/140/2/final.
    \93\ The Federal Information Security Management Act was passed 
as Title III of the E-Government Act of 2002, Public Law 107-347.
    \94\ 44 U.S.C. 3602(f)(15) (describing responsibilities of head 
of Office of Electronic Government); see also National Institute of 
Standards and Technology, FISMA Implementation Project: FISMA 
Background (Feb. 26, 2020), https://csrc.nist.gov/projects/risk-management/detailed-overview/ (describing law as ``explicitly 
emphasiz[ing] a risk-based policy for cost-effective security'').
---------------------------------------------------------------------------

    Since the 2018 NPRM was published, the Library has provided 
additional detail on its IT security policies in several recent public 
statements, including congressional testimony. The Library's Chief 
Information Officer recently testified that the Library has 
``significantly increased our IT security posture over the last few 
years. We have implemented NIST security standards, with role based 
security, to ensure that users only have access to the data they are 
supposed to see.'' \95\ He further noted that the Library regularly 
conducts penetration tests of its high value assets and ``are 
implementing encryption--at-rest and in-motion--for all sensitive 
Library data, including e-deposits.'' \96\ Noting that ``[s]ecurity is 
always a top priority for all Library IT,'' he further stated that the 
Library employs cybersecurity professionals to proactively monitor, 
test, and oversee security of the Library's systems.\97\
---------------------------------------------------------------------------

    \95\ Dec. 2019 Senate Oversight CIO Statement at 3-4. With 
respect to digital deposits, for example, the only staff able to 
access digital copies of audiovisual works are system administrators 
and employees of the Library's National Audio-Visual Conservation 
Center.
    \96\ Id.
    \97\ Id.
---------------------------------------------------------------------------

    The Librarian has similarly testified that the Library had made 
``significant IT security improvements'' and cybersecurity enhancements 
``to heighten the detection of threats, thwart denial of service 
attacks, protect against malware and enable continuous monitoring so 
that issues are prevented, and if they occur, quickly identified and 
resolved.'' \98\ Other improvements highlighted by the Library include 
requiring all staff to use multi-factor authentication to access the 
Library's systems,\99\ upgrading the Library to a new data center that 
reduces the risk of service interruptions,\100\ and

[[Page 38813]]

participating in the Legislative Branch Cyber Security Working Group, 
which facilitates the exchange of expertise and coordination in 
response to security threats.\101\
---------------------------------------------------------------------------

    \98\ Library of Congress Modernization Oversight, Hearing Before 
the Senate Comm. on Rules and Admin., 116th Cong. 23-24, (Nov. 7, 
2019) (prepared statement of Carla Hayden, Librarian of Congress), 
https://www.govinfo.gov/content/pkg/CHRG-116shrg38506/pdf/CHRG-116shrg38506.pdf (``Nov. 2019 Senate Oversight Hearing'').
    \99\ Id. at 23 (``We have implemented multi-factor 
authentication for all users, enhancing security protections for 
access to sensitive Library resources.'').
    \100\ Annual Oversight of the Library of Congress, Hearing 
Before the Senate Comm. on Rules & Admin. 116th Cong. 21-22 (Mar. 6, 
2019) (prepared statement of Carla Hayden, Librarian of Congress), 
https://www.rules.senate.gov/imo/media/doc/Annual%20Oversight%20of%20the%20library%20of%20Congress%20Transcript.pdf (``Mar. 2019 Senate Oversight Hearing'') (``We are optimizing 
our hosting environments by transitioning to a new, Tier III-level 
data center, reducing the risk of service interruptions.'').
    \101\ Id. at 21.
---------------------------------------------------------------------------

    More generally, the Library has sought to provide greater 
coordination by centralizing all IT efforts under the direction of the 
Office of the Chief Information Officer (``OCIO''). As the Librarian 
has explained, centralization was completed in October 2018 (after the 
close of the comment period), and now OCIO serves as the ``single 
authoritative source for technology'' at the Library.\102\ The Library 
has stated that it views IT centralization as key to enabling more 
efficient use of IT resources and improving IT security.\103\
---------------------------------------------------------------------------

    \102\ Nov. 2019 Senate Oversight Hearing at 23 (prepared 
statement of Carla Hayden, Librarian of Congress).
    \103\ Mar. 2019 Senate Oversight Hearing at 16.
---------------------------------------------------------------------------

    In addition, in late 2019 the Library launched a Digital 
Collections Management Compendium (``DCMC''), an online resource that 
collects the Library's policies and practices for management of its 
digital collections.\104\ The DCMC is intended to ``broadly explain the 
Library's practices for managing digital content for the public.'' 
\105\ It includes information about how the Library keeps inventory and 
tracks use of digital material, who is responsible for the security of 
digital collections, and what policies govern user permissions and 
periodic reviews of staff accounts.\106\ For example, its guidance for 
digital collections security for stored digital content states:
---------------------------------------------------------------------------

    \104\ See Library of Congress, Digital Collections Management: 
About This Program, https://loc.gov/programs/digital-collections-management/about-this-program/.
    \105\ Library of Congress, Digital Collections Management: 
Frequently Asked Questions, https://www.loc.gov/programs/digital-collections-management/about-this-program/frequently-asked-questions/. The information in the Compendium is ``specifically 
focused on a collections management approach to ongoing management 
of digital collections'' and thus ``focuses less on the specific 
technical requirements of systems and more on the areas of work 
which are critical to the Library at present, including digital 
formats, custody, and inventory management.'' Id.
    \106\ Library of Congress, Digital Collections Security, https://www.loc.gov/programs/digital-collections-management/inventory-and-custody/digital-collections-security/ (explaining that ``digital 
collections security policies and systems ensure that appropriate 
controls prevent unauthorized access, changes, deletion, or removal 
of collection content'' and that the Library coordinates periodic 
account review to ``ensure[ ] that appropriate access levels are 
maintained for digital content managers, and that account holders 
and system users represent currently active Library staff'').

    To safeguard digital collections, the Library will develop and 
follow policies to ensure that only authorized user accounts and 
systems may modify digital collection content. Inventory systems 
maintain logs of actions on digital content by digital content 
managers as well as systems. No single user should be able to 
unilaterally move or delete digital content without following an 
established procedure or system protocol, which can be monitored 
according to the documentation and recordkeeping of actions in 
inventory logs.\107\
---------------------------------------------------------------------------

    \107\ Id.

    The DCMC also sets out a set of principles to be followed by the 
Library in providing access to digital collections that are 
supplementary to the regulatory restrictions established in 37 CFR 
202.18, including ``communicat[ing] known restrictions'' on digital 
works to patrons and requiring patrons seeking use of digital items to 
``mak[e] independent legal assessments and secur[e] necessary 
permissions.'' \108\
---------------------------------------------------------------------------

    \108\ Library of Congress, Principles of Access, https://www.loc.gov/programs/digital-collections-management/access/principles-of-access/. See also 2018 NPRM at 16275 (expanding 37 CFR 
202.18 to electronic deposits under this rule); 2016 NOI at 30508.
---------------------------------------------------------------------------

    The Library's security efforts are bolstered by oversight from the 
OIG, which issues public reports detailing the Library's progress. For 
example, the OIG's March 2019 semiannual report to Congress noted that 
the Library uses Security Information and Event Management (``SIEM'') 
functionality for ``robust continuous monitoring capabilities and 
ongoing insight into IT security control effectiveness.'' \109\ The OIG 
noted that it had engaged an IT contractor to evaluate the Library's 
``SIEM implementation strategy and execution, internal controls, 
configuration, and incident detection response,'' and that the Library 
agreed with all of the resulting recommendations.\110\ OIG also 
monitors the Library's security practices in connection with its April 
2015 report, which recommended that the Library, in developing a 
comprehensive policy for digital collections, ensure that electronic 
collections material be protected by ``robust security'' to prevent 
``loss, alteration, and unauthorized access'' \111\ The OIG's March 
2018 report stated that ``the Library's IT Security Program and Systems 
Development Lifecycle addresses the need for robust security.'' \112\
---------------------------------------------------------------------------

    \109\ Library of Congress Office of the Inspector General, 
Semiannual Report to Congress at 10 (Mar. 29, 2019), https://www.loc.gov/static/portals/about/office-of-the-inspector-general/annual-reports/documents/March2019-OIG-Semiannual-Report-to-Congress.pdf.
    \110\ Id.
    \111\ Library of Congress Office of the Inspector General, The 
Library Needs to Determine an eDeposit and eCollections Strategy at 
35 (Apr. 24, 2015), https://www.loc.gov/static/portals/about/documents/edeposit-and-ecollections-strategy-april-2015.pdf 
(recommending Architecture Review Board be required to address 
eCollections security needs).
    \112\ Library of Congress Office of the Inspector General, 
Semiannual Report to Congress at 33 (Mar. 30, 2018), https://www.loc.gov/static/portals/about/office-of-the-inspector-general/annual-reports/documents/March2018-semi-annual-report-to-congress.pdf.
---------------------------------------------------------------------------

    Further, the Library has announced significant strides toward full 
implementation of the GAO's 2015 recommendations.\113\ Some commenters 
requested that the Office wait to issue a final rule until the GAO's 
thirty-one public recommendations had been implemented.\114\ In late 
2019, the Librarian reported to Congress that all but four of the 
public recommendations have been implemented and closed, and that the 
GAO is reviewing the Library's evidence for closing the final six (two 
of which are not public).\115\ Moreover, three of the four remaining 
public recommendations do not directly implicate security, instead 
involving the adoption of organizational plans for cost estimates, 
project scheduling, and customer satisfaction.\116\ The final

[[Page 38814]]

outstanding public recommendation, No. 22, calls for comprehensive and 
effective security testing.\117\ In response, the Library advised the 
GAO that it has conducted monthly tests since August 2015, and in 
November 2019 the Library provided the GAO with security control 
assessments for select systems.\118\ The Library has advised Congress 
that it expects to achieve closure of these outstanding recommendations 
within the next several months.\119\
---------------------------------------------------------------------------

    \113\ The GAO landing page for the report keeps track of which 
recommendations have been closed and the status of those that remain 
open. U.S. Government Accountability Office, Library of Congress: 
Strong Leadership Needed to Address Serious Information Technology 
Management Weaknesses, https://www.gao.gov/products/GAO-15-315#summary_recommend. See Government Accountability Office, Strong 
Leadership Needed to Address Serious Information Technology 
Management Weaknesses (Mar. 31, 2015), https://www.gao.gov/assets/670/669367.pdf (underlying report).
    \114\ AAP Comment at 3 (``AAP insists that it is premature for 
the Copyright Office to issue a final rule for the benefit of the 
Library before there is public accountability as to the Library's 
implementation of all of the Government Accountability Office's 2015 
rectifying recommendations''); Copyright Alliance Comment at 4-5 
(citing GAO report and recommending a delay until ``proper IT 
security and infrastructure is in place and fully functional'').
    \115\ Nov. 2019 Senate Oversight Hearing at 22-23 (prepared 
statement of Carla Hayden, Librarian of Congress) (of the 107 total 
recommendations made by GAO, Library has closed 27 out of 31 public 
recommendations, 72 out of 74 non-public recommendations, and both 
recommendations for Copyright Office technology); Oversight of 
Modernization of the United States Copyright Office, Hearing Before 
Senate Subcomm. on Intellectual Property, 116th Cong. 1 (Dec. 10, 
2019) (prepared statement of Carla Hayden, Librarian of Congress), 
https://www.judiciary.senate.gov/imo/media/doc/Hayden%20Testimony.pdf (``Dec. 2019 Senate Oversight Librarian 
Statement'') (``[T]his hard work has allowed us to close as 
implemented nearly 95% of the IT recommendations made by the 
Government Accountability Office (GAO) in 2015, and we will keep 
working until we close 100%.'').
    \116\ See U.S. Government Accountability Office, Library of 
Congress: Strong Leadership Needed to Address Serious Information 
Technology Management Weaknesses, https://www.gao.gov/products/GAO-15-315#summary_recommend (comments in response to Recommendations 
17, 18, 30).
    \117\ Id. (``To better protect IT systems and reduce the risk 
that the information they contain will be compromised, the Librarian 
should conduct comprehensive and effective security testing for all 
systems within the time frames called for by Library policy, to 
include assessing security controls that are inherited from the 
Library's information security program.'').
    \118\ Id. (comments in response to Recommendation 22).
    \119\ See Nov. 2019 Senate Oversight Hearing at 14 (testimony by 
Bernard A. Barton, Jr., Chief Information Officer, Library of 
Congress) (``We are in constant communication with the GAO and 
providing evidence on closing out the remaining six finding. I do 
not have any concerns about being able to meet that by the end of 
this fiscal year.''); Dec. 2019 Senate Oversight Librarian Statement 
at 1 (``this hard work has allowed us to close as implemented nearly 
95% of the IT recommendations made by the Government Accountability 
Office (GAO) in 2015, and we will keep working until we close 
100%'').
---------------------------------------------------------------------------

    While the Office appreciates commenters' interest in full 
implementation of the GAO's recommendations, it does not appear that 
the few remaining open items provide a basis for further delaying 
issuance of the proposed rule, particularly given the Library's overall 
efforts with respect to IT security since 2018. Collectively, those 
efforts support the Library's statement that it has ``invested heavily 
in the optimization and centralization of information technology'' and 
that ``from a technological perspective, the Library of Congress today 
is a fundamentally different institution than it was just three short 
years ago.'' \120\ Further, the Library has repeatedly expressed a 
commitment ``to ensure the security of the digital content in [its] 
care.'' \121\ The Office believes that these security upgrades, 
together with the additional IT-related information made public since 
the close of the prior comment period, may reasonably address the 
concerns raised by commenters regarding the security of digital 
deposits.\122\ To ensure, however, that stakeholders have an adequate 
opportunity to consider and respond to the information provided on this 
important issue, the Office invites further comment on this topic.
---------------------------------------------------------------------------

    \120\ Dec. 2019 Senate Oversight Barton Statement at 1.
    \121\ Id. at 3; Mar. 2019 Senate Oversight Hearing at 16 (Mar. 
6, 2019) (testimony by Carla Hayden, Librarian of Congress) (stating 
that ``security is of paramount importance'' in response to question 
about whether Library was prepared for security threats to Library 
and Copyright Office materials); Oversight of the Library of 
Congress' Information Technology Management, Hearing Before the 
House Committee on Administration, 115th Cong. 10 (June 8, 2017) 
(testimony of Bernard A. Barton, Jr., Chief Information Officer, 
Library of Congress) https://www.govinfo.gov/content/pkg/CHRG-115hhrg27632/pdf/CHRG-115hhrg27632.pdf (``As confidential 
consultants to the Congress, administrator of the national copyright 
system, and stewards of the Nation's cultural history, the Library 
is well aware of the need to ensure security of the digital content 
in our care.''); see also Library of Congress, Digital Strategy at 4 
(Apr. 26, 2019), https://www.loc.gov/static/portals/digital-strategy/documents/Library-of-Congress-Digital-Strategy-v1.1.2.pdf 
(``Promoting creativity and building cultural heritage collections 
entails protecting creators' intellectual property rights. This 
responsibility is salient at the Library, as the home of the United 
States Copyright Office. We will explore creative solutions to 
reduce the barriers to material while respecting the rights of 
creators, the desires of our donors, and our other legal and ethical 
responsibilities.'').
    \122\ The Library has also sought stakeholder input when making 
technology decisions, providing opportunities for commenters to 
advise on the Library's security practices. See Dec. 2019 Senate 
Oversight Barton Statement at 1 (thanking leaders of subcommittee 
``for facilitating the opportunity for . . . me to speak with 
copyright stakeholders last month about modernization,'' as such 
dialogue ``goes a long way to increase transparency and clarify 
OCIO's role in the copyright modernization process''); Library of 
Congress, Library of Congress Fiscal 2020 Budget Justification at 
121, https://www.loc.gov/static/portals/about/reports-and-budgets/documents/budgets/fy2020.pdf (``the USCO and Library's OCIO will 
provide opportunities for broad involvement'' through ``[o]ngoing 
stakeholder outreach'' in modernizing Copyright Office systems).
---------------------------------------------------------------------------

III. Subjects of Inquiry

    After considering the comments in response to the 2018 NPRM, the 
Office is proposing certain revisions to the initial proposed rule. The 
amended rule:
    (1) Redefines an ``electronic-only book'' to clarify that short 
online works, such as social media posts, are not intended to be 
encompassed by the rule;
    (2) Clarifies that books that are preloaded onto electronic devices 
before those devices are sold to consumers are subject to the rule, 
provided they otherwise meet its requirements;
    (3) Modifies the definitional language to further clarify when 
print-on-demand books are to be deemed ``available only online''; and
    (4) Removes the requirement that all technological protection 
measures be removed, while retaining the general requirement that 
deposits be able to be ``accessed and reviewed by the Copyright Office, 
Library of Congress, and the Library's authorized users on an ongoing 
basis.''
    The Copyright Office invites comment from the public on these 
proposed amendments and on the other matters discussed in this notice.

List of Subjects in 37 CFR Part 202

    Copyright.

Proposed Regulations

    For the reasons set forth in the preamble, the Copyright Office 
proposes amending 37 CFR part 202 as follows:

PART 202--PREREGISTRATION AND REGISTRATION OF CLAIMS TO COPYRIGHT

0
1. The authority citation for part 202 continues to read as follows:

    Authority: 17 U.S.C. 408(f), 702.

0
2. Amend Sec.  202.18 by:
0
a. Adding in paragraph (a) the words ``and Sec.  202.19, and 
transferred into the Library of Congress's collections,'' after ``under 
Sec.  202.4(e)'' in the first sentence;
0
b. Adding in paragraph (b), the words ``and Sec.  202.19'' after 
``under Sec.  202.4(e)'' in the first sentence;
0
c. Adding in paragraph (c), the words ``and Sec.  202.19'' after 
``under Sec.  202.4(e)'' in the first sentence, and d. Adding paragraph 
(f) to read as follows:


 Sec.  202.18   Access to electronic works.

* * * * *
    (f) Except as provided under special relief agreements entered into 
pursuant to Sec.  202.19(e) or Sec.  202.20(d), electronic works will 
be transferred to the Library of Congress for its collections and made 
available only under the conditions specified by this section.
0
3. Amend Sec.  202.19 by:
0
a. Revising paragraph (b)(4), and
0
b. Adding in paragraph (c)(5), the words ``electronic-only books and'' 
after the words ``This exemption includes''.
    The revisions read as follows:


Sec.  202.19   Deposit of published copies or phonorecords for the 
Library of Congress.

* * * * *
    (b) * * *
    (4) For purposes of paragraph (c)(5) of this section:
    (i) An electronic-only serial is a serial as defined in Sec.  
202.3(b)(1)(v) that is published in electronic form in the United 
States and available only online.
    (ii) An electronic-only book is an electronic literary work 
published in one volume or a finite number of volumes published in the 
United States and available only online. This class excludes literary 
works distributed solely in phonorecords (e.g., audiobooks), serials 
(as defined in Sec.  202.3(b)(1)(v)), computer programs, websites, 
blogs, emails, and short online literary works such as social media 
posts.
    (iii) A work shall be deemed to be available only online even if 
copies have been made available to individual

[[Page 38815]]

consumers to print on demand, so long as the work is otherwise 
available only online. A work also shall be deemed to be available only 
online even if copies have been loaded onto electronic devices, such as 
tablets or e-readers, in advance of sale to individual consumers, so 
long as the work is otherwise available only online.
* * * * *
0
4. Amend Sec.  202.24 by:
0
a. Removing in paragraph (a)(2), the words ``works'' and adding in its 
place the words ``electronic-only serials''.
0
b. Redesignating paragraphs (a)(3) and (4) as paragraphs (a)(4) and 
(5), respectively.
0
c. Adding new paragraph (a)(3).
0
d. Removing in paragraph (b), the words ``online-only'' and adding in 
its place the words ``electronic-only''.
0
e. Revising paragraph (c)(3).
    The addition and revision reads as follows:


Sec.  202.24   Deposit of published electronic works available only 
online.

* * * * *
    (a) * * *
    (3) Demands may be made only for electronic-only books published on 
or after EFFECTIVE DATE OF RULE.
* * * * *
    (c) * * *
    (3) ``Electronic-only'' works are electronic works that are 
published and available only online.
* * * * *

Appendix B to Part 202 [Amended]

0
6. Amend Appendix B to Part 202 by revising paragraph IX to read as 
follows:
* * * * *

IX. Electronic-Only Works Published in the United States and Available 
Only Online

    The following encodings are listed in descending order of 
preference for all deposits in all categories below:
    1. UTF-8.
    2. UTF-16 (with BOM).
    3. US-ASCII.
    4. ISO 8859.
    5. All other character encodings.
    A. Electronic-Only Serials:
    1. Content Format:
    a. Serials-specific structured/markup format:
    i. Content compliant with the NLM Journal Archiving (XML) 
Document Type Definition (DTD), with presentation stylesheet(s), 
rather than without NISO JATS: Journal Article Tag Suite (NISO 
Z39.96-201x) with XSD/XSL presentation stylesheet(s) and explicitly 
stated character encoding.
    ii. Other widely used serials or journal XML DTDs/schemas, with 
presentation stylesheet(s), rather than without.
    iii. Proprietary XML format for serials or journals (with 
documentation), with DTD/schema and presentation stylesheet(s), 
rather than without.
    b. Page-oriented rendition:
    i. PDF/UA (Portable Document Format/Universal Accessibility; 
compliant with ISO 14289-1).
    ii. PDF/A (Portable Document Format/Archival; compliant with ISO 
19005).
    iii. PDF (Portable Document Format, with searchable text, rather 
than without; highest quality available, with features such as 
searchable text, embedded fonts, lossless compression, high 
resolution images, device-independent specification of colorspace; 
content tagging; includes document formats such as PDF/X).
    c. Other structured or markup formats:
    i. Widely-used serials or journal non-proprietary XML-based 
DTDs/schemas with presentation stylesheet(s).
    ii. Proprietary XML-based format for serials or journals (with 
documentation) with DTD/schema and presentation stylesheet(s).
    iii. XHTML or HTML, with DOCTYPE declaration and presentation 
stylesheet(s).
    iv. XML-based document formats (widely used and publicly 
documented). With presentation stylesheets, if applicable. Includes 
ODF (ISO/IEC 26300) and OOXML (ISO/IEC 29500).
    d. PDF (web-optimized with searchable text).
    e. Other formats:
    i. Rich text format.
    ii. Plain text.
    iii. Widely-used proprietary word processing or page-layout 
formats.
    iv. Other text formats not listed here.
    2. Metadata Elements: If included with published version of 
work, descriptive data (metadata) as described below should 
accompany the deposited material:
    a. Title level metadata: Serial or journal title, ISSN, 
publisher, frequency, place of publication.
    b. Article level metadata, as relevant/or applicable: Volume(s), 
number(s), issue dates(s), article title(s), article author(s), 
article identifier (DOI, etc.).
    c. With other descriptive metadata (e.g., subject heading(s), 
descriptor(s), abstract(s)), rather than without.
    3. Completeness:
    a. All elements considered integral to the publication and 
offered for sale or distribution must be deposited--e.g., articles, 
table(s) of contents, front matter, back matter, etc. Includes all 
associated external files and fonts considered integral to or 
necessary to view the work as published.
    b. All updates, supplements, releases, and supersessions 
published as part of the work and offered for sale or distribution 
must be deposited and received in a regular and timely manner for 
proper maintenance of the deposit.
    4. Technological measures that control access to or use of the 
work should be removed.
    B. Electronic-Only Books:
    1. Content Format:
    a. Book-specific structured/markup format, i.e., XML-based 
markup formats, with included or accessible DTD/schema, XSD/XSL 
presentation stylesheet(s), and explicitly stated character 
encoding:
    i. BITS-compliant (NLM Book DTD).
    ii. EPUB-compliant.
    iii. Other widely-used book DTD/schemas (e.g., TEI, DocBook, 
etc.).
    b. Page-oriented rendition:
    i. PDF/UA (Portable Document Format/Universal Accessibility; 
compliant with ISO 14289-1).
    ii. PDF/A (Portable Document Format/Archival; compliant with ISO 
19005).
    ii. PDF (Portable Document Format; highest quality available, 
with features such as searchable text, embedded fonts, lossless 
compression, high resolution images, device-independent 
specification of colorspace; content tagging; includes document 
formats such as PDF/X).
    c. Other structured markup formats:
    i. XHTML or HTML, with DOCTYPE declaration and presentation 
stylesheet(s).
    ii. XML-based document formats (widely-used and publicly-
documented), with presentation style sheet(s) if applicable. 
Includes ODF (ISO/IEC 26300) and OOXML (ISO/IEC 29500).
    iii. SGML, with included or accessible DTD.
    iv. Other XML-based non-proprietary formats, with presentation 
stylesheet(s).
    v. XML-based formats that use proprietary DTDs or schemas, with 
presentation stylesheet(s).
    d. PDF (web-optimized with searchable text).
    e. Other formats:
    i. Rich text format.
    ii. Plain text.
    iii. Widely-used proprietary word processing formats.
    iv. Other text formats not listed here.
    2. Metadata Elements: If included with published version of 
work, descriptive data (metadata) as described below should 
accompany the deposited material:
    a. As supported by format (e.g., standards-based formats such as 
ONIX, XMP, MODS, or MARCXML either embedded in or accompanying the 
digital item): Title, creator, creation date, place of publication, 
publisher/producer/distributor, ISBN, contact information.
    b. Include if part of published version of work: Language of 
work, other relevant identifiers (e.g., DOI, LCCN, etc.), edition, 
subject descriptors, abstracts.
    3. Rarity and Special Features:
    a. Limited editions (including those with special features such 
as high resolution images.)
    b. Editions with the greatest number of unique features (such as 
additional content, multimedia, interactive elements.)
    4. Completeness:
    a. For items published in a finite number of separate 
components, all elements published as part of the work and offered 
for sale or distribution must be deposited. Includes all associated 
external files and fonts considered integral to or necessary to view 
the work as published.
    b. All updates, supplements, releases, and supersessions 
published as part of the work and offered for sale or distribution 
must be submitted and received in a regular and timely manner for 
proper maintenance of the deposit.
    5. Technological Protection Measures:

[[Page 38816]]

    a. Copies published in formats that do not contain technological 
measures controlling access to or use of the work.
    b. Copies published with technological measures that control 
access to or use of the work, and for which the owner has elected to 
remove such technological measures.
    c. Copies otherwise provided in a manner that meets the 
requirements of Sec.  202.24(a)(5).
* * * * *

    Dated: June 11, 2020.
Regan A. Smith,
General Counsel and Associate Register of Copyrights.
[FR Doc. 2020-12969 Filed 6-26-20; 8:45 am]
BILLING CODE 1410-30-P