Some people think RIAA’s DMCA notice is not legally valid, arguing RIAA is not the copyright holder and there is no infringing material. DMCA takedowns are for taking down works you own the copyright to; not for enforcing any arbitrary aspect of legislation.
It’s my understanding that service providers do not need to comply with illegal requests.
For example, if I DMCA’d <an oil producer>’s repository on accused violations of environmental protection acts, I don’t think it would be taken down, would it?
If GitHub was an independent company advocating for open source; would it have acted any different?
Note: Microsoft is a member of the RIAA.
Apple made waves and built lots of favour for resisting the FBI and challenging quasi-legal processes. They took risks and demonstrated their principles (Suing the FBI over a terrorist’s iPhone is unlikely to be the first recommendation from their legal counsel).
This smells like a qausi-legal process, and it would look great for GitHub/Microsoft if you do.
Some people think RIAA’s DMCA notice is not legally valid, arguing RIAA is not the copyright holder and there is no infringing material.
Almost all of the lawyers at HN, and the lawyers at the EFF, and the guy at Popehat, are all generally in agreement that there was nothing wrong with what the RIAA or what GitHub did. It should tell you something when the people most in a position to evaluate the situation don't see anything amiss.
It would seem your issue is with the DMCA, if so then the way to fix it is to change the legislation; lobby the necessary politicians to get the law changed.
If you object to people following the law because you feel they don't hold the same views on the matter at hand, the point is moot, unless of course you feel they should break the law.
Which leads back to, if you don't like a law then lobby for it to be changed.
My issue is indeed with the DMCA. Which is why, throughout this entire thread, I have not said a single word against Microsoft's actions. I'm not sure why you replied to my comment.
When faced with an oppressive law, people are entitled to do everything within their power to deal with it. Changing the law itself is certainly a great solution when practical, but it is not always practical.
I've changed the laws in two countries through my lobbying efforts, though saying which two countries (and which laws) would be too identifying given that this is my quasi-anonymous account.
But on that note, businesses change laws through lobbying all the time. That is indeed one of the complaints about our current system of government: that it is too susceptible to lobbying.
Of course laws change in response to business interests. The context of this discussion is changing laws like the DMCA, though, which protect capital interests.
My point is that’s a field of political power that even well-off members of the working class like computer programmers have zero access to. You will never affect a law which protects capital interests like the DMCA by writing your senators and congresspeople.
Sure, but you might hosting fundraising dinners, or making donations the NGOs that do have K-street lobbyist on staff. Both are activities professional-class software engineers have access to support.
EFF never stated that it was an invalid takedown request, just that they believe that youtube-dl has enough legal uses that they think the takedown request was counterproductive.
Op said "Almost all of the lawyers at HN, and the lawyers at the EFF, and the guy at Popehat, are all generally in agreement that there was nothing wrong with what the RIAA or what GitHub did"
OP lied. The EFF never said this. I can't find Ken White ("the guy at Popehat") saying anything similar either, but perhaps someone will post a link. And I don't know what "lawyers at HN" he's referring to either.
The practice of law and litigation is not concerned with normative or moral questions of right and wrong, merely whether something illegal was committed. It's sad, but it's true.
It's not sad at all. You wouldn't want a legal process that was concerned with morals instead of law. Morals are not universal; they are vague and subjective. Law is the anchor for evaluating adherence to moral norms we've agreed upon via our legislature.
No, I'm very familiar with it. Questions of whether a law was broken are not questions of justice. They may say things about justice, or lack thereof, in what the law is or how it is interrogated, but they're not one and the same.
There's a difference between "illegal" and "not legally required."
* RIAA was legally welcome to send a DMCA letter which didn't conform to DMCA requirements. Anyone can legally send a legal demand letter saying more-or-less anything, and plenty people do.
* Since this letter didn't conform to DMCA requirements, github wasn't required to take down youtube-dl, but was well within its right to do so.
* github wasn't required to take down other instances of youtube-dl, not referenced in the letter, and ban users, but github can probably fire customers without cause, so there was nothing illegal.
... and so on.
RIAA may or may not have a legal leg to stand on with the DMCA anti-circumvention stuff, depending on what exactly Google does, and I haven't dove into the system in enough detail to know. I don't think Youtube implements DRM, but perhaps it does and perhaps youtube-dl circumvents it. That should be between youtube-dl and RIAA, nor between RIAA and github.
My own opinion is RIAA can't have it both ways. If they don't want people to copy, they should use tools designed for that: iTunes, Amazon Music, etc. If they want to use viral networks used for sharing personal videos, they should respect that those networks are designed for, well, sharing. If my mom uploads a video of my son playing with her to Youtube, yes, family members might want to download that if she's okay with it.
The friction here is that centralized media, whom decentralized is disrupting, wants to now use decentralized media (and by "decentralized," I'm talking from a social perspective -- anyone can publish versus a few people can publish -- not a technology one).
According to the EFF link below they don't need to be a holder. If the software is for breaking locks they can submit a take down notice under section 1201.
It's a notice under the provisions of the DMCA, but it's not a "DMCA takedown".
What we call DMCA takedowns, coloquially, with the whole counter notification process etc, are notices submitted under Title II. That title deals with copyright infringement, not anti-circumvention.
That means treating such notices as a typical DMCA notice, as GitHub has done, is incorrect. GitHub may well choose to follow the takedown if it considers it valid and the repo infringing, but what they've done is treat it as a copyright takedown. And that is clearly, unambiguously wrong, as it goes against their own DMCA policy, linked from the youtube-dl repo's disabled notice, which says:
> The DMCA notice and takedown process should be used only for complaints about copyright infringement. Notices sent through our DMCA process must identify copyrighted work or works that are allegedly being infringed.
So yes, GitHub messed up here. That doesn't mean they shouldn't have taken down youtube-dl, but they way they went about doing it is wrong.
You'll notice that the EFF, in that article, never goes into the details of the takedown process that happened. They never said what GitHub did was proper. They are just talking about the anti-circumvention law in general.
The key here is that if they DIDN'T comply with it, the RIAA might sue them. Even if they were to win it (because a judge determines the takedown provisions don't cover it or for another reason), they'd be in for a costly legal battle. Moreover, without the Title II provisions, they would be liable for having distributed the circumvention in the past!
On the other hand, if they DO comply with it, the RIAA is extremely unlikely to sue them, whether this is covered by the safe-harbor provisions of Title II or not.
Microsoft might find itself in a costly legal battle? Oh no, software freedom must be curtailed lest poor Microsoft ever find itself in a costly legal battle for doing the right thing.
I also found it a funny comment because Microsoft employs about 500 lawyers as part of an in-house legal team that is larger than most independent firms. If standing up for what it thinks is ethically and morally right isn't something a multi billion $ company with 500 lawyers can do, who can?
That is actually not true. Many laws, in many jurisdictions, are challenged by defending those who break them.
In fact, in the US, that is the _only_ way for a citizen to challenge a law. One cannot challenge a law that they have not been charged with breaking in the United States.
... do you really expect a company, whose entire goal and motive is maximizing profit, to waste their profits? Because if so this conversation is not worth continuing.
... do you really expect a company, whose entire goal and motive is maximizing profit, to waste their profits? Because if so this conversation is not worth continuing.
I don't think the Mob could have written a more devious, anti-consumer, draconian law if they'd been given free reign.
"That's some nice software you got there... be a shame if something were to... happen... to it. So, you better keep paying us for our locked-down content, and don't even think about trying to pick those locks. Or else."
Of course they'll be more likely to not be sued if they take it down, but again: the process they used is wrong. They are playing this as if youtube-dl were a copyright violation, which it isn't. They are saying youtube-dl has a right (and needs to) file a counter-notice to have itself be reinstated, which it doesn't.
The Title II provisions are irrelevant, as they do not cover circumvention devices. The RIAA could sue them regardless of whether they comply or not.
DMCA takedowns do not need to be from the copyright holder themselves. They can be from ANY authorized agent of the copyright holder, like a lawyer, or ... the rights-enforcement association to which the copyright holder belongs.
ETA: And yes, if you submitted a DMCA takedown which has any reasonable chance (from the recipient/provider's perspective) of being valid, it would get taken down. Otherwise, the provider takes on their customer's liability. Very few (and zero free) providers are willing to do so.
>> Some people think RIAA’s DMCA notice is not legally valid, arguing RIAA is not the copyright holder and there is no infringing material.
> DMCA takedowns do not need to be from the copyright holder themselves. They can be from ANY authorized agent of the copyright holder
I think it's clear that "RIAA is not the copyright holder" is shorthand for "no member of the RIAA is the copyright holder". Even if you don't accept that, you can easily deduce that no member of the RIAA is the copyright holder by looking at the immediately following claim, "there is no infringing material".
Given that there is no infringing material, it can't really matter whose agent the RIAA purports to be.
The youtube-dl DMCA notice does not allege copyright infringement (section 512 of the DMCA) but rather breaking DRM (section 1201 of the DMCA). Arguing that there is no [copyright-]infringing material is completely missing the point.
jfrunyon's comment is an accurate statement of the law, and reflects what the EFF, a legal organization that specializes in IP and tech-related areas of the law, has posted.
OTOH, your comment violates a number of HN rules and probably should be deleted for dang kills your account for a few days.
BTW, they also did allege infringing material. Whether or not that material's copyright is in fact infringed upon by youtube-dl is not for GitHub to decide. (And, in my non-lawyer opinion, a US court would probably say it is, if this ever makes it that far.)
> The clear purpose of this source code is to ... reproduce and distribute music videos and sound recordings owned by our member companies without authorization for such use. ... We also note that the source code prominently includes as sample uses of the source code the downloading of copies of our members’ copyrighted sound recordings and music videos, as noted in Exhibit A hereto. For example, as shown on Exhibit A, the source code expressly suggests its use to copy and/or distribute the following copyrighted works owned by our member companies: • Icona Pop – I Love It (feat. Charli XCX) [Official Video], owned by Warner Music Group • Justin Timberlake – Tunnel Vision (Explicit), owned by Sony Music Group • Taylor Swift – Shake it Off, owned/exclusively licensed by Universal Music Group
The copyright holders can be harmed by actions other than direct copyright infringement. In particular, the law recognizes DRM circumvention as a harm. Other commenters had already covered this aspect before I made my comment, so I'm unsure why you expect me to cover it again.
Well, it's very similar to many other real situations like common household doors. They provide a weak level of protection and we add laws that criminalize getting unauthorized entry.
I'm sometimes baffled that people miss that point when it comes to internet security. The biggest real difference is the global nature of the internet and thus problems with jurisdiction, which obviously doesn't apply if both sides reside in the same jurisdiction.
This particular protection mechanism is bypassed by all browsers when they access the content. Are browsers infringing too?
Clearly what is most important is the intent. In this case, it is very clearly RIAA's intent to make the aforementioned videos obtainable publicly via the use of HTTP agents. Browsers are HTTP agents. youtube-dl is an HTTP agent. Either they are all infringing or they are all not infringing.
On the other hand, it is clearly the intent of my door and lock to keep people out.
You're absolutely right. From my non-lawyer understanding that's why the youtube-dl dmca mainly rests on youtube-dl showing illicit use within their code (download of copyright protected material) and not that the tool is theoretically capable. But it's indeed a slippery road.
There are other examples in the real world tho, where the distribution/creation of the tool is already illegal (e.g. certain weapons or explosives), because only reacting after damage is done is infeasible.
Not necessarily. Public domain and fair use don't require distribution to
occur. Ex: Photos taken in the 1890s are public domain, and you may know that they exist (having seen a print in a no-photography-allowed museum), but the owner of the only copy of the photo is under no obligation to distribute them.
Lets tackle explosives:
Where public interest exists for legitimate use, they are allowed: mining, fireworks, and hobby rockets. And there is real risk of grevious bodilly harm associated, even if used properly - we are not even considering terrorism.
There is massive legitimate use for downloading videos, yet the alleged harm is purely monetary.
With Microsoft's resources they could easily ignore the DMCA takedown and battle it out in the courts. But Microsoft is a paying member of the RIAA soooooooo
Why would Microsoft stand up to a DMCA takedown from any organization to a random github repo that they can't immediately tell is being wrongly taken down? Unless you pay GitHub the legal fees, no organization would lift a finger.
Under the common law, actual possession is seen as prima facie evidence of ownership — i.e., possession creates a presumption of ownership, but that presumption is rebuttable.
The U.S. Court of Appeals for the Fourth Circuit in 2006 begins a discussion of possession with:
"That possession is nine-tenths of the law is a truism hardly bearing repetition. Statements to this effect have existed almost as long as the common law itself."
Willcox v. Stroup, 467 F.3d 409, 412 (4th Cir. 2006).
It doesn’t mean whoever possesses something is automatically the owner. It means that absent evidence of superior title, possession generally suffices to show ownership.
> Some people think RIAA’s DMCA notice is not legally valid, arguing RIAA is not the copyright holder and there is no infringing material.
That doesn't make the notice facially invalid, if they have made the required representations (which they have, as they have alleged specific infringement of their works on a contributory infringement theory as well as alleging that the works in question violated DMCA anticircumvention provisions, and particularly alleging that the combination of the anticircumvention violation plus the specific identification of works of RIAA-represented owners as targets was the basis for the contributory infringement claim.)
Unless Github wants to expose itself to both upfront costs and potential liability by judging the details of the legal theories and fact claims in facially-valid DMCA takedown notices, it makes sense for them to react to facially-valid notices and wait for a facially-valid counter-notice before restoring user content.
(IANAL) It doesn't matter if people think RIAA's DMCA isn't legally valid (or even if it isn't actually valid), Github still has to follow section 512 of the DMCA as a service provider, and it's not their responsibility to determine validity of the claim. RIAA is a 3rd party authorized to act on behalf of the copyright holder, so they are allowed to send a DMCA takedown. Also the takedown is claiming DMCA section 1201, which is for bypassing DRM, not distributing infringing material.
tl;dr there probably isn't anything inherently wrong with the RIAA's claim, and there's definitely nothing wrong with github's response.
As for DMCAing an oil producer's repository for something unrelated to DMCA, github would still take it down, but it's quite likely that you'd end up with a lawsuit from the oil company for damages. As long as GitHub is run by a US company, it doesn't matter how advocating they are of open source, nothing would change...they'd still take down the repository after receiving a DMCA takedown request.
And the last point, my understanding is apple wasn't actually required to assist the FBI, but american companies are required to follow DMCA.
Microsoft is an enterprise software company that suckles at the teat of government invoicing to the tune of tens of billions of dollars, they are nothing like Apple in this regard.
If youtube-dl disagrees with the takedown, they need to take it up with the RIAA. If the RIAA - or a judge - decides in favor of youtube-dl, Github can restore the repository.
This is how things work; it may not be how you'd like things to work, but I doubt you've ever been involved in any part of a DMCA takedown request (as the sender, receiver, or the person that had their stuff taken down).
Some people think RIAA’s DMCA notice is not legally valid, arguing RIAA is not the copyright holder and there is no infringing material. DMCA takedowns are for taking down works you own the copyright to; not for enforcing any arbitrary aspect of legislation.
It’s my understanding that service providers do not need to comply with illegal requests.
For example, if I DMCA’d <an oil producer>’s repository on accused violations of environmental protection acts, I don’t think it would be taken down, would it?
If GitHub was an independent company advocating for open source; would it have acted any different?
Note: Microsoft is a member of the RIAA.
Apple made waves and built lots of favour for resisting the FBI and challenging quasi-legal processes. They took risks and demonstrated their principles (Suing the FBI over a terrorist’s iPhone is unlikely to be the first recommendation from their legal counsel).
This smells like a qausi-legal process, and it would look great for GitHub/Microsoft if you do.