
Anyone Can Take Down Facebook Pages with a Fake Email Address - gluejar
http://www.readwriteweb.com/archives/anyone_can_take_down_facebook_pages_with_a_fake_email_address.php
======
wccrawford
I see a lot of people saying DMCA about this, but nowhere on that facebook
page does it say you are submitting a DMCA request, so you can't possibly be
charged with submitting a false one.

Yes, Facebook has to comply with DMCA takedown notices... These aren't
necessarily those, though they could be.

Facebook could be handling this better, though. An automated form is probably
the worst way imaginable (short of a 1-click link) to handle this.

------
bct
Golly, it sounds like re-inventing the web on top of a centralised platform
has all kinds of problems! Who'd have thought?

~~~
bct
(Alternatively: Golly, it sounds like having your business depend on a third
party that has no obligation to you has all kinds of problems!)

------
jwecker
They obviously have a deficient (missing) counter-notice mechanism. I'm not
willing to perjure myself, but I would love to see what happens when several
dozen politicians get have their pages mysteriously taken down. Actually, not
really, now that I think about it. Seems like a pretty serious social-denial-
of-service attack vector. A handful of guys working with basic anonymity tools
could make vast swaths of Facebook unusable.

~~~
dexen
Paradoxically, a mass exploitation of it would be ``good'' in that it would
force Facebook to fix the process. Due to the current low volume, the problem
lingers, while people and organizations get hurt.

Low volume as compared to other Facebook traffic, anyway.

------
atacrawl
There was a story going around a couple of years ago about how easy it was to
tell Facebook that someone had died, sending their profile into limbo (sorry
for the bad pun, but it's the best description I can come up with) that was
very difficult and time-consuming to escape from. So needless to say, I'm not
surprised by this.

------
imrehg
I have an issue with "Facebook could also choose to insist that throwaway
email addresses (e.g. Hotmail, Gmail, Yahoo, etc.) cannot be used for these
sorts of complaints - that a domain name associated with the brand which
claims to being breached is used instead".

Why is it only about corporations? Other people's copyright cannot be violated
- say a successful blog that someone hosts on Blogger/Wordpress? Those
wouldn't have own-branded email names.

Also, it is confusing "copyright" and "trademark" issues (with the mentioning
"brands" like that) - the latter is not subject to DMCA, now is it?

------
oasisbob
Facebook is not alone in being vulnerable to faked DMCA takedown notices.
However, the DMCA requires such notices to be made under the penalty of
perjury. If you're willing to perjure yourself, the DMCA has always allowed
for you to do so.

I don't agree with the article's suggestion that Facebook can just raise the
bar on which notices to accept. It's my understanding that service providers
can't implement such restrictions and still qualify for safe harbor
protection.

If there's a story here, it's that Facebook might not be properly processing
counter-notices: <http://www.chillingeffects.org/question.cgi?QuestionID=132>

I've only dealt with 512(a) (while working an abuse-desk at an ISP), I'd be
interested to hear more from people experienced with 512(c).

------
VladRussian
the DMCA as the law and the practices it established is beyond broken. It is a
rare occasion where i'd agree with Facebook approach - there is no reason to
invest in the lipstick for that pig. Don't like how DMCA works - write to your
representative, or even better - elect a one who'd represent people not the
money.

~~~
pyre
By not responding to counter-notices, Facebook is not complying with the DMCA.
Though it's not really clear that these copyright claims are honest-to-
goodness "on penalty of perjury" DMCA requests.

[update] I was finally able to find a link to the Facebook form
([https://www.facebook.com/legal/copyright.php?noncopyright_no...](https://www.facebook.com/legal/copyright.php?noncopyright_notice=1)).
It appears to say that you affirm this information under penalty of perjury,
but it's also a 'non-copyright' claim which I'm not sure falls under the DMCA.
It definitely doesn't _say_ that it's a DMCA notice anywhere on that page.

------
vipivip
Patch the bug Facebook.

~~~
wccrawford
It's not a bug, it's a feature.

No, seriously. The page works exactly as they intended. It just so happens
that malicious people can exploit that functionality to their own ends.

Instead, you want them to redesign that system. It's flawed from the ground
up.

