REPRESENTATIONAGREEMENT

EX-10.8 7 ex10-8.htm

REPRESENTATION AGREEMENT

This Representation Agreement (“Agreement”) is entered into as of March 18, 2013, by and between Rightscorp, Inc. d/b/a DigitalRights, a Delaware corporation (“DigitalRights”) located at 3100 Donald Douglas Loop North, Santa Monica CA 90405 and Warner Bros. Entertainment Inc. (hereinafter, “You” or “Your”) located at 4000 Warner Boulevard, Burbank, CA 91522.

Background of Agreement

A.	DigitalRights is in the business of identifying and monitoring illegal downloads of copyrighted content, forwarding Digital Millennium Copyright Act (“DMCA”) notices, and providing a settlement collections model for copyright owners and administrators for online peer-to-peer (“P2P”) infringements of their content.

B.	You own or control copyrights in and to certain content and desire to appoint DigitalRights as Your non-exclusive representative and agent within the territory and during a three (3) month trial period (“Term”) to monitor infringements resulting from unauthorized downloads and uploads by individual infringers (each an “Infringer”) on P2P networks (each an “Infringement”) via the internet of Protected Copyrights, to collect data regarding such infringements, to offer settlements to Infringers on Your behalf, and to collect all monies paid in settlement thereof.

Agreement

NOW, THEREFORE, in consideration of the mutual covenants and agreements contained herein, and intending to be legally bound hereby, the parties hereto agree as follows:

1.	You hereby appoint and authorize DigitalRights as your agent throughout the universe (the “Territory”) solely to monitor the Internet for Infringements by Infringers of your owned and/or controlled copyrights in and to the copyrights set forth on the attached Schedule A (“Protected Copyrights”) (which may be amended from time to time via an addendum to Schedule A, to be sent by You to DigitalRights) and to do the following:

a.	Collect data as to Infringements of the Protected Copyrights;

b.	Send notices (including, without limitation, DMCA notices and takedown letters in the form required by law, if appropriate) to the Internet Service Providers (“ISPs”) of infringements by the Infringers, and to negotiate settlements on Your behalf to each Infringer for each identified Infringement of the Protected Copyrights (each a “Settlement”);

c.	Collect all amounts from Settlements; and

Page 1 of 6

d.	Pay You fifty percent (50%) of the Net Revenues collected by DigitalRights, payable pursuant to Paragraph 6, below. “Net Revenues” shall mean the gross settlement DigitalRights actually receives from Infringers (“Gross Collection Amount”), less fees actually paid to third parties for credit card processing, transaction fees, and potential fees to ISPs, but in no event less than 88% of Gross Collection Amounts.

2.	This Agreement shall continue for the duration of the Term, at the conclusion of which Warner Bros. Entertainment Inc. will decide whether to renew the Agreement, upon terms to be negotiated between the parties at that time. The parties agree and acknowledge that no representations, warranties, estimates, or predictions have been made by or on behalf of DigitalRights as to the success of the services provided herein or the extent that it will generate Settlements, if any.

3.	a. You represent that You legally own, control and/or administer the share of the Protected Copyrights, as specified on Schedule A. For the avoidance of doubt, Protected Copyrights shall refer specifically only to the share represented by You, and DigitalRights authorization hereunder shall apply solely to such share.

	b. DigitalRights warrants and represents that it has not entered into and shall not enter into any agreement with a third party that contains provisions materially more favorable to such third party than those applicable to You hereunder. In the event that DigitalRights agrees to any such materially more favorable provisions in a third-party agreement, such materially more favorable provisions shall be deemed incorporated into this agreement, prospectively from the date of that third-party agreement.

4.	You may consent to adding additional Protected Copyrights to Schedule A or deleting Protected Copyrights from Schedule A in writing (via facsimile, mail or e-mail) requesting such action, and DigitalRights shall timely confirm each modification to the Protected Copyrights upon receipt of any such writing.

5.	During the Term DigitalRights shall have the exclusive right to collect settlements for Infringements of the Protected Copyrights on P2P Networks. It is contemplated that DigitalRights shall collect settlements of $20.00 for each Infringement, but DigitalRights may accept lower amounts in settlement if in the reasonable judgment of Digital Rights, accepting such lower amount is a prudent business decision. You acknowledge and agree that Digital Rights often offers incentives (in the form of reduced settlement amounts) to Infringers that are guilty of multiple Infringements.

Page 2 of 6

6.	DigitalRights shall send You monthly reports setting forth the Gross Collection Amount for each Protected Copyright, the deductions therefrom and the Net Revenues due You. Payments shall be made on a quarterly basis, with payment being made within forty-five (45) days after the end of each quarterly period. DigitalRights shall keep complete, detailed, and accurate books and records of all Gross Collection Amounts and all deductions therefrom resulting in Net Revenues, during the Term, as well as any amounts received after the Term. DigitalRights shall continue to make quarterly payments of Net

	Revenues to You on any amounts that are received after the Term. You shall have the right to inspect, examine, and copy DigitalRights’ books and records (an “Audit”), with respect to any statement received by you during the Term and for twenty-four (24) months thereafter, (the “Audit Period”). You may conduct an Audit: (1) At any time within twenty-four (24) months following the receipt by You of a statement from DigitalRights during the Audit Period; (2) only with reasonable, advance written notice to DigitalRights; (3) only for the purpose of verifying the amounts collected and due to You hereunder; (4) only once with respect to each statement; (5) during regular business hours at DigitalRights’ normal place of business; (6) at Your sole cost and expense.

7.	You recognize that DigitalRights is providing the service described herein to You on a non-exclusive basis, and accordingly, DigitalRights may perform for others services that are similar or identical to the service provided to You under this Agreement, and this Agreement does not prevent DigitalRights from providing such services or developing materials that are competitive with those developed or provided hereunder regardless of any similarity to the service provided herein.

8.	You hereby represent, warrant and covenant that, with respect to this Agreement: (i) the execution, delivery, and performance by You of this Agreement has been or as of the date of execution will have been, duly authorized by all necessary corporate or other required action; (ii) the individual executing such documents on Your behalf was duly authorized to do so; (iii) the Agreement constitutes a legal, valid, and binding agreement and is enforceable in accordance with its terms; and (iv) the Protected Copyrights, to the best of Your knowledge, do not violate, misappropriate, or infringe upon the intellectual property or other rights of any third party.

9.	This Agreement has been entered into in the State of California, and the validity, interpretation, and legal effect of this Agreement shall be governed by the laws of the State of California applicable to contracts entered into and performed entirely within the State of California. The state courts of the State of California in California County, and the federal courts for the Central District of California, shall have sole and exclusive jurisdiction and venue of any and all controversies regarding or arising from this Agreement (a “Related Action”). Any Related Action will be brought in those courts, and not elsewhere. In connection with any Related Action, the parties hereto expressly consent to personal jurisdiction in the State of California and hereby agree to waive any objections based upon lack of personal jurisdiction, lack of subject matter jurisdiction, forum non conveniens or any similar grounds.

Page 3 of 6

10.	This Agreement contains the entire understanding and agreement between the parties hereto with respect to the subject matter and supersedes any prior or contemporaneous written or oral agreements, representations, understandings, or warranties between them. No change, modification, waiver, discharge, amendment, or addition to this Agreement shall be binding unless it is in writing and signed by the parties hereto.

11.	The invalidity or unenforceability of any particular provision of this Agreement shall not affect the other provisions of this Agreement, and this Agreement shall be construed in all respects as if such invalid or unenforceable provision were omitted.

12.	No delay, forbearance, or neglect by either party in the enforcement of any of the conditions, rights or remedies provided for in this Agreement shall constitute a waiver thereof in any instance or for the future.

13.	This Agreement may be executed in any number of counterparts each of which shall be enforceable against the parties executing such counterparts, and all of which together shall constitute a single document. Except as otherwise stated herein, in lieu of the original documents, a facsimile transmission, copy or scan of the original documents shall be as effective and enforceable as the original.

14.	Any notice given under this Agreement shall be addressed to the parties at their respective addresses as first set forth hereinabove and shall be sufficient if in writing and if personally delivered, or if sent registered or certified mail, return receipt requested, or by reputable overnight courier with proof of delivery, to the following addresses (or at such other addresses as the Parties may designate in writing), all notices shall be deemed given when sent except that a notice of change of address shall only be effective upon its receipt. Copies of all notices sent hereunder shall be sent as follows, provided that a failure to send any such copy shall not impair the effectiveness of the notice delivered:

If to You:	If to DigitalRights:

As first above written.	As first above written.

Attn: David P. Kaplan

SVP and IP Counsel

15.

DigitalRights and its personnel or agents, in performance of this Agreement, are acting as independent contractors and not as employees or agents of You. Under no circumstance will either party have the right or authority to enter into any contracts or assume any obligations for the other or to give any warranty to or make any representation on behalf of the other, except as expressly set forth herein.

Page 4 of 6

IN WITNESS WHEREOF, the parties have executed this Agreement in Los Angeles, California as of the date set forth above.

ACCEPTED AND AGREED TO:		ACCEPTED AND AGREED TO:

WARNER BROS. ENTERTAINMENT, INC		RIGHTSCORP, INC. d/b/a DIGITALRIGHTS

By:	David P. Kaplan	By:	Christopher Sabec
Title:	SVP and IP Counsel	Title:	CEO
Date:	March 18, 2013	Date:	March_, 2013

Page 5 of 6

SCHEDULE A annexed to and forming a part of the Representation Agreement by and between Rightscorp, Inc. d/b/a DigitalRights and Warner Bros. Entertainment, Inc. dated as of February 25, 2013.

SCHEDULE OF PROTECTED COPYRIGHTS

FILMS

Trouble with the Curve

The Apparition

The Campaign

Argo

Magic Mike

Supernatural

Friends

Gossip Girl

The Big Bang Theory

Vampire Diaries

Page 6 of 6

Privacy and Data Security Addendum

This Privacy and Data Security Addendum (the “Addendum”) is hereby incorporated into the Representation Agreement by and between Rightscorp, Inc. d/b/a DigitalRights and Warner Bros. Entertainment Inc. (“You”), dated March 18, 2013 (the “Agreement”). Any terms not defined in this addendum have the definitions given them in the Agreement. To the extent any term or condition of this Addendum conflicts with any term or condition of the Agreement, the terms and conditions of this Addendum will control.

In consideration of the mutual covenants and agreements set forth herein, and for other good and valuable consideration, the receipt and sufficiency of which is hereby acknowledged, the parties hereby agree as follows:

Ownership of Data. In the course of providing services to You pursuant to the Agreement (“Services”), DigitalRights will collect information required to process payment via an Infringer’s payment card, including the Infringer’s payment card account number, PIN, security code, and expiration date (“Payment Card Data”). DigitalRights will also collect other information provided by or about an Infringer, including without limitation, the Infringer’s name, address, e-mail address, IP address, and information about Infringement (“Consumer Information”). As between DigitalRights and You, You own all right, title, and interest in Consumer Information. DigitalRights will provide to You, by secure, mutually agreed means and at mutually agreed intervals, all Consumer Information collected by DigitalRights. Subject to the terms of this Agreement, as between DigitalRights and You, DigitalRights owns all right, title, and interest in the Payment Card Data. DigitalRights will not send or provide to You any Payment Card Data. For purposes of this Agreement, the term “Data” means Payment Card Data and Consumer Information collectively.

II.	Data Security.

a.	DigitalRights Systems. DigitalRights is solely responsible for any computer network or systems used to provide the Services, including without limitation any network or system used to store, route, access, transmit, display, host or process Data, whether such network or systems are owned or operated by DigitalRights or a third party on DigitalRights’ behalf (“DigitalRights Systems”). DigitalRights is likewise solely responsible for any authorized or unauthorized collection, storage, disclosure and use of, or access to, the Data.

b.	Data Security Requirements. DigitalRights represents, warrants and covenants that for the duration of the Term, it will (i) implement and maintain administrative, physical and technical safeguards that prevent unauthorized collection, use or disclosure of, or access to the Data; (ii) comply with all applicable laws, regulations, agency rules and guidance, court orders, and executive orders, including without limitation those relating to privacy, security, and consumer protection and the Federal Trade Commission Red Flag Rules; (iii) comply with all industry standards and self-regulatory practices relating to handling of the Data, and (iv) all terms of use, privacy policies, and requirements provided by You, including without limitation the security measures specified in Attachment 1 (as each of the foregoing in (ii) - (iv) as may be adopted or amended from time to time during the Term).

PCI Compliance. At all times for the duration of the Term, DigitalRights will comply with the Payment Card Industry Data Security Standard (“PCI DSS”) and the payment card brands’ rules and regulations, including without limitation (i) providing data security reports as may be required by the credit card issuer; (ii) paying any fines and penalties in the event DigitalRights fails to comply with requirements; and (iii) fully cooperating with, and providing access to, the credit card issuer or credit card brand to conduct a security review of DigitalRights’ policies and procedures. DigitalRights will at its own expense undergo a PCI DSS compliance audit on no less than an annual basis and provide the results of such audit to You.

III. Resources; Personnel. DigitalRights represents, warrants, and covenants for the duration of the

Term that it will (i) ensure that each of its employees, independent contractors, and subcontractors who perform any Services (the “Resources”) have all permits and licenses required to perform the Services; (ii) promptly perform, at its own expense, a background check on all Resources assigned to perform Services; (iii) ensure that Resources are adequately trained to perform the Services, including with respect to call center scripts approved by You; (iv) select and supervise a sufficient labor pool to supply and complete the Services in a professional and workmanlike manner; and (v) ensure that the Resources are subject to and adhere to all terms set forth in the Agreement, including without limitation confidentiality obligations. DigitalRights is liable for the actions and omissions of all Resources with respect to the Services and handling of Data.

IV. Data; Databases; Privacy. DigitalRights represents, warrants, and covenants for the duration of the Term that it will (i) access, use, and process the Data (and ensure that Resources access, use, and process the Data) only as necessary to perform the Services and in accordance with the instructions given by You; and (ii) notify You if it becomes aware of any breach of Your privacy policy or any change in applicable laws that would require a modification of Your privacy policy.

V. Security Breach.

Notice. DigitalRights will immediately notify You at ChiefPrivacyOfficer@wamerbros.com of any actual, probable or reasonably suspected breach of DigitalRights’ security, including without limitation any actual, probable or reasonably suspected unauthorized access to or acquisition, use, loss, destruction, compromise or disclosure of Data (a “Security Breach”).

b.	Cooperation. DigitalRights hereby represents, warrants, and covenants that in the event of any Security Breach, it will (i) designate a single individual employed by DigitalRights as Your primary contact regarding the Security Breach; (ii) promptly investigate and remediate any deficiencies that resulted in the Security Breach at no additional charge to You; (iii) make best efforts to recover any Data affected by the Security breach; (iv) be liable for any expenses associated with the Security Breach, including without limitation the cost of any required legal compliance (e.g., notices required by applicable laws) and the expenses related to the investigation into the Security Breach; and (v) provide You with assurance satisfactory to You that such Security Breach or potential Security Breach will not recur. Without limiting the generality of the foregoing, in the event of a Security Breach involving Consumer Information, DigitalRights will also (x) cooperate with You and any law enforcement, regulatory, or governmental body with oversight over the Security Breach in investigating, remedying, and taking any other action You deem necessary regarding the Security Breach and any related dispute, inquiry or claim; and (y) at Your request, engage a mutually approved third party to investigate the Security Breach at DigitalRights’ expense. Unless prohibited by an applicable statute or court order, DigitalRights will notify You of any third party legal process relating to any Security Breach. In no event will DigitalRights serve any notice of or otherwise publicize a Security Breach involving Consumer Information without the prior written consent of You.

c.	Upon Termination. Upon termination of the Agreement and successful transition to a new service provider, DigitalRights will provide a copy of all Consumer Information to You by mutually agreeable means and then (at Your sole discretion) destroy and provide You with a certificate of destruction of all Data in its possession and control. DigitalRights will retain no copies of any Data, electronic or otherwise.

VI. Security Audits.

Vulnerability Scans and Penetration Testing by DigitalRights. DigitalRights will implement and maintain systems and procedures for detecting, preventing and responding to attacks, intrusions, or other systems failures and regularly test or otherwise monitor the effectiveness of the safeguards’ key controls, systems, and procedures. Such testing will include: (1) a vulnerability scanning schedule whereby critical DigitalRights server and service delivery infrastructure segments are scanned (each a “Vulnerability Scan”) included no less than once per week using vulnerability scanning software and port detection; and (ii) a schedule of penetration testing of critical DigitalRights server and service delivery infrastructure segments no less than once per calendar quarter during the Term (“Penetration Testing”). Such Penetration testing will include testing for security vulnerabilities, denial of service vulnerabilities and system access/firewall configuration. Upon Your request, DigitalRights will provide You with copies of its Vulnerability Scans and Penetration Testing.

b.	Security Audit by You. You reserve the right to audit, test, verify, and review (“Security

	Audit”) DigitalRights’ implementation of its reasonable security measures with appropriate written notice. You may designate a qualified third-party auditor (“Auditor”) to conduct a Security Audit at Your expense. DigitalRights will (i) promptly disclose information reasonably necessary (including without limitation any applicable logs, policies, records or other materials) and (ii) provide access to any DigitalRights Systems and its premises as may be reasonably required for Your Auditor to perform the Security Audit.

	Obligation to Cure Deficiencies. In the event that DigitalRights, You, the Auditor or any third party determines that DigitalRights has failed to properly implement the security measures set forth herein, DigitalRights will: (i) cure all deficiencies at its own expense; (ii) remedy deficiencies designated as “critical” by You as soon as reasonably practicable but in any event no later than fifteen (15) days from DigitalRights’ receipt of a deficiency notice; (iii) with respect to all other deficiencies, put forward a remediation plan for such deficiencies to be completed within thirty (30) days in the event that such non-critical deficiencies cannot be cured within fifteen (15) days; and (iv) in the event of a material breach of the requirements of the Agreement, pay or reimburse You for the cost of the Security Audit or security review.

d.	Certification of Compliance. On a quarterly basis throughout the Term, DigitalRights will certify compliance with the terms of this Schedule by written or electronic means to You.

VII. Indemnification. DigitalRights will indemnify, hold harmless, and defend You, Your affiliates, and Your respective officers, directors, employees, from any and all claims, actions, proceedings, and suits, government or other investigations and all related liabilities, damages, settlements, penalties, fines, costs or expenses (including, without limitation, reasonable outside attorneys’ fees) arising out of or relating to DigitalRights’ (or any of its agents’ or subcontractors’) failure to comply with any of terms and conditions set forth in this Schedule.

IN WITNESS WHEREOF, the parties have executed this Addendum in Los Angeles. California as of the date set forth above.

ACCEPTED AND AGREED TO:		ACCEPTED AND AGREED TO:

WARNER BROS. ENTERTAINMENT, INC.		RIGHTSCORP, INC. D/B/A DIGITALRIGHTS

By:	/s/ David P. Kaplan	By:	/s/ Christopher Sabec

Title:	SVP and IP Counsel	Title:	CEO

Date:	March 18, 2013	Date:	March 18, 2013

ATTACHMENT 1

IT SECURITY GUIDELINES

I. Security Guidelines.

1.	DigitalRights will provide automated monitoring of the DigitalRights Systems or Your Systems configured or maintained by DigitalRights and prompt response by qualified personnel to correct any problem or outage.

2.	All DigitalRights Systems or Your Systems configured or maintained by DigitalRights will be secured and protected against unauthorized access or modification by the use of firewall and other protective devices (physical and technological).

3.	Subject to the back-up services provisions of the Agreement, DigitalRights will utilize a backup procedure, which will include a provision of no less than monthly back-ups. All back-up data that leaves any DigitalRights facility will be fully encrypted.

4.	DigitalRights will establish mechanisms, policies and procedures as may be necessary for DigitalRights to remain apprised of and implement (a) best practices in the protection and treatment of Your confidential information; (b) requirements for compliance with applicable laws concerning such confidential information; and (c) any updates, upgrades, patches, bug fixes, workarounds and other measures that may be necessary to DigitalRights Systems or Your Systems configured or maintained by DigitalRights.

5.	DigitalRights will provide You with copies of all reports concerning security audits or security incidents prepared within the two (2) years prior to or during the term of the Agreement with respect to any DigitalRights Systems including, without limitation, any such reports compiled in the last two (2) years relating to third party certifications.

6.	DigitalRights Systems will be configured to accept strong passwords of at least eight (8) alphanumeric characters and to capture and retain (for at least 12 months from the date of each transaction) an audit trail for each transaction with the DigitalRights Systems. Social Security numbers (or any other government ID) will not be used for any purpose in providing the Services, including, without limitation, login or password purposes.

7.	DigitalRights will not (1) store Your confidential information on mobile computing devices (e.g., laptop computers, PDAs (personal digital assistants), tablets or smartphones) or (2) transmitted by DigitalRights regardless of the means of transmission (wire or wireless) unless such confidential information is encrypted.

8.	DigitalRights will not remove from any of Your confidential information (a) copyright, trademark patent or other proprietary notices; or (b) watermarks, bum-in messages, unique identifiers or other forms of designating or identifying individual assets or collections of confidential information.

9.	DigitalRights will use at least 128 bit encrypted SSL for the transmission and storage of all Data.

II. Standards for Web Site Security.

DigitalRights will comply with the following standards for website security. This is a nonexclusive list of security practices.

Requirements:

1.	DigitalRights Systems that store, route, access, transmit, display, host or process Data should be hosted in isolated, secured, Internet DMZs.

2.	DigitalRights will protect session credentials to prevent manipulation, cloning, hijacking, and other methods for tracking user sessions, such as: URL re-writing, cookies, hidden form elements, HTTP authentication and Cross-Site Scripting.

3.	DigitalRights will prevent the use of HTTP commands, such as PUT and GET without authorization, showing indexable directories, default directories, and default executables with known vulnerabilities.

4.	buffer over-flow attacks, as well as denial of service attacks; (ii) harden server executables (e. g., CGI, .ASP, .PHP, Cold Fusion and PERL); (iii) review source code of any websites (e.g., HTML or other website coding or scripting language) for common vulnerabilities, such as the use of the POST command where applicable instead of the GET command and excessive information in comments, if applicable.

5.	DigitalRights will ensure that D’s and passwords or PINs are used to verify user identity before granting access to Data.

6.	DigitalRights will ensure that login pages protect against session tracking and username and password harvesting. This includes the use of SSL to encrypt UserIDs and passwords during transmission. When entered, passwords or PINs should be encrypted or asterisked out to prevent unauthorized access to personally identifiable information. Logout and timeout functions must exist for all services that require a login.

7.	DigitalRights will ensure that cookies do not store any sensitive information (e. , personally identifiable information, including Payment Card Data or other financial information) and hyperlinks contained on any page should not contain personally identifiable information within the coding or URL language fields.

8.	DigitalRights will ensure that any collection, display and subsequent transfer of personally identifiable information over the Internet is encrypted.

9.	DigitalRights’ encryption method must be compatible with the use of any popular browser. Such
	method may be Secure Sockets Layer encryption that is no less than 128-bit encryption or the maximum allowed by the nation from which information is being collected.

10.	Any web page displaying personally identifiable information should only be displayed during a single session and should be removed from the browser and cache once the session has terminated.