Once upon a time, it was safe to an embed an image on a website. Those days are gone. Two federal courts in New York have rejected the so-called “server test,” created by the Ninth Circuit Court of Appeals, and held that using HTML code to display an image hosted on another website so that it appears to be hosted on the website where it is displayed, violates the Copyright Act. Until those decisions, most lawyers had advised clients that, under the server test, it didn’t matter what a user saw on a website; what mattered was the underlying code. No more.

But if an embedded image is the same as a copied image, what about all those images residing on websites that were embedded over the years? The sobering answer: Each is a potential copyright claim.

Because good faith and honest intentions, unfortunately, are not defenses to a copyright claim. Worse, the statute of limitations under the Copyright Act does not begin to run until a plaintiff “discovers” the copyright infringement. In most cases this means that the three-year statute of limitations for a claim can be extended almost indefinitely. A group of photographers have already sued Instagram, claiming that its embedding tool made Instagram liable for contributory copyright infringement. While a district court in the Ninth Circuit dismissed the claim, finding that it was still bound by the server test, the plaintiffs have since filed an amended complaint and it’s only a matter of time before the last wall comes tumbling down.

Publishers with embeds on their websites should be asking whether it’s worth the cost to scrub their sites and remove all embeds. In many cases, it may be. While damages for long-forgotten images may be minimal, the legal costs of defense can be prohibitive. As litigation over embeds arise (because it will), courts may become more receptive to statute of limitations defenses. Until then, however, we are all standing on the beach admiring the waves.