
Github now publishes all DMCA takedown notices they receive here. - _pius
https://github.com/github/dmca
======
wtallis
It's interesting to note that one of the two notices in this repository is
from Sony, and appears to be demanding the removal of PS3 jailbreaking tools.

The DMCA's prohibition on DRM circumvention is in a different section (17 USC
1201) from the section on copyright infringement (17 USC 512), in which the
safe harbor/takedown notice stuff is defined. It's not clear to me that DRM
circumvention thus qualifies as copyright infringement, or that any of the
safe harbor stuff would apply to hosts of circumvention tools.

Certainly, Sony's notice doesn't identify any of their works that are being
infringed, so the notice seems to be invalid according to the usual rules,
specifically 17 USC 512(c)(3)(A)(ii).

Can anybody more familiar with the law explain what's going on with this? Why
is the procedure from 17 USC 512 being applied to a (alleged) violation of 17
USC 1201? Or is this just another flaw in Sony's handling of this mess?

~~~
Seth_Kriticos
Wanted to see if I could comment on the individual files, so I posted the gist
of your concern as quoted text with source as comment on the commit:

[https://github.com/github/dmca/commit/d6b2d97e801dc16d2aeb25...](https://github.com/github/dmca/commit/d6b2d97e801dc16d2aeb252054579b6f4a89768c)

~~~
vulf
I would guess that github doesn't consider themselves legal experts and does
not want to get involved... if they comply with the takedown they get immunity
from liability here. The DMCA allows the allegedly infringing party to file
counter-notice if they feel they are not infringing and the takedown notice
was in error, I would bet github is leaving it to those users to defend
themselves.

I am not a lawyer, but I would encourage the people targeted by these notices
to find a lawyer and fight back.

Hell, that might just be what github is trying to encourage by open sourcing
these notices, to get the community involved and defending against baseless
DMCA takedowns.

~~~
wtallis
The thing is, it's not at all clear that GitHub is protected by the DMCA safe
harbor provisions here. This isn't a case of an infringing work - it's a DRM
circumvention tool, and Sony hasn't asserted any copyright that has been
infringed.

Procedurally, it _looks_ like a standard infringement takedown case, but as
far as I can tell, it isn't covered by that law. Sony's notice probably has no
more legal force than any ordinary C&D letter, and GitHub's cooperation
probably doesn't get them any guarantee of immunity. Sony's C&D is simply
formatted to look like a real DMCA takedown, probably to scare GitHub in to
automatically complying without even asking their lawyers.

For all we know, by complying GitHub may have reduced their ability to defend
themselves on the basis of the reverse-engineering exception to the
circumvention prevention, without gaining any significant legal security.

------
mmaunder
What I love about this strategy is that is introduces a PR cost to the sender
for sending DMCA notices.

It also increases the likelihood that the DMCA is legitimate, at least from
the senders perspective because they'd rather not be seen lying in public.

Making this republishing policy standard among online companies with a
standard URI like /dmca-notices/ would allow aggregation and probably reduce
DMCA total cost to publishers.

~~~
rdtsc
It is worth pointing out that The Pirate Bay has been doing this, also
combined with hilarious responses:

<http://thepiratebay.org/legal>

One of my favorites:

<http://static.thepiratebay.org/whitestripes_resp2.txt>

------
snprbob86
My first thought was "A Git repository instead of a blog? That seems like an
odd choice."

However, upon a moment's reflection: this is awesome. What if someone issued a
take down notice on the takedown repository or something like that? People can
fork it locally and be confident that they have the right data thanks to Git's
natural hashing behavior!

------
Sephr
Instead of 404ing repos, GitHub should redirect to the relevant DCMA takedown
notices. Also, I'd like GitHub's responses to be public too.

~~~
ihodes
I kind of agree, but this reminds me of "if you give a mouse a cookie…" Who
else does this? I'd like everyone to, but it's great that GitHub does. They do
great work.

~~~
mishmash
>Who else does this?

Well I think the Pirate Bay kind of started it, right?

~~~
ihodes
Thanks, I was aware of that. My point was that not many websites do this.

~~~
mishmash
Oh my apologies then. :)

------
smackjer
This kind of transparency should be the norm, rather than the exception.
Kudos.

------
jcr
I curious why the names and contact details have been redacted from the
notices?

~~~
seabee
Do you really need them?

~~~
jcr
That's a good question, but yes, having the names and contact publicly
available increases transparency. The DCMA notices are requesting the removal
of something available to the public, so the public should know who,
specifically, is making the request.

The short answer is, if one does not want to be known for sending DMCA take
down notices, then the only option is to not send them. If one is
intentionally or unintentionally depriving the public of access to a
legitimate work, then the public should know.

Providing the names and contact details does open the door for possible abuse,
but this is highly unlikely. On the other hand, providing names and contact
details also enables the public to potentially help the copyright holders by
reporting related abuses, but again, this is also highly unlikely.

In other words, it doesn't hurt and it does help. Transparency is a good
thing.

~~~
patio11
Do we get the names and addresses of the people who did not contest they were
copyright infringers? Fair is fair.

An increase in transparency would allow members of the public, such as
employers, to make better decisions on whom to trust with their intellectual
property. Enterprising hackers could facilitate this exchange of valuable
information by doing a mashup between this data source and LinkedIn.

Oh, sounds less fun now.

~~~
jcr
Patrick, I'm sure we'll agree that copyright infringement is a very wide-
spread problem resulting in people not getting paid for their work. For notes,
I strongly support the idea of people getting paid for their work but I also
strongly resist abuses of the legal system.

The only recourse for fighting copyright infringement is essentially playing
whack-a-mole. In desperation, both lawyers and normal individuals typically
resort to sending out DMCA take down notices in bulk, and all too often,
mistakes are made.

As far as I know, no one has been convicted for violating the perjury clause
of the DMCA for wrongfully sending take down notices. If someone has access to
a good legal research database, they might be able to prove me wrong (and yes,
I'd really like to know). This means there is no real 'disincentive' for
getting it wrong, and hence, it's what I would personally consider a flaw in
how the law is written.

The other thing is absolutely anyone can send a real, or intentionally fake,
DMCA take down notice and there is no way to either authenticate the sender or
contact the relevant court since sending the notice does not require court
notification (filing) or approval. Since there is no required registration of
copyrights, there is no way to ascertain the legal owner of any work.

Take a close look at one of the two DMCA notices at github:

[https://github.com/github/dmca/blob/e7821a3946f212f2c774362a...](https://github.com/github/dmca/blob/e7821a3946f212f2c774362a80acbb90007f353e/2011-01-28-tera.markdown)

Q: Can you prove Bluehole Studio owns the copyright for tera?

A: nope.

Q: Can you prove this was sent by Bluehole Studio?

A: nope.

Q: Can you prove this was even sent?

A: nope.

The first thing to notice is the use of the title phrase "legal manager" which
intentionally obfuscates whether or not you're dealing with a real lawyer
(i.e. a real lawyer is an "officer of the court" and has obligations to the
court). Had the name been given, one could find out whether or not this was
sent by a lawyer.

The next thing to notice is:

"The aforementioned website is providing a private, illegal server, not
authorized by Bluehole Studio Inc."

I obviously do not need the consent of Bluehole Studio Inc to run my home mail
server, so what the heck are they talking about? --They are either
intentionally being vague or they are totally incompetent, potentially both
for the ease of sending bulk DMCA notices.

Are they accusing github of running a "game server" on their machines?

Are they accusing github of hosting source code that allows others to run
their own game servers?

For the sake of argument, let's assume it is the latter; they want the removal
of source code that allows people to run their own game servers. Sadly, if the
source code was developed from scratch, there is no copyright infringement,
and it does not matter if the open source server allows client programs
copyrighted by Bluehole to connect and play. If open source server is _NOT_ a
derivative work, then it is perfectly legal to distribute, and even if it is
competition to a pay-to-play online gaming service.

If I created my own open source "Buzzword Bingo Card Creator" program from
scratch, and I got a DMCA take down notice from you or your lawyer, I would be
livid. I would fight you. I would win. And I would make you pay for your
mistake dearly. Unfortunately, I'm probably the exception and it's mostly due
to having a ton of lawyers in my family. It would cost me nothing to make your
life legally miserable, and since you decided to throw the first legal punch
at someone innocent, I'd undoubtedly make you regret it. Unlike me, many open
source developers would just walk away due to not having the money, location
and resources to mount a legal defense, particularly if it was for a fun
project they did in their free time.

Black-listing open source developers for not having and spending the money to
defend their names when wrongfully accused of infringement would be unfair. In
other words, refusing to contest an all too easily sent (or faked) DMCA take
down notice is not the point when an accused infringer should be named. The
accusation is unproven. If the copyright holder presses a civil suit against
the accused infringer, then at that point, the accused will be named in the
court records. In essence, what you want "named infringers" is already
happening, and they are even named when only accused rather than when the case
is resolved.

The system of protecting the efforts of people making creative works is broken
and the world is imperfect. This is not news to anyone. The thing is, the
abuse of infringement does not justify the abuse of the legal system.

BTW: If you created an online "Buzzword Bingo Card" game based on HN articles
actually read by HN users, that would be a whole lot of fun and definitely
worth buying a subscription. Since there's no way to prove an article was read
(other than just loading it), I'm not sure it's a workable idea. None the
less, its a fun thought.

~~~
jcr
A thread for "HN Buzzword Bingo" <http://news.ycombinator.com/item?id=2155626>

------
fleitz
What does RFC 1036 (USENET Message format) have to do with DMCA takedowns?

Read here in their request, for some reason the lawyer is referencing RFC 1036
[https://github.com/github/dmca/blob/master/2011-01-28-tera.m...](https://github.com/github/dmca/blob/master/2011-01-28-tera.markdown)

~~~
drdaeman
I believe, nothing. Just a wrong (and, possibly, outdated{ copypasta.

I also wonder, is it really illegal to re-implement MMORPG server?

~~~
TillE
If we look at the bnetd case as precedent, it probably is illegal under the
DMCA. The justification is that it's a tool for circumventing copy protection.

------
hasenj
At first I thought they were doing this for humor (like the piratebay's
publishing of "cease and desist" letters), but when I clicked the links to the
repos and realized they did get removed, I kinda felt sad.

~~~
lukev
Don't be. The DCMA is stupid, but the fact is, people DO post copyrighted
material all the time, and it IS legitimate to take it down.

We want people to copyright less, and for copyright laws to be reasonable, and
punishments proportionate. Not to do away with copyright alltogether.

~~~
kiba
I just unlicense my stuff.

I don't really care because I got paid anyway.

~~~
forensic
>I don't really care because I got paid anyway.

Right, and loads of authors won't get paid without copyright. So they need it.

~~~
kiba
They never even _experiment_ with business model that doesn't relies on
copyright.

~~~
tptacek
Those jerks.

------
RiderOfGiraffes
With regards the contact details being redacted ...

In an ideal world this wouldn't be necessary. The dispute would be settled by
rational discussion and agreement reached amicably. But the world isn't like
that.

Rightly or wrongly someone will take exception and possibly pursue what they
see as "justice". Publishing the contacts details might prove just a little
too tempting for some.

I do think that actions such as DMCA take-down notices should be a matter of
public record, and should be available in a standard place. I would even like
to see a "central" repository for easy reference.

------
wrl
I'm a bit disappointing that the referenced repositories appear to have been
taken down anyway, though.

~~~
pjhyett
That's how the DMCA process works. The last thing we want our users to think
is we're deleting repos for no reason, that's why we're publishing the
takedowns from here on out.

We receive the notice, lock the repo, and inform its owner why it's been
locked. At that point, they can either remove the infringing code or make a
counter claim and we'll unlock it provided the original party doesn't file a
court order.

More info: <http://help.github.com/dmca/>

~~~
rhizome
Isn't there an allowable delay in DMCA Takedowns? Some reasonable amount of
time for the target to file a counterclaim before the content is locked? The
way you've described it here sounds like you lock the content before notifying
the user (or simultaneously).

~~~
citricsquid
48 hours is the time require for action I believe, however the claimee can
respond in however long they like, but the content must be unavailable until
they file a counter claim.

(IANAL)

~~~
jcoby
72 hours to take down the infringing content upon receiving a valid DMCA
notice. The content owner gets notified and they can then file a valid
counter-notice. Then the counter-notice gets filed with the copyright claimer
and a 10-day waiting period starts. If the claimer does not file a counter-
counter-notice within the 10-day waiting period the content gets reposted. If
they do file a counter-counter-notice, the ball gets passed back to the
content owner to file a counter-counter-counter-notice and the 10-day period
and claim process starts over.

As someone who runs a site that hosts content, this is great for us. We aren't
allowed any sort of leeway in interpreting the claims and in return we are
exposed to no liability. We are simply the middle man and have to do what's
asked of us.

~~~
rhizome
So the hoster doesn't actually need to take the content down right away, but
within 72 hours? That is, if the customer files the DMCA challenge within 72h,
then the content will have always remained up? My questions here are with
regard to continuity of availability.

------
n-named
github is using Github to share DMCA takedown notices with you!

------
albertzeyer
All the PS3 tools are hosted here now: <http://gitorious.org/ps3free>

I really wonder how that falls under DMCA at all.

------
bigwally
While Google publishes the DMCA takedown requests in relation to their search
engine results, it does not publish the requests for removal of content
contained within their own infrastructure.

Perhaps Github should do a little further research before feeling "inspired".

~~~
magicalist
what do you mean by "content contained within their own infrastructure"? I
thought they forwarded the notices they get to chilling effects (and youtube
ones are just posted in place of the video itself).

edit: this page <http://www.google.com/dmca.html> has about a 50/50 split
across products between "may" and "will" be forwarded to Chilling Effects.

~~~
bigwally
A quick search of term "xenu dmca" should show you come of the shit that
google has to deal with in respect to the DMCA.

Any complaints about content on blogger, youtube or the adsense/adwords
network get taken seriously and aren't forwarded on for the worlds
entertainment.

~~~
pjhyett
This isn't about entertainment, this is so our users know why repos are
missing.

